Analysis Overview
Threat Level: Likely malicious
The file https://www.memuplay.com/ was found to be: Likely malicious.
Malicious Activity Summary
Modifies Windows Firewall
Downloads MZ/PE file
Possible privilege escalation attempt
Drops file in Drivers directory
Manipulates Digital Signatures
Creates new service(s)
Event Triggered Execution: Image File Execution Options Injection
Modifies file permissions
Loads dropped DLL
Reads user/profile data of web browsers
Checks computer location settings
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Checks whether UAC is enabled
Legitimate hosting services abused for malware hosting/C2
Writes to the Master Boot Record (MBR)
Enumerates connected drives
Checks installed software on the system
Looks up external IP address via web service
Drops file in System32 directory
Probable phishing domain
Drops file in Program Files directory
Drops file in Windows directory
Launches sc.exe
Program crash
System Network Configuration Discovery: Internet Connection Discovery
Enumerates physical storage devices
Browser Information Discovery
System Location Discovery: System Language Discovery
Event Triggered Execution: Netsh Helper DLL
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
Suspicious behavior: GetForegroundWindowSpam
Kills process with taskkill
Suspicious use of WriteProcessMemory
Modifies registry class
Uses Volume Shadow Copy WMI provider
Suspicious use of AdjustPrivilegeToken
Gathers network information
Checks processor information in registry
Suspicious behavior: AddClipboardFormatListener
Uses Volume Shadow Copy service COM API
Uses Task Scheduler COM API
NTFS ADS
Suspicious behavior: EnumeratesProcesses
Modifies data under HKEY_USERS
Modifies Internet Explorer settings
Runs ping.exe
Suspicious use of SendNotifyMessage
Runs net.exe
Suspicious behavior: LoadsDriver
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-10-13 21:57
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-13 21:57
Reported
2024-10-13 22:15
Platform
win10v2004-20241007-en
Max time kernel
1033s
Max time network
1035s
Command Line
Signatures
Creates new service(s)
Downloads MZ/PE file
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\DRIVERS\SETFCAB.tmp | C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\MEmuDrv.sys | C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe | N/A |
| File created | C:\Windows\system32\drivers\GoogleHaxm.sys | C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe | N/A |
| File opened for modification | C:\Windows\system32\drivers\GoogleHaxm.sys | C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SETFCAB.tmp | C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe | N/A |
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe | C:\Program Files (x86)\Google\Temp\GUMB050.tmp\GoogleUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Google\Temp\GUMB050.tmp\GoogleUpdate.exe | N/A |
Manipulates Digital Signatures
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.20\FuncName = "WVTAsn1SpcLinkEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "WintrustCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2007\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2002\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\CallbackFreeFunction = "SoftpubFreeDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$Function = "WintrustCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubLoadMessage" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.27\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubInitialize" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubLoadMessage" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2010\FuncName = "WVTAsn1IntentToSealAttributeDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllFormatObject\1.3.6.1.5.5.7.3.4\FuncName = "FormatPKIXEmailProtection" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "WintrustCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.30\FuncName = "WVTAsn1SpcSigInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\CRYPTOGRAPHY\OID\ENCODINGTYPE 0\CRYPTSIPDLLPUTSIGNEDDATAMSG\{C689AAB9-8E78-11D0-8C47-00C04FC295EE} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\FuncName = "CryptSIPPutSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubInitialize" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubInitialize" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.25\FuncName = "WVTAsn1SpcLinkEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2009\FuncName = "WVTAsn1SpcLinkEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPGetSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubCleanup" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.16.1.1\Dll = "cryptdlg.dll" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2005\FuncName = "WVTAsn1SpcLinkEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\FuncName = "CryptSIPRemoveSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$Function = "SoftpubAuthenticode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.4.1.311.10.3.3\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.4.1.311.10.3.3\CallbackFreeFunction = "SoftpubFreeDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubAuthenticode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "GenericChainCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.12\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2012\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubInitialize" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPGetSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.28\FuncName = "WVTAsn1SpcLinkEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$Function = "DriverFinalPolicy" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2001\FuncName = "WVTAsn1SpcMinimalCriteriaInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2011\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2011\FuncName = "WVTAsn1SealingSignatureAttributeEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2006\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\FuncName = "CryptSIPCreateIndirectData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.2\CallbackFreeFunction = "SoftpubFreeDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2007\FuncName = "WVTAsn1SpcSpOpusInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubAuthenticode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\system32\netsh.exe | N/A |
| N/A | N/A | C:\Windows\system32\netsh.exe | N/A |
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation | F:\LDPlayer\LDPlayer9\LDPlayer.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Install-GooglePlayGames-Beta.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\Control Panel\International\Geo\Nation | C:\Program Files\Google\Play Games\Bootstrapper.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Reads user/profile data of web browsers
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Google28108_968528925\bin\updater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\F: | C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | whatismyipaddress.com | N/A | N/A |
| N/A | whatismyipaddress.com | N/A | N/A |
| N/A | whatismyipaddress.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PHYSICALDRIVE0 | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| File opened for modification | \??\PHYSICALDRIVE0 | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| File opened for modification | \??\PHYSICALDRIVE0 | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| File opened for modification | \??\PHYSICALDRIVE0 | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6DA548C7E5915679F87E910D6581DEF1_E2BFF8162D8FC100A428C4266337A31F | C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Google\Play Games Services\CrashReporting\Crashpad\settings.dat | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\installer_output4070714376\GooglePlayGamesServicesInstaller.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Google\Play Games Services\CrashReporting\Crashpad\settings.dat | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\installer_output4070714376\GooglePlayGamesServicesInstaller.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Google\Play Games Services\CrashReporting\Crashpad\metadata | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\installer_output4070714376\data\installer_windows.assets\crashpad_handler.exe | N/A |
| File opened for modification | C:\Windows\system32\DRVSTORE | C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe | N/A |
| File created | C:\Windows\system32\DRVSTORE\MEmuDrv_4C26FE707B8538A984DDA52017FA77FDC0515737\MEmuDrv.cat | C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe | N/A |
| File created | C:\Windows\system32\DRVSTORE\MEmuDrv_4C26FE707B8538A984DDA52017FA77FDC0515737\MEmuDrv.sys | C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\05DDC6AA91765AACACDB0A5F96DF8199 | C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Google\Play Games Services\CrashReporting\Crashpad\metadata | C:\Program Files\Google\Play Games Services\Current\Service\data\windows.assets\crashpad_handler.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\05DDC6AA91765AACACDB0A5F96DF8199 | C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\InstallHypervisor.exe.log | C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe | N/A |
| File created | C:\Windows\system32\DRVSTORE\MEmuDrv_4C26FE707B8538A984DDA52017FA77FDC0515737\MEmuDrv.inf | C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\DRVSTORE\MEmuDrv_4C26FE707B8538A984DDA52017FA77FDC0515737\MEmuDrv.inf | C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe | N/A |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA | C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\HPE-24.9.887.5-CIP.exe.log | C:\Program Files (x86)\Google\Update\Install\{5CCF8D05-C59C-4BA0-BFDB-05ACC8B19D6C}\HPE-24.9.887.5-CIP.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA | C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6DA548C7E5915679F87E910D6581DEF1_E2BFF8162D8FC100A428C4266337A31F | C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Applicator.exe.log | C:\Program Files\Google\Play Games\current\Applicator.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Google\Play Games Services\CrashReporting\Crashpad\settings.dat | C:\Program Files\Google\Play Games Services\Current\Service\GooglePlayGamesServices.exe | N/A |
Probable phishing domain
| Description | Indicator | Process | Target |
| HTTP URL | https://apkcombo.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d22991ad9490722 | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.Qb1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.aj1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\MEmu\adbdrv\64\amd64\winusbcoinstaller2.dll | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.Pg1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.rH1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.kg1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.AF1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Google\Play Games\current\client\locales\hu.pak | C:\Windows\TEMP\Google\Play Games\ned0dg3s.5vo\7zr.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.vl1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.dU1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.OB1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\MEmu\adbdrv\32\devcon.exe | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.Ua1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.rx1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.Ed1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\MEmu\iconengines | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File created | C:\Program Files\Google\Play Games Services\24.10.14.0\Service\data\windows.assets\ProductSans-Regular.nohints.ttf | C:\Program Files\Google\Play Games Services\24.10.14.0\xOAGyGYK\7zr.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\MEmu\translations\qtwebengine_locales | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File created | C:\Program Files\Microvirt\MEmu\MemuService.exe | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.NY1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\MEmu\translations\qtwebengine_locales\zh-CN.pak | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.uK1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.wR1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.ax1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.ya1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.PL1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.hK1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.hC1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\MEmu\consoleskins\Other | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\MEmu\QtWebEngineProcess.exe | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File created | C:\Program Files\Google\Play Games\current\client\locales\fil.pak | C:\Windows\TEMP\Google\Play Games\ned0dg3s.5vo\7zr.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.ei1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.YG1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files (x86)\Google\Temp\GUMB050.tmp\goopdateres_id.dll | C:\Users\Admin\AppData\Local\Temp\cy1xlbpm.agp\GoogleUpdateSetup.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.Mh1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.HS1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.PQ1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\MEmu\translations\qtwebengine_locales\hu.pak | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\MEmuHyperv\x86\msvcr120.dll | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File created | C:\Program Files\Google\Play Games\current\client\config\roots.pem | C:\Windows\TEMP\Google\Play Games\ned0dg3s.5vo\7zr.exe | N/A |
| File created | C:\Program Files\Google\Play Games\current\service\Ipc.dll | C:\Windows\TEMP\Google\Play Games\ned0dg3s.5vo\7zr.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.rs1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.Sp1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\MEmu\Qt5WebEngineCore.dll | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File created | C:\Program Files\Microvirt\MEmuHyperv\netflt\MEmuNetFltNobj.dll | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.lU1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.XD1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.Kc1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.Xv1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.FV1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.FM1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\MEmuHyperv32.7z | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File created | C:\Program Files (x86)\Google\Temp\GUMB050.tmp\goopdateres_ta.dll | C:\Users\Admin\AppData\Local\Temp\cy1xlbpm.agp\GoogleUpdateSetup.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.Ki1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.cu1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\MEmu\translations\qt_en.qm | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File opened for modification | C:\Program Files\Google\Play Games\current\client\locales\ml.pak | C:\Windows\TEMP\Google\Play Games\ned0dg3s.5vo\7zr.exe | N/A |
| File opened for modification | C:\Program Files\Google\Play Games\current\emulator\cperfetto.dll | C:\Windows\TEMP\Google\Play Games\ned0dg3s.5vo\7zr.exe | N/A |
| File opened for modification | C:\Program Files\Google\Play Games\current\service\hardware_compatibility.dll | C:\Windows\TEMP\Google\Play Games\ned0dg3s.5vo\7zr.exe | N/A |
| File created | C:\Program Files\Microvirt\tempDir\Setup.exe.setting.bu1380 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| File created | C:\Program Files\Microvirt\MEmu\consoleskins\Default\Default.rcc | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File opened for modification | C:\Program Files\Microvirt\MEmu\translations\qtwebengine_locales\sv.pak | C:\Program Files\Microvirt\tempDir\7za.exe | N/A |
| File opened for modification | C:\Program Files\Google\Play Games Services\24.10.14.0\Service\data\windows.assets\assets\logo\3.0x\logo_Google_FullColor_74x24.png | C:\Program Files\Google\Play Games Services\24.10.14.0\xOAGyGYK\7zr.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Windows\SysWOW64\dism.exe | N/A |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Users\Admin\AppData\Local\Temp\0C7326C2-D521-4FC2-85A8-ADB65701D60C\dismhost.exe | N/A |
Launches sc.exe
Browser Information Discovery
Enumerates physical storage devices
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\NetSh | C:\Windows\system32\netsh.exe | N/A |
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Program Files\Microvirt\MEmu\MEmu.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Program Files\Microvirt\MEmu\MEmu.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\LDPlayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\PING.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Microvirt\MEmu\MemuService.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\cy1xlbpm.agp\GoogleUpdateSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Google\Update\GoogleUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Microvirt\MEmu\adb.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Google\Update\GoogleUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Microvirt\MEmu\MEmuRepair.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Microvirt\MEmu\MEmuConsole.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Microvirt\MEmu\adb.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Microvirt\MEmu\MEmuConsole.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\chcp.com | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\net.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Microvirt\MEmu\MEmuRepair.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Microvirt\MEmu\MEmuRepair.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Google\Update\GoogleUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Google\Play Games\current\GooglePlayGamesServicesInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Google28108_968528925\bin\updater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Google\Play Games Services\24.10.14.0\xOAGyGYK\7zr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\PING.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Windows\SysWOW64\cmd.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Windows\SysWOW64\cmd.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Google\Update\GoogleUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Google\Update\GoogleUpdate.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\cmd.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Microvirt\tempDir\Setup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Program Files\Microvirt\tempDir\Setup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microvirt\tempDir\Setup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Microvirt\MEmu\MEmuConsole.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microvirt\MEmu\MEmuConsole.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Microvirt\MEmu\MEmuConsole.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microvirt\MEmu\MEmuConsole.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Gathers network information
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\ipconfig.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\ipconfig.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\ipconfig.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\ldnews.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\dnplayer.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-281 = "Central Europe Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2432 = "Cuba Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-231 = "Hawaiian Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-1472 = "Magadan Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-1932 = "Russia TZ 11 Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2751 = "Tomsk Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-105 = "Central Brazilian Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-542 = "Myanmar Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-222 = "Alaskan Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2492 = "Aus Central W. Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2612 = "Bougainville Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2512 = "Lord Howe Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2141 = "Transbaikal Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-591 = "Malay Peninsula Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-1662 = "Bahia Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-411 = "E. Africa Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-682 = "E. Australia Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-501 = "Nepal Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-872 = "Pakistan Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2322 = "Sakhalin Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-161 = "Central Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-1842 = "Russia TZ 4 Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2771 = "Omsk Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-831 = "SA Eastern Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-1412 = "Syria Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-201 = "US Mountain Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-302 = "Romance Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2841 = "Saratov Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-841 = "Argentina Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-449 = "Azerbaijan Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-448 = "Azerbaijan Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-262 = "GMT Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-982 = "Kamchatka Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2631 = "Norfolk Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-632 = "Tokyo Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-932 = "Coordinated Universal Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-221 = "Alaskan Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2162 = "Altai Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-562 = "SE Asia Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-602 = "Taipei Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-131 = "US Eastern Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-212 = "Pacific Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-1861 = "Russia TZ 6 Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-961 = "Paraguay Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-91 = "Pacific SA Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-214 = "Pacific Daylight Time (Mexico)" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-3051 = "Qyzylorda Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-141 = "Canada Central Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-571 = "China Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-261 = "GMT Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-31 = "Mid-Atlantic Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-121 = "SA Pacific Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-572 = "China Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-434 = "Georgian Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2412 = "Marquesas Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\installer_output4070714376\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133733311972177668" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-2392 = "Aleutian Standard Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-1801 = "Line Islands Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-771 = "Montevideo Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@tzres.dll,-301 = "Romance Daylight Time" | C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-CF37-453B-9289-3B0F521CAF27}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{19692F10-ADD2-4EFF-BE54-E61C62E40D13}\ = "IJobObserver2" | C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AFCA788C-4477-787D-60B2-3FA70E56FBBA}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{455F8C45-44A0-A470-BA20-27890B96DBAA}\ProxyStubClsid32 | C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4ee3cbcb-486f-40db-9150-deee3fd2418a} | C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{714A3EEF-799A-4489-86CD-FE8E45B2FF8A}\ProxyStubClsid32\ = "{0BB3B78C-1807-4249-5BA5-EA42D66AF0BA}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{93BADC0C-61D9-4940-A084-E6BB29AF3D8A}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EE35ADB0-4748-3E12-E7FD-5AAD957BBA0A}\NumMethods\ = "20" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DA91D4C9-4C02-FDB1-C5AC-D89E22E8130A}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{13A11514-402E-022E-6180-C3944DE3F9CA}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3F63597A-26F1-4EDB-8DD2-6BDDD091236A} | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0FE2DA40-5637-472A-9736-72019EABD7DA}\ProxyStubClsid32\ = "{0BB3B78C-1807-4249-5BA5-EA42D66AF0BA}" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9DB3A9E6-7F29-4AAE-A627-5A282C83092A}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{D7569351-1750-46F0-936E-BD127D5BC26A}\1.3\0\win64\ = "C:\\Program Files\\Microvirt\\MEmuHyperv\\MEmuProxyStub.dll" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{334DF94A-7556-4CBC-8C04-043096B02D8A}\NumMethods\ = "13" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C39EF4D6-7532-45E8-96DA-EB5986AE76EA}\NumMethods\ = "30" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-FF5A-4795-B57A-ECD5FFFA18A4}\ = "ISession" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2E629606-312A-482F-9B12-2C4ABF6F0B6D}\ProxyStubClsid32 | C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{747E397E-69C8-45A0-88D9-F7F07096071A}\ = "IInternalSessionControl" | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-2F05-4D28-855F-488F96BAD2B2}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-1BCF-4218-9807-04E036CC70F1}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}\TypeLib\ = "{494B20CF-282E-4BDD-9F5D-B70CB09D351E}" | C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4132147b-42f8-cd96-7570-6a8800e3342a}\NumMethods | C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{39b4e759-1ec0-4c0f-857f-fbe2a737a25a}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9EA9227C-E9BB-49B3-BFC7-C5171E93EF3A} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E04E5545-4A0F-F9D2-5BEF-F9B25B6557EA}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4C7F4BF6-4671-2F75-0FBB-A99F6218CDFA} | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-B5BB-4316-A900-5EB28D3413DF}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BE8A0EB5-F4F4-4DD0-9D30-C89B873247EA}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8398F026-4ADD-4474-5BC3-2F9F2140B23A}\ = "IAppliance" | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-808E-11E9-B773-133D9330F849}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-7BA7-45A8-B26D-C91AE3754E37}\ = "IAudioAdapter" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D106AB5F-A70E-400E-A21B-96208C1D8DBB}\ProxyStubClsid32 | C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{c1cdb6bf-44cb-e334-66fa-469a17fd09da}\TypeLib\Version = "1.3" | C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2e20707d-4325-9a83-83cf-3faf5b97457a} | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{00C8F974-92C5-44A1-8F3F-702469FDD04A}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4c7f4bf6-4671-2f75-0fbb-a99f6218cdfa} | C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{245D88BD-800A-40F8-87A6-170D02249A5A}\TypeLib | C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{747E397E-69C8-45A0-88D9-F7F07096071A}\ProxyStubClsid32 | C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6F8BD55B-E83D-4A47-85BE-81FFA8057A69}\VersionIndependentProgID | C:\Program Files (x86)\Google\Update\GoogleUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{F4FE76BC-62B9-49FC-972F-C81FC3A926DB}\TypeLib | C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{0EB668D2-495E-5A36-8890-29999B5F030A}\NumMethods\ = "82" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C8E667B2-4234-1F9C-6508-AFA9CEA4EFAA}\NumMethods | C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DA91D4C9-4C02-FDB1-C5AC-D89E22E8130A}\NumMethods | C:\Windows\system32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{806DA61B-6679-422A-B629-51B06B0C6D9A}\ = "IUSBDeviceStateChangedEvent" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4022-DC80-5535-6FB116815604}\ = "INATNetworkAlterEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928} | C:\Program Files (x86)\Google\Update\GoogleUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8398F026-4ADD-4474-5BC3-2F9F2140B23A}\TypeLib | C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B5191A7C-9536-4EF8-820E-3B0E17E5BBCA}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{14C66B23-404C-F24A-3CC1-EE9501D44F21}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{806da61b-6679-422a-b629-51b06b0c6d9a}\ProxyStubClsid32\ = "{0bb3b78c-1807-4249-5ba5-ea42d66af0ba}" | C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{45587218-4289-ef4e-8e6a-e5b07816b63a} | C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{CC830458-4974-A19C-4DC6-CC98C226962A}\NumMethods | C:\Windows\system32\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B2547866-A0A1-4391-8B86-6952D82EFAAA}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EDBA9D10-45D8-B440-1712-46AC0C9BC4CA}\ProxyStubClsid32 | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\TypeLib\{FA3FA54A-5D96-5E4C-A364-B2DB655BC893}\1.0 | C:\Program Files (x86)\Google28108_968528925\bin\updater.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-D545-44AA-8013-181B8C288554}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6F8BD55B-E83D-4A47-85BE-81FFA8057A69} | C:\Program Files (x86)\Google\Update\GoogleUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{c8e667b2-4234-1f9c-6508-afa9cea4efaa}\NumMethods | C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{13A11514-402E-022E-6180-C3944DE3F9CA}\ProxyStubClsid32 | C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{715212BF-DA59-426E-8230-3831FAA52C5A} | C:\Windows\system32\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9C0F5269-47AE-EE34-C2FE-53A16E38892A} | C:\Windows\system32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F73650F4-4506-50CA-045A-23A0E32EA50A}\NumMethods | C:\Windows\system32\regsvr32.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 524977.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 840751.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 48031.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 287723.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Runs net.exe
Runs ping.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe | N/A |
| N/A | N/A | C:\Program Files\Microvirt\MEmu\MEmuConsole.exe | N/A |
| N/A | N/A | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| N/A | N/A | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| N/A | N/A | C:\Program Files\Microvirt\MEmu\MEmu.exe | N/A |
| N/A | N/A | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.memuplay.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd56ce46f8,0x7ffd56ce4708,0x7ffd56ce4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5512 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5920 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6108 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6108 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6384 /prefetch:8
C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe
"C:\Users\Admin\Downloads\MEmu-setup-abroad-bd9f5d07.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
C:\Program Files\Microvirt\tempDir\Setup.exe
"C:\Program Files\Microvirt\tempDir\Setup.exe" --insPath "C:\Program Files\Microvirt" -l 2 --channel cd5e1e15 --noCheckMd5 --callbackProcessInfo --callbackExitCode /S
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuSVC
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuSVC
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuUSB
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6324 /prefetch:1
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuNetFlt
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuNetLwf
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuNetAdp
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuNetFlt
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuNetLwf
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuNetAdp
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuUSBMon
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuDrv
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" query MEmuDrv
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" query MEmuUSBMon
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" query MEmuNetFlt
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" query MEmuNetLwf
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" query MEmuNetAdp
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuSVC
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuSVC
C:\Program Files\Microvirt\tempDir\7za.exe
"C:\Program Files\Microvirt\tempDir\7za.exe" x -y -aoa "C:\Program Files\Microvirt\tempDir\Setup.7z" "-oC:\Program Files\Microvirt"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
C:\Program Files\Microvirt\tempDir\7za.exe
"C:\Program Files\Microvirt\tempDir\7za.exe" x -y -aoa "C:\Program Files\Microvirt\MEmuHyperv64.7z" "-oC:\Program Files\Microvirt\MEmuHyperv"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
C:\Program Files\Microvirt\tempDir\7za.exe
"C:\Program Files\Microvirt\tempDir\7za.exe" x -y -aoa "C:\Program Files\Microvirt\MEmuHyperv32.7z" "-oC:\Program Files\Microvirt\MEmuHyperv\x86" libcurl.dll libcrypto-1_1.dll libssl-1_1.dll msvcp100.dll msvcr100.dll msvcr120.dll MEmuC.dll MEmuHPV.dll MEmuProxyStub.dll MEmuREM.dll MEmuRT.dll
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=1720 /prefetch:8
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuDrv
C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe" driver install "C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.inf"
C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe" list runningvms
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" -Embedding
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" /UnregServer
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\system32\regsvr32.exe
/s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Windows\system32\regsvr32.exe
/s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6888 /prefetch:1
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" /RegServer
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\x86\MEmuC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\x86\MEmuProxyStub.dll"
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" -Embedding
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuSVC
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuSVC
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuSVC
C:\Windows\SysWOW64\sc.exe
C:\Windows\system32\sc start MEmuSVC
C:\Program Files\Microvirt\MEmu\MemuService.exe
"C:\Program Files\Microvirt\MEmu\MemuService.exe"
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuSVC
C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe" setproperty machinefolder "C:\Program Files\Microvirt\MEmu\MemuHyperv VMs"
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1
C:\Program Files\Microvirt\MEmu\MEmuRepair.exe
"C:\Program Files\Microvirt\MEmu\MEmuRepair.exe" --getVtStatus
C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe" setproperty machinefolder "C:\Program Files\Microvirt\MEmu\MemuHyperv VMs"
C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe" showmediuminfo "C:\Program Files\Microvirt\MEmu\image\96\MEmu96-2024092400027FFF-disk1.vmdk"
C:\Program Files\Microvirt\MEmu\MEmuc.exe
"C:\Program Files\Microvirt\MEmu\MEmuc.exe" create 96
C:\Program Files\Microvirt\MEmu\MEmuConsole.exe
"C:\Program Files\Microvirt\MEmu\MEmuConsole.exe" -b
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7912 /prefetch:2
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" -Embedding
C:\Program Files\Microvirt\MEmu\MEmu.exe
"C:\Program Files\Microvirt\MEmu\MEmu.exe" adjustconfig MEmu
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" -Embedding
C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe" list runningvms
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7724 /prefetch:1
C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe" list runningvms
C:\Program Files\Microvirt\MEmu\screenrecord.exe
"C:\Program Files\Microvirt\MEmu\screenrecord.exe"
C:\Program Files\Microvirt\MEmu\MEmu.exe
"C:\Program Files\Microvirt\MEmu\MEmu.exe" install
C:\Windows\SysWOW64\explorer.exe
explorer.exe "http://www.memuplay.com/thanks/"
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.memuplay.com/thanks/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x7ffd56ce46f8,0x7ffd56ce4708,0x7ffd56ce4718
C:\Program Files\Microvirt\MEmu\MEmuRepair.exe
"C:\Program Files\Microvirt\MEmu\MEmuRepair.exe" --getVtStatus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7096 /prefetch:1
C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe" list runningvms
C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuManage.exe" list runningvms
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8068 /prefetch:1
C:\Program Files\Microvirt\MEmu\screenrecord.exe
"C:\Program Files\Microvirt\MEmu\screenrecord.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9424 /prefetch:1
C:\Program Files\Microvirt\MEmu\MEmu.exe
"C:\Program Files\Microvirt\MEmu\MEmu.exe" MEmu
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" -Embedding
C:\Windows\SysWOW64\cmd.exe
cmd /c chcp 65001 && ping www.baidu.com -n 5
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\chcp.com
chcp 65001
C:\Windows\SysWOW64\PING.EXE
ping www.baidu.com -n 5
C:\Windows\SysWOW64\cmd.exe
cmd /c ipconfig /flushdns
C:\Windows\SysWOW64\ipconfig.exe
ipconfig /flushdns
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
C:\Program Files\Microvirt\MEmu\MEmuRepair.exe
"C:\Program Files\Microvirt\MEmu\MEmuRepair.exe" --repairDrv
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" /UnregServer
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\system32\regsvr32.exe
/s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Windows\system32\regsvr32.exe
/s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" /RegServer
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s /u "C:\Program Files\Microvirt\MEmuHyperv\x86\MEmuC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\x86\MEmuC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s /u "C:\Program Files\Microvirt\MEmuHyperv\x86\MEmuProxyStub.dll"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 /prefetch:8
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\x86\MEmuProxyStub.dll"
C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe" driver install "C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.inf"
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuDrv
C:\Windows\SysWOW64\sc.exe
C:\Windows\system32\sc start MEmuDrv
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuDrv
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9204 /prefetch:1
C:\Program Files\Microvirt\MEmu\MEmuConsole.exe
"C:\Program Files\Microvirt\MEmu\MEmuConsole.exe" installapk MEmu "C:\Users\Admin\Downloads\Jarir Reader_7.2.23_APKPure.apk"
C:\Program Files\Microvirt\MEmu\MEmu.exe
"C:/Program Files/Microvirt/MEmu/MEmu.exe" MEmu launchwithapk##"C:\Users\Admin\Downloads\Jarir Reader_7.2.23_APKPure.apk"
C:\Program Files\Microvirt\MEmu\adb.exe
adb start-server
C:\Program Files\Microvirt\MEmu\MEmuConsole.exe
"C:\Program Files\Microvirt\MEmu\MEmuConsole.exe" installapk MEmu "C:\Users\Admin\Downloads\Jarir Reader_7.2.23_APKPure.apk"
C:\Program Files\Microvirt\MEmu\MEmu.exe
"C:/Program Files/Microvirt/MEmu/MEmu.exe" MEmu launchwithapk##"C:\Users\Admin\Downloads\Jarir Reader_7.2.23_APKPure.apk"
C:\Program Files\Microvirt\MEmu\adb.exe
adb -L tcp:5037 fork-server server --reply-fd 608
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Microvirt\MEmu\adb.exe
adb disconnect 127.0.0.1:21503
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 6724 -ip 6724
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6724 -s 4132
C:\Program Files\Microvirt\MEmu\MEmu.exe
"C:\Program Files\Microvirt\MEmu\MEmu.exe"
C:\Windows\SysWOW64\cmd.exe
cmd /c chcp 65001 && ping www.baidu.com -n 5
C:\Windows\SysWOW64\chcp.com
chcp 65001
C:\Windows\SysWOW64\PING.EXE
ping www.baidu.com -n 5
C:\Program Files\Microvirt\MEmu\adb.exe
adb disconnect 127.0.0.1:21503
C:\Program Files\Microvirt\MEmu\MEmu.exe
"C:\Program Files\Microvirt\MEmu\MEmu.exe"
C:\Windows\SysWOW64\cmd.exe
cmd /c ipconfig /flushdns
C:\Windows\SysWOW64\ipconfig.exe
ipconfig /flushdns
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8460 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5228 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4ec 0x4f4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8056 /prefetch:8
C:\Users\Admin\Downloads\nox_setup_v7.0.6.1_full_intl.exe
"C:\Users\Admin\Downloads\nox_setup_v7.0.6.1_full_intl.exe"
C:\Users\Admin\Downloads\nox_setup_v7.0.6.1_full_intl.exe
"C:\Users\Admin\Downloads\nox_setup_v7.0.6.1_full_intl.exe"
C:\Users\Admin\AppData\Local\Nox\CheckGLVersion.exe
"C:\Users\Admin\AppData\Local\Nox\CheckGLVersion.exe "
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://support.bignox.com/en/tsxn/GPU
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd56ce46f8,0x7ffd56ce4708,0x7ffd56ce4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10052 /prefetch:1
C:\Program Files\Microvirt\MEmu\MEmuConsole.exe
"C:\Program Files\Microvirt\MEmu\MEmuConsole.exe" installapk MEmu "C:\Users\Admin\Downloads\Jarir Reader_7.2.23_APKPure.apk"
C:\Program Files\Microvirt\MEmu\MEmu.exe
"C:/Program Files/Microvirt/MEmu/MEmu.exe" MEmu launchwithapk##"C:\Users\Admin\Downloads\Jarir Reader_7.2.23_APKPure.apk"
C:\Windows\SysWOW64\cmd.exe
cmd /c chcp 65001 && ping www.baidu.com -n 5
C:\Windows\SysWOW64\chcp.com
chcp 65001
C:\Windows\SysWOW64\PING.EXE
ping www.baidu.com -n 5
C:\Windows\SysWOW64\cmd.exe
cmd /c ipconfig /flushdns
C:\Windows\SysWOW64\ipconfig.exe
ipconfig /flushdns
C:\Program Files\Microvirt\MEmu\MEmuRepair.exe
"C:\Program Files\Microvirt\MEmu\MEmuRepair.exe" --repairDrv
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" /UnregServer
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\system32\regsvr32.exe
/s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Windows\system32\regsvr32.exe
/s /u "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9252 /prefetch:1
C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuSVC.exe" /RegServer
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files\Microvirt\MEmuHyperv\MEmuC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Windows\system32\regsvr32.exe
/s "C:\Program Files\Microvirt\MEmuHyperv\MEmuProxyStub.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s /u "C:\Program Files\Microvirt\MEmuHyperv\x86\MEmuC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\x86\MEmuC.dll"
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s /u "C:\Program Files\Microvirt\MEmuHyperv\x86\MEmuProxyStub.dll"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" /s "C:\Program Files\Microvirt\MEmuHyperv\x86\MEmuProxyStub.dll"
C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe
"C:\Program Files\Microvirt\MEmuHyperv\MEmuDrvInst.exe" driver install "C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.inf"
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuDrv
C:\Windows\SysWOW64\sc.exe
C:\Windows\system32\sc start MEmuDrv
C:\Windows\SysWOW64\sc.exe
C:\Windows\System32\sc query MEmuDrv
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7564 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8088 /prefetch:8
C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe
"C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe"
F:\LDPlayer\LDPlayer9\LDPlayer.exe
"F:\LDPlayer\LDPlayer9\\LDPlayer.exe" -silence -downloader -openid=1001 -language=en -path="F:\LDPlayer\LDPlayer9\"
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /F /IM adb.exe /T
F:\LDPlayer\LDPlayer9\dnrepairer.exe
"F:\LDPlayer\LDPlayer9\dnrepairer.exe" listener=4325928
C:\Windows\SysWOW64\net.exe
"net" start cryptsvc
C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start cryptsvc
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Softpub.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Wintrust.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" dssenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" rsaenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" cryptdlg.dll /s
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\vms" /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\vms" /grant everyone:F /t
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\\system.vmdk"
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\\system.vmdk" /grant everyone:F /t
C:\Windows\SysWOW64\dism.exe
C:\Windows\system32\dism.exe /Online /English /Get-Features
C:\Users\Admin\AppData\Local\Temp\0C7326C2-D521-4FC2-85A8-ADB65701D60C\dismhost.exe
C:\Users\Admin\AppData\Local\Temp\0C7326C2-D521-4FC2-85A8-ADB65701D60C\dismhost.exe {CCF3538F-71DC-43BB-AE53-2E5C405C970F}
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" /RegServer
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxC.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll" /s
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxProxyStub.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxProxyStub-x86.dll" /s
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" create Ld9BoxSup binPath= "C:\Program Files\ldplayer9box\Ld9BoxSup.sys" type= kernel start= auto
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" start Ld9BoxSup
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxSup" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxNat" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\VBoxNetNAT.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "dnplayer" -Direction Inbound -Program 'F:\LDPlayer\LDPlayer9\dnplayer.exe' -RemoteAddress LocalSubnet -Action Allow
F:\LDPlayer\LDPlayer9\driverconfig.exe
"F:\LDPlayer\LDPlayer9\driverconfig.exe"
C:\Windows\SysWOW64\takeown.exe
"takeown" /f F:\LDPlayer\ldmutiplayer\ /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" F:\LDPlayer\ldmutiplayer\ /grant everyone:F /t
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/4bUcwDd53d
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd56ce46f8,0x7ffd56ce4708,0x7ffd56ce4718
F:\LDPlayer\LDPlayer9\dnplayer.exe
"F:\LDPlayer\LDPlayer9\\dnplayer.exe"
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9260 /prefetch:1
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\..\system.vmdk" --uuid 20160302-bbbb-bbbb-54d7-bbbb00000000
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\data.vmdk" --uuid 20160302-cccc-cccc-54d7-000000000000
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk" --uuid 20160302-dddd-dddd-54d7-000000000000
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=9760 /prefetch:8
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.ldplayer.net/blog/how-to-enable-vt.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd56ce46f8,0x7ffd56ce4708,0x7ffd56ce4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9540 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2152,12041868301517982380,12342591933753713765,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10180 /prefetch:8
C:\Users\Admin\Downloads\Install-GooglePlayGames-Beta.exe
"C:\Users\Admin\Downloads\Install-GooglePlayGames-Beta.exe"
C:\Users\Admin\AppData\Local\Temp\cy1xlbpm.agp\crashpad_handler.exe
C:\Users\Admin\AppData\Local\Temp\cy1xlbpm.agp\crashpad_handler.exe --no-rate-limit "--database=C:\Users\Admin\AppData\Local\Google\Play Games\CrashReporting\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Battlestar --annotation=ver=24.9.1274.0 --initial-client-data=0x6b4,0x6b8,0x6bc,0x694,0x6c0,0x7ffd4123d380,0x7ffd4123d390,0x7ffd4123d3a0
C:\Users\Admin\Downloads\Install-GooglePlayGames-Beta.exe
"C:\Users\Admin\Downloads\Install-GooglePlayGames-Beta.exe" -install gpg_install_6569d08e-f0a4-4fb8-a6c1-7b81d0706f85 "C:\Users\Admin\AppData\Local\Temp\cy1xlbpm.agp"
C:\Users\Admin\AppData\Local\Temp\cy1xlbpm.agp\crashpad_handler.exe
C:\Users\Admin\AppData\Local\Temp\cy1xlbpm.agp\crashpad_handler.exe --no-rate-limit "--database=C:\Users\Admin\AppData\Local\Google\Play Games\CrashReporting\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Battlestar --annotation=ver=24.9.1274.0 --initial-client-data=0x3d8,0x3dc,0x3e0,0x38c,0x3e4,0x7ffd4123d380,0x7ffd4123d390,0x7ffd4123d3a0
C:\Users\Admin\AppData\Local\Temp\cy1xlbpm.agp\GoogleUpdateSetup.exe
"C:\Users\Admin\AppData\Local\Temp\cy1xlbpm.agp\GoogleUpdateSetup.exe" /install "runtime=true&needsadmin=true" /silent
C:\Program Files (x86)\Google\Temp\GUMB050.tmp\GoogleUpdate.exe
"C:\Program Files (x86)\Google\Temp\GUMB050.tmp\GoogleUpdate.exe" /install "runtime=true&needsadmin=true" /silent
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /regsvc
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /regserver
C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zNi4zNzEiIHNoZWxsX3ZlcnNpb249IjEuMy4zNi4zNzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RkYwNURBQUUtNTMwQi00RjRCLTlCREMtNDExOTBDMjgyRUI3fSIgdXNlcmlkPSJ7NTA4NTk0QTEtMzNCQS00MEFFLTg1MjQtQzdDOEYwREExRTMwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsyNDM0NjI1QS01NjAxLTRGQzctODA0RS1DM0UyQ0ZEMTRENTV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjgiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezQzMEZENEQwLUI3MjktNEY2MS1BQTM0LTkxNTI2NDgxNzk5RH0iIHZlcnNpb249IjEuMy4zNi4zNzEiIG5leHR2ZXJzaW9uPSIxLjMuMzYuMzcxIiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBpbnN0YWxsX3RpbWVfbXM9IjM3NCIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateBroker.exe
"C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleUpdateBroker.exe" -Embedding
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /broker
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
C:\Program Files (x86)\Google\Update\Install\{5CCF8D05-C59C-4BA0-BFDB-05ACC8B19D6C}\HPE-24.9.887.5-CIP.exe
"C:\Program Files (x86)\Google\Update\Install\{5CCF8D05-C59C-4BA0-BFDB-05ACC8B19D6C}\HPE-24.9.887.5-CIP.exe" /o{47B07D71-505D-4665-AFD4-4972A30C6530} /l1518 /noui
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe" /C dir /s /-c "C:\Windows\TEMP\Google\Play Games\ned0dg3s.5vo"
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe" /C dir /s /-c "C:\Program Files\Google"
C:\Windows\TEMP\Google\Play Games\ned0dg3s.5vo\7zr.exe
"C:\Windows\TEMP\Google\Play Games\ned0dg3s.5vo\7zr.exe" x "-oC:\Program Files\Google\Play Games\current" -y -bso0 -bsp1 "C:\Windows\TEMP\Google\Play Games\ned0dg3s.5vo\archive.7z"
C:\Windows\system32\netsh.exe
"C:\Windows\system32\netsh.exe" advfirewall firewall delete rule "Google Play Games Service"
C:\Windows\system32\netsh.exe
"C:\Windows\system32\netsh.exe" advfirewall firewall add rule dir=in action=allow enable=yes profile=domain,private,public protocol=tcp "description=Google Play Games Service" "name=Google Play Games Service" "program=C:\Program Files\Google\Play Games\current\emulator\crosvm.exe"
C:\Windows\system32\netsh.exe
"C:\Windows\system32\netsh.exe" advfirewall firewall add rule dir=in action=allow enable=yes profile=domain,private,public protocol=udp "description=Google Play Games Service" "name=Google Play Games Service" "program=C:\Program Files\Google\Play Games\current\emulator\crosvm.exe"
C:\Program Files\Google\Play Games\current\Applicator.exe
"C:\Program Files\Google\Play Games\current\Applicator.exe" "anv" "24.9.887.5" "Admin" "C:\Users\Admin\AppData\Local"
C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe
"C:\Program Files\Google\Play Games\current\service\InstallHypervisor.exe" --ghaxm --install-source "Fresh" --driver-dir "C:\Program Files\Google\Play Games\current\service" --install-dir "C:\Program Files\Google\Play Games\current" --version "24.9.887.5" --log-source "1518"
C:\Windows\SYSTEM32\sc.exe
"sc" create googlehaxm binpath= "C:\Windows\system32\drivers\GoogleHaxm.sys" type= kernel start= system displayName= "GHAXM"
C:\Program Files\Google\Play Games\current\GooglePlayGamesServicesInstaller.exe
"C:\Program Files\Google\Play Games\current\GooglePlayGamesServicesInstaller.exe" /silent
C:\Program Files (x86)\Google28108_968528925\bin\updater.exe
"C:\Program Files (x86)\Google28108_968528925\bin\updater.exe" --silent --install=appguid={5B9D6427-8AB1-42D0-9F13-4EE089071B8E}&appname=Google+Desktop+Services&needsadmin=true --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
C:\Program Files (x86)\Google28108_968528925\bin\updater.exe
"C:\Program Files (x86)\Google28108_968528925\bin\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6512.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x278,0x27c,0x280,0x254,0x284,0xa1d68c,0xa1d698,0xa1d6a4
C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe
"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe" --system --windows-service --service=update-internal
C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleCrashHandler.exe
"C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleCrashHandler.exe"
C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleCrashHandler64.exe
"C:\Program Files (x86)\Google\Update\1.3.36.371\GoogleCrashHandler64.exe"
C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe
"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6512.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x278,0x27c,0x280,0x254,0x284,0xb5d68c,0xb5d698,0xb5d6a4
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zNi4zNzEiIHNoZWxsX3ZlcnNpb249IjEuMy4zNi4zNzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjRFMzlCMzEtMTQxNS00NDQzLUI1QUYtNDQyRTA4RDk4RDAzfSIgdXNlcmlkPSJ7NTA4NTk0QTEtMzNCQS00MEFFLTg1MjQtQzdDOEYwREExRTMwfSIgaW5zdGFsbHNvdXJjZT0idXBkYXRlM3dlYi1uZXdhcHBzIiByZXF1ZXN0aWQ9Ins1REYwQ0VDRi04QzdGLTQ1NDAtQjBFNC1ERjhERjBCNTcyQjJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjgiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezQ3QjA3RDcxLTUwNUQtNDY2NS1BRkQ0LTQ5NzJBMzBDNjUzMH0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjI0LjkuODg3LjUiIGFwPSJiZXRhLGIyaTJlLENqZ0lBaElaYjNKbllXNXBZeTF0YVdOeWIzTnBkR1V0ZDJsdVpHOTNjeG9VYUhSMGNITTZMeTkzZDNjdVltbHVaeTVqYjIwbzliVFRDUmdCIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIiBjb2hvcnQ9IjE6MTE2bDoybmU5QDAuMDEsMm5lZkAwLjAxMDEwMSIgY29ob3J0bmFtZT0iUHVibGljX0JldGEiPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vZWRnZWRsLm1lLmd2dDEuY29tL2VkZ2VkbC9yZWxlYXNlMi9QbGF5L2FkaWxicW02eXd6ZTd5dXVqNm83M3Z5eGI1ZXFfMjQuOS44ODcuNS9IUEUtMjQuOS44ODcuNS1DSVAuZXhlIiBkb3dubG9hZGVkPSI4MTg0MTEyODgiIHRvdGFsPSI4MTg0MTEyODgiIGRvd25sb2FkX3RpbWVfbXM9IjYzOTAwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMjEyIiBkb3dubG9hZF90aW1lX21zPSI3MDU1OCIgZG93bmxvYWRlZD0iODE4NDExMjg4IiB0b3RhbD0iODE4NDExMjg4IiBpbnN0YWxsX3RpbWVfbXM9IjI0MzM1Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files\Google\Play Games\Bootstrapper.exe
"C:\Program Files\Google\Play Games\Bootstrapper.exe"
C:\Program Files\Google\Play Games\current\service\Service.exe
"C:\Program Files\Google\Play Games\current\service\Service.exe"
C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe
"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe" --system --windows-service --service=update
C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe
"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6512.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6512.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x278,0x27c,0x280,0x254,0x284,0xb5d68c,0xb5d698,0xb5d6a4
C:\Program Files\Google\Play Games\current\emulator\crashpad_handler.exe
"C:\Program Files\Google\Play Games\current\emulator\crashpad_handler.exe" --no-rate-limit "--database=C:\Users\Admin\AppData\Local\Google\Play Games\CrashReporting\Crashpad" --url=https://clients2.google.com/cr/report --annotation=bss_session=e63e6173-cc89-45b7-a28e-d306b078b664 --annotation=channel=Beta "--annotation=cpu=Intel Core Processor (Broadwell)" --annotation=gpu_hw_scheduler=False --annotation=prod=Battlestar "--annotation=system=BOCHS_ BXPC____" --annotation=ver=24.9.887.5 --annotation=whpx=False "--attachment=C:\Users\Admin\AppData\Local\Google\Play Games\Logs\emulator_logs\vk_abort_mem_info.log" --initial-client-data=0xacc,0xad0,0xad4,0xaa4,0xad8,0x7ffd464dd380,0x7ffd464dd390,0x7ffd464dd3a0
C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe
"C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\GooglePlayGamesServicesInstaller.exe"
C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\installer_output4070714376\GooglePlayGamesServicesInstaller.exe
"C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\installer_output4070714376\GooglePlayGamesServicesInstaller.exe"
C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\installer_output4070714376\data\installer_windows.assets\crashpad_handler.exe
"C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping28100_1722358918\installer_output4070714376\data\installer_windows.assets\crashpad_handler.exe" --no-rate-limit "--database=C:\Windows\system32\config\systemprofile\AppData\Local\Google\Play Games Services\CrashReporting\Crashpad" --url=https://clients2.google.com/cr/report --annotation=assembly=ASSEMBLY_INSTALLER "--annotation=dart_version=3.6.0-268.0.dev (dev) (Thu Sep 19 17:03:05 2024 -0700) on \"windows_x64\"" --annotation=play_games_app_version=24.9.887.5 --annotation=prod=Google_Desktop_Services --annotation=release_channel=RELEASE_CHANNEL_PRODUCTION --annotation=ver=24.10.14.0 --initial-client-data=0x584,0x588,0x58c,0x55c,0x590,0x7ffd35f8d380,0x7ffd35f8d390,0x7ffd35f8d3a0
C:\Program Files\Google\Play Games Services\24.10.14.0\xOAGyGYK\7zr.exe
"C:\Program Files\Google\Play Games Services\24.10.14.0\xOAGyGYK\7zr.exe" x "-oC:\Program Files\Google\Play Games Services\24.10.14.0" -y -bso0 -bsp1 "C:\Program Files\Google\Play Games Services\24.10.14.0\xOAGyGYK\archive.7z"
C:\Program Files\Google\Play Games Services\Current\Service Host\GooglePlayGamesServicesHost.exe
"C:\Program Files\Google\Play Games Services\Current\Service Host\GooglePlayGamesServicesHost.exe"
C:\Program Files\Google\Play Games Services\Current\Service\GooglePlayGamesServices.exe
"C:\Program Files\Google\Play Games Services\Current\Service\GooglePlayGamesServices.exe" "Google Play Games Services"
C:\Program Files\Google\Play Games Services\Current\Service\data\windows.assets\crashpad_handler.exe
"C:\Program Files\Google\Play Games Services\Current\Service\data\windows.assets\crashpad_handler.exe" --no-rate-limit "--database=C:\Windows\system32\config\systemprofile\AppData\Local\Google\Play Games Services\CrashReporting\Crashpad" --url=https://clients2.google.com/cr/report --annotation=assembly=ASSEMBLY_DAEMON "--annotation=dart_version=3.6.0-268.0.dev (dev) (Thu Sep 19 17:03:05 2024 -0700) on \"windows_x64\"" --annotation=play_games_app_version=24.9.887.5 --annotation=prod=Google_Desktop_Services --annotation=release_channel=RELEASE_CHANNEL_PRODUCTION --annotation=ver=24.10.14.0 --initial-client-data=0x640,0x644,0x648,0x618,0x64c,0x7ffd34dcd380,0x7ffd34dcd390,0x7ffd34dcd3a0
C:\Program Files\Microvirt\MEmu\adb.exe
adb disconnect 127.0.0.1:21503
C:\Program Files\Microvirt\MEmu\adb.exe
adb -L tcp:5037 fork-server server --reply-fd 592
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 5840 -ip 5840
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5840 -s 28480
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd5662cc40,0x7ffd5662cc4c,0x7ffd5662cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1912,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1900 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2208,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2216 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2268,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2288 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3408,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3428 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4552,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3708 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4672,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4532 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4688,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4684 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4756,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4664 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4996,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4992 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5072,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5048 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5216,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5200 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5300,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5284 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3564,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4508 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5328,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4576 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5360,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5304 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5428,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5420 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3456,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5312 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4624,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5524 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5876,i,6985765704977727912,17207087847768947143,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5816 /prefetch:1
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3fdb855 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.memuplay.com | udp |
| CZ | 65.9.95.124:443 | www.memuplay.com | tcp |
| CZ | 65.9.95.124:443 | www.memuplay.com | tcp |
| US | 8.8.8.8:53 | dl.memuplay.com | udp |
| US | 8.8.8.8:53 | www.microvirt.com | udp |
| CZ | 65.9.95.104:443 | dl.memuplay.com | tcp |
| CZ | 65.9.95.104:443 | dl.memuplay.com | tcp |
| CZ | 65.9.95.104:443 | dl.memuplay.com | tcp |
| CZ | 65.9.95.104:443 | dl.memuplay.com | tcp |
| CZ | 65.9.95.104:443 | dl.memuplay.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| CZ | 65.9.95.104:443 | dl.memuplay.com | tcp |
| GB | 38.175.44.17:443 | www.microvirt.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| GB | 38.175.44.17:443 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 104.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.44.175.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.180.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.206.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dl.memuplay.net | udp |
| CZ | 65.9.95.55:443 | dl.memuplay.net | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 55.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.27.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stat.microvirt.com | udp |
| US | 8.8.8.8:53 | www.microvirt.com | udp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| GB | 38.175.44.19:80 | www.microvirt.com | tcp |
| GB | 38.175.44.19:80 | www.microvirt.com | tcp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | 20.44.175.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.44.175.38.in-addr.arpa | udp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| GB | 38.175.44.19:80 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | www.memuplay.com | udp |
| CZ | 65.9.95.51:80 | www.memuplay.com | tcp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | dl.memuplay.com | udp |
| CZ | 65.9.95.106:80 | dl.memuplay.com | tcp |
| CZ | 65.9.95.106:80 | dl.memuplay.com | tcp |
| US | 8.8.8.8:53 | 51.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.209.201.84.in-addr.arpa | udp |
| GB | 104.86.110.129:443 | www.bing.com | tcp |
| GB | 104.86.110.129:443 | www.bing.com | tcp |
| GB | 104.86.110.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.110.86.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.144:443 | r.bing.com | tcp |
| GB | 92.123.128.144:443 | r.bing.com | tcp |
| GB | 92.123.128.163:443 | th.bing.com | tcp |
| GB | 92.123.128.163:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 163.128.123.92.in-addr.arpa | udp |
| GB | 92.123.128.144:443 | r.bing.com | tcp |
| GB | 92.123.128.144:443 | r.bing.com | tcp |
| GB | 92.123.128.144:443 | r.bing.com | tcp |
| GB | 92.123.128.144:443 | r.bing.com | tcp |
| GB | 92.123.128.144:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 144.128.123.92.in-addr.arpa | udp |
| GB | 92.123.128.144:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.68:443 | login.microsoftonline.com | tcp |
| NL | 40.126.32.68:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | whatismyipaddress.com | udp |
| US | 104.19.223.79:443 | whatismyipaddress.com | tcp |
| US | 104.19.223.79:443 | whatismyipaddress.com | tcp |
| US | 8.8.8.8:53 | app.fusebox.fm | udp |
| US | 8.8.8.8:53 | a.pub.network | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.223.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | maps.whatismyipaddress.info | udp |
| US | 8.8.8.8:53 | ds6.whatismyipaddress.com | udp |
| US | 104.26.13.133:443 | app.fusebox.fm | tcp |
| GB | 143.244.38.136:443 | a.omappapi.com | tcp |
| CZ | 65.9.95.26:443 | cmp.inmobi.com | tcp |
| US | 104.18.21.206:443 | a.pub.network | tcp |
| US | 104.26.4.215:443 | maps.whatismyipaddress.info | tcp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.13.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.160.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.4.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.95.9.65.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 104.26.13.133:443 | app.fusebox.fm | tcp |
| US | 8.8.8.8:53 | cdn.whatismyipaddress.com | udp |
| US | 104.19.223.79:443 | cdn.whatismyipaddress.com | tcp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 3.122.43.61:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | static.libsyn.com | udp |
| US | 8.8.8.8:53 | api.omappapi.com | udp |
| CZ | 65.9.95.44:443 | static.libsyn.com | tcp |
| US | 172.66.42.248:443 | api.omappapi.com | tcp |
| US | 8.8.8.8:53 | 61.43.122.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.42.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 13.107.21.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 200.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play-lh.googleusercontent.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.179.250.142.in-addr.arpa | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.180.3:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 36.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apkcombo.com | udp |
| US | 104.18.12.249:443 | apkcombo.com | tcp |
| US | 104.18.12.249:443 | apkcombo.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | 249.12.18.104.in-addr.arpa | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 41.94.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microvirt.com | udp |
| GB | 38.175.44.15:80 | www.microvirt.com | tcp |
| GB | 38.175.44.20:80 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | apkpure.com | udp |
| US | 8.8.8.8:53 | 15.44.175.38.in-addr.arpa | udp |
| US | 104.22.4.119:443 | apkpure.com | tcp |
| US | 104.22.4.119:443 | apkpure.com | tcp |
| GB | 38.175.44.15:80 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | static.apkpure.com | udp |
| US | 8.8.8.8:53 | image.winudf.com | udp |
| US | 8.8.8.8:53 | i.apkpure.com | udp |
| US | 8.8.8.8:53 | a.apkpure.com | udp |
| US | 104.26.8.22:443 | image.winudf.com | tcp |
| US | 104.22.5.119:443 | a.apkpure.com | tcp |
| US | 8.8.8.8:53 | download.apkpure.com | udp |
| US | 104.22.4.119:443 | download.apkpure.com | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 104.22.5.119:443 | download.apkpure.com | tcp |
| US | 104.22.4.119:443 | download.apkpure.com | tcp |
| US | 104.22.5.119:443 | download.apkpure.com | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 38.175.44.15:80 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | 119.4.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdnpure.com | udp |
| US | 172.67.72.189:443 | cdnpure.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | r.cdnpure.com | udp |
| US | 104.26.14.200:443 | r.cdnpure.com | tcp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.72.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | a.cdnpure.com | udp |
| US | 8.8.8.8:53 | 200.14.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.69.194.173.in-addr.arpa | udp |
| GB | 38.175.44.15:443 | www.microvirt.com | tcp |
| GB | 38.175.44.15:443 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | static.cdnpure.com | udp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| US | 8.8.8.8:53 | svibeacon.onezapp.com | udp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 210.106.226.129.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nc.pubpowerplatform.io | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | ms.pubpowerplatform.io | udp |
| GB | 216.58.201.98:443 | www.googletagservices.com | tcp |
| US | 8.8.8.8:53 | download.apkcombo.com | udp |
| US | 172.67.41.119:443 | ms.pubpowerplatform.io | tcp |
| US | 8.8.8.8:53 | imgrs.apkcombo.org | udp |
| US | 104.22.75.151:443 | ms.pubpowerplatform.io | tcp |
| GB | 142.250.179.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | sync.quantumdex.io | udp |
| US | 104.18.12.249:443 | download.apkcombo.com | tcp |
| US | 8.8.8.8:53 | ss-pbs.quantumdex.io | udp |
| US | 104.26.15.111:443 | imgrs.apkcombo.org | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | assets.pubpowerplatform.io | udp |
| US | 104.22.37.96:443 | ss-pbs.quantumdex.io | tcp |
| US | 104.22.37.96:443 | ss-pbs.quantumdex.io | tcp |
| US | 104.22.75.151:443 | assets.pubpowerplatform.io | tcp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.15.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.37.22.104.in-addr.arpa | udp |
| GB | 142.250.179.246:443 | i.ytimg.com | udp |
| US | 172.67.41.119:443 | assets.pubpowerplatform.io | tcp |
| US | 8.8.8.8:53 | stat.microvirt.com | udp |
| GB | 38.175.44.20:80 | stat.microvirt.com | tcp |
| US | 8.8.8.8:53 | www.memuplay.com | udp |
| CZ | 65.9.95.51:80 | www.memuplay.com | tcp |
| CZ | 65.9.95.51:80 | www.memuplay.com | tcp |
| CZ | 65.9.95.51:80 | www.memuplay.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.179.226:80 | pagead2.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | kr.memuplay.com | udp |
| CZ | 65.9.95.51:80 | www.memuplay.com | tcp |
| GB | 38.175.44.14:80 | stat.microvirt.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | play-games.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 14.44.175.38.in-addr.arpa | udp |
| GB | 142.250.180.1:443 | play-games.googleusercontent.com | udp |
| US | 8.8.8.8:53 | discord.gg | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 38.175.44.14:80 | stat.microvirt.com | tcp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 8.8.8.8:53 | currency.pubpowerplatform.io | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| GB | 172.217.16.234:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| CZ | 65.9.98.75:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| CZ | 65.9.95.3:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 104.18.12.249:443 | download.apkcombo.com | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.98.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.36.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.5.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| US | 172.67.75.241:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | useast.quantumdex.io | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| US | 8.8.8.8:53 | grid-bidder.criteo.com | udp |
| US | 8.8.8.8:53 | prebid.smilewanted.com | udp |
| US | 8.8.8.8:53 | pix.pubpowerplatform.io | udp |
| US | 8.8.8.8:53 | pbjs.e-planning.net | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| NL | 178.250.1.4:443 | grid-bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | 241.75.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| US | 66.206.12.130:443 | useast.quantumdex.io | tcp |
| US | 66.206.12.130:443 | useast.quantumdex.io | tcp |
| US | 66.206.12.130:443 | useast.quantumdex.io | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| US | 104.22.31.209:443 | prebid.smilewanted.com | tcp |
| FR | 163.5.194.30:443 | prebid.a-mo.net | tcp |
| NL | 193.3.178.3:443 | pbjs.e-planning.net | tcp |
| US | 8.8.8.8:53 | 178.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.86.75.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.3.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.12.206.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 225.187.250.142.in-addr.arpa | udp |
| DE | 51.75.86.98:443 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | csync.smilewanted.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| DE | 162.19.138.116:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| NL | 103.67.200.72:443 | sync.adkernel.com | tcp |
| NL | 103.67.200.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | ads.betweendigital.com | udp |
| NL | 103.67.200.72:443 | sync.adkernel.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| NL | 188.42.191.196:443 | ads.betweendigital.com | tcp |
| US | 44.216.67.254:443 | cs-server-s2s.yellowblue.io | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| NL | 103.67.200.72:443 | sync.adkernel.com | tcp |
| GB | 23.219.196.188:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ssp.disqus.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 3.209.23.233:443 | ssp.disqus.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| NL | 185.89.211.116:443 | ib.adnxs.com | tcp |
| IE | 52.211.167.64:443 | ap.lijit.com | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| NL | 185.235.87.233:443 | ag.gbc.criteo.com | tcp |
| FR | 185.235.86.196:443 | gem.gbc.criteo.com | tcp |
| CZ | 65.9.95.76:443 | s.ad.smaato.net | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | static.smilewanted.com | udp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| CZ | 65.9.95.56:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | sync.smartadserver.com | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.200.67.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.191.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.196.219.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.67.216.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.167.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.30.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.87.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.86.235.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.23.209.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.95.9.65.in-addr.arpa | udp |
| NL | 89.149.192.73:443 | sync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | ssp-sync.criteo.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 178.250.1.7:443 | ssp-sync.criteo.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 70.42.32.191:443 | b1sync.zemanta.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 54.194.32.85:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | eexsync.com | udp |
| US | 80.77.87.108:443 | eexsync.com | tcp |
| US | 8.8.8.8:53 | hstat.microvirt.com | udp |
| US | 8.8.8.8:53 | 73.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.32.194.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.87.77.80.in-addr.arpa | udp |
| GB | 38.175.44.19:443 | hstat.microvirt.com | tcp |
| US | 8.8.8.8:53 | 0cc68ef33aa87a77b9101b21d8a75d8e.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | connectid.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| GB | 142.250.180.1:443 | 0cc68ef33aa87a77b9101b21d8a75d8e.safeframe.googlesyndication.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| CZ | 65.9.95.26:443 | connectid.analytics.yahoo.com | tcp |
| CZ | 13.226.89.128:443 | cdn.prod.uidapi.com | tcp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| CZ | 65.9.95.100:443 | tags.crwdcntrl.net | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| IE | 34.255.228.185:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.89.226.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.62.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.228.255.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| CZ | 65.9.9.197:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | shb.richaudience.com | udp |
| US | 8.8.8.8:53 | exchange.cootlogix.com | udp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| DE | 178.63.241.79:443 | shb.richaudience.com | tcp |
| US | 206.81.13.56:443 | exchange.cootlogix.com | tcp |
| US | 206.81.13.56:443 | exchange.cootlogix.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 52.95.125.22:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 197.9.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.241.63.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.13.81.206.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.125.95.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.eu.criteo.com | udp |
| US | 8.8.8.8:53 | cat.nl3.eu.criteo.com | udp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | widget.nl3.eu.criteo.com | udp |
| NL | 178.250.1.9:443 | widget.nl3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | csm.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | imageproxy.eu.criteo.net | udp |
| US | 8.8.8.8:53 | 6.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 15.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | sync.cootlogix.com | udp |
| DE | 148.251.40.113:443 | sync.richaudience.com | tcp |
| US | 67.205.187.203:443 | sync.cootlogix.com | tcp |
| US | 8.8.8.8:53 | cacerts.rapidssl.com | udp |
| SE | 192.229.221.95:80 | cacerts.rapidssl.com | tcp |
| US | 8.8.8.8:53 | 113.40.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.187.205.67.in-addr.arpa | udp |
| CZ | 65.9.98.75:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | imgrs.apkcombo.com | udp |
| US | 8.8.8.8:53 | csm.nl3.eu.criteo.net | udp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.nl3.eu.criteo.net | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tapi.apkpure.net | udp |
| US | 104.22.42.111:443 | tapi.apkpure.net | tcp |
| US | 104.22.42.111:443 | tapi.apkpure.net | tcp |
| US | 104.22.42.111:443 | tapi.apkpure.net | tcp |
| US | 104.22.42.111:443 | tapi.apkpure.net | tcp |
| US | 8.8.8.8:53 | 111.42.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static-sg.winudf.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.193:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 193.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.117.19.2.in-addr.arpa | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 8.8.8.8:53 | t3.cdnpure.com | udp |
| GB | 38.175.44.14:80 | hstat.microvirt.com | tcp |
| US | 8.8.8.8:53 | www.microvirt.com | udp |
| GB | 38.175.44.15:443 | www.microvirt.com | tcp |
| GB | 38.175.44.15:443 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | www.baidu.com | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.cdnpure.com | udp |
| US | 8.8.8.8:53 | cdnpure.com | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| GB | 142.250.180.2:443 | www.googletagservices.com | tcp |
| US | 8.8.8.8:53 | hstat.microvirt.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 38.175.44.19:443 | hstat.microvirt.com | tcp |
| US | 8.8.8.8:53 | d.apkpure.com | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 8.8.8.8:53 | 093341f6902453ea48309650adb60ec0.safeframe.googlesyndication.com | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 8.8.8.8:53 | d-15.winudf.com | udp |
| FR | 51.38.62.138:443 | d-15.winudf.com | tcp |
| US | 8.8.8.8:53 | 138.62.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| N/A | 127.0.0.1:57893 | tcp | |
| N/A | 127.0.0.1:60452 | tcp | |
| GB | 38.175.44.19:443 | hstat.microvirt.com | tcp |
| GB | 38.175.44.19:443 | hstat.microvirt.com | tcp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | 15.173.189.20.in-addr.arpa | udp |
| N/A | 127.0.0.1:5037 | tcp | |
| N/A | 127.0.0.1:50398 | tcp | |
| N/A | 127.0.0.1:50400 | tcp | |
| N/A | 127.0.0.1:5354 | tcp | |
| N/A | 127.0.0.1:5555 | tcp | |
| N/A | 127.0.0.1:5557 | tcp | |
| N/A | 127.0.0.1:5559 | tcp | |
| N/A | 127.0.0.1:5561 | tcp | |
| N/A | 127.0.0.1:5563 | tcp | |
| N/A | 127.0.0.1:5565 | tcp | |
| N/A | 127.0.0.1:5354 | tcp | |
| N/A | 127.0.0.1:5567 | tcp | |
| N/A | 127.0.0.1:5569 | tcp | |
| N/A | 127.0.0.1:5571 | tcp | |
| N/A | 127.0.0.1:5573 | tcp | |
| N/A | 127.0.0.1:5575 | tcp | |
| N/A | 127.0.0.1:5354 | tcp | |
| N/A | 127.0.0.1:5577 | tcp | |
| N/A | 127.0.0.1:5579 | tcp | |
| N/A | 127.0.0.1:5581 | tcp | |
| N/A | 127.0.0.1:5583 | tcp | |
| N/A | 127.0.0.1:5585 | tcp | |
| US | 8.8.8.8:53 | hstat.microvirt.com | udp |
| GB | 38.175.44.18:443 | hstat.microvirt.com | tcp |
| N/A | 127.0.0.1:50469 | tcp | |
| N/A | 127.0.0.1:5037 | tcp | |
| N/A | 127.0.0.1:5037 | tcp | |
| US | 8.8.8.8:53 | 18.44.175.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microvirt.com | udp |
| GB | 38.175.44.14:443 | www.microvirt.com | tcp |
| GB | 38.175.44.14:443 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | www.baidu.com | udp |
| N/A | 127.0.0.1:5037 | tcp | |
| N/A | 127.0.0.1:5037 | tcp | |
| US | 8.8.8.8:53 | hstat.microvirt.com | udp |
| GB | 38.175.44.18:443 | hstat.microvirt.com | tcp |
| N/A | 127.0.0.1:50505 | tcp | |
| N/A | 127.0.0.1:50508 | tcp | |
| GB | 38.175.44.18:443 | hstat.microvirt.com | tcp |
| US | 8.8.8.8:53 | svibeacon.onezapp.com | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| GB | 92.123.128.175:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 175.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| GB | 92.123.128.144:443 | th.bing.com | tcp |
| GB | 92.123.128.169:443 | r.bing.com | tcp |
| GB | 92.123.128.169:443 | r.bing.com | tcp |
| GB | 92.123.128.144:443 | th.bing.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| HK | 129.226.106.210:443 | svibeacon.onezapp.com | tcp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 13.107.21.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | www.bignox.com | udp |
| US | 104.18.48.154:443 | www.bignox.com | tcp |
| US | 104.18.48.154:443 | www.bignox.com | tcp |
| US | 8.8.8.8:53 | res11.bignox.com | udp |
| US | 8.8.8.8:53 | res02.noxgroup.com | udp |
| US | 104.18.6.146:443 | res02.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res02.noxgroup.com | tcp |
| CZ | 65.9.95.66:443 | res11.bignox.com | tcp |
| US | 8.8.8.8:53 | bi.noxgroup.com | udp |
| US | 104.18.6.146:443 | res02.noxgroup.com | tcp |
| US | 8.8.8.8:53 | res06.noxgroup.com | udp |
| US | 8.8.8.8:53 | 154.48.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.6.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | res06.bignox.com | udp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.6.146:443 | res06.noxgroup.com | tcp |
| US | 104.18.53.109:443 | res06.bignox.com | tcp |
| US | 8.8.8.8:53 | 109.53.18.104.in-addr.arpa | udp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| US | 8.8.8.8:53 | 251.21.210.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 133.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api-new.bignox.com | udp |
| CN | 59.110.43.133:443 | api-new.bignox.com | tcp |
| CN | 59.110.43.133:443 | api-new.bignox.com | tcp |
| US | 8.8.8.8:53 | support.bignox.com | udp |
| US | 104.18.48.154:443 | support.bignox.com | tcp |
| US | 104.18.48.154:443 | support.bignox.com | tcp |
| US | 8.8.8.8:53 | 40.169.217.172.in-addr.arpa | udp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| HK | 103.210.21.251:443 | bi.noxgroup.com | tcp |
| US | 8.8.8.8:53 | www.microvirt.com | udp |
| GB | 38.175.44.18:443 | www.microvirt.com | tcp |
| GB | 38.175.44.18:443 | www.microvirt.com | tcp |
| US | 8.8.8.8:53 | hstat.microvirt.com | udp |
| GB | 38.175.44.14:443 | hstat.microvirt.com | tcp |
| GB | 92.123.128.133:443 | www.bing.com | tcp |
| GB | 92.123.128.133:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.139:443 | th.bing.com | tcp |
| GB | 92.123.128.186:443 | r.bing.com | tcp |
| GB | 92.123.128.186:443 | r.bing.com | tcp |
| GB | 92.123.128.139:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 133.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.ldplayer.net | udp |
| GB | 163.181.154.241:443 | www.ldplayer.net | tcp |
| GB | 163.181.154.241:443 | www.ldplayer.net | tcp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 8.8.8.8:53 | cmp.setupcmp.com | udp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| GB | 79.133.176.186:443 | cdn.ldplayer.net | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | res.ldrescdn.com | udp |
| GB | 163.181.154.237:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.237:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.237:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.237:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.237:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.237:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 241.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.4.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.179.238:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | apien.ldplayer.net | udp |
| US | 8.8.8.8:53 | usersdk.ldmnq.com | udp |
| US | 8.8.8.8:53 | play-lh.googleusercontent.com | udp |
| GB | 142.250.179.238:443 | apis.google.com | udp |
| GB | 79.133.176.174:443 | apien.ldplayer.net | tcp |
| GB | 79.133.176.174:443 | apien.ldplayer.net | tcp |
| GB | 79.133.176.174:443 | apien.ldplayer.net | tcp |
| GB | 142.250.179.246:443 | play-lh.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.176.133.79.in-addr.arpa | udp |
| SG | 47.236.4.49:443 | usersdk.ldmnq.com | tcp |
| SG | 47.236.4.49:443 | usersdk.ldmnq.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 49.4.236.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stpd.cloud | udp |
| US | 104.18.30.49:443 | stpd.cloud | tcp |
| US | 8.8.8.8:53 | 49.30.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | prebid-stag.setupad.net | udp |
| US | 8.8.8.8:53 | prebid-eu.creativecdn.com | udp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| CZ | 65.9.95.35:443 | tagan.adlightning.com | tcp |
| CZ | 65.9.98.75:443 | c.amazon-adsystem.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| NL | 89.149.192.241:443 | prg.smartadserver.com | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| FR | 163.5.194.31:443 | prebid.a-mo.net | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| DK | 37.157.4.29:443 | adx.adform.net | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.8.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.4.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| CZ | 65.9.95.29:443 | config.aps.amazon-adsystem.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| CZ | 65.9.9.197:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| CZ | 65.9.95.74:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 1x1.a-mo.net | udp |
| US | 8.8.8.8:53 | b277aa67e9699e9f4b6d528aa8ef4132.safeframe.googlesyndication.com | udp |
| DE | 3.123.214.38:443 | 1x1.a-mo.net | tcp |
| GB | 142.250.180.1:443 | b277aa67e9699e9f4b6d528aa8ef4132.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| IE | 54.77.205.105:443 | bcp.crwdcntrl.net | tcp |
| NL | 63.215.202.146:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.175.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.214.123.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.205.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| NL | 89.149.192.244:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| DK | 37.157.5.87:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | 244.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.25.89.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 8.8.8.8:53 | setupad-d.openx.net | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 34.1.239.132:443 | csync.loopme.me | tcp |
| DK | 37.157.2.229:443 | c1.adform.net | tcp |
| NL | 185.89.210.244:443 | secure.adnxs.com | tcp |
| FR | 163.5.194.32:443 | sync.a-mo.net | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| FR | 149.202.238.104:443 | rtb-csync.smartadserver.com | tcp |
| FR | 149.202.238.104:443 | rtb-csync.smartadserver.com | tcp |
| FR | 149.202.238.104:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | 132.239.1.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.158.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prebid.adnxs.com | udp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.208.89.185.in-addr.arpa | udp |
| N/A | 127.0.0.1:53887 | tcp | |
| US | 8.8.8.8:53 | res.ldrescdn.com | udp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | apien.ldmnq.com | udp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 185.176.133.79.in-addr.arpa | udp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 146.48.219.8.in-addr.arpa | udp |
| NL | 89.149.192.241:443 | prg.smartadserver.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 193.192.149.89.in-addr.arpa | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | udp |
| GB | 2.19.117.143:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 97.136.219.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apien.ldmnq.com | udp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | 1x1.a-mo.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| DE | 52.28.26.73:443 | 1x1.a-mo.net | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 73.26.28.52.in-addr.arpa | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | middledata.ldplayer.net | udp |
| US | 8.8.8.8:53 | discord.gg | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 162.159.135.234:443 | discord.gg | tcp |
| US | 162.159.135.234:443 | discord.gg | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.136.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 234.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.136.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | res.ldrescdn.com | udp |
| US | 8.8.8.8:53 | ad.ldplayer.net | udp |
| US | 8.8.8.8:53 | apien.ldplayer.net | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| GB | 79.133.176.174:443 | apien.ldplayer.net | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 242.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.94.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.89.9.65.in-addr.arpa | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.130.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.130.233:443 | cdn.discordapp.com | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | encdn.ldmnq.com | udp |
| US | 8.8.8.8:53 | 233.130.159.162.in-addr.arpa | udp |
| GB | 163.181.154.242:443 | encdn.ldmnq.com | tcp |
| GB | 163.181.154.242:443 | encdn.ldmnq.com | tcp |
| US | 8.8.8.8:53 | www.ldplayer.net | udp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| GB | 163.181.154.242:443 | www.ldplayer.net | tcp |
| GB | 163.181.154.237:443 | www.ldplayer.net | tcp |
| GB | 79.133.176.186:443 | cdn.ldplayer.net | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | res.ldrescdn.com | udp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 163.181.154.238:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| GB | 172.217.16.246:443 | i.ytimg.com | udp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| US | 8.8.8.8:53 | res.ldplayer.net | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| GB | 79.133.176.235:443 | res.ldplayer.net | tcp |
| US | 104.18.30.49:443 | stpd.cloud | tcp |
| US | 8.8.8.8:53 | apien.ldplayer.net | udp |
| GB | 79.133.176.174:443 | apien.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 238.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.176.133.79.in-addr.arpa | udp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | tagan.adlightning.com | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| CZ | 65.9.95.22:443 | tagan.adlightning.com | tcp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.200.6:443 | static.doubleclick.net | tcp |
| US | 104.26.8.178:443 | prebid-stag.setupad.net | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.42:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| FR | 163.5.194.35:443 | prebid.a-mo.net | tcp |
| DK | 37.157.5.84:443 | adx.adform.net | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 172.67.36.110:443 | cdn.hadronid.net | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| CZ | 65.9.9.197:443 | aax.amazon-adsystem.com | tcp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| DK | 37.157.5.87:443 | adx.adform.net | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 22.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.5.157.37.in-addr.arpa | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.242:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | fee91ae42406dc3f827a4dfa99482af5.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 1x1.a-mo.net | udp |
| US | 8.8.8.8:53 | e7ed56587bf6e917cc7c57387c34f759.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 2f678da26430bc26ac7071a31453ace5.safeframe.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | 2f678da26430bc26ac7071a31453ace5.safeframe.googlesyndication.com | tcp |
| DE | 52.28.26.73:443 | 1x1.a-mo.net | tcp |
| GB | 142.250.180.1:443 | 2f678da26430bc26ac7071a31453ace5.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.1:443 | 2f678da26430bc26ac7071a31453ace5.safeframe.googlesyndication.com | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| US | 8.8.8.8:53 | apien.ldmnq.com | udp |
| GB | 79.133.176.185:80 | apien.ldmnq.com | tcp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 34.98.64.218:443 | u.openx.net | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| DE | 80.82.210.217:443 | dsp-cookie.adfarm1.adition.com | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| IE | 34.253.109.63:443 | match.prod.bidr.io | tcp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.210.82.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.109.253.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| NL | 89.149.193.89:443 | rtb-csync.smartadserver.com | tcp |
| DE | 18.197.30.174:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pxl.iqm.com | udp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | tcp |
| US | 34.193.171.116:443 | pxl.iqm.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| GB | 142.250.187.226:443 | cm.g.doubleclick.net | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | x2.i.lencr.org | udp |
| GB | 2.19.169.32:80 | x2.i.lencr.org | tcp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| US | 8.8.8.8:53 | 161.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.171.193.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.169.19.2.in-addr.arpa | udp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:6464 | tcp | |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| N/A | 127.0.0.1:6467 | tcp | |
| N/A | 127.0.0.1:6468 | tcp | |
| N/A | 127.0.0.1:6469 | tcp | |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| N/A | 127.0.0.1:6470 | tcp | |
| N/A | 127.0.0.1:6471 | tcp | |
| N/A | 127.0.0.1:6472 | tcp | |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.201.99:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| GB | 92.123.128.164:443 | www.bing.com | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 164.128.123.92.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.165:443 | r.bing.com | tcp |
| GB | 92.123.128.165:443 | r.bing.com | tcp |
| GB | 92.123.128.170:443 | th.bing.com | tcp |
| GB | 92.123.128.170:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 165.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 142.250.178.2:443 | ade.googlesyndication.com | tcp |
| GB | 142.250.178.2:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | ad.ldplayer.net | udp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| NL | 81.17.55.99:443 | prg.smartadserver.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | bi.noxgroup.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 3.32.239.216.in-addr.arpa | udp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.125:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | ad.ldplayer.net | udp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 53.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.178.3:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| GB | 142.250.178.3:80 | o.pki.goog | tcp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| GB | 142.250.178.3:80 | www.gstatic.com | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.178.3:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | o.pki.goog | udp |
| GB | 142.250.178.3:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | 223.32.239.216.in-addr.arpa | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| CZ | 65.9.95.53:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.ldplayer.net | udp |
| CZ | 65.9.95.126:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 126.95.9.65.in-addr.arpa | udp |
| CZ | 65.9.95.126:443 | ad.ldplayer.net | tcp |
| US | 8.8.8.8:53 | hstat.microvirt.com | udp |
| N/A | 127.0.0.1:57360 | tcp | |
| N/A | 127.0.0.1:5037 | tcp | |
| GB | 38.175.44.14:443 | hstat.microvirt.com | tcp |
| N/A | 127.0.0.1:59026 | tcp | |
| N/A | 127.0.0.1:59035 | tcp | |
| N/A | 127.0.0.1:5354 | tcp | |
| N/A | 127.0.0.1:5555 | tcp | |
| N/A | 127.0.0.1:5037 | tcp | |
| N/A | 127.0.0.1:5557 | tcp | |
| N/A | 127.0.0.1:5559 | tcp | |
| N/A | 127.0.0.1:5561 | tcp | |
| N/A | 127.0.0.1:5563 | tcp | |
| N/A | 127.0.0.1:5565 | tcp | |
| N/A | 127.0.0.1:5354 | tcp | |
| N/A | 127.0.0.1:5567 | tcp | |
| N/A | 127.0.0.1:5569 | tcp | |
| N/A | 127.0.0.1:5571 | tcp | |
| N/A | 127.0.0.1:5573 | tcp | |
| N/A | 127.0.0.1:5575 | tcp | |
| N/A | 127.0.0.1:5354 | tcp | |
| N/A | 127.0.0.1:5577 | tcp | |
| N/A | 127.0.0.1:5579 | tcp | |
| N/A | 127.0.0.1:5581 | tcp | |
| N/A | 127.0.0.1:5583 | tcp | |
| N/A | 127.0.0.1:5585 | tcp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 172.217.169.42:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.179.238:443 | apis.google.com | udp |
| GB | 172.217.169.42:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 172.217.169.78:443 | clients2.google.com | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 216.58.201.110:443 | consent.google.com | tcp |
| GB | 216.58.201.110:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | appetize.io | udp |
| US | 3.209.111.84:443 | appetize.io | tcp |
| US | 3.209.111.84:443 | appetize.io | tcp |
| US | 3.209.111.84:443 | appetize.io | tcp |
| US | 3.209.111.84:443 | appetize.io | tcp |
| US | 8.8.8.8:53 | 84.111.209.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.hs-scripts.com | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | app.posthog.com | udp |
| GB | 2.19.117.161:443 | snap.licdn.com | tcp |
| US | 104.16.139.209:443 | js.hs-scripts.com | tcp |
| US | 172.67.40.50:443 | app.posthog.com | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | us.i.posthog.com | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 34.196.8.201:443 | us.i.posthog.com | tcp |
| US | 34.196.8.201:443 | us.i.posthog.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | js.hs-analytics.net | udp |
| US | 8.8.8.8:53 | js.hsadspixel.net | udp |
| US | 8.8.8.8:53 | js.hs-banner.com | udp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | tcp |
| US | 104.18.139.17:443 | js.hsleadflows.net | tcp |
| US | 104.17.175.201:443 | js.hs-analytics.net | tcp |
| US | 104.17.223.152:443 | js.hsadspixel.net | tcp |
| US | 104.18.40.240:443 | js.hs-banner.com | tcp |
| US | 8.8.8.8:53 | 161.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.139.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.40.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.hubapi.com | udp |
| US | 104.18.244.108:443 | api.hubapi.com | tcp |
| US | 8.8.8.8:53 | us-assets.i.posthog.com | udp |
| US | 104.22.58.181:443 | us-assets.i.posthog.com | tcp |
| US | 8.8.8.8:53 | appetizeio-static.s3.amazonaws.com | udp |
| US | 3.5.29.104:443 | appetizeio-static.s3.amazonaws.com | tcp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.8.196.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.139.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.175.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.40.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.244.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.58.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.29.5.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | track.hubspot.com | udp |
| US | 8.8.8.8:53 | o1012665.ingest.sentry.io | udp |
| US | 3.209.111.84:443 | appetize.io | tcp |
| US | 104.16.118.116:443 | track.hubspot.com | tcp |
| US | 104.16.118.116:443 | track.hubspot.com | tcp |
| US | 34.120.195.249:443 | o1012665.ingest.sentry.io | tcp |
| US | 8.8.8.8:53 | forms.hubspot.com | udp |
| US | 104.16.117.116:443 | forms.hubspot.com | tcp |
| US | 8.8.8.8:53 | api.uptimerobot.com | udp |
| US | 8.8.8.8:53 | js.appetize.io | udp |
| US | 172.67.71.214:443 | api.uptimerobot.com | tcp |
| CZ | 65.9.95.58:443 | js.appetize.io | tcp |
| US | 34.120.195.249:443 | o1012665.ingest.sentry.io | udp |
| US | 3.209.111.84:443 | appetize.io | tcp |
| US | 8.8.8.8:53 | 116.118.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.117.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.71.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.95.9.65.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | apkonline.net | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | now.gg | udp |
| CZ | 65.9.95.7:443 | now.gg | tcp |
| CZ | 65.9.95.7:443 | now.gg | tcp |
| US | 8.8.8.8:53 | cdn.now.gg | udp |
| CZ | 65.9.95.7:443 | now.gg | udp |
| US | 8.8.8.8:53 | cdn.debugbear.com | udp |
| US | 35.201.96.38:443 | cdn.debugbear.com | tcp |
| GB | 2.23.210.22:443 | cdn.now.gg | tcp |
| GB | 2.23.210.22:443 | cdn.now.gg | tcp |
| GB | 2.23.210.22:443 | cdn.now.gg | tcp |
| GB | 2.23.210.22:443 | cdn.now.gg | tcp |
| GB | 2.23.210.22:443 | cdn.now.gg | tcp |
| GB | 2.23.210.22:443 | cdn.now.gg | tcp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| CZ | 65.9.95.26:443 | cmp.inmobi.com | tcp |
| GB | 2.23.210.22:443 | cdn.now.gg | udp |
| US | 8.8.8.8:53 | sessions.bugsnag.com | udp |
| US | 8.8.8.8:53 | 38.96.201.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.95.9.65.in-addr.arpa | udp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | tcp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | tcp |
| CZ | 65.9.95.7:443 | now.gg | udp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | tcp |
| CZ | 65.9.95.26:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 7.88.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 54.93.131.77:443 | api.cmp.inmobi.com | tcp |
| DE | 54.93.131.77:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 77.131.93.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | cms-cdn.now.gg | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 2.23.210.10:443 | cms-cdn.now.gg | tcp |
| GB | 2.23.210.10:443 | cms-cdn.now.gg | tcp |
| GB | 2.23.210.10:443 | cms-cdn.now.gg | tcp |
| GB | 2.23.210.10:443 | cms-cdn.now.gg | tcp |
| GB | 2.23.210.10:443 | cms-cdn.now.gg | tcp |
| GB | 2.23.210.10:443 | cms-cdn.now.gg | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 2.23.210.10:443 | cms-cdn.now.gg | udp |
| US | 8.8.8.8:53 | 10.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn3.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn3.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn3.gstatic.com | tcp |
| GB | 216.58.201.110:443 | encrypted-tbn1.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn2.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn3.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | us.i.posthog.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| GB | 142.250.180.3:443 | www.google.co.uk | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a0486d6f8406d852dd805b66ff467692 |
| SHA1 | 77ba1f63142e86b21c951b808f4bc5d8ed89b571 |
| SHA256 | c0745fd195f3a51b27e4d35a626378a62935dccebefb94db404166befd68b2be |
| SHA512 | 065a62032eb799fade5fe75f390e7ab3c9442d74cb8b520d846662d144433f39b9186b3ef3db3480cd1d1d655d8f0630855ed5d6e85cf157a40c38a19375ed8a |
\??\pipe\LOCAL\crashpad_512_ICGIWLJRNBSZIUPN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | dc058ebc0f8181946a312f0be99ed79c |
| SHA1 | 0c6f376ed8f2d4c275336048c7c9ef9edf18bff0 |
| SHA256 | 378701e87dcff90aa092702bc299859d6ae8f7e313f773bf594f81df6f40bf6a |
| SHA512 | 36e0de64a554762b28045baebf9f71930c59d608f8d05c5faf8906d62eaf83f6d856ef1d1b38110e512fbb1a85d3e2310be11a7f679c6b5b3c62313cc7af52aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fa378fd2103d551b7de808fc4e019989 |
| SHA1 | ae922d345ef5d527518426683a0c0e1584f1329b |
| SHA256 | de14e0b2c54ca4fb51a56a677ffebd4f668a9c5a7a9579d519004e7fe8ed2aa4 |
| SHA512 | a4b946a9cfe8e5678a0be8acdf4b0ed209750e8013903b03d6ac9ef1a6c9df79188290434b6e67d49a68fff8f8a33ec7c427921efb1d3076fc30aac69ad4375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a6786c1cd9af20958fadc9280b8c3071 |
| SHA1 | 110398a4c3b85ac6810e0aca12b63f130a3a7230 |
| SHA256 | 8659f106760ac3984b4ee43d7e6dfab2934cc9a6405d94cd6c384ac2cc48e436 |
| SHA512 | 59eb5517f9eb23567a39a60fb4de3b3f8f65d5563c564dee8dae213523b424f875feb0ba939d4af90d22704eb8b6bf96ecfd9cb1746754652de30e7c52fc0447 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5a16d60013b6f416f5028b6ae1573394 |
| SHA1 | d2123f242f32458a1381d4c94a33e796c0efc129 |
| SHA256 | 0a9c6dbc1bad57c45d76bb0e75789bc9ba014c6969b594b70a4e13ea10ecf380 |
| SHA512 | 66a8b34fcc13093f9105b6a4b8f3ea6e15fe8b187678c5c21f1ebada78bfaf147c080f998599f7c3ad7b0543a708ae3cfb800d6f58d4029d6ee2a50eee6faa09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4949cca3d1010d9f66064e0d031d904b |
| SHA1 | d31ef5ca05f3f6a268efd20d2866e51146fc1765 |
| SHA256 | b05e249746983721f16d94c89e542ff4e578e899263de4e9f1a90ba52602eed2 |
| SHA512 | a655f0e1ef42d4eccca8bf53104a8c4cd20f62296ce43a79673e6463ad323a1b7666583ec709574a94ca87626ea968accd5acdbfc08963075e4e0e9fbc194e21 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting.Uh1380
| MD5 | 491ba887a09450cb2f038fae2e08f924 |
| SHA1 | 5371eaf86de4cb9a3ec8a37a7125f745266fd208 |
| SHA256 | 89c19f5a76c69610ce8202a3fdadd6762f06530fc604fd6cc59f4d098a5cd067 |
| SHA512 | 59d7935525c7da96d02ee5780462506acfaa75abe83161249e6aab2a53c65bd1b0381b7216d37c7af3aedee5fb7445f2f85e6cd9733461b8ac572f0b3c2b0d78 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting.lock
| MD5 | 8d7677609be8df94d004df6fc941aa92 |
| SHA1 | dcc22b7e47ffa72f6cbd10bf2535b6a74624cc05 |
| SHA256 | 692d0db156dc4360df2d7823df06a2e2060d9f25e3cc084462e590ad70b3f356 |
| SHA512 | b191120db53248a4103d015f6a7997ee1f4fd103d10603e10b8981a486272159eb4809ceedde0c47baa265576c386eb6543b217ff0d3bbad5b818887491b52db |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 9ab90601636f2ea04dc2a491942d339e |
| SHA1 | ba9cb8f7eafd08eff354bb27ab83e5e648cf59f6 |
| SHA256 | ef1a7b194ad8fdd9046c151bbf100d76cfcce4c88e5793d85bfaad6771b34c65 |
| SHA512 | dda5671c042e65074e61403494245f9168c257675c5644aab012e4a92a1528b6b330ae8152244b957f118a5ebb31cc5149da9edaeac834b0af7db9d13dd838d4 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 1cf014d975c6e63cec740734072b79fd |
| SHA1 | c8ec044af884e9481d16ff203612e6c5a03253ac |
| SHA256 | d74a373b3286de25d4d52bcd159239f6ce75d2e98982bc5340f66282b3ce0f6e |
| SHA512 | 24aab0eba4028d491c383db032404cfd0d41faa3d068e7e70584ba1214bf3d2665c3aaab8f83c012b9ffdbe4edd6878f45cf4af24e34b8cb630b7c93af9af400 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | b7e08e95b28672d84a2efd88cfad99d3 |
| SHA1 | a2d965d1940b25786f700156156a3fc4217454c4 |
| SHA256 | 6f065edd2b42199494fe601713258ae142c6336556b3c43f70b42451c08dfb86 |
| SHA512 | 0b3e5dff65d9aeaca8d18658f1a49939602f6aafd684afdb01da569709d0b4ab4fa54c304a8b9176be8df4511ad085911498ff84d86955934046fc0079685abd |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 79b4d2a6b942b8a554b1617fa24ac9d9 |
| SHA1 | 6ccde0b0035279ed2d5b3cb46c71383ad4d63f3e |
| SHA256 | 1f042c533a3b4e061144ad0821bbdf224aaffe7c3a568e05679d33acf726de18 |
| SHA512 | 78d7145f93c8bc49302fb5eb02ae43f23b40f85963da2ead957341978f933c8c2de96ac225b528fe64e0806396eaee7d89b5cfff05acbfe94c4e4bbde2110b95 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | e95471b4f04653e6c47795b3e4e9a63a |
| SHA1 | 2124e34ca48bd51754ab104e47b1d4a871c599c0 |
| SHA256 | b7defb4d6d3fa434cc7c6764c46ab48f64d54d585433e390e7216e7007321775 |
| SHA512 | edc7fa1a0dece3c70244a787ff6d5dde0d76a5cdc3c83f1377ab8a0ef8bccc9e6e44cfbe174ec2567393fc8db68687baa2fc46246f55a942c8f0484b722033c7 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 09081bd9f831647ebec58b367c6f66b0 |
| SHA1 | cc5b84153f2c903967aa478e96bed4de17d490dd |
| SHA256 | ee3a75f089afc77d408dfea9ab4c42192a0a3c0697c2f0a6c8cb401a35685c47 |
| SHA512 | f4856265d87975f2cb30daad9258f9fdfa6972d6cd37c6bc94ba942e44a5d6f960b395351a6ff9a046f3b5aeb3f88faac8a7b2e9b5cc900d6aece77f3c7dac5f |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | c1d37fdaaa4b8bba1b7f1621d5d6d02a |
| SHA1 | a7825452c43f8261068294cf3e282de6c20a3692 |
| SHA256 | 44bcbbf37d491de0ce45ca26356ef1056377516d084bd183f727387fb76e0e21 |
| SHA512 | 6616b9c31de4259cea48587def19fc4bdf35230e4c20927783ef623fb9b04f9eec19a8edd51998d4580e3094a754c96e643a75b09ed7cfd525962b8692009e85 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 9a395f90bd965a9eb45cd19f0770f359 |
| SHA1 | ad41d0924e363b30e19896a47a14d3427195ffae |
| SHA256 | 4010e181ad98704a1e3c9042ed11e71a481dff960d4b5e9b3c99454060e62641 |
| SHA512 | 47a9ca1073c0af2131b4df7ba2ce445126eac6a04003cc72bad4011438e5747e6a5ae662fb34eddfd3ac291a68f4d3cbdfdeac78a5262d1f6d9783cd583b7585 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | e1dd48107b6c11be6186e78309dc0671 |
| SHA1 | a3b417b3b3519b1e81aaeb99792c2d584168e30c |
| SHA256 | 09ab59ebde7a4be8ad99a2235ac3891de0ed2d283cd71b77a353f644d02ea31c |
| SHA512 | 524b109b9f1a0571f09601d03d09d91dcf6387f460c121a0c0a917562886b9ae65233c31aede7a753f3bcb78b9aca81a28537f8eec03a6301854142efb18f3ef |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 65f1f24986101764034af39c1a24cfaa |
| SHA1 | e3a482b290dcc2dd3efeba4d7642e074a47ad8dc |
| SHA256 | 44ea8d2b1ff71112660dcde38b0c41296138232168de54b9ebc28038ecff8faa |
| SHA512 | df378833adbb45de73ccd87b734a17102ec8af9ebf55937b3df18eb53930044fa28940b42b50167e56e164bf6602045d22d52ca06df40b08d614aef4f2166e7e |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | b5e1b44fddb3fc557a81a78f95bc2462 |
| SHA1 | e743e319aa58fd5960e9d755aa1f732fc6d92ce0 |
| SHA256 | 9d6c73a134ab0bb03ac873fdb44b075f0e91a192da45861105081095f65e8683 |
| SHA512 | 39bf7b9f5d78c9f94539de3afa05731f97edc30a5551fd8313ce8299b5598cabe4c190c20ac91d47acc54273982fc62159e3f5fcfef1e9ce22e73c28ac4c225e |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | ac697fa27023fb3e32cc1efda2ac94f4 |
| SHA1 | 8fdebb572a0747777b7a3d76f8a02ec827f517ee |
| SHA256 | e398df4d1b4d81660dad0ecf62987a8e5ae5fe58b952b575e3c5e9b85a8dc4ad |
| SHA512 | f8fb0f0da490c2b4bf06a5615f43c0de8dc39bb7ee4264469a6636c0b8e0577bae45b23294353615d46a50b64254c20e48f852d7e1044a06c2f117cf035d8beb |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 79699398cdb2d57a1a1878aad5842333 |
| SHA1 | a7fa8ebcd064f27c7cfae404b9b3655199a776a0 |
| SHA256 | 77e9358ad567e1ef79f58fb87b5b0704708cdd2ab9779716958b7637ce0936c0 |
| SHA512 | efb66eaf656fe64e21de13d904ac2a07ae3bf1b565ddc6ba5eac8137c80eda836a44ac56823074fe97b18275bfbcfa86ee7cdff9939057c9d01915c264e5ded1 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 86ad1e07ad63fcb8c90488e6a31c8b49 |
| SHA1 | 36f9bac4c0f30da362951e77a405ed9593fdfc41 |
| SHA256 | 489b080fc4382f5ab5a65cc2b33ce49c2e074bed8acbf8a158b84f5674d37c64 |
| SHA512 | 66cbb9986fd1637ae4531ffff5d7cd8a1e6756e9eba9aa3c661e7f7c262e6ea6236ffc37fa59446fb8202b5d72d06e939fd73a0e1864945f97e0ba5c8f7b697e |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | fd9b08d3c6a8e1f357f9ead6220f4cb5 |
| SHA1 | 4170f06ea5cbd957a3d66ddd0ee68b94ecf134ac |
| SHA256 | a02e47d5b375ef4ea88c176be14cfa631cb38e80d47047c28593a9179981a582 |
| SHA512 | 52bd2694f649f869cb01fadb9ffdbf747aa47fdcae91f0253588458d22c5eb12dbe0e1e4655ccd1d89a1f13b52c25e5193628090dc80024fd3726b33014a9d01 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 2a1d8fb901115f5c602dd60ee362a7e8 |
| SHA1 | 70bdcd8f95a60bad9c9df9649261c4a7fd1b28be |
| SHA256 | b747358be4c81ed466ef1e96cb6f6a2950b2533c54fd47fc68a07952b589c8fb |
| SHA512 | 1666c62cf0686e732bee55f170bf8fd92d547bb19750c82a03de1f443a114b1523594b1e7d90dfbd18f878c4650fd8dacd45328efd13c73e172963d7b2f319fb |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 8ae8e58a2572cf4e310d7f49c6018560 |
| SHA1 | 780970d302ee60e33a45a34c68e691a6ee41de71 |
| SHA256 | 867d124095138f5fb0d6e8e69c765c51ae2ccbc3221ddff7428a40fac1385d42 |
| SHA512 | d194bceabda0cd622cc32c755365ad52031f7082727b5b6226be088d17cef8d63b643848200310d07b821f83ba194fa874156ea7f3d99128f42785a50e496cd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0cfc1f40b7a3bf2bab9c7528850b38bc |
| SHA1 | 34cc8fe1555e515147a34e402e89fe8ea184650d |
| SHA256 | b2be603018b474e7c94c827245908252eeb651723411f5721cb4242f8f1f9072 |
| SHA512 | c47ec346a0f1314ca0994d77031ca1f81cb631e6f3bd30d813a01767cfd2a2728be8c07a75ca266122b3416aec767e546113bd43b2ba887e157bd01fb2e4326c |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 1c5586fb7f4379359852e33b2bfa85f1 |
| SHA1 | 4ca3802e0d83268081d70108dc7c9957a19bbfd9 |
| SHA256 | 3a3119002564587257cbaaf52e7017c8ee644c60936526cfd022748c8abda6ee |
| SHA512 | d9f496689a28d301e1b8557166c14e850703cd8fe3e3e29c9f74f9f64f9ca402a96ad7b913d42ceacd3caf5a01a6ff2809c4602570de3675d04ac8267f867d5a |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 0840f444d3b08e79398a753bfe41df5f |
| SHA1 | c7945b9553886cdc143a49795333dc9ba3476bdf |
| SHA256 | ec4e45c4934a3757c42bd818f645a97365a501ee4e4484f0ef7130194ccd6983 |
| SHA512 | 011b3cfd354dbc60c098bde750a7d0ca31d1207f2531764f89e3a75310ceb75f319a95b702dde8857849f43d0c4aaef2843b2af11cd9d9b0026b05bf03349f56 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 982a66b33d02291f217554f7608f95fc |
| SHA1 | 5138752d303cfaa21649a4d55c6a592351dfdf40 |
| SHA256 | e2e4ff3a7a49ee6af240545fe48914efabead274eb91306b3b770f7abc23da97 |
| SHA512 | 381c3f2387381757a47f4916443b33799e4ac2d24df1c06b6b0e79f4b23655ece406bda6d91cda4077fc7bbe4ff8cf241d43e47a73c380168ba30d7104f6e0c6 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | a2790a9d7e943047425f49da8ce961df |
| SHA1 | 9950d635da96752b69cfbd151c26665f78e06651 |
| SHA256 | 1b8f1ca0e3c8f12da21c0f2768ec8dd92d44c7d6cb098e66918aa8da7cdda509 |
| SHA512 | ec18eacc751c08b815ca602e21a6abec8ed094d661579f28dd8d3451c7f9d8244c0d08aa72f8320a8a7d0ff541b9f7850ee78128599e13c74e4d48c1017d2bd2 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 91ffec30575bb724cd12595668885889 |
| SHA1 | db92d12960577d772e2c4e8cc29515dc8304e8a9 |
| SHA256 | 3cf52f86853a84c36a68a1313452c8beea80eba317b1b803019892375cc6821b |
| SHA512 | e8d4a806aee56526dc11ea558dfcfec81cbc96d4953bf18ea3ab36a2a42ff6074d8c422b43a46c18f3f40fceb8e09f84d4149573c8f9d93aa0aae705cf149eb8 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | d97e962d9312724ebb42edf1115a9f21 |
| SHA1 | 2c0e310180751574a70c7d13cd63b7ecf62f7f36 |
| SHA256 | 5a807e715918f4b6550fe22eaa28d40c5cc9111e3e7afe8827516bca93ffab6d |
| SHA512 | e62e5ed425eeabd541c1f74c1fd1830427c3082309c1a4b5a9c4990b25ef4d3bfa6b5e242463ac08bcc010a74cc76d919615d1b032f3c3a5187a58db1f8896fd |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | bf1b6d7e7017be431d17a88d4ba0ec8a |
| SHA1 | 2ceda3f790a17b4c63f171a761356b81ef37b4e3 |
| SHA256 | e8db17d1a2b19727bfa8a098823b39280f6902473a5b7c283b38ef167588f8b0 |
| SHA512 | 95add6e16863c1fcf667e795a473ef925f1dad027373d23861cf4a48950805dceab413dfdf64e399f128d219168832a3be06190bd227adef077be2c80c064642 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 088aac97298aa15f05233b58386b0c96 |
| SHA1 | 77c8c3b55490555d1c275ecad9c2c7b706f931d2 |
| SHA256 | 244ab6ae06004d604713cdddee7d87793a944be5ac0f2d3427e38627a40eb0ac |
| SHA512 | ecdbe98845a879d35ed25a98676b1dcc777b03bf99f7f1b4f381f84d52715ece909baa8706c7f757f43e71cab001d09b93a2125838f53f36c67a8348d116a64e |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 9a2961412917cf99608000f978f9cbe3 |
| SHA1 | f4d91a58febacc3524fbb562b041940453c55231 |
| SHA256 | dc1836013463c549963f8d7b5a0c4b6e07ea1f651286290c3ace23756c02775f |
| SHA512 | 50aae4fb34586d6d8f24cc794993c477912d57226000438e15cce3a4410671dc08522acce2964863a5d71b6299c50e5029461ea582df914c70cc44849eb1d7f0 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 509de0af6a15abb71b4cabc121bb7993 |
| SHA1 | 6a62846e47944b0188521625ce089c9aa1f8811d |
| SHA256 | a4a84b6ff682538dc6f18235f8fb3821f814f2477885d6ee01b85301d5fef45c |
| SHA512 | 08edc9b5ccaca9d5a93029ba6e30ecd4463310e5c0978429662bd3fefdc085bfbcfc8e82d4e4138989bc56372b803903ca1c0eae7864a28044d6bad1e13f5f5d |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 721c917ea09bdada4c305118acb1e2c8 |
| SHA1 | 70de8591a40423560c1479cc548af8e6721afe17 |
| SHA256 | fbaed8f6ebf69d9549fc11f5ec3a33f9de7d8cdd83a3aef2ed307145a6edddb5 |
| SHA512 | 24ebd0d0ef8a54200a2b8c52fc206276ca721ca6dc880d61f2c450ff83a3242d8063c726aaa9be9bbdc8828fdce58d0bb8050fb2ebde91a1b6f1095495707107 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | d97a32d64f85183b6680cc98fb22c49f |
| SHA1 | 6c7848717b1ae9caa66c34f2e13e7982e27d8ebb |
| SHA256 | 3713d4338151ae9be3b35413147be49441852997e6ca18913e56da2749b75dae |
| SHA512 | 671604bfc52c033d061a8aa1756eeb42128235e0101e8a3433c7ca81e8e933794d5780303c10853a77efd3592e0077846196e9e4c7a129a18159cb1dd8ad3f15 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | c018608a15732bd7544fd76d782996a4 |
| SHA1 | 81b484265679bdd76cf708fb1f706b83ea172c25 |
| SHA256 | a977551707a53172388e635d4d78e19e4098231e9450278aab94806e7fb3d721 |
| SHA512 | 4019f4393be74c722b03904e513be92d2bd92b2fc0e1ed7b94409f97a1c891f50a8733cb5ca8c2059a4ffdc4543f3767e45db71c2110595685ce2a92875f1b33 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 370853f68d993448ef3168d7999300ac |
| SHA1 | 4696d67c797c27f76224ab0c66b315e8eab8f55d |
| SHA256 | 6fbffd03bba347719cc27e9652676e6b5491689cbbcaaa00f86f329d14d2a540 |
| SHA512 | 7a725b5aa09fa111b64fd06aea5218ba7fad79444f4e6d3dcc379c4f42324d5016a9ebdb0a400d713427eb751c8c692959baa3ddc4956f182818e2bbe47eebb8 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 29dab0a83f5445dd6bb5108af3304deb |
| SHA1 | e31da0c1ff189d2066efbe422946d0871ed962af |
| SHA256 | d49cedb0315ae1e29bb8e76089b679230183df58f7751acccd5643705663afd7 |
| SHA512 | 5dfbf273fce2ede262e96d66091f890cf1faea712992c35811b8745093f12752d7dd62f46078e04bf1d2338771d37b4b8643a08b8b09495eaf732fb83febd610 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 363bda0e5719525f52eeb4897758e9dd |
| SHA1 | fe17246064a785470ab61fa86c04ee692a9afa8a |
| SHA256 | 111f0052918d1b6ff0081445fb083ca355809f652cc205814b22ea8ded613948 |
| SHA512 | 00a71236e8228fce2f47d9021626e4e92bd9c5e7243edd5216761b5bb9a4e5eee18bf2df0707495f5e2185b496cb9135e646de609953a318ab1a3b12b78b78c7 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 38c740f6236d93322b49173ce0c6fc9a |
| SHA1 | c8c3cc4b439502e64db8b020cdaed41a022850e0 |
| SHA256 | fe297fdf99283277003fb9dc7a048b31793470da0e39676f8760a99aa9b47843 |
| SHA512 | d79a51dd61c7bf71e1f28f9530aaa96c2bbc4cbeeb893ba149b7bbc6f0112d52b419a8dfac88420e307d583e746b5a133976654a9344038e9c22fcd5bce12a25 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 08ccb243dd33ef8b9c9923957d800727 |
| SHA1 | a9b1c9a8f794164a3c1dc6585549404ebb45eea1 |
| SHA256 | 8d0cfdac35d4815a0edbe06f1c40703bf2549e106a8018ca5fdcc6d6041bc794 |
| SHA512 | 8a4e5eee07ae45125e5e8b7b3580c5c6f44a0a6e92b6c16dcc1e30c69d9944ef39004e08da687f46297cc1edafbf0517e624178eb100d75ce28585ce16178fcf |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 252bc55ec8a579b848f845b52a59d9bd |
| SHA1 | 39fb4bf33dc6d11cab7ed58f04cf66e76fbc37dc |
| SHA256 | 1277d61c9bdaa1d6a2dece99db188f10de8fdfcd36934c3bdd2e9b5fb4d9e737 |
| SHA512 | 594feedc38dca5367a66875de6f52f3329ce39d99e6bbff9a1d59f1f1a225a059e0134face5a3d6582821a96b6e63d4d801f1165fd6b96c6b056777d35dfde85 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 8ebe0776bdfefd0925eacb1652572daa |
| SHA1 | e487780c551469fe4957c9a2bbd3389149a78b57 |
| SHA256 | c87fc54b53c09a48ad6ca0d1d8105d5d10881977eef33b834436f1b070ee0994 |
| SHA512 | b6b47f66c05038b5ba99ee91515121c81f636a91a271f65af0ef9cf2bdf3e46ec6ba9b519663dd9f2db5f74ba66560fd18a52abdb9b7ae7288e33e017b9a736d |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 1a8c41654a7c25c7ab25a403ca58a181 |
| SHA1 | 1d7932817f702b89d33322a64a10ab148b932540 |
| SHA256 | 0541255dc319f26beac8361022909fb49235cd568a46f02ca8ff25e9bd132e71 |
| SHA512 | 7e68b4711806d00d64b0b4877a9de2ffbbbbd3df363b38a4edbafb6614c9630c8a1e8ae0ed102bfbc776570e66076489a7b66c2712156eafdbcb09628233a0ba |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | a84142b2accbd4b333e0c2211f3e36d4 |
| SHA1 | b7c4508b5929a6a61e95df433ebd4ce4c30cfdf4 |
| SHA256 | 9fadac359c4e94b8d30cdce2ed35350a25bd06d9408bf81c2e982467586ed569 |
| SHA512 | 5fe50834ff79d1c9259398c418a6efe6cbfb2bd27850be323dc0f39bbd23617631b7541e5158ad826dd36413c774dab234a6ed724175049334caee465354b34b |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 4627f1c751317103609f4d3635047371 |
| SHA1 | b1e5a3a61e615ef970e18128e6320be3974d7333 |
| SHA256 | 08cb5607fafe5ad0bd72e4f5548c3e06dd13f72bef9c28a984b8bf81b6bc263f |
| SHA512 | 0a69b96d87495cb65141aed1e2f8e11cdd919ad349369e67414bd8841bf05ab2377ac8ec9b7b334957844d797c5b6cd0b3ede6e484c84cbaa9a50de58ba40073 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 2c0cf28d59a313ade5939cc6f33557de |
| SHA1 | b99c1f54e300cb585b9acf84f6220137f5c30630 |
| SHA256 | 53f973121634d67966a6486a93b7189288288a17151fe3055c87e55944f5316c |
| SHA512 | afc5cd4b0843d224033c5395699041d28f49b4cf13b01a33f41057137bac17d774aeef3e9d923739e94f2e1803ec660d66965176cb0f6f93f2c04fa52ea9e3c4 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | c835ed3a6bb54f6eabac6ed742e3be2d |
| SHA1 | 16f9816265d40c498951a1ffe4776da6498e00ef |
| SHA256 | 20a1cbe22f70c8dd4685ac79eb88fe3a5a8a893d38a94ead66423559eaa4be6c |
| SHA512 | 330a1288f8ac8a318de1e13f827ce055bb87fe4493a816105599a7c86dbff0d61e78c8536370c192e74cf67149cbdb02a7244763cc7d38bcb50fa6c0488fcc8b |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 2baaea97b3d395bc54020a37f46a1cf2 |
| SHA1 | b5c46b90688d565e504c6e61f4697b7510695633 |
| SHA256 | ef9960ae4a9659d382cf5b54e211fbbace317f02e4e045f51520e0fd021cfc19 |
| SHA512 | 6012a91ade61697a671138d6e54466c9e5ae5040e5b482e070122f794e682c8c4658291c63ebf13a05611b2efa924ebc3f102e7a95c85ea0514095401b059601 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 7c57cd82c01dad3c778a5bf6d9f6dd00 |
| SHA1 | 1ed6c87e656d53db840f0a78aa591812946fb1e0 |
| SHA256 | d3e52c68b11073aecfbd9d9fc06c4d8dad74603b0b34008d4505891f4c86f8f2 |
| SHA512 | ea901537d2e11575c5bfca7c242c7f53412bc42969ed26daab1a4c99508627ca299b890e2429fab9a30b969767b8277fdff0526723412e9421854743a296abf2 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | d13af477fd096b28868a7dba821460ea |
| SHA1 | 4b67e79996154b436eccd7d4d224a4c87a85383c |
| SHA256 | f3b329f1e448a9b1e456a042169a7642c3b1d3ae415e8c6835762943a39aeda4 |
| SHA512 | e9a654ab21594f16c2ffebd18284f2b7ab335cab06075bd603da9272a01c30a5cbfd6eb9d88ddd0c777e261e8f1bfa1a904178c15da1006edfb9f8a3f90bce6b |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | fe1463fbe5423f2ec853e716076399b0 |
| SHA1 | 714ae846194d6690a64035a0de274ee267a6b687 |
| SHA256 | 0c7628becd68bf35c95e06667a45ec1786b5dea8272c8ef3c4bfab67e706fced |
| SHA512 | df6a305156653a9f80de887d0c60f723ef2edca7cb26129e66179fc41d3e1b41c850fa3ee821f696ffdb04400654363230dafef8c92b2b90983fd7261d6a74c3 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 8b2085d1a7826ec09d58349c5d774d31 |
| SHA1 | 19f562d75afb7cc57f0d3c744c72d42ae5289532 |
| SHA256 | 5c41d02baa4308917f0a247e54e369f48df77511db7758ab71235e5bc2ebfb26 |
| SHA512 | f66d2b90e44043e1a4ad535da11a84bdcfd3ab855bcc01e360da0491992871a335afcb9b5d04e4df90367e554fdcade8719a34974e4822ecbb59a6e723103a10 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 9c5cd5f2f1206e8fd90aca3c341a7f4c |
| SHA1 | e6886ee905a7246b4963935d8f785bd3b049e5a7 |
| SHA256 | ee1da74763e2048998d0ab8141d7b38e17dae98f23cfa1948c13869c135227e4 |
| SHA512 | 1dd189e14bb4e122b61d99a8ee2ff917c07d2b0d1c517525fd0c1e038d2a348ce4216f215255a1d94e6da38854132a2b05a46706762ba03b081ff21014cb8896 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 44dde010cb6f38163c7c5c121c16a765 |
| SHA1 | f78daccb225ec4b1917add11747ffa55f3454922 |
| SHA256 | 64b640a71d38d23b7293234278b84e7ed08bb2716c7a9a62b1e47a57e2088c58 |
| SHA512 | a18e310d62a1e8092bd5d577515893b1c4254785dfd572b985457e3190b5c63a74f8b77aa6eb059b8fcfc658f4666297950a7b4a2a25203cf8596519f4770484 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | df54ca063630f13fd73aa5f994da8559 |
| SHA1 | 72751fd122c7c21adc0bb3cf3f654a48ce37c2ba |
| SHA256 | c8934090c3364d61a0020c2fd92a41b016d9642a32f368ab8f7595a31958ef37 |
| SHA512 | 2e379d24d2779aae479c9e7504b206a866e690415ad91155ffce6a5d9146926df0f88060d8ecbd15fd11dc676f74915c001fe4b80804ccad9db3ea816d60da64 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 0ea52db12929e1f9e23e0497d6248c0e |
| SHA1 | 883442bf82bdd662cefd5080ad80b32dd4fc9db9 |
| SHA256 | 61d84ad08feae9c16354f60fb998efa3e144ecf167268a002aee0c2b761144aa |
| SHA512 | 922b93fda5f49ef9c31ffe1dcb34f743693ddbc6bbd173bae19f8594ef1c0d07f1eadfd0737754203817f0814a39ec94d986fd0c87509b15ab1addb30dfce4bc |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 38ec7e95ab8b0bda27a7bdb6d0a5af63 |
| SHA1 | 59642a8bc16aa6d374150a9762162088bdbf6f7e |
| SHA256 | 7d2f4ec9d589812120c5d1db3719616e867f3d1122c2ed9cee6339c327b7720d |
| SHA512 | 2eb688855e3ec771a91bd55b3bd165883d041126872d1d822abf650719e56cda2d57606b4a35dee90dadeba440658648feb2a7be024011df7a0d76fb58085073 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 3c340f1f0e5637d62e2479be1f8e1fee |
| SHA1 | ec08163748990fe3a81f65ff4e5d9478512bc768 |
| SHA256 | c66a3bf016149cd22c79962ea5667c4ae184feabc576c9702f09f163a29ea839 |
| SHA512 | 86e0e123f774d214600439470e9bac103486bdc215e00dcd712f8de5b4818f14de09ae1eff19150a4c2e768127300481dbb34395f1c4b0d817c8da41194360ba |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 2842c71caad8aeece6e4b0d15c98e8bf |
| SHA1 | 44742085709f71b60a2c67f774d77f506701c31b |
| SHA256 | c2bea75ff9a19b406fa3efc14f113a0e48aa6ad05a2ebaeafdbb54b25932dcb3 |
| SHA512 | c2054dad6d9e793979b781e2af37ff40a41bf53de78822922ba87acf56f14b027bfdb6090ed5d16f28549730e862da10a3f769ae677219fc91dea358196576f2 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 8d02d12c5ce5a901551ca3bfcbc2fe7f |
| SHA1 | eacf98eeb06282113d5c788466452f38dbbeaf28 |
| SHA256 | 2904ec220d11fa3ae5771339e03e3ec9c8d6d32835ca311662dc95d037d0d0be |
| SHA512 | d1a106c8793513b55dae61fee2247837aedce4dd77cf608a5891990db28c86577184e295a76473f7eeb458fde470b9f072a937ff21dd80128c9306ebec8536c0 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 424abf039c1db82e3d6c6640e2e86dff |
| SHA1 | 415f81aa2068efab33204cc409e8b33b52aded91 |
| SHA256 | 681a333805a229c637542ba27a21740c969b5b6ae168655cab68ec1fd9d52dfe |
| SHA512 | 60f1d85fd370c061efb81eafd5d2b3f765e07061c5392dfebc12d0324930e42edc811c14b6cf49934d1650fb72f0807ee98593e6c33532daefd50e99ebfd6552 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | eea5c3d72efca8cdf3533ca08f681eaf |
| SHA1 | 88bc8d176b62407e08a37e890ab5c87e7a99ff1f |
| SHA256 | 429203c5be3fb19e3eaeaeda4bf08fc61d70a88562ff8473a5965ca1b5d4187b |
| SHA512 | e28c722348e54e9c993ae09732881de82ad8c83440eb99ebcaa2a7a01bd255d9f47d90115c760057b05222e72e6895c25d3b08a2a90bf33daeb3bb45058f3af7 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | b0fb1048a6217749cc6f2ba2b8ea1f3d |
| SHA1 | 4b0da21327c25a099a7cf496a587a4c6972e9da2 |
| SHA256 | 504ce79f405ee070b6a61f0eba3d18164f40f3471d7e85688733fdda28ab41d6 |
| SHA512 | c122260b431e598383ee9b0ffed9dbab237c404431cb5f9e41b8bcf006784cf320919dce508dc33fe0ba608b5ef3c15e910e2046fa862c485a0762430389f3a2 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | e1e47dfcce3367a7339e1e95ce69a740 |
| SHA1 | 646c7e48e7484374813a6ed157a221b47985c4aa |
| SHA256 | d69dcc27dfbcf2ca61bc82b8643cae110401130661ebdd52d3c651501a192798 |
| SHA512 | 8ad8202fc69cb4c42202421f4e5d336520ab727890112e78669fac08f5022d68eaa743920e09986341451d6e8a453eac3df8d9a6940ccb14914e3691366615e4 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 143365fdd3af58ba1859abfc8e6d153e |
| SHA1 | bbfb927018bc4aa7d8baadb3263e8f2ce6744eed |
| SHA256 | 4fe2b432b2336e77b46a79ec926bcb4630921daa5a00b26d58189734facf7de5 |
| SHA512 | 367680824e3a4173f9547c4864fc2fa55cf7a38e07c7dfa765b6224d261e9bc9053055ba03e4451d7a8ea1a8908b77760a798752ff11984fb16100fc0f39f21d |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 7edac23aa8bb53952f395207e4388e58 |
| SHA1 | fd1d63204a6d9824adb2fac8da3f934a0ba1a11b |
| SHA256 | fa0d896fead4178f92d9a1b7202d61de052b0dad44060c7f961dc855ef535749 |
| SHA512 | 93c924a389d1503e054badbcc151c254af3566d20b40e65d941cc4ce1c296c881513860cc1e56b0b7c2fc8b7bbbfd2e7b4c048790992f99e9f3ceeb22c8558a4 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 65479d69028a8c257c350d59e819861c |
| SHA1 | f2d6c18cf0c96216742db413f9cffb0ccf9408cc |
| SHA256 | 59d301f10368928e0ff3a54de3d0546482853f70086a4db0329bc3325b05ca59 |
| SHA512 | 5e87a63e2da46c119626e1ae959d45966c508fa44767e63efe9e0007ca8caa2acccd2bbbd38374f343548207b86a0adbd065c82ad021493333134c90fbcfd8e6 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 646ac4cc768fd447aec1828bad128015 |
| SHA1 | 25e150c040e9750d9efbe81fce00099ab466e00b |
| SHA256 | 6de2f3a14ba425b61a567fee275829d88d4a3be12802e563d241f1c634d80954 |
| SHA512 | a5800fe80d48279bedd08ee7995e7026510b1633da72c56d2333874fbc3c62c76d83f1032c0d159f15cc499d32d26d4316770d93c13280f588adaae238147e37 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 62bf7ccb76a58bb3170a4d644e3bd679 |
| SHA1 | 3d0afa4896e90c048cbe8f7dd3299505c8ddde42 |
| SHA256 | 13bbd78f29d38a9e33edbfe64dc2d1317036a0334d4028fc605553b69a90ff43 |
| SHA512 | b52cf3f2466cbb693e0bdaa6bfe9c8bd19a4a88e76e6bdfa858bf974309f3d2209117d593b9e076c216967623cc37c833bee45cbc444022dc39517e2e770eafc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4be564c23e1c22bd0c8efa5204bafcd3 |
| SHA1 | e29bd6bd6626be6f2f41957c703d10db3857ffef |
| SHA256 | e9b5df0de991f9df593825ab40b5837b46ee7d6b9969b6023b546b49c33fe817 |
| SHA512 | 82b7ebd903696b74738d6ce0ffa8d82e57775cc45017eba3f2ec7050d3f960278af8a7d4232281914628aa6a553b6e89d1c04474357010a71e46f844be2f12c7 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 0a07d03b3164ec9b42f268ec18e3c95c |
| SHA1 | 921b40c495e6818c99d3bc2fb57bcc506377e1a7 |
| SHA256 | 6e681d0daba2cd66d023b88b00350128c27604c9195c8e568884a61f51404a8a |
| SHA512 | baebdf330330e3a7ad4c2e3c7d3d7a31d63fa6d76974e3658960df4445689f07dee22164b68a1ee7040079a6e926dad4816325b9f8203508c8d880ebb9b90928 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 5f5c8ddef3f9a3fd1a05cff1523c7593 |
| SHA1 | b421f5de3cd9ba4e535d2291e1c83728e50b0c08 |
| SHA256 | a6da4bf8df53ac25706e3f58967810412fdc442b26ad19c5a4a865ceffa6dc64 |
| SHA512 | b55078c08b0b135f2ed90eec14bf883682bac8bb66a3b1fa6a8babdb3cf9c2737066bf569c66bcc2e2e970beaedd637d68d473b818f3badd0888b0b14819f5e1 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 2d3ca9b7c4af72769d1e79e7494a0784 |
| SHA1 | 2a6abf34cfac297a904f60dd732dcdeeda581654 |
| SHA256 | 8e88ef405450d1d8ca0e37a144a3b3b0b57cb64178bad6d923a9a6d8ad6577a6 |
| SHA512 | f4f53d212689833a8de9f1256b0c74df3d18601fc607d5dfd45d66fc410200a533477da912aa96bff121354a8e348d5841827ce0f6a0d0925fedb666a7284350 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 54fb26550c2d1a11dc977f73c6112de8 |
| SHA1 | abfb84b4f008c017a9c5c62f873a885174050c7e |
| SHA256 | 333b4a29190ab4690f7ffe4ec0ad22cc3ecafe226b67821a15be999ed0f76bb2 |
| SHA512 | 56784057b123cd91e6d47a43efd8f1ecbc03343e0e818dc0826a90f8b8ba1d8b00dbc34149993c6fe9eae3332e393506d0df3747b07db2b64d5ed674fd6dc7db |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 271ac724c6279501915d841a6c46ffdb |
| SHA1 | e01e37fd3e2985b2657ab832df2eb6ad95d8faa2 |
| SHA256 | 25e492416fa0536413f201bcb38c88702b7fecf20abd3e19a205d5fa264aec17 |
| SHA512 | cd9a44004aec0e4a171950348d3f2ada11e3de4f5aec178961645ac3b075b9169afa7933ab148938bf6a553ffcb78fae4ed671b39829d9d0e0a24d546c3791e2 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 88b82c5e7bf9eb60707867d94f943590 |
| SHA1 | 755c258413a3f360fc68c230766e320dffb41cf7 |
| SHA256 | e0b97a5b0d3521f1acc63894adc6c4fe784f747d2d497d3f96dcf6cadcbd0b5e |
| SHA512 | f05d09f23166af9e2557606d42f7cdb2a06636733dfe3e506c5b07be0d91a055621a49977513750c3649f59820a794958c7fbb304012a428091c2b4b19becb21 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 9f139b075f287ad889cd33c4d0e547eb |
| SHA1 | f7a10f907904b0f6915775e54514053accaed4f7 |
| SHA256 | f199bebc45f37b24a634209f5059e70d68620c675738af150a2d58073c79e975 |
| SHA512 | 61a5bbc34828851de58152ec6956a4b932ddcc04a5aa4b37d1f9a54af9e7b8fb169561a39a3444482812b5dc9b66ab5b26e5f5341533369c8b12be45acb9b4be |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 73118ff07d2f354e06921f356626fdc3 |
| SHA1 | 214ff2cc21401d5ce86d9ed15fb4a1e19428f49f |
| SHA256 | 6140b7b60af6474bc440902d4c1da031d4654de446ce59f7d74cdff058683830 |
| SHA512 | 9c8ab0cc0addff9f74f43b825a59069a0428262b8d67ad109f3538d0afbbb523be7fcd005334b27c4ccfebac68677a0e15104817be24d065fdfa9cb51a27ee2d |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 1a0cdc1cb1d2d519c77b632f2b7c79da |
| SHA1 | 0ea43424e1d9ab60fbcfcaccc231da8683147792 |
| SHA256 | 56f2c965670a6cfb3dbd6ddf617e7b350edb814824a919246744bcdb87fa69f0 |
| SHA512 | 342c8314563ce74972a1610bddf883a6ef94f47899cc2ffa5c9ecd046577c51f1cd4bebc35ab2459d50fab17fb11021cb3c7def52ed91b58fbffc5d5df3ad66d |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | b3781180572ff75698737ab30a72b209 |
| SHA1 | a5bd05ea62337cf7558ffb08ad5da30f001b3bae |
| SHA256 | 6fdef329e7a493555008a035a50f8d7d11e4afd6bccf6e898448ac7dd9518d05 |
| SHA512 | dc39e5fe33ffb60f4cd9132eaa9215e3595d558487c0db212d7c3a9d97bb34059880f4ecfcc0d4d3faf664b186282d4e18d434bf4bcb6264046fdef64e3f2310 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 1bb454e48e02f17b3fde57a9433eec97 |
| SHA1 | 9acd3dc2ae33b62838ee5cca49b8ade7b752baf0 |
| SHA256 | 8b521c954ef741895e5b6690af4d44f20dbc539bd04c92e8ce43672a303ac9e3 |
| SHA512 | 23979b014a795a3cddca405f5ea8728c3b625df83bb7c3fb84fe74159e4b413034ce1f144717061f90936dcff0ac06062527e15e34a026632bc6493c18009fa7 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 47aa3c4c4d664e98129c19639e440f47 |
| SHA1 | a77f9468e1741000f079e1c0d89a4d4fb49c324d |
| SHA256 | 21bb451c605499bc90b3f73fbc422705fd63be8f306ee4d5ea95420c144556ff |
| SHA512 | e50c747047f394b74e1045b5f23d59baf99ec570064b4c682bc5216c31bf0d46d42267511bc315c91f530640c1e2f4099ac183172283b78d6d03ad36ce377f64 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | bd69558238c953898c860838e06848f4 |
| SHA1 | f44e09a30144547661d44f206510390860d3d197 |
| SHA256 | b3730f00a822dd535827c35e0d52c0f7a37757b9640938094e2118a6c3faaf0e |
| SHA512 | c0c07399553e166f4f1b35a60f4da053865dfc58bd45bb8a9bfd38d5952fc7ed3edc257641ff7507cdb77d646e225787ddb2ba5196e57be5dcfa59a446195143 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 20868d9defcc466d2bc9923c1d0ee089 |
| SHA1 | 034b6c4fbad21eff8108813ff0b13c64a8ad010a |
| SHA256 | 8b936a18cc274e3fce440d7d679d5c8c082f2b87460c07e4880a1b421a5d1383 |
| SHA512 | c85e0507c4e510a2f6482a6f704db6c4f3d3375219658287171a0b07f309946da6aeda532c4d625d01353d538cd4eb2be5690fd9466ae8df602aac725499a37d |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 70fee9ab823c574bc513e979605b353c |
| SHA1 | bcc41086d5e7a111408660a57a61366f1a54cc49 |
| SHA256 | 593658758a61bc58efeb364cd2c1162cae66f21e24c651ba9f8619a93b51492d |
| SHA512 | 8220cb375fd38c3d123420289982f2a922808480ed9dbc11684562980324353fba8b9a2cbaf63d6566b8a6832992e1023aacc3581c19043245afa44ce1be3f94 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 2020c91465e0b70ccaf800b16357553e |
| SHA1 | 3fbea885a03a09b1dd3e820e5f45e68ccb4bc469 |
| SHA256 | 5245178c5fbed54f22750f8ce797e7d9eb8eeca6501dd0066e92c5b957ce956f |
| SHA512 | bf86b9fef5e0aad789595a0d08b9606e9fdc461f4db10f382a7f94dfb370fcb7916856525504bd4ea1210093af0a419a454012c58aab83cb3ec58ec2d5c70c0e |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | c326db06e6206e41a5a0c47238deecf0 |
| SHA1 | 67467c27ba1b798ef244514ef685fe729736a1f3 |
| SHA256 | 06199fae9515bf933c18e350f66904bb1a261a7ed0247876b558fea2902bf995 |
| SHA512 | ed8c7bb016761af7a0e930b14959c52c038ece336765c227cd3228521cef44c9d60b2ec78e891bba3788f5dcfda9fc4941de5771c8ab9577eefb89905664cf4a |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 467d5811b8ec59bb76d2087650316a23 |
| SHA1 | 9b5fc17871ad04c39a00be13990b01af732d9a4b |
| SHA256 | 884874e684219cb44f35d4c298ed0a718eb8668613f3c2a65713200a04475d14 |
| SHA512 | 676af3b024284255ecae1bc669b4cc362397e67e1f8ec5f0c56228117ae232a7f9311dd700cb2fa66706d4e5e474571b877ff2df1431aaadf4f12baac2601ab4 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 9f5cac99f78c3fceb2cc53c95ed37d4f |
| SHA1 | d460356a5c2853036772abd645c598e6434388c8 |
| SHA256 | e743f55079b71aefde5cc86d047bb3a6caa58b5d1fdf34e76570629e40411477 |
| SHA512 | cc0c38c99d68a3e4338bdf4cda13a1248e900748ebdceb45989abff2ffde64ce349afe92c7704c04a321386c2f0eccf291dac9a559b6dfae779ae58369c30742 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 457b0a597531c307b7cc35478bc6eb92 |
| SHA1 | 39ee19da5013958d74f33f4bd7426fe05b5c9cd8 |
| SHA256 | f6e3a0b75bf269cc2ac4056cb9347d4342c508f7a1c92289a1ebd001054ab42b |
| SHA512 | 923792a0018ad7c3075762714335c9670b56190068b377299b1ee62a49f6fac0a0e971c5f37791d35e1e2df6301fa0cf782f4acdb0a5e4a858c1fdeee0216ee1 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | e8b08c89071b987c8d1b5efcae59f3b3 |
| SHA1 | 25c3b5aab23105baf7f8298eb00443925013efff |
| SHA256 | 4719f79be72fcec1b2c0408a38b583ad6f864773d4f5d2fa31cedf45f9a645d6 |
| SHA512 | ee9a977cfa1d4d22c764c199cb8fa09742df37c91b4c0f07ebbedfecb1f92145aae27d492b440edf99179578eca95e6d259fb8a2bb9932997d23701706b927b5 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 092e1a62f6754d93a2293459a3289eed |
| SHA1 | 5745b9edb9991600106df8c7e1d2877de2d4394b |
| SHA256 | a78cde1cfb1e6a00b0bd37271e8f18995533ab1652960672a4d183754d13b68c |
| SHA512 | a9ff35a5438c593a42f35af2182f5fefa0c9d9ba672d786b683f46ff624e7f064d474eff0ac81ee5febb80b028571fa230861b8aee9a314c7d79758d30ed5a1f |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 48ccad1a20ddb8e8807d6add968e8ab4 |
| SHA1 | 0ed878ef7b80883081f4103556923dfdbe72e929 |
| SHA256 | 8671030a3ee1eba15ab1c92fa6bb382cd88ba4f95214cc7dacd4782af398a481 |
| SHA512 | 582f56afce4c44efb5202c31db07b742b5e213bf82262e6932e76f2c9e5aa161047bd06c8274e9f35b7a6b519710b2c57055063ed2845621020a0febbaf7e7c2 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | b836aa68bdeda3255da412668b005293 |
| SHA1 | 47562467e6534b0d6d4a3444be371be726032b87 |
| SHA256 | ef283096bfa3a38aa9f9b9a694107d5d8f2fdfd33f5126b15198d793f26cbed5 |
| SHA512 | 583ed71699344b88b8cefccaa66902fca15623bd06c4063a3a3016b42d9e34ad2dae480baa0091893fe46d1b5d277e63ad92abb6e2729bcd7ac0b98c2e42e1a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a3a347996a297772789f64186be11ae2 |
| SHA1 | 5e0aa1e94126072b499653eca244db60ba80f603 |
| SHA256 | d8ef770ea244830bb5e0fe8b7e473b7bb2c39c4d595c1deb35caac5d3b93de14 |
| SHA512 | f3c1017ab79c337923a6159babb6fe76b121868495be0b4eabee3d4ab5048c542d9b6755596d4dbf58f247076f721fa6c216d67af25137db96fba98221590c8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe583071.TMP
| MD5 | aebca91702efad385a6357862ddd2f00 |
| SHA1 | db15a7fd2489ff0bdafce3565c24090d4a8563cb |
| SHA256 | 7d7c60d265c7b385b105acfa870aa26f2d8e4999bc96838266dcddb74c2ce71e |
| SHA512 | c66a6a80ac5025dd256eb047f8e54e0d52e10b729e7b85dde164a6080362c53ee1c0a3456daef4b90b4dd718192cf4abc7cacf9e1c20945e88a6b3a3a4b35558 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 8dab3c14fa7d7845e2343b909d481312 |
| SHA1 | e7fb4da1d94378dcebfce50354006823a6a202bb |
| SHA256 | d5a270c138f8a9538c2644097acbcb60741fc4e5460052737629f774e6ca5aa1 |
| SHA512 | aa7e6f18a78bb8223f46e5ee6e108ef4040609ef265284267e6da072e445ea30862bfcf29dbf7c0a951edd00cd7e0f8801d81aca6cb410fb705e085352b7f8de |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 05f80a5e25321419697615df97e63f7e |
| SHA1 | f7519eded3a9ca969bb52dd5e60861db53894dc9 |
| SHA256 | 489fd051114da89f78de7ad01325251415b8b8845a21fe7b547bb40c4311f637 |
| SHA512 | 2f5f21b62fe9cfceb9cc45d02c0bf20c6fa97f053399a0f060fb0db0302f4e896b1cdf3777a223e31ddaa0473c1aac15caa09d056559cff829893da6dc18bcf1 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 7ed07975d65b70504bc840320fe6fc2e |
| SHA1 | e59d2365cbc6a870a6315958857616b3644cb64c |
| SHA256 | 5fbaa5521905e3c20f319e52de01d22562a7a055adebd8313b983901b0c80fd5 |
| SHA512 | 1510c612980d8bb1ccca5d889d0850acd429d8c2140802f549bcb92de29446aa0a60e3fdb2fbe6bc4af991c5cfddafc9f9a2060ab04ee2ff55327d0832534fa2 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | ff73197089c991e4667d9874a12da3dd |
| SHA1 | 88d75b59e3ce5820ea48876f65c61dbe806cd4b3 |
| SHA256 | 4dfdcce2f999a351d38bb4b5ff16c4c24711e9ffbfa05ad3727f29f582a3599d |
| SHA512 | 1d588ca3ec179d3d5366d394676d925ef9e74517873daaff7f6f98095da2dd1c3aa2901ba2e829f4e8ac2c0864164bef49b2c043f184e637f9fd204dfaef3a6d |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 5fe569d14f5526835720b092c3938b98 |
| SHA1 | 16574194c01069b8c21aaea1f34d75b2b32b87a8 |
| SHA256 | 1a77ef82af9d4397977ed66d478b3f69b70bb1fd7d99303805f3d1fd4f1b6567 |
| SHA512 | 99496c2c2eda8293f1887c1c8850338c125976a6fe05e9364eb3cf03489b8235b51c0a4d4bd90d80f527f1d6be88ce994cda83a7b9a2f7af7ffb505e4d5d545e |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 3a3760234b3911149acbd6090b3d42e6 |
| SHA1 | ff8cbfab8988acd46ae04326d4163c1d1e6c70f3 |
| SHA256 | 80bcc04919c9dc92cbe09cdff01ddc6b010db2dad30a8e9f196ee9bde26bc7b1 |
| SHA512 | 62969209b00b4d6dcc96d3bf6ed898b909c80d8e3888167e940f4a3875e55f8593e96621f0127c1c73ab3a5aded241e0f157a5b5872703e4755a3fac090ef964 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | c0e1b8fc70d7588619f2325fabb9ecd4 |
| SHA1 | f60c18cfd1109f92148a8ad5b7562d85e9438d62 |
| SHA256 | c4093ecbc4c2d907f0cba61f1e7a68e74ceb8298bb0cdc56d8a81622e04096e6 |
| SHA512 | 540238fb88895942f499e67d6f72d143463a4240794417aac724ee0bcacbe2c9fd5dcbf07849206644b0aacc13aa6533c98064b6e1c5c90f5f4d3ccf9e3675f2 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | e0878fc767ba108ca05e6d0a27448925 |
| SHA1 | 7321ee4e567144a2b32775da10ba2aed08700f1d |
| SHA256 | df9f7d644ddbdd59ef3b40f12560966b187ef638dc43c3a834b75c84fdff99ce |
| SHA512 | 76f130006c94f4ab8e78bf15225709442bf57f7bb33e5cce2d7f935fcacb98d7f61f0d3e4c6df09679dc9bb570f281f84356553a5ddb55a1edecc27732b7ddc3 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 76fe74633f9e47b793531e3bc88dfec2 |
| SHA1 | d56a2b97813e77064105abd418a7474b4d68a3de |
| SHA256 | 5b31d24c0aaf690c4c642514cfe98b3d378d60614c5472bc841efa8e4a348986 |
| SHA512 | ff28682f5ff5a6db51ccde88cee46a422c28e0aac39a69802b7cdbc68b7694ea560e9df3b2c63530d6ab86d32960ef4c3130407e5bcd33b778ef57b651169220 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 7812b48f8f75ab39f33e474f9c4ab165 |
| SHA1 | ef9c4057dbb7c0b648addf2720dc372af2f909c2 |
| SHA256 | 4defdac67a0602ffc5a66dfc92c07f024ffccd140403a444d142f9113b608f02 |
| SHA512 | e57ffc38a9b95909563a9d4a68d5573bcb8d16458578e9e3a1546e9853dd2286752e3f9aa047227b4979f694fcbd4271f85c2b91e86d1566863c23b4855c4ed9 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 68b83c271950988d1ae2caa16a8c14c0 |
| SHA1 | 4bdf6b92b4a0aff33f5786543fd2c1f2ae8bb1b6 |
| SHA256 | 53f8a6f335b1773fbf175898dd6629c32823e9f2ae891535ece2b4851188e835 |
| SHA512 | 45c382fb77a197102a21487f1911084ac09c1a1d13bb81975e9d70d460860e80e9f447b36d19ac6af51ab4bf88683b04713a4067b2ded92fc2b14385b343a127 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | eeaf59fccd058b68e231dfc696638912 |
| SHA1 | f9a878dfbde0d1091d04db6e4311fe6ee5b02ed9 |
| SHA256 | 0f410db094a0d4ea6f75829e23c1363b7db018d490207af9d36ef316f24b87db |
| SHA512 | 4094ae4fedcb0509b7add3d3903e899d36de0daedd3dfa4e753ed1a952a05e9e2e5552545548c06067623f7e64e9306ed9dcf8859f96b93428dbadee40f4cafc |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 44a73dbd1798717e7e1467357083e138 |
| SHA1 | 35bec3c8c5d0d52fe8af335428ac6b57477cff0f |
| SHA256 | c7b998821980c70c35d56ea0a5b38645238d2bff4d8938e520628453c6917e44 |
| SHA512 | 12fcc3a8e187c76c094c5dd137676883347f1593fa8188c75da63742b870c63a97e9574b22d5b916063fd6675ce85c14bc996778e9583a423619813d4e7e1df2 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 5c1c53bd3c215a6db5d5e5f8218790a1 |
| SHA1 | 1ba2d8e4902ee6abae44aee538f79f19498f7419 |
| SHA256 | cec54f2d15a964d4f18f92b8b4e284fa33538df79c6bccaee6ca7c72b234c725 |
| SHA512 | f65e8023a688d12e6349a1c11729e2a06200126289839349c145473848e4f5304698057029554f5983b4163f3dd01719944e1d1a4c62b5e0c4b2456453d7998c |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | faef1874bdf2f215a73f467503af2450 |
| SHA1 | 3d98b735504186bdf96bf1596f35c2155545e88f |
| SHA256 | 2b2fbd45fa707c96673d5fa40fe298741559d9411e310e752ec259305a1c6269 |
| SHA512 | f6220fc6e75fa58de276e925d9a851c50a21be93846096d66a7132f6df3d05d4b35910d2c5509181b36aec342af18ebfb2b6e8991216db13abfc9fe618db4c7b |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 73dbb4d04d34e11a3291b11dc3c2c75a |
| SHA1 | 423f82502acab1ff458acb1cf1cd4be08c25172d |
| SHA256 | 396746db1dea7e6e71d7243daad8822454eae4cb5295493eb9fde6fbfd77118c |
| SHA512 | e07806c11add1807989aeb9baec8abb87f10dd0e64ca73f6e6bf70486a4678104f6146838c2366804225cdd8245d55a795754c637518aa78567352c350322711 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 2c55bbebaac93a1a9589121cced1d147 |
| SHA1 | e8abae1713bb385aa83063858a75cc313fdbdb6d |
| SHA256 | 3ac75447355074b7767e09019dbb40acb95b1c4a03fd107151e71d197ae8ea8e |
| SHA512 | c21fa20f62621c8e4d05d4ed4a77b1d3521dba9a37c43e83614780bae6c3fa1d59c94a3c273bccc6dc9274bd080951fb7a6b6f8092a16ec88430c0390f758507 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 282706d7569473751cd487ea6d432344 |
| SHA1 | 392228866a301c02bbce99fb60bb3a3a82394975 |
| SHA256 | 2d062580af458b91db289e270f83d26b927a45b9d3a3fcb62899facde96468a3 |
| SHA512 | a6fb51cc7d262a197c63a5018abd38d0201669ed4edab52369ca08b1d53462a935ca10278ca19ac61c7612df90fb4c5c58d7abe398e2d297fa5dcf43917552c7 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 477a7449f54c0861d288603b1daaf049 |
| SHA1 | 88113ebc21bf58a9a7b7daf9da2762d32c366eea |
| SHA256 | 7bbb1129fba91d44c6106b076867240207b5dc89c28943d286c23d049a231f32 |
| SHA512 | 60df1b55cfcbf70da9e2fb3fa0d9c1c75ef42eaab937439a2d899acffeae2fc4629a0839e3bc0bda1fc4f7840c5662d07f7cceb23498027e1ce81c55e5aa4f89 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 4865387ec311bc0b2d086ac4bc5da463 |
| SHA1 | 09ced738e6557d9c0b99d7e874c8a5a5a9dde372 |
| SHA256 | 7f793ee8fb43e944d479f1df67c9b360aac24a79d5b547c12e9fd65efdcbe8b7 |
| SHA512 | 78067c088feddbb730b9fa9f14c2234b26ddad330dc9837fc16a0644b2be6432a641edaa0aafeb1b0c3374eff7245e7462fafd178a295d601418f83d2b35ac08 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | c3f5d8a5b86910de7ca8059909bfecb5 |
| SHA1 | 44fc83d943e2a70ec77146085ad41022f335f816 |
| SHA256 | 70d8b9793d67cc06a67fd5fb9546d72dbaf36c907ccb14984cfba1fc53a182a5 |
| SHA512 | 46ed0a1362a46a5009555be14f66054f19cfc09383b851a2bf487ea8b7f1019af17bbb797ef2fffd2aeb40cd3c1f8331fdfe6f799c6c02cd4fbc245292e9c90b |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 0c7bc8261a554e51f9d1176acde28a68 |
| SHA1 | 26433baec1e26272fbd3ead5ccc23d47fdd842db |
| SHA256 | 3b2c4e5236018d88e0ca0c97b19af5b17d3f7b74b9c1afedee5ffb2715478aba |
| SHA512 | 601c2c8860111ae0ec9076c893c0d33ed2b169eba0e2def8c21a31dc93a0b30aad90f96faf01636f28c1ca2ba33df466d6499a18c25b70759d630138c63fb960 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 5a8cebaf0c717414aac47485c5cdf7df |
| SHA1 | acb651fd9641376035088d5d2867991b679b25c6 |
| SHA256 | d5da5ee69478161f9def008d33f2ddc44a7630277b0182f49936c1ed4c4ea9bc |
| SHA512 | 23c0d9d364ebd3a9b367c3e2336faf4ceea79ce2c7da37100cefefb25be44eb5f7b6581d1c94fdb8b01c3bf45064341556a41587f9ed0c27760c433e0b4287cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2ab3c13c5405b8b64551465b6d44b690 |
| SHA1 | 47e32ff0b1a0aa82dc7c88e4863efe28000a99b7 |
| SHA256 | 05a69a173db888f133010cfabd0619b27168d40406e51f03d3c0b54cf568f940 |
| SHA512 | 3cedfebd96c89ae1b36d7d26ea6d5d2ecf13d78cda99ad068d3154e7ab5eb434947618bc0192e6718b3fb4785aac054bf343fa239f512233a65a01234da9ca7d |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 4059da0d237177fcf1c112c4c0cc6117 |
| SHA1 | ca346dcd1009bf37f6d4bc9ead3a91016d5972d9 |
| SHA256 | 72379349989ff35455e2f46a100a91ce935a7f70f7c202e3875be3948c2a18af |
| SHA512 | cc1495e1c6f02baab2e5b5fee4f3f0c35be443943f80eb42c31007810ed10158f5890f454661d2db791c07b088d688ed788767bffdeb02d3bdd606542cdd000e |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | d3c667b33ca23a236c9f87a5f8da4e36 |
| SHA1 | 98f9a0a462d8ccaac4b47e5de6eeb2e6d3cbb649 |
| SHA256 | a8a7baf168489da1b28771beb73250038b96af62329715fa2443a15383a6e7c7 |
| SHA512 | 07e54ecb7e3f66a16001107701562262bb044946feba418a9c519f11669e0df105dc6efbc487eaebbdca69a186c4b35ac2b1516fd4569d2362adbb44e51d0c92 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 6c12cafce3b0a3264a4352d07162621a |
| SHA1 | f5329a57fbbfeaceaa1cd57670c3eb3caf4463b6 |
| SHA256 | fce73e6d2c0615bc7867fd706c2e7e9bfb0afb7ec203e4471ed1d3a8c1a21506 |
| SHA512 | 6b858ee10ce4abe4ac8d36367bc905cce5bdd77e264db8f1b95aa0f5e90d75cacbb4fb6a9d83981f4ff29dacf425b99eabf117327d6f78fbc85c2554c4a36ccb |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 80a48f19ef73699bb0b39f62e681f8f7 |
| SHA1 | c745cb5a653bcd45042a40112b6cc2180f3311cf |
| SHA256 | 9af931b4680cf2d7e03d34849c26ac7048d23ef40cf375ec465f834ac6b06948 |
| SHA512 | 745ea4cddb170cd05041147add8f4cd32b9b1f752277555dfa95d510af1cf32b767edc11e30551b625a024e3e71c92ee9e1807694d064f4d816bc0e4ce9e2872 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 214aac1b5a92c02761f1627ccc922c13 |
| SHA1 | 86f67a004ecbc7fcece3536c667b297a4720deed |
| SHA256 | cb9bf1d26a5963c648f32db4807c1a77561d57596c17bb9c8de3a8e72f57f9af |
| SHA512 | 466cf7c50bde326197847abc000bb763c09b618541d037754cff7d409db28815cd62637d3683abfc4b6c849e7bf55215e35dd4fb2e096788733d8a52f8d4285c |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 05ae918b36e4db2758cf977cc5a8f69c |
| SHA1 | d7e2407ac9d8b9168558b5c312be742ed084f265 |
| SHA256 | 5bb5e45fb9f4dd663ddd747962b4a737edf6e43bae4ade1fe1bab688543cd41b |
| SHA512 | 1e51907db0d69e2872a1fbf483a2a4c27665a31813f99a8d14307210e4f918a7daef9e9924d342cf681d0201d71c7912ca99d4243f244125d3938d70ec96de4d |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 28f227a289876c26e787a85c58c143bf |
| SHA1 | f0e2b4bbd286bd814c3d07f979c5b462d8479b34 |
| SHA256 | cdb52f46bd369111b8cab68107857d86f8f5997925156ec9b80121bcc0670a56 |
| SHA512 | 9a3a07367f07eb5e8ca394268b787d668c42032644b775bbb244a6526d54be2864a6c0247171ce61db7f1ecfe71bb778df437227be7b53d7a24ad6f7b3816dee |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 3d171e50267651de4c5045f3dbf3ebee |
| SHA1 | 22b737d11d2dc6b27cbdce284626325fb30f3161 |
| SHA256 | 8586aa89c4d2794c19118e184415795989efd58b550cea01c55408cf2b9e362a |
| SHA512 | 07c321f34946fdaaacc23bdfaf8b255727404e316167b490f4e49c9747de5d08b211f8c0b73d2d6916764808391603ab98dc0928c17828492c3dd99b49e522c3 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 488cdc084a00b02d2158bdb338960fdc |
| SHA1 | 4cf5f6182cb1e75f58b24a0e93df972e78f73329 |
| SHA256 | 2da49fae641f4d01f08d409950d4d2f2c0ddad337af813907cd2fbe0fb125647 |
| SHA512 | dbace4ccede24a8353474bf7836406156314fd0b93d3a9872b0c8a00e912d218c49e50ce3a3cbf194b7e95285f251ed783cc52aca630f539247f90a50de37156 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 315c952c873faceece52d91211b8dc71 |
| SHA1 | 9f0db6dad3245e3e702c33a6b6b8786ebfc9f2e1 |
| SHA256 | 545ae2f9e8196708f7b0d2d644155d0751db2810284f0060047e9e2a0ef0fcb1 |
| SHA512 | 30e4447b87ebb72bcfbcc8d086d8ff72c3cf71bf04b176b9b9d5e2a053fa7b5f4727f811f7aa38809e4772ae164a3ab8921a4b041e28c5805ea8568143ebab9c |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 418d1e0bca19f7b1321724e761bfd63f |
| SHA1 | ccf3dededf94a7ab61455bcb6b7769517863938d |
| SHA256 | 106718103a91b1aa00efa02eab63a0886436adec1874333f79e308f12f2d2b64 |
| SHA512 | 4ee7a6d1b9c00a14b043152fa3806601510ca58e9e9b78def4d3f5f48dcbd9320401e2c3e6ffc8a5cc5361c01286b8bffda9ccd43de7ef8644ec1f1091c563ec |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | de887e5663048bab04f81a3b72df9c58 |
| SHA1 | 1a952608894c833547c253b0beab9ffb2d002326 |
| SHA256 | 9222b2e34cbf83808460d8ef69bca219b5602b7765ce7b90eb41f215de89615e |
| SHA512 | bf04a4a7f801cd439160afd36f8fed6a115ccfebe1ebb9dc7b806e7aa383b320c9177446c2da8aaf8117a08b9bcaf2bb2529f05b9fe4b3de1df5f9fe8d05226f |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | cfb32792f532d2b7a4fd6b1e94f09588 |
| SHA1 | 8a198974d29c1b986bad0fa5b6f109072fa9f693 |
| SHA256 | 21e622ba5a2ab9fce74959af70100610669d142bbf7a83550c2e0101204e3d2a |
| SHA512 | ad1d466273e635cf681f3f273bec8608dce54b630afbb288c2d789051e162332ae01fd6d3556c98082e6bead7e0b473751dc8ca6151c5fddf3f3ec9fc36d03d8 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 02c77d5aa996846036d618b22bb4a062 |
| SHA1 | 9c4f381f0907d0d2b53d87f968ebfd4a2315c842 |
| SHA256 | 90f6f1808497fce15fb6f26c8bedda033d16674c9107caa14b4e79350e2df13d |
| SHA512 | 8888583fbc589459524a64ab5b8717b38651d772ec0370304ed67c10ef4e383e2aa270931cf335e78854b54964dfd99bc4f124e70df185a726c3dd88562de22a |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | ba0e31678c2efb0b079d57a26dbdc590 |
| SHA1 | 6607fc6e803be96ec5a02fb2569fc8245730f745 |
| SHA256 | a6267aa7a256df05f31d65cafae87d6e10e81f00b33e1e41ce6cf90e9ed30927 |
| SHA512 | 21434ca73beed82ef632e3d6198a715156352ddebfdfe3e5e210aa0fa094b9a1d07d05a40d112eeab269501b294ab031854afc13a8d37fa44795a005274d0359 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 39d8c3e6c90981a8a45e6fad202d2ddf |
| SHA1 | cdbf26ad72daf713a0dd78378bb7f23bdaf9442f |
| SHA256 | ecaea198a7e02f87df407df418c42d0065a694cf02e50f70e2aad0e94dbf6561 |
| SHA512 | 038f21d56fcee3b6e2ede40daa63db89bace46fad8b1348a70c70f92fb11ea4c78bdce7549957c65f994b8faedce59c9ca7b402777e386dde5342bdbd8179f2f |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 1abd40377e54c59c9c939c50dc4d0f53 |
| SHA1 | 13280302342d61a482f26139b44f12f262592a9b |
| SHA256 | f06904f5fe604860086a29b0bc97afb8aa7ad1b7e9ec388d0e5e1869eb4c0a6f |
| SHA512 | ee15c6b01650574305cb59bace7f0c40d66ef6b2f3f79068723402b325b07483701f8c3439305043a59c31fd6c056a9811e4b767a3efa013c929e1048b7ab88f |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | d20f1e136bcdc0b73836c8f8736ec1f4 |
| SHA1 | ef9379dd49bb41ee21db8b072a90e2df0e1c74f7 |
| SHA256 | b64eaa2a83112b4af3b9cc401515cf1d90d8e210012cdd7fc2c84e75b2089166 |
| SHA512 | 64f24da91d8707d398b681bc2be56ef3ecec6fbc8cce56f6ef784dc1098f0781a7124725f0fa35fdb2532c6ffeb6541341a5ddb11bc36e97ec713a58211086c1 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | ccdcd2632139d4817ffbdf38b2a568c9 |
| SHA1 | 8091a1e1c921d11433e6b3768f35c7b01c9e60e5 |
| SHA256 | 5b4ae405f35bb22e8fed3f78832e1143f4a1596a646fc2430985bf3edaa20d9d |
| SHA512 | 7b5e20a9167e943b78a0ccd9faeba29969d3523914217c098f09bdd401ce063c3dccf98a66d3d0d2f5080aae4c209d61de09aa70fe2bf3a47f6e24c2bf7467c9 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 72a24819659e3fea7d4a39967a99b5b3 |
| SHA1 | 9dfaa261017f508f1daadfd4654e14602db47688 |
| SHA256 | 6a6050c6d9c26cda278bb8e16fbc4d876c37b23f070fe74fc500ab23165a782c |
| SHA512 | a792b012472ee4ea620530a842424bdab74424f7d436241944a28b444f8d49357a78b8b308da434f57a648e6fbeaa49b9f23f90965cac1fa30badddb26ecdbb4 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 5ec668897023d58954482101d6d1a444 |
| SHA1 | ed5c64a15522424ac1ac6121117e5f272f69dc44 |
| SHA256 | a2e1bf39837b275bec7656cbb3f13c6e4bdf18a3dd9fbede5c3ceee0c51179b7 |
| SHA512 | 42bc9a058f58a42b50de90bb950b7b59530289919d04c83013bf31bccb2009b46cbc6791f3d9f88e7757791f3d5dc0f027a0750e1e111e49bb2db42be4447b0c |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 2d975163afe64fe1b63bd9785b7a6dd9 |
| SHA1 | c7d23ea815433e2bff2d47ae75ccdb916a94944f |
| SHA256 | d329c2f1a2bc2462c8bc05f7e8de0b35ff6c7df4abda446e18967f4f22f30060 |
| SHA512 | ddcd6908e04d827919f0c8eed60c18f75467b0605868959c1c8d38fb41459cc60dcf9ddee9cd9212846b3deee20d3a0541279e754f327c8b5c23286ffb0de1c3 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 40d39d7b09a29d697c6096c7c34b0f00 |
| SHA1 | db47106840496228cea2a38f0a9b368567dedc39 |
| SHA256 | d474bd7306586982569525d4452545a7b0d604dffa496e1ed8cc21e618bc1f41 |
| SHA512 | 9d69d40bc5a4ae948ec880f5c927f15621bd83d884e2791f7254b31583aaea236b931e86969954f8bedec7fa3e444dc6e67c606e3a0e7a80e0076a7d08b5a0e8 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 7bf2e430e42f7e8a37e970ae66e24025 |
| SHA1 | 7cda38e7d9f8bcec3fa47cc6b4c9dbdb16168773 |
| SHA256 | ba546354ff5226af6667f8d421382a89a59dfc105b0e9002351e853361c9aeda |
| SHA512 | 87a44a92e1c959d0a77a1d2659f645b88b69b8c0676581599e79b9f40457f8487fcf417b67727bb424230007f6bc11fda8ef7c3cb6f45eff95d1bcf59a301165 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 08c99c5ee12727663b65c13b84a83a62 |
| SHA1 | ee702fba23c7d76254df32e0a3b09455f6380205 |
| SHA256 | c54fcc562735fdbe6a183b072df1f9921378bbfd65a5ad9c5d0cb38e39e62fa1 |
| SHA512 | 51dbc1e94b9d03e767b4c7a7a794bab9e7b4d05226587ccad81bd75b672a5c233f61a3971773b495f77baf35fe71712e35662e0107d055e99fc0f0a29c4f454c |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 9179807279a2ebeeb79f66403a2875bd |
| SHA1 | 0faa26b2f09ccd81c52d28694e4f060ea6f5e64d |
| SHA256 | 84a0619a755cef5b7315ae5c628560133f02d907cab03414a3b8277a1c2c6a45 |
| SHA512 | 0a369febc9167bb734bc7ce10861f0b7f659b4b8ff0cb5b36f0721e4c29f9a1719ee0128ba1bfee23069720bcf6a696834cbb29d9a70fd9375c45bd941a4fec2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ee2135981941e51898bd635aca8ca1f7 |
| SHA1 | 4a835e278d3eef2040820942b1ce625f90f7c365 |
| SHA256 | 94fc71b0d48c6360dfe82c594b231c25911f755bc7903e5df0dc6c6ca4a62e77 |
| SHA512 | 2bdb43a10957327d8b74cc374525471b34fd2d2267498a3b5858b31994f6ad73b304664c7e4aaa650b9a29bf07833b6bc64b8fb36b4c07a1c3ff30c1adf4e734 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | e17307cc62344cda27be8aa07bf2e9aa |
| SHA1 | cff2236c2af62020a05cd71e01b5311884fbbdc5 |
| SHA256 | b200ccba9952d7b3b1f0ca628a200f061d64272e902d9c1a63f8436699281336 |
| SHA512 | ca7355bdf7c962fa2cfc20bfc144747c518f967e7241f2053d5c0ae3cab6a9783a5ca7b5a29e116c0f6daf4f2fe09846cb32c247f5f269f4f6d75f6be229376b |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 928777304089657db0b2545701f1dbef |
| SHA1 | b1f117160acf2a89ea2e4c2a801b3a14042b3788 |
| SHA256 | d344372f327024a3c73a01973daa5dd46d53ef8e46621a639b1decacc193ebb7 |
| SHA512 | 00764c4b09ae01fcaec063b33e3cd0f8253958bf70d2174b231d8e52fabbcb47bdd6b6f06cff9e07ad7ab3bae1e7e4fb5cc85921a72390832e2ba54f5424fa3c |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | bf6f4ae5755680b17b926dc9d7bbb38d |
| SHA1 | 95fdc66daff21070926da754d9f372a247a84eb6 |
| SHA256 | 637ae86e903c0c255931d467d8228085e135a4f6403583f7054f89f2680b52e4 |
| SHA512 | 16b39e86abf416b1c53637873d34b374d55a7bceea9fe21d7e9bc0a55dad8844fe1eb9650e298e926ad26a03c19c8af6ecfd96cb1d98e69d5c07a8c586a16c6e |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | a971b9f0fa609bf6d3b5a008600d7e3a |
| SHA1 | 9a6e1937cf3f7c171e2b1d46f0c26ef627a1d19f |
| SHA256 | b9ae68e1504c4f2fe35656efa0fe6d9dee840ffa581fa02f89e88d6ddd20dc9b |
| SHA512 | e9df441c80725646b29fc19bd2da80ea7915788242900fce7b8baf460416f4d38203f5424ce268533021a2192239db880c10a2b4debf14482712774666492792 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | d0cff7fe1aab9d166f37b9e00709d8bd |
| SHA1 | 61753870143a86d324d7acea2f8fb8d95b979cbd |
| SHA256 | 8755893a68a2c7e8cd7694bb558a1f66c8f517d2ee63c7e59c22e84486ccd3c9 |
| SHA512 | f68a483978d985d5d6adfc4bacbce28128e4288eb5b058934f97f4dbb7fc42010310086e3db7213a8bde98c16888fd2654e51537fcca1db77bf5ec3f5ac6fbe6 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | dce85b9488d3fafdb9b149686c09af33 |
| SHA1 | ce9a0e579ce4a851281ec2f2c6127b1014087b36 |
| SHA256 | 357278328add99c269106c42189c6b4c22e4c72ef9b5605f051b1392fb4bde54 |
| SHA512 | b9415b986f3b3e2f1d7862adf9113902cd7d5b4e64a50a4b218076586f77644f96b7956e542aea52351a4ea205940a99efb8dcc8d6e7528750791e827c6b8c58 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 9a89dce1e90fb34ba3244554158e1916 |
| SHA1 | fd24f7119a5bec95859884f909a035a3ab3557b7 |
| SHA256 | 2bea9228b4dc25c66b0b846cc4acd7330b26cfc2100898c74d4d5e8d30830370 |
| SHA512 | 6cd0793638fd4e5c6f756f535858267b3c2da549f00922f33a03a1ec4bd9e706cda24a189ccd3cbb6e2e681cb7dea426c65c2e6098b12a8b0fbb50f3ca66d81e |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | cecb12d76851ddba8a2a9014b2d507b2 |
| SHA1 | 409c14065a89f808a606572eb9d041aed2bff61d |
| SHA256 | 6a51349c88d66e37d1520f23c0fa0d10d0fded3837f9abe6671ba4350d28fa8f |
| SHA512 | d9de313e6d7a8f71f9c928b0e2b4af9a7278b0a6bd8b060f1af0b8899eb98af2125eb82843dd88493a63b2c2f3b0e03ea08e03277660211f92a0a390870b8a69 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 5d5f6c43608041851d2dafc67c19d156 |
| SHA1 | 49f666dc07585ea48ee9b3ebc32e391ec0e4f60d |
| SHA256 | efecb350751ce3c908c7c3bf84b85dec1ab1271cfad598fd9fc9c9fcea36a985 |
| SHA512 | a70ed5415d58cff318c260e77d2e543a45c8a107c3af0ac06be7ac83faa35a7e594393688a74707eb5737e976bed6f594e8c140dfe66209c4c409da2f562bed7 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 9459cd21cd8a7cc8c9e3b7d1e3e2ad66 |
| SHA1 | c9b2235edc45daffbc5e9223612aab7e4358b529 |
| SHA256 | 804a343305172a2b1390142cfb82419e5335069f80a24031a52d7886dfae11d7 |
| SHA512 | ea21c0749c1449723d1d9483692baad9690b5b391be4efa9587b0ed1d7c840ff1acdac252551a841df8aeae02a527f13d606c730d77c51f6dab13019a0514bf7 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | f2f32d2e6e2933d3576b211456946376 |
| SHA1 | 0c1440b7002f3116dd70776761940986b1fc6430 |
| SHA256 | 1d555cc395ee6a63b1b8c400fc30236930b57e15ca5eaf5695c1c42c5c45c6fb |
| SHA512 | 5ae647e2f8d55727eae493de7b388f54a24d0d6c29186e3e4cc8a4c6d136adc08712d0a7db645d5009a3c085aba8e2c029f038cf1b72bbe878b47943f0d98e0b |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | c8d74c57fb65b0ab2d45327d740b420d |
| SHA1 | ec16693bc44ae10de81c3f388d042c0579d75fef |
| SHA256 | bc4bb09ea00fc8e60fab0ccb449dd58d05b3087a4bd2b61a5bd430a96f9a65d6 |
| SHA512 | 4b4749b35cfa573f195748de2a7a8dc0f7b7f0c7ca2efa4239ac2989c9750fe9b906c83b6006110b186e438319a5808af6812e3324f2fa26c8b447f6a4cd959a |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 6379253063011c8041396b4067b3ee24 |
| SHA1 | b84002a2f1393bf6dc0ea7bfe485ae92b613f74e |
| SHA256 | 1b10ed2fa5fe196537c3b4acac5844d6d85e4ad10f18481e5a13d0e46b232afb |
| SHA512 | 8cdb5a14045c536694ae456c9dc536dd82dd7bbd39b3f707a458f2eb407a3c518681ceee673396b4da4ac3f3f8449094ea139902ce6966ea62294b4917c53995 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 722b70ab231553b0c5d9731071718d34 |
| SHA1 | e9d74e51ededc5dc51e05bc6a1279b29dfb5ddcc |
| SHA256 | 6ea0792a428108b7670a57be46f92c9f6a2d2d13fc5491357188727ca4d9370e |
| SHA512 | b4626859584430a7137226164360acdb9abf809893334880195b2420d97f9ded88c04cb3617aa95852c4529807595aec9a428bb3bead0c3550f5ac1ed61b9324 |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 0f5d10c15c18ac7d36ccd588dc4ee4e5 |
| SHA1 | c7ea334535870a0c0bde9dc0a730c065485ab6c2 |
| SHA256 | dad24bb341a607d07559f44dc57ccb674f0c6ae1d8fd74adfa120c30bb8104c9 |
| SHA512 | 35e0dfed9b29005628a97fc6c47703ea8f17651109e7551d04de144f31ab77c6a81f101570953d946ac31a603b7f08e449891737ef2d234b0aaf41c1ef17993f |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | ee16266aacf616d9c2dfe1c4d1315d29 |
| SHA1 | 8bffa520d418d4b0e6ff97f63e847631481326d4 |
| SHA256 | c07872ac4fde47a885246366648942c499c200a7fca5394e1ae16c449657c56d |
| SHA512 | 5f68afb4021df02d4d7eea60a11c3d2dc51d90419e6afaa8af7fc6459091661ce2b9490b4f3703df7dd8f9bfe0c3a6ffb9fd3643847ade9f6633557870fcf05d |
C:\Program Files\Microvirt\tempDir\Setup.exe.setting
| MD5 | 9bcf48680a0cb3b1f70df891937f7374 |
| SHA1 | 571410696520468bfb5842f520a328c50f0aa112 |
| SHA256 | 4e061a263124777dbd1180036e5deeb5d264e4855ffb8e5fb15ac93145be11f8 |
| SHA512 | d5984c7ab123aa2fa6eaeb471cae796ef797a18d730278c23f06ca81591b9528b28f03dbdb4ea6017b8a5092d9e943895c558ea06df16cfac2d8d6265014bf10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f5a9aa38cd95388d4f86cee5cad9a741 |
| SHA1 | 4ed34fe91a48aaca855ba0fa588bb073ca20cfbf |
| SHA256 | a553e79a1184babe8b4f2d10f148155d3f0f407fb3e367ce3b8eb2c082a03122 |
| SHA512 | acd61e2aeb160d24e257de2f71bb54333a2d73d7282516819fd8c386a43ae110db8afd3092cf0eec176603f32e2510c85938eaa84288be4f8b3eedb4f4ddb51a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d6077c0bc14b6693818aa91fdb5c1f25 |
| SHA1 | 19a360974ed1b445376ce3d8c63e67bea24c1192 |
| SHA256 | 7d24e5c9a115a0aa75ec5b4a41bd44e60ac5a90c8332109c9cb0f2fc391e5183 |
| SHA512 | bf34d58100af61be218549c80a463553d4e6afb2b7699cf107b8b698c07b2a681efb3a7ed618e0b2da8323511844a0bbca718f79d88ac378d9bbe5ffdcb93cf3 |
C:\Users\Admin\AppData\Local\Microvirt\setup\MEmuSetup.log
| MD5 | b60659a05f27ec008175676feae34794 |
| SHA1 | 6caa12aee5d05118225fcf176bd55f43436df9c0 |
| SHA256 | bcf32c7d8bf3eb48af50f5674e04465ac2e67e9a2a45eda2ce61658e861a486b |
| SHA512 | 4dd8e97883d45e7dc2f192e076cca60c388d77c79c91dc6bd95002e15c2d5538cefb74f1ce680dc6f9d57c49c36a145e394aedb8e56ba1d1d4c2483c2d1ec79b |
C:\Users\Admin\AppData\Local\Microvirt\setup\MEmuSetup.log
| MD5 | 95e0fcfdd9c8c31251e42db615ede0eb |
| SHA1 | 8e9a7e964a077911ef9b5064f3c901bb14711f23 |
| SHA256 | d20ef9f0e3da7c509adb84ce60e89e38e6cdb745873db01c3641e6de6d43e59c |
| SHA512 | 95df5d74164c5063e5ee502d91a9ddcc22a39db62ee86b3f40e857cfcd298231c748230ea3fa17dd7219d1207a673d9e04540376a6b29c0bb7f218d9525b6843 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000039
| MD5 | 4308671e9d218f479c8810d2c04ea6c6 |
| SHA1 | dd3686818bc62f93c6ab0190ed611031f97fdfcf |
| SHA256 | 5addbdd4fe74ff8afc4ca92f35eb60778af623e4f8b5911323ab58a9beed6a9a |
| SHA512 | 5936b6465140968acb7ad7f7486c50980081482766002c35d493f0bdd1cc648712eebf30225b6b7e29f6f3123458451d71e62d9328f7e0d9889028bff66e2ad2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000038
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Program Files\Microvirt\tempDir\7za.exe
| MD5 | 9a1dd1d96481d61934dcc2d568971d06 |
| SHA1 | f136ef9bf8bd2fc753292fb5b7cf173a22675fb3 |
| SHA256 | 8cebb25e240db3b6986fcaed6bc0b900fa09dad763a56fb71273529266c5c525 |
| SHA512 | 7ac1581f8a29e778ba1a1220670796c47fa5b838417f8f635e2cb1998a01515cff3ee57045dacb78a8ec70d43754b970743aba600379fe6d9481958d32d8a5aa |
C:\Program Files\Microvirt\tempDir\7z.dll
| MD5 | 4e35a902ca8ed1c3d4551b1a470c4655 |
| SHA1 | ad9a9b5dbe810a6d7ea2c8430c32417d87c5930c |
| SHA256 | 77222e81cb7004e8c3e077aada02b555a3d38fb05b50c64afd36ca230a8fd5b9 |
| SHA512 | c7966f892c1f81fbe6a2197bd229904d398a299c53c24586ca77f7f657529323e5a7260ed32da9701fce9989b0b9a2463cd45c5a5d77e56a1ea670e02e575a30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | eae13c974d883758655ddd0f4dc93e2a |
| SHA1 | c9170c293418ffb69a7dfb8a0251c0ed4792447a |
| SHA256 | 7d1f0817f18cac973e6da95ec1e4a765f75d56459c212ecdce870e7273080e50 |
| SHA512 | 60bfb38b6667d586786d9a0424480bc1574dc3901331ebf1675a08ce69659a40e909f6388e769567d29d94a76bd3c57027d5a8e51c1843de32294794add2148b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8e0ce22db95d6e8be2db57505360644a |
| SHA1 | 940c96e2809c0d8b5b315c441f8917dab7bd97f1 |
| SHA256 | 0f5163ee6f5ec7c347b9b5097d55f9ec54c7c37ed526cbd30c9f63cd1d96f418 |
| SHA512 | 8608ce816da2495a7baee6b530d777de7b8b3debc4760adc6f13ce70a9a01dd1a277ac95defe7633bc00d1ff8d3ae06146358b274e5b6742a7428e002db5eaae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5d615a641db3476c5daa986470b4abd3 |
| SHA1 | d279e5603d18894d9e13b796810a9affef2283a6 |
| SHA256 | 8a4ba7c0e2b6ddc0d8af3910dc0c2d3e119483447acd33d60b1696747d24d905 |
| SHA512 | 92564a909cb29c5f694c9d436f825cf5bd6b233ab6031527c79ec7a981a0ef0f8c4289a534fff8a87cb8e8db5e6bea70a59b16ecbf25b9ef8369a5f6e2bd4bf4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f
| MD5 | d8ad625c3b6ebf71c6081a85f887e6bb |
| SHA1 | 379f10b8da67d19ab8ad932639a7afd4975c964b |
| SHA256 | aff84929e57c1898ad3441f3fc7f850d903641cff756ac5a86baaefb33145db3 |
| SHA512 | 41c690dffac3a8dd4cb07e61947fc8a0d966d46c6f1993c6cc3156dc89f34dcd0b1378e6afd60ec57859c27dd01149655cecd642becfb2bc986f351f7998a271 |
C:\Program Files\Microvirt\MEmuHyperv64.7z
| MD5 | 7d15bc6943d8e157fcedec857566eee9 |
| SHA1 | 529c3d34461db115d6b60aa0b9d6deaf28d53841 |
| SHA256 | 79884f65c4d7bb96d690100ab3c96e9095bdc1880a0a1fc69a3096e4be20c01c |
| SHA512 | 2b202f0a69a638ddb73ef77f7bd879d12e81341a547efb7efcf52d19b56bae9b77d0b8692d31a097f72e35373ab179ec1a275032ecf5f7eb4f9a47f66353aba1 |
C:\Program Files\Microvirt\MEmuHyperv32.7z
| MD5 | effc644e0b74ab6d7972d6a278384d56 |
| SHA1 | 2738845f69f9ceb1601e1a63cab49277460c9a96 |
| SHA256 | ff148f7b54c1629a522225fec45ff6649deac3ca6a8268321590312b232506a9 |
| SHA512 | b3b77a56ecdb77bb25f583f611ca0a04892e4bce0c9411bc063f2843bcd0631cfbf09efd38ad0e1f6fad69c8130a1270685ff59863f3b92424430b7d4e7343b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006f
| MD5 | 1585c4c0ffdb55b2a4fdc0b0f5c317be |
| SHA1 | aac0e0f12332063c75c690458b2cfe5acb800d0a |
| SHA256 | 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5 |
| SHA512 | 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23 |
C:\Program Files\Microvirt\MEmu\AdbWinApi.dll
| MD5 | ed5a809dc0024d83cbab4fb9933d598d |
| SHA1 | 0bc5a82327f8641d9287101e4cc7041af20bad57 |
| SHA256 | d60103a5e99bc9888f786ee916f5d6e45493c3247972cb053833803de7e95cf9 |
| SHA512 | 1fdb74ee5912fbdd2c0cba501e998349fecfbef5f4f743c7978c38996aa7e1f38e8ac750f2dc8f84b8094de3dd6fa3f983a29f290b3fa2cdbdaed691748baf17 |
C:\Program Files\Microvirt\MEmu\adbdrv\adb_usb.ini
| MD5 | 9b924764cda9a9844ed2983eb20d34ea |
| SHA1 | 7ca4f57bff7b01607445003973fa66a9290aee6a |
| SHA256 | 2a6f11b34cee17017b878105cb0bcbdd81f716a9bee4c9e6180f4605d0fa760a |
| SHA512 | abd36ff8efcc464a47387c300e0010ef4a4cf4b08aa4ee96c58709de0d06ec79950b530ae75b3176e7c92744f846b2cffb0efe90e2a37cb787f06a9fb2bedb49 |
C:\Program Files\Microvirt\MEmu\adbdrv\64\devcon.exe
| MD5 | 5d38f264735116c3f6d7114b18e7e173 |
| SHA1 | 6635352bbeb16235dd2ecab22ca9122596d3bde2 |
| SHA256 | 9f08f1ce607877c5292e57da6310e064375d6b5ea9535045b3019a2a7e91a351 |
| SHA512 | 4c7021d1d9a3b7bbc7bebeb8f9a972db19e1e8f62cdf3f60c985df7855fb06075f3f943137b25483eccec9cb56f1ca12d24176def434c46f103a870694c0a0de |
C:\Program Files\Microvirt\MEmu\adbdrv\64\android_winusb.inf
| MD5 | 20fa26363d4e532ae03ad24a9a2492c3 |
| SHA1 | 1410cf9289bf3a20f58aca2577ee433ae48fa1c1 |
| SHA256 | dd71107e650bd49118e43257e1bca7e902d7c30f1f249a0a7d4012e827f8795c |
| SHA512 | 3fc815e89ca79e9d7384fdd5838be8e118f4006de18b1c360ba7de49b659c80641b4a1c2ab446bcbfe91cc6d66dfd03d086091e8c2ab62cdc014e98377e999b2 |
C:\Program Files\Microvirt\MEmu\adbdrv\64\android_winusb.cat
| MD5 | abe648c8e5dabd56e7d9800cdc918de8 |
| SHA1 | 0f6a9c3c2fa5bfb25526a130976bd18c598ee5ab |
| SHA256 | 4e2b3b5e4e92b6ef1dfda95ab5eea7cf4b4eb5a8c232e634684dac3c05ae2bff |
| SHA512 | 104d20ae79c6e0f3af8899f706a1678e4b4a95460f8841ac14f80ab358f98a6409f412fc80d31adc2740527b53ce3b09bfde477edb03cd9572bd2239517fbf51 |
C:\Program Files\Microvirt\MEmu\adbdrv\64\amd64\winusbcoinstaller2.dll
| MD5 | b55d5cd0742979dd9f46e69b2b56eee7 |
| SHA1 | d93f73f0904b7bc1a28565bcf1b90de0533fd79b |
| SHA256 | 196e47522ae1eb7a5014b196f433bc0f5fc90ed2b934177512cd3e1e5782f0f1 |
| SHA512 | aef9d7c1c3a2f6bed61a2a733e6f5c2f4656e26c5bc235bf00d26dca221901b7d7544fd859d4f4e04a65374b27e85f3dfc2088fe0bb4272f155b4cb9626d94bb |
C:\Program Files\Microvirt\MEmu\adbdrv\64\amd64\WdfCoInstaller01009.dll
| MD5 | 7ee110fbe5147b3402e70f23e0f57780 |
| SHA1 | feb6a002b4090c098c1b46dd1bceef4a78379b86 |
| SHA256 | 48bea71e994fa8f2a30e98c0547323b7f0246884664550f869a3f2f1c2c3bf62 |
| SHA512 | 21b18cf73c0a1b040ffc9353ce66b03e9c1252787004d3597d41c84c6bf1d8151aaaf0b4d35f6317949c85fbc89fd025a5ccb7f814af3a618e42969c6e85ebbd |
C:\Program Files\Microvirt\MEmu\adbdrv\32\i386\winusbcoinstaller2.dll
| MD5 | 3259ebd7742a78e8fa0ad5a689b7377d |
| SHA1 | fbe79b1f6b207c3b47ff37071c47b8ffdadf889f |
| SHA256 | 91baea13dc25e24916de0faab9a59a70fef12f3a2eec96528c1d9d076ce320b2 |
| SHA512 | 3dcdeed5c2078d4c82308b63bd9812c16d07883f47a615ce06616de94c59934e916966ab026391d95af9a370fbc7a7fb90cce931736484cdc85a377080ad2f1b |
C:\Program Files\Microvirt\MEmu\adbdrv\32\i386\WdfCoInstaller01009.dll
| MD5 | d2f19c1a1067bef5653959bc26695d54 |
| SHA1 | 403102bb14550751dfa7745c744f2cfa29f49ca6 |
| SHA256 | 11167a49a71cb85d29b8cfd61447ba7bad9870de172be8efa1525eb37958fde2 |
| SHA512 | d5327fb0e09868b4db4af875a61b0767af5441c664083cff4bb4988ad2e3858cfb34375888fa54c17d01fd008a5db9d9e392ac059dbf7fb344abacce93559d7a |
C:\Program Files\Microvirt\MEmu\adbdrv\32\i386\USBCoInstaller.dll
| MD5 | 9f3cb843225cbbf5612ba0015354bca1 |
| SHA1 | 4e0cd78823be5aa78be2054f4d4296884a7b5294 |
| SHA256 | 9ad6ae3ba83531bb6f95c47f008586c2f09b03dcc01743212d611d6ee93a5ee2 |
| SHA512 | fd1111739e03f8769dd879793215c70abc48b10965bc700ec1806a1289a3dfa829c32efc0f6f7e5e17aba39dfa95b13a130e59fb0160676c796db084517514fb |
C:\Program Files\Microvirt\MEmu\adbdrv\32\devcon.exe
| MD5 | 8efdbdd90337842ef4b8ceb7adcac7bf |
| SHA1 | 1eb6440e60bb09078831ba011e7f2366bf06b8b6 |
| SHA256 | bd91a6d385183af2495ff151b6872a0665beaa4c72d05943a7c97e201ef4a4f8 |
| SHA512 | 1543d8ad7d347c2818d9467672547f80d44bad6f5498b2bb2153765d14fec3400ea1dd34f87022aa5b2128a92cc00ab00f84c88c42e31be353eef105510117c7 |
C:\Program Files\Microvirt\MEmu\adbdrv\32\android_winusb.inf
| MD5 | bd81f8ba792dcffaaf9e2e8cc9549c55 |
| SHA1 | 940f5aa8d959d469ccd37ddf432f18a739fa41e6 |
| SHA256 | 9408780740fa1214f8e8c2a32353ca10839282e096787f43166f9b555cf1c665 |
| SHA512 | 890f9cbab961b829b72dc54d482048da745721ce54beb45298728969896264f5e601b4d4ad8b3b5210ca78c948dcdee1974cb551533a2030ec3f074b8ca4df34 |
C:\Program Files\Microvirt\MEmu\adbdrv\32\androidwinusb86.cat
| MD5 | e43ed0b69e138218a044ffa4507f55da |
| SHA1 | 444736f81165aec30e700e513537b732dfb93339 |
| SHA256 | dc11de7734b8cbcbcffa628dc703662e1acd00142de5f8d2770ff52b7c74fe9b |
| SHA512 | ed6096ebdaf4cc8b82f497a4492586376ec5861a6ef4d413d490e8b51e66870f4c3728d45ab683974b4634c111368304459b8c470f8fcf24f75bde2c64ac4c98 |
C:\Program Files\Microvirt\MEmu\adb.exe
| MD5 | f6e68c4cc8cc3288fd5a411f54d8cae2 |
| SHA1 | 9ce3c09bda67e746d385593f3385228790815923 |
| SHA256 | fd488a4e13d4c71acce69e209164398a056fba5a559b7f00c1351390604e5b98 |
| SHA512 | dc66258eb4d8558d578744c2e1124732f48b48333ba67ef3a24ccfa608f1cc619c4f443f61dd15c4264594b9a97305150afbe169226757357aac382241e6f392 |
C:\Program Files\Microvirt\MEmu\aapt.exe
| MD5 | 284db64a9ed1c070602bf9ee77550e3e |
| SHA1 | 48aa0bb65247f1fc0a62404e9cfa355f519d6d4e |
| SHA256 | 29ff3f525786f8014ded9f5a093007dc8e986f5f3d29c345f2fde93416c400eb |
| SHA512 | 2a9b54e88ccbbf79a883deb5c09139f35161d404a53535a83f1d2f650e7adf8ea9d5de5b2b99fddb74687f330941e53f3c6a9f0f158d7fd5bcd1ec33e9205410 |
C:\Program Files\Microvirt\MEmu\7za.exe
| MD5 | b9425918e9f7b8affb9952ed02e01285 |
| SHA1 | ff8c9a13df26035911b57edd8bbe28b2f6b07b72 |
| SHA256 | 8a5e4cce83ca7c08945348bfb13395109656079e99bc6445b62c4daae16faa5d |
| SHA512 | c25695517910f30424dc23e5f6f6f2a8c94b471dd69b77798c148f1520d313dcf43985cee507427c5d3aef2f12ab103a598450239668fde1c7b245e156bd501f |
C:\Windows\System32\DRVSTORE\MEMUDR~1\MEmuDrv.sys
| MD5 | 39ff928d8ec49a318b40761dd7c1cdf3 |
| SHA1 | 5c20cb15caa4704b7a5bfadd12885646aca50fce |
| SHA256 | 9e18ed94739ae711585e397a8ea2f7e1b05e00bd23f57fbb7606c4498192c5e0 |
| SHA512 | 04a3198da7dd33e6d960de8474814b7220c6d9f0378e495683fd38a5bdfe15179daedf24bf3038e78a775c20ced87bc05d64aee9202f08924e017b4d0d724524 |
memory/4504-9333-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
memory/4632-9334-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
memory/6104-9335-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 00c83bdbfc02420eb5a4871df793481c |
| SHA1 | ee68181933f3bcb4ab49c9b13fc98c57c21d71d4 |
| SHA256 | 13c02600edc3bb4041fa44b9ca3d06c65df257ef7b7d0f870ececc285a6e0f74 |
| SHA512 | 1c805d6607d978eb86dad200bc4f026c61306cee03a24ab959fc3460027088be64f191cffa4583ff1099c831eb85ee21e0e39bc6376afca51469da4d7d52c10d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 38d3dde4b01e258232e3f4b859cde11c |
| SHA1 | acceb88948234f76b7c04c1f2061a19b5adb1d50 |
| SHA256 | f34fb21f1de807ce0914b5f3aa9b43e5cee6c7d6b2b8e2b6632d57e599f48d18 |
| SHA512 | 017a006eac8307b0ef059f4e6b08a5e4642e086a142a335a761d968b0dcd44f97c17dcec1c9ead36cf304b8c94d71a4ee90a386e254742ba6fe84b06aa5d8c9b |
memory/1092-9364-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
memory/3792-9377-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
memory/6084-9378-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
memory/1620-9379-0x00007FFD4C790000-0x00007FFD4C853000-memory.dmp
memory/2692-9380-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
memory/5832-9381-0x0000000072400000-0x00000000724B9000-memory.dmp
memory/5236-9382-0x0000000072800000-0x00000000728B9000-memory.dmp
memory/752-9387-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
memory/6088-9403-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4d697a8be4da3e837f48ce1622b4b885 |
| SHA1 | 59fc878f825d65d1baad99b146139ca81f24d3c5 |
| SHA256 | b74ab772b15248bc6e8c0a224d9693a878240419f7d71b90f7bf83c463dde5f3 |
| SHA512 | a1cea1d28343aec36e7db607ec6289c949a570c0a1e9590e475eb4cde4feddc12a6e81249dd49642ec72e3d5ad56deb3519b5ee782ff4f5327595567555c9cd1 |
memory/5840-9478-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
C:\Users\Admin\.MemuHyperv\MemuHyperv.xml
| MD5 | e8948501d2e2781d539a982240c0e682 |
| SHA1 | 340717f9da7ef76aa75c50e09d349de3ea6f6221 |
| SHA256 | 20cb5203adf2b9027362efc88c7c9585ce68ebea96cd0db7f2ea2e13172abcf3 |
| SHA512 | f05a201a1e8b53c8410989cc0f1d597ca71f6f5fe725b50670544af9285e1dd7cc0d50f8f1732d194a5c86c58bfba59ff2310b71fecf71ebe1cced1e181cc0c2 |
memory/552-9481-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
memory/5216-9491-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_apkpure.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000079
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Program Files\Microvirt\MEmu\config.ini
| MD5 | 94dcf9cbfd2760f91e7a7773534cb7fb |
| SHA1 | 2a30c43398e47a85525469c4729da3c27460ae56 |
| SHA256 | bdf4997cec3c3800693bb24685343e7a9dafebb3db7397f698b4aefdb5a29513 |
| SHA512 | 8424cbe7fc28741cf8e123d38019c977d4433d6ca30e73bd251da7b53d120d487f84dfdda0803245c6a9c37c79c023efa951ae11807d90d77b55c1b023403199 |
C:\Program Files\Microvirt\MEmu\config.ini.lock
| MD5 | 8f23df8856b804b97ceb90045d6456a3 |
| SHA1 | 564157330886c6b5d51d9a0edf0f1fa29ecab016 |
| SHA256 | 2e534f078c510aa7414efd2f3800292267ce78444dc697235a0e40def6011fc1 |
| SHA512 | 88c0c4c25f5827a851386c32c1c9482e72bcb1a2c9fb91f953161cd674ff370f7c3843fa313f893bdcff58731d89ebaceb9579a856752649fe59a87daf2ea3f9 |
C:\Program Files\Microvirt\MEmu\MemuHyperv VMs\MEmu\MEmu.memu
| MD5 | 37e27e199184ef00542229c6d7ab0bad |
| SHA1 | d37567e5ba2034c8daa1fe95e69b9463ba82d54a |
| SHA256 | 2caef4567bcf6febcce1c99f5dc99a2bc4936625feb76d96ec3281a16164a6c8 |
| SHA512 | 851e042538ef870190ae26a47435f47b94e948c0adbcdb9c1bcc84e2cf235be1c49a211877ee691253c52b94a1a3036431dd830d6f1f330309c8ec46467763f3 |
memory/5048-9619-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
C:\Program Files\Microvirt\MEmu\MemuHyperv VMs\MEmu\MEmu.memu
| MD5 | 8faecc804dfb35befffadcac845d5e05 |
| SHA1 | 22befc09bae478b914c177c6941dd71ad4677144 |
| SHA256 | 7999deed041fdd15552f02e55b06deef3ffb4658e68ddd58d4424f46ccf5b3fd |
| SHA512 | 99548579b425387495ef5af813d7cd1340ffbcc35304ce47f0ada0409a2da7fc5ac53ac5c17469d279b57cb8855a4035445c53e5aff8bbce7e89d4d6be90a25e |
memory/3212-9637-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
memory/5264-9653-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007d
| MD5 | 015c126a3520c9a8f6a27979d0266e96 |
| SHA1 | 2acf956561d44434a6d84204670cf849d3215d5f |
| SHA256 | 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa |
| SHA512 | 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c |
C:\Program Files\Microvirt\MEmu\config.ini.lock
| MD5 | 39e059db9a495a2098362445a6291747 |
| SHA1 | 3f24e5eafce85c0ed58b4a36b911d17264af3d80 |
| SHA256 | 6ef1cc11268c1cb2b7ddea3e03daf3d43885308ed7420b5c5229702a7d13923f |
| SHA512 | 22bfb365c3dd1f429afcb076f085ae28bc888afcd3396048ce12557979c5b4cbafaa2d4c6e9cd8e341bff29c8ebf7475c77a8059d238bc16bff26dc7c9bafe09 |
memory/5108-9699-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
memory/4876-9723-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000090
| MD5 | 089695a45226b2dc6da578927e1c7689 |
| SHA1 | c0c3b7232ba87db311cc058835be802228540cce |
| SHA256 | 25f89c2be83a05876759caf2daa4fc9c2c2e77436d88922aaa9d33950dc50af0 |
| SHA512 | 817ae5f1159038fed672611cdc3f481aa406473886643e0106233e31d1417a486cc5e42d17d5572d508d6544e0bd29a9c71493294b51219d2c95e80984c8a2ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5a4ca95eb981ddaa467470c38a8c413e |
| SHA1 | 4e943ab90231ee9252d3979b759008b84cab4a8d |
| SHA256 | 7e1e20eee516190da8c1f8dc38cd7c67d43e14a6f097149c778dbfcbb676869f |
| SHA512 | df6b8ca52a3cc9dca80c942e632a53d8481bdaa00de022013280ba52e84e86481aa3dd8ca8ba2daa9f334317afd8b67515ec4b6a91b062642889df8573888859 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | eed7d3ba6215dbc74480d6dc5f2a8889 |
| SHA1 | 364621f058c047973c30f0878f8faf099fb2afc8 |
| SHA256 | 4f05fb7d0355a509af6cff2d70b38f113e368d9e763a3d42ee105de2cffc1269 |
| SHA512 | 2de8b538e7068007d1ca69c3694c57f95e0c243151dd9de00ddaa3b0880f4eb22f5a71479c3d52102ad1c50d5407f8bab3b33f79d658c804f732a7493c7e2d2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5e96109a5b61acbd8cdb819b9ed10570 |
| SHA1 | 0ffa24e94a4614f28fa7262b6759148897ef63af |
| SHA256 | 8c09896e60e95bdd35504f080531d6665b0f04618dc0152c09e52f16a0d07ca2 |
| SHA512 | 8a006471352a3e3e3d6e31277c141a4000d6ee8f60640266b1687a8f708b113b20aa17f81cccbff3a18e38f3f07bd6e62aeede0f168ff1ae2e76a79842744dd5 |
memory/5588-9833-0x00007FFD465C0000-0x00007FFD46683000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a38b7eb456501ad4242c39746f470cd6 |
| SHA1 | 0524acc77e6dce52b3907055b248a75250560607 |
| SHA256 | 3033f4a30a03406da6e12f934e89215c6612005c9fc689a064e08b96c6991506 |
| SHA512 | d9bcc827638927c7933683b482f13993b23f6c4b4b35a7ac1a03b75a0e3eacd4545a2d23bc25cfbb5a9dc6f727b3b816dcd9d498bb628fca00d0e6ae1d4bc804 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ee1a2abdbfa63878a13b967c69775b6c |
| SHA1 | d891e86f6a28c4d06df80fd1c721f798b4eb2595 |
| SHA256 | ba5a3b619cc04fd72f89f1d85525b03214555cc9d3f6f106a42824aa3b9c2bdb |
| SHA512 | f489885013f14dc26e7522fd9c83a4f83016677a4c31d46bfeaaea07cb39412584bef93957b533d6bd57e40dc6c6196fd6d0d7e1a889d64be68ab30ee4a0bdae |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.exc
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 38dd67e34ddf6c2a27d184bc9b70f1d3 |
| SHA1 | 099d16bcb7204c1ba9882f21178663c6cc4b707a |
| SHA256 | a53e6fb52a9f0d17cd88070feda0c88a7dac9e9fc015e5acfc3093bdc1333ac0 |
| SHA512 | 25b297e88edbbe706211ac03d9a7d5e1419a0478e227aa36d74dbc91ca5cbf9d831e1e56502f1166f538656d637dbcfdc21c44b4a6c7b512b7c733ac29a24784 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5984b7.TMP
| MD5 | 59fd6e8d19f09ec52dc8f735b0c7f321 |
| SHA1 | 8e60c07d5e64aa0ecf615858b306d042693449eb |
| SHA256 | 4cb6810649b9e67a00443e4347565e2d2d2d90f8d4d44cbc77cd61991e5fd3d9 |
| SHA512 | cfc522b32f1e0a9b41dc4a1612dc78d8cacaa0a890e2672f3432da2866a6bf54fc8c24f61f8d09329accffc5d9dff695e473adadbbe630043f74e4eba757ebfe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6e5ae7ff49c8eaf2b938c1d1bf80af9d |
| SHA1 | 9506f25adb4f22bb8089a61beb02ab88db2f7bb7 |
| SHA256 | 4075dbf4d1e33303960254e074dd75197953ab6820ac98643cb2e48a9fce954d |
| SHA512 | 517f1d0cc93423d25066a767664456f5e569a0c77d28bfd041a5eb527d5cafec663f7f48fa215ac7479ca349a584850d2ebb30e5cc57cbdd2bf36ee8f2b1e14a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d5dc19598070c9a2256485751391279a |
| SHA1 | eec25c6ad153eceb071912c557b3a4d762f55a26 |
| SHA256 | a5e95dbf777d71cea34c4785e490c5597a501b8231ac79f93dc08bb3329bed05 |
| SHA512 | 637056a8f2ee07a673b30cd40b5d136c2580c797d4ce6cc3cf648bad1242a92728de8c5942a150b655b2d81be990c3fe16099d33828b239119a4018c5666e4e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009e
| MD5 | 0847f502f3670eeee3c2b5cd93c8db94 |
| SHA1 | 984881be882fea76d390d373222c08f34cc7a31b |
| SHA256 | bede435865df71b9152966ba6e550b07ae481f795dd2b69063add1e99bf6c23d |
| SHA512 | 2eadbe0158bb6a8c19016cd5fee52c4efefc3ae2e8655c16300cd449f1774ee875594c6f7826ac7c4c9dfe215a5c9acafdcb68b8bffa00a70468598aa3b46c0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fd5361be6bf971aa0027b0a82746d9bb |
| SHA1 | 05925ac64d11b5e72359b12c1d8b01cf86450cf3 |
| SHA256 | db18f598c1563715baca4187af90ccd268c8aa38ae308273edb53beea1c03ccb |
| SHA512 | 047a08b4e74043725a4e0b541a0ac9635406f3bc000c0b32404e0c2a94bc23f9c75899e65a1d94b3635db5f798b9f8c35bb67320c09fa2d1fb4c8b7908ac148e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e1ffb4883fa05ed282307caa9cedb094 |
| SHA1 | c8d11711b74808fb5b976ba6bbb60ae14fd6dae1 |
| SHA256 | 92e687422c43421f2c736bcc30bb2e7680b5a229a7fef57d0e70f13821a9f7b4 |
| SHA512 | 512c3767ada189b7b1f8e579fa3e5199b2f2be987ded717ecf5be801ed4e3618fe500a75e48894de54f4fd41c4d9ab3a4e60b2bc28f939990268549e3b11298d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000071
| MD5 | 5f0e3d4d296919e9d23f536031d209cf |
| SHA1 | b039f379c25755d6e2c9a06812b2174bb1c00a21 |
| SHA256 | b3428779e756ca0c61a6ecc4e168c7b1216127798b903b240e4bc64fd7ff6766 |
| SHA512 | 6c6170c999f227694a0c30eb31b71a75d250d622a4ab649a4283ca857be9c33903dc890b096f96fb47930b07b0796caa3a1faf9fd65c924cab80b9a8d32f8dfb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073
| MD5 | 77bd9e2ebfa2a176f6de0bf5b917f38e |
| SHA1 | 48760348561ba155c5a57bb4e1ac7fdf79372dbf |
| SHA256 | 1193425683b027058dc98df4952ba744683848318dc4dcfad5e5f667d96dc2b0 |
| SHA512 | 1a9f85ca1af311b5acbd331947f0c23fa94b3809ecdc9d354fc0a95f665bee8c5d492e8508bbf906a885cf70769c5339f59da964b0e34a8c76ee7699b2d3479a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000072
| MD5 | 1367c67ae2f8f4e3d329a1d3f1e49776 |
| SHA1 | 1d1c45cc4c237a01c5473e066f2fa2c541755734 |
| SHA256 | 16495021e9b502770dc878a598cfe3fbc5fb33853775eed0415f4c59510dc48c |
| SHA512 | 2764a605af8dab19534bc13657e2a6a720c4287953252b830add797775d20a04e014674c702fbc18c24df450c717e598d423c8a378d956fb4cd7596ccbf22906 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000074
| MD5 | f52d27ff6c5612ef66841125de290c9e |
| SHA1 | 6b84a74a679bc97033a834b95c55e4b49cc706d4 |
| SHA256 | bf3019f08243214df29380557f72ab8149f38b405785a90063249eef62e88d46 |
| SHA512 | a672845d7d557d60297ccccb6e5712eb72038761c51c3fce5538ab94d6c34d7d01222fc446edd1da0a3f6c7a44352302f791bbdd02a7081ec9b11c07c9aa1989 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075
| MD5 | 2640ddc532872bdf032cfb99ae0e2bef |
| SHA1 | 094cecd175db3744938184fbd357b6d54ecb9b53 |
| SHA256 | 3320c8d0d3ff8fa60ad87e0a2ca6bedc8f469854686ece173732b1abd4aaa873 |
| SHA512 | 9a62178ec29d57136ec4d38fa5f4007fbe6c2773c13af937251d57696290dbd6e6edaccab0a2c829f221bb37038b9fd81c60dd030d6b3c50de3fe0fdc6823403 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000078
| MD5 | 63a6b133eb6a155d87a636a133b574eb |
| SHA1 | acfd03bbadc588f6735bb6d5bb18a2b2ec884ed8 |
| SHA256 | 409bb28a2db902a4fa0188608c89a8d93f8d41445f5dc62bfbee011986394071 |
| SHA512 | 2ebff727afd07b6d01a117bb38b29703342557a7add701eddf1caa0042a261c7d41738d24e2c16d145e483c25df3e536f2fc27b4be4d57f92c80ef1c42da8d9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007a
| MD5 | 1d84ef5697b2cec0ff8ba462293ca47c |
| SHA1 | fa2ff9a41615f567de35a3948ce13b9c9a3a3ef3 |
| SHA256 | 655ea65fe6e371f0aa1bab40bb81e8b4aec5a95f75fb3d52c0636e09d55d9d1a |
| SHA512 | 1a3b8cae4ad44093b0ce0829812e2818cccb26fe3e1baa45d7ff86de1f3707d1cdcbf289fe3bea3631f4fcedffec8eea90cfb0815bbdd7307681305bbd168ff4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cccd0582377de5071e524245e7d11706 |
| SHA1 | b6adfb08e45917ae0242a7b399ee0d2278050cb3 |
| SHA256 | 822c6929768eb3d6d6604e1bd02c03ce604c1dd449d36eb720505e7d5adedd54 |
| SHA512 | 45c976fc99a8d0bb64f98f1e0a129f17d0f0446df27bd4cddd17eaa0c98ca2cb3b945a6bbf7770e5e0d3dde280d60dd1a1d321aab087fe922e8713b763fd05d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000076
| MD5 | c8e69fc65287045e4f083a6bcd40b8e0 |
| SHA1 | fa3a37740705510fe08c3b286ea9a81e2e4bb04d |
| SHA256 | bffefe5f48974eeda69bb6a53127b10ee8244ba7f9dd4a925f2f2c1bde189db0 |
| SHA512 | 2735de34b5292413834fce2025fc05cd3cbdca4821243495cedc7127432f8bceb794fac4410f610f74aea4c3f8d14660841c96c926bb4ef80c79b112aecf571a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077
| MD5 | 60040ebd9907cc3a9fca4814295965f6 |
| SHA1 | 565f3814a07827618c610188b6d3caafdf328655 |
| SHA256 | aad67246489c43984f4c58ffcad1372a999df4cd53906d5cf56a1376d88b1687 |
| SHA512 | 0cbe3e56fdac998c7be14f23859dfc941b4b52fc648431afac63dc7c0eeeb34c830bce74c918f3acd7c7be8b2c0271b14eee0c33d16af6aeff9a8e02670ff04d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3d95c6940de30492dbfd191dd94a1041 |
| SHA1 | 990875f5fa25fe381a95baee2d18233418a961e7 |
| SHA256 | 0f53eecfd4f3c1525d5ebd044198400c200065f77faf7de47b4d5e8e8e7b28df |
| SHA512 | d01549c46b54dc339977931f9a634651815ea2e39e278588d50264fa582596538282f5f0153755bf9e97307004306b22be6315c9a22d03b1318fcb85dc382076 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b1a503fab2297d22303b766b8df7c013 |
| SHA1 | 05c0fb4dfe6130f7904ced9332652f2743b575c7 |
| SHA256 | 70fe9b9312b73a2bd8a9acf18ebd182efbe64530e202ec35db8f240a87166cc2 |
| SHA512 | 6d9f7c262a1fee9d4bf3363a256ce34dcbe5d560008fc5414d99455c15a8cdde3d372e1f2793b7b0a2b71236bd6f0423643aaf91d0ad98a610b2375a90d0edf5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0
| MD5 | b6f0a7d7561389320725a8744cd2a8e1 |
| SHA1 | 8344e4fb5eca2876edaa886a08e7297429dc0524 |
| SHA256 | f42db2a7ac3bb3ef038c6073babaf9d17b5e0274f88b79e6e948d7c773cc3463 |
| SHA512 | c6d2cdeb74bc188800eb9608bda6849160050c4c559020ae4f4975c5a977933da2c5238387c644437ef7c45666f5c0444a82cd1410cba7915084b4ddd328c971 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b50a5087a9b98aa1d16760cb2968cf0d |
| SHA1 | 2516a3dc3837fcff095c748d863294eba8c01290 |
| SHA256 | d21c47d0b25831118aee10d1bc85923b8a073b96b70ef865d1721c569e60c1b4 |
| SHA512 | 718987dd1d23f3edc68297ea636c1517f0631aab306955fbd113e020d205e3542a9bcc528aa365105a5e1bc70b6d741fd8dbe1d9d8617bfba29cec3c3455e9ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c8582eb7e929451329c694d934995333 |
| SHA1 | a5aa75d667afd36175d199e8a314a58c87db5068 |
| SHA256 | d29073511cf4bfef7354bec30fb582ce77a1b752d8a71e68d4f38e8bb6cc1beb |
| SHA512 | f6cac2c65f0f3cb3562b94295a96ee4bccc6f8ce023ff450258b6fdd087821e88ab9b64d930e804f6d060183d7db57e91d0016c5b210514eb694f52ab25029bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 024ce3c5160529149476fc7c73808d50 |
| SHA1 | 6ca3bc7c840c66c2dd87f4eb7870ef4d3b5002ff |
| SHA256 | 9271e7d160783898b2db33cf8c0f1be58f755674c976363e2d24308de718b4ac |
| SHA512 | b7f263bab3c8deef6d898ab53cd5d6c3e0c62adc0c16fe6c9f9b30b27460cc5121508ccb5628753c22ff1749d59afc094ed789ed61bcc8b41efb883f037a2ce5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\87c3491ea6a9e5d2_0
| MD5 | 30b0eda6775b9beb9179b66928229bee |
| SHA1 | 6b9b07532d4b98db2b15aa6f430ef569a53cba52 |
| SHA256 | 318b8b5d282ea6ccc745adef520470ee0966efe4c130023e09218319b8494137 |
| SHA512 | 6f95508ed9c2ded770c30468b8a9e43be02f5430796d14d257e56a79fb028e2c783ea58963712f0e1fbff94bf34cfced9c364f27e7f669ae0e834043e8943699 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d77fadf040682924_0
| MD5 | 17c4ccf3cdbc2b42fac001bdf622b27a |
| SHA1 | bcaa6c461561d20c050aa2439f9252bd618028b4 |
| SHA256 | 40c25d561d1e3f195c9ee8dd7609b233136d155d4ecc51f238b9fed9511e564c |
| SHA512 | b3f43d146620797a8ecbd24cd3b73cc2abc81465a6fb38388eb0dee352761e141305e3046f802e1382639208a501616ab3d6a9f2ba1fe6d03c2610da1bac4a58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\713d96e225d1aa00_0
| MD5 | e49cf6ecfe9c48b618600651ad1197c0 |
| SHA1 | 63c55bbb3b57fb6e33da668a84fb8f0bc87707ee |
| SHA256 | bfc21b8d7469253bd3a88bd74a5e5df62aff5d30b50282e77ab6bfcb74055ece |
| SHA512 | 9b9c3fe2ef37b6cdb8df5a326102bde0778885ab8e37c90d16a7efb30d7dcd9fc980401dd840d2938405187baf35b76b2e3e4b5cbb09c34f3975f80e1ca637cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f7eb2210deaa17de_0
| MD5 | 78e42d072f4a6fcc074e24bfa15f17c4 |
| SHA1 | b752a5bc2003381238ccd9d2d90810e7954f4cf1 |
| SHA256 | 326b46237cb2bb7de47bb76663828a8d9b729958face36ff8c00b9cf4ad76d47 |
| SHA512 | edd736d7340777c7d9bb44ae40d3f0259670d9e95043008cb2ef30ed962fa75f877256ca3751c186d2b8386005a98db1ae8d6b99d1106fce349f214a9b350688 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000be
| MD5 | abe2f2a4736e70529738f41cddc63689 |
| SHA1 | 194ff62d6f44ea5994ee012480c1b1b7092230de |
| SHA256 | 8bb0d913169b80c67ca957e7027adc2351acd32f9781bce33ac35a8a40430f88 |
| SHA512 | 37605c5a1276a8db77852fed9167011610a41ea7aa9311a3336a18c6de2731e8eab0c054a3fe04cfc93a63fc915bc77e8f5cdc63733f47319f06147b700e7548 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\346126808948ba68_0
| MD5 | 7609d813bab0cee89e3aae8a577712ce |
| SHA1 | d56229a92c3e2cfe3b2a5ea0ad90609b9fe0b3ee |
| SHA256 | 89f813a538a316e0cb14dfcfaeddf3684d0a2628fb38e6158ca0e1e0b7bb2bda |
| SHA512 | 7a2c8d4010f909e8aab1a4ce904e6687228c64ef3fbf0bdcc562944e2f12bfc9125794876731e38b0d6edd1dd94cdd0e4d6cbc6842c1102647510a56c50b4351 |
memory/4056-10628-0x00007FFD5D390000-0x00007FFD5D453000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ea12478e92e4d3db_0
| MD5 | bd3e3ee4e382675b0522ccdd35c057f0 |
| SHA1 | bc0fdf3fbcbc17667e0efdf25e8a8e1f78e31056 |
| SHA256 | 7e41f1300b3a3fae5f069746b9d37a23ead107afe883d548c906688c42ecfa47 |
| SHA512 | 9897ba9d4959b410bec20453120297142b77f302bca555671206649f98efedc0b9c1e6d381cb21ecb2286a31de2f231da25834a8c8fc578f7ca033f2464e0eb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\111ade52df8e0e61_0
| MD5 | e79e16e895bdf860fee1e5441574a57e |
| SHA1 | e16027eafb249ced400c540c8f881fe428a7bb17 |
| SHA256 | 715d30dda4f755b4a2c811d2345013f46521aa153eee22f59dcc397279308d37 |
| SHA512 | cc1511eb0acadf734fcd6db729ecd24059c8540dbc6e54ff299f116249ca78eeda3fd220b1c62267e92a95afb2ca63d5f13c23059240b44111218e8a138e2484 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2e73f48dc6d707d7_0
| MD5 | 2161400700b26c4416d81e2f7c2c521e |
| SHA1 | 1eeb41e9b52aa5f6ab84545f3e572a8f43051367 |
| SHA256 | 96734dc134734ea5caed7e7fc934042ab9122e40bc265f4f37314ebeb8457630 |
| SHA512 | 7308a76069da404cfcbee8ede2bb2468128eb775917b9a446b05d0c5704d86f04a83b976f4615e10f74373ab8fdd5e1cdf73e922b0d04234dab66d9f3d0d90c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f1ea59afc31aaa65_0
| MD5 | fe8e1e35038d51839c95aaa88c235437 |
| SHA1 | a09a9ca4583540e62297c534afae08dcde258755 |
| SHA256 | b923fde42b595f1fd37cf5652bd1ab49642dd1d4514054b4d3a9e7c2b0e50c79 |
| SHA512 | 5cea0b01c79b4d23c096a48cb7c87b9b43e1c301a80dc4d4113feb0244684f8a1ccbd2ef4dbcc2728ca1db940cabc90218a1b9edaa93cc8ed2170457ed49428d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\13386335ef70d6cd_0
| MD5 | 8d2b53227bbd59505c8ad37823217669 |
| SHA1 | 30e561c84c0746fc7ced482c7d1731d8472bfefd |
| SHA256 | 6c60c7ee5a91e9b57abb544fa2105a46161ad72165798e2621475c6cc16bed4a |
| SHA512 | 1658d3aa0b066711d501f63e47f763332c88bd778162e7869815c174da2c7d489583732011a3daef7b4142c70d5f64cd10a61bddead62f345fd897c762f56160 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1
| MD5 | 99eae0fd8732a74b410d5ef3694d4a2b |
| SHA1 | 1d5ea0c9f134baebe8b1acfcc66aab818823e664 |
| SHA256 | cda5137dbb47a9d8034531da09421cb6611d22e745139b5a65d6a8ca81d8a118 |
| SHA512 | aa64034ccff74394c6584605460b850a765cd74fb258ff7a12df48e6f54fe6a29f14326888cb45dbd07153bd5408234af55369c0c2423315908867826da499eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
| MD5 | 2c1b35cb9b622dd2fa49b5fa50623a5a |
| SHA1 | d75f50aac8bb134bf9278fb92df605c72164c4de |
| SHA256 | c893013749b6846cc458bf2b563205bd27b305f9945bb95fe4c7aa38e240054d |
| SHA512 | 52b3d8105b8d093a372cfad49a829eda0dfc5ce86b8c91fef69e98a77911272ac58f1b3ac5039d20b17bf365c8ff6523e62f14eaf8b6cc14db89c337893827f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 71978238b37cb9562ceba8b038e28eea |
| SHA1 | 9c09bde3fb09895e343bd1963fd3057886fe34b9 |
| SHA256 | 17d64c5dfde3ec28ccb08ff9a35b4357fe58544521dd558250ae61ed882d4113 |
| SHA512 | 533c1f469080bd4b4b944e6968989b61b2110daa20aa2a5a49ec559c91af16179afb9b1e372ff877a12a380d8c47dc1c24f5d80c96679896afbdbd359e267f68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a510d65f9e77d579ee3ec1541ff96d8a |
| SHA1 | 9bd3309c16b6a63445a9f6a7b7f9a210405f90f5 |
| SHA256 | c3174556aa9164d75cee6e2750d2e2a7eb94cec8cbbc83f5c23b364ec352fe6d |
| SHA512 | 1458bfce3e7e0be1481581313a2f52555dd4a8468c891c0be176a4e6b91b64d5d4ab3b5c71b1c81abd88c250f9cdab5863e1331b89dd3ed59bf33983fe93cedd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 03c85eb1961e581cbbe24d32d3216955 |
| SHA1 | eb6b1842571bd0f3672d24b1d2cf59cb5a222618 |
| SHA256 | 87ac81e3c0282610af14287ec580dad1d4490eafd96c9680254dcf3b549ed093 |
| SHA512 | c764052295295a9611dba6bfe99675cf7cabc6e19c74063228164b2256c96119b8cecaf7ddb7a9a9270793bc1498f39b615a10bd5f7b556d3324fcb2568ad099 |
memory/6472-10696-0x00007FFD5D390000-0x00007FFD5D453000-memory.dmp
memory/5948-10697-0x00007FFD5D390000-0x00007FFD5D453000-memory.dmp
memory/5864-10698-0x00007FFD5D390000-0x00007FFD5D453000-memory.dmp
memory/2744-10699-0x00007FFD5D390000-0x00007FFD5D453000-memory.dmp
memory/6992-10700-0x00007FFD5D390000-0x00007FFD5D453000-memory.dmp
memory/6060-10702-0x00007FFD5D390000-0x00007FFD5D453000-memory.dmp
memory/3264-10703-0x0000000068690000-0x0000000068749000-memory.dmp
memory/3568-10707-0x0000000068690000-0x0000000068749000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | dc676d3064e54eaef2df35b5a2f936bb |
| SHA1 | c5aa2326cf6e67ce38ee82fe60d8d6fdd339b4f9 |
| SHA256 | c471de0ac51efe3911da516651a3227b04198580d0f92a1c19630efcdcf6e007 |
| SHA512 | 6cd0e25e0d32c2ec0d00c6e6584c171aeb55bd595c1d1c366b696fa0cf5ee33f27b68afd0c131d691a485bf531482e43552fa62e6f8546319151823be92518cf |
memory/6708-10721-0x0000000068690000-0x0000000068749000-memory.dmp
memory/2336-10724-0x0000000068690000-0x0000000068749000-memory.dmp
C:\Program Files\Microvirt\MEmu\config.ini.BYLNCU
| MD5 | 8bebd74978bd8e9246bb1b620cc4d338 |
| SHA1 | 3fdc2c5616f6165d965c92a3ea01974ef5c81df1 |
| SHA256 | bb9ed4484d2e87fff9e9c66dda607ea9a80ee11076fe9bfa06aad385993d080c |
| SHA512 | bc97c2c945ed0167eb52e08136b7fc50560833df49075abc369df845c81624a76bd4f9eff202807f49ac69032e65691ee34c58c1db874e2daaed8ef59d1364fd |
C:\Program Files\Microvirt\MEmu\config.ini.lock
| MD5 | 303357264445ccc45d131f5f2e0948eb |
| SHA1 | 6c08388a3833f8cacc8b19953c1e27882f212805 |
| SHA256 | 872b9292aecaff15b623fcea47daa7f8a0533e482a5dc4ace5a9bda0ac38d101 |
| SHA512 | 6d6166c182a7d00dc8e3837651ce1d40a9d1779c290bac84f000a5f95ca44db5f713457b6f826d9ae0d342ac13daf1ce42c41d71da4079369a4094033e6f2a3d |
C:\Program Files\Microvirt\MEmu\config.ini
| MD5 | d30f8a0b1b87bbbfdb84aeaf7eeb88ce |
| SHA1 | f2bf026ce2c2bd4290522bb1cec93d5d32947bbf |
| SHA256 | ef3f8cdd79460269f27655ff1fa4375156f04b6145b1a4ea693f14ad902898f0 |
| SHA512 | c2756b8b8f027ed15f9667a43b7e664a043ea57ca25da79ab49f9a68fd32b577ecf62da37091acf85aa43678ef6347b943b448cb04b740480edbe91447828888 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a8081c1854505ef3b3fb3f3c8de03a37 |
| SHA1 | ecf56e638aff35f525df5f937135772ba1f03474 |
| SHA256 | 79890d667e7e8c04a190990452c711655203cd435d036939eed3e372cc5bf4a0 |
| SHA512 | 52d465bc3dafb5a40270e5c4ac9af65ef2fa914e9c5648bc022028ac822c795cb73978de4c86228f14ec3b1d0e3f0082430c704d3f57a84ca861aecbff5dcd4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 914167618a22cbb95de96b974a49ded0 |
| SHA1 | 13225da2acca6873eda7d262c9efac6ea05dc377 |
| SHA256 | 4b9e56d1704084cb6c7cc06067f5c160d791594c351fb874c7db82853dc8d5d7 |
| SHA512 | cc288fd4201e1938c580fbf43546fe5b4a1aa0b32ce405967f615b1516042c773450c959ecf7f19c7df009f699b030bd51346f81d3481fb5d1fcee9258af0ff9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8e155879441a76dc47aaf2a1fe499132 |
| SHA1 | bfefafb476ceecc712bce46a1a0ed0bff9071fd5 |
| SHA256 | 803ff3bfdfc24ce67adf7b69f6417cf2cb00aa571ea30727e64b1302cacf25f3 |
| SHA512 | 717aebb0e3fe55b1f8b10ae3237441e95a581cbbd1d3e1d84c69b157e837f49ac303e72fdc7f033b56e2226eff937567e786324181c116f991cce02ed359b37a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 84356d282203ec259a306f1536590f54 |
| SHA1 | 40cee8bddf0f77fa5efa514768f4b1ffa5114983 |
| SHA256 | b3c46c4244d8aa6acdff22adc165852de371678f5b8f82db2b1caa3f4467cf05 |
| SHA512 | c5c66815c873d874e588be9f642eebadcadddc6d6316285658937f7b193ae2dab4c73bb1d60ee49842210eda67c3d56d6929b487665d86ae9a231ec4ddc7b108 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f9f54d7f2e6cf0b1_0
| MD5 | 4191bd7778e0e3100eedb6f6970b3e43 |
| SHA1 | 15f77dfc3eb6960e7be4baec1722a917422efcf2 |
| SHA256 | 6bdeaed7032298cd62cd33eb20733f8bbe53022e06736faf1bfa0632384c857c |
| SHA512 | f8add05de8a5c9d1f7d2cfc453db3d62cc3cd051205a301cf4d8b7e7ae3539d6ab5c9cc04009fd4418523509527b1c177b285bbc26bd7e30314cc4ddd2bbfae3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6e1427d19ff38087_0
| MD5 | 25881af632d83de2687de7a22eda3594 |
| SHA1 | 6a7faa4fdc51abdf2a55f580af485a0c99c39d5b |
| SHA256 | 75b7d8f8adbcc04fc6fc88871b2269f56d6dcc810831ec7b3e6f30c62dc15d6e |
| SHA512 | 5be19ddf5aafe01594f55dafa8e0e4cb8e9b30e22265e5a3279ff124038e2029d01e86eff4389cf4afd772483b23955d0e5beacad90814d87d27328f45d71761 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0
| MD5 | 78fd5b786558da886edbacbf551eedd7 |
| SHA1 | d0cd613291da50a9e2c5738f86f8ae9284cb3742 |
| SHA256 | 142ffcf26e3c0d81f850233e1e05fbb5af713f038886ee3f153a64ff82460a0c |
| SHA512 | 32e0ccaa70a49090199f639825cb303c5abbfeccc96c2eb539d4833f2d0fc18ea2e004b5c8b7404aad2a3acfd2c19f044d34bd643a6c89a2e0a54c248aab9ed6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | 717089ef7f2d060602755eb968627dbc |
| SHA1 | fb1a198155a072bba435b479d748682aa33b5d2e |
| SHA256 | 94d1fc24e7b41de7fef38d23ea17acd408883abbf529404287f250fd716e6d64 |
| SHA512 | 2236c0b25fe3831b32a0c6aff17ab94f883ad1139ee4efcf67fafe8ba5f3ee048b6a0aa303428654014c077b376f8ac0c64b416f83b21f05a3226d65395a0c62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | c2bdeac885cbb7c0c93c24ba67f01597 |
| SHA1 | 97af9cd078536f32340dc6097d1ed7746ea76501 |
| SHA256 | 774af7c51987012ff1f615bce78659f33783032822225aec1d9e3d1ff8f86b86 |
| SHA512 | e3abfed613a249e2d7cf613c7cc20535a6154fb800dd6499f7e05eb25116ea91ba49d51c7be8a689b1f494b1c21d5cc6398c96c8271ac31dccc5b936214e1925 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | c79506bbf45258517f8c2a1206186c0e |
| SHA1 | 40dd33b9b2d27eac390fcc73f8855b025b51f6c0 |
| SHA256 | 21e8c9735e7d168b65081dfb360fb2d4fa5b4940cd243a8fac9452fe7744cd02 |
| SHA512 | 594b16984d7a578f3d2e17296c5c319bfff6bd942254224dbbcca59563360f4dbdcaa4010fe090c87098660000396b0d0de87c8fc47b9176e4b583179b3ced6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0
| MD5 | d30d4371892c234c9ca26c0f1d53f97c |
| SHA1 | b7f0a4f6bd218d9cc21314e4c3c1671c2cafa98a |
| SHA256 | 09d77901905fa41839b55b98441fef8263fae8d9904e07d0fafcae85eca53056 |
| SHA512 | 22da544f06bb9a16ec0151106a524ea8c5cbbca03e9008217f34e3ab41f7106551138c25ef3384a4cb43ecd9601558c1a18799ab3db21df4cf5db7ef2d3e8c78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d0c04f9998369cd_0
| MD5 | 13b75ff5668f34302d2e901c50168050 |
| SHA1 | 049e3f3a511784adf11c3f0c6e953b3fad31f7f9 |
| SHA256 | 0e5469493989a72ca23d57483eaa7515bbdcdc0e8ac115071506535c1f6cba6f |
| SHA512 | 64eec4cf5a1d6e4292532173c985b0ae430c1a27585c6748561a222fdef4ff1b8f1300c696fc6f7b4a7f504d5576999b5186719f1f36e8ede52384dbdc4e1981 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | c0cfcfa2627142738cbbd776488979a3 |
| SHA1 | df207403720857e77b51558e6a1705c42f8c94ba |
| SHA256 | 86e4e5f4738d581012b604bca3e5cdf1d221b54db8cc7c79316946b4177fd485 |
| SHA512 | b485252e25c0b758600be00a97fdeabd3665b27f13ddbaa325e64fb862ac180d2a8db5abab303ef6156f1d06d8fe262975a9383f87131511da042f8891a62596 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5dd1e579c9681f95_0
| MD5 | 26797aa875bc728af9528b31e83436ec |
| SHA1 | 662c7665327b1ef617254e4fd5e9c74489552c72 |
| SHA256 | ae30ce2f44da4e0815ca53d0f7fd68bfe5b0bb70efa0f032fc6092b019ea8112 |
| SHA512 | 43b66c123e630b46ae983efb87aa6221f49f3eaf9a290c732a17fbe9fdee529b28775b5f678de029ecf25c7f2bf20a7bcafa4e9b93edd5848eb63fd44164ff14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | dc49594be7cbed2bd089ba17321f13e3 |
| SHA1 | c1d85b59b16be578a01d47cbcfdca196c53f1d7a |
| SHA256 | 81d7f0a82b316a678ecc3f636c92b4aaa1a47e1d8fb2f8f55d115faec2e4ad0c |
| SHA512 | ce5ea10f1e0fe4f2541fc6fdea4854a7738e6c987f1580fdf599dd987b53709c98824a040e2aba36e4c5380d5139f41697c477aa90e576d39087009e11e30f3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | 52eee7f42a246d2446ca84ac6bb7d2f2 |
| SHA1 | b35ee6fbf9d7a6e4fb9e41c2efca461b064288f9 |
| SHA256 | f44f8d6ed0be189402b6f9b8ccb919b9bd541d7e2e53611fbff4035b9ca9b6cf |
| SHA512 | 9733c92726d2561e0395eef9bb10b486b9de3ef3b2c3e962c7f644b1a1dda76fe6ac97e0bb82ef2969c8ae4605d6debad715f3e85cb5086a6defef2b684a8f49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0
| MD5 | 3795796879da3e3514d0bc23b867a555 |
| SHA1 | dad36d894546c927bb63b322ebb0704c10b3d472 |
| SHA256 | 1d14a2c30baef1ac594cf2b4302f7b9847ed016a44719cf0658637b1dd5ec509 |
| SHA512 | 084a3f696c76acd73d6132e568ab4dc59bbf3ae1c51e1f3cc0247a8d821fcf5b767c8fef2f690dc35889f481ed913b1f4af038ab36a1635e202519162a74fb9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ea1baa9d09cb238_0
| MD5 | f4c9aec112c2945003d13bc14245904d |
| SHA1 | 7a896a65f1f8916e2f7af638ebb8592a3a6c003e |
| SHA256 | 516adc14cbd734ec249ecbe0b416a4b1ff07de277b02424b9ba3843052f5e006 |
| SHA512 | 2440a2fd48ad0598d71f92b0dcf2dbc04e358ae41e7d779d1ad1c3e15412e646e9398b047abf8e2279667a745443ab6f0786c0a2267ad2c6b193087b1352be57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4f85019800026a2_0
| MD5 | 2f4076695d46f245511b2d9388d42453 |
| SHA1 | 179eafacb526a6792fed4dd4a53ceb2ee808b3af |
| SHA256 | 933aa06e41c5a223b2fdc51a65b0bd83f0af0de1d673fa0e4eb7e95af64d59b3 |
| SHA512 | 471ca2c00219f93a853661419024977e9318dcfc91edb7de0e8d74ba84fa1651abd7eac677cfb36098943e1b83847c3329efc997ce9cf6370222d493ae174b70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0
| MD5 | aadf55996a0de9157923d17c312841f4 |
| SHA1 | 5a7ea1e1214bbd9b9d994a3f96d79e30bd92bf8d |
| SHA256 | 22bac6b50859f05a1a0c348c196ae6bc7318929d9f9263ddc20ab18838ec5b34 |
| SHA512 | 346872de3d824bbb9e94d57fcbcca5f6af8672a0521781be7ffe3bd0cec16d92811473552460bcd96e2d064937d1ef541719ecc5c81ebcb67668c6956658c090 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\448abf5e90f8602d_0
| MD5 | 21cb0c2d08eee5f07a822a3dbee2cca6 |
| SHA1 | 125b09bf0bc664e84c0372fd2363dda2fd24af4b |
| SHA256 | 5f974d374d1eb86efb60104174edd1e830d97c2d340a5320225febda5c67e2ae |
| SHA512 | 3b0a642962fbeda33fc2d10869a8adff3b9d020d2f1f2214c5f5e8a11fb61be94615df3c5ee735eaa3ff19368ae199d1bd8f1fe3a602bf9ec2cc0f8aed782ea6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bd3a7ba6f26ce2d05a6b464c8ab42383 |
| SHA1 | a98dee0e16bc20610c51d6b812989c2d11647f5c |
| SHA256 | 004db5925e42fb08bcb66e90bb3265e46e640073ff5c2c4c9d5ddf980a50411c |
| SHA512 | 5cbb5b927f151d4b451494b565253b29960ee976fce8f1eff0626199e58f145992c8068a7fdb95566430a659c4f1b61634abd5bdb39567b2e19425dd94517d81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000058
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000057
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c2ca2024315dbbbb2bd641681bf783fd |
| SHA1 | 914e4b075ca7021ad2b4dd3e6d865d1cc4c5acf2 |
| SHA256 | 56dd49be19d943c5ad66b1c338b1c6cfdfcee85a3a721b154e470641e65dabde |
| SHA512 | 236b06aa0514bc12f86aa6bf01a9cc359d10157a419ebf88f8e29055000456a2f5a30edbd5518c80a45e81e6de21cc2bd9a7db4a174bb4c65eb787bd479d7f44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 38df334d9f3c53d5906f3250a2f73850 |
| SHA1 | d6bfcbf01eba35c3c34c62bd1de62ae411292781 |
| SHA256 | 59bd205b22d7e3f506e1977e5387b46a3e946c1765b10b1cf99dd8d5b664d171 |
| SHA512 | bbcdf4e415d94978c07774aa70bddbc7c25c58c8b3b36caf05df78b13f90052c7d99155f70018155fe85c19f4c2fe5e27c612aec20c0d10d979b7fe805ed4002 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fc
| MD5 | 75838701251638af3cc8bb6b2dca4f41 |
| SHA1 | c224943551db088cf9b1c3e4954f7e01a0073d19 |
| SHA256 | 598bc7a2757395098470b30ee0720c03438d50a32119191c37865b8c7e6c89fe |
| SHA512 | 628392640eca6991fce218c74d79928444a23ef8c65c1caadca72825b7f02f746c77a622a4134586a58375bb1e0597c4cd5aa9006339eed9a334232667acfde9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8f195f9118a40a564b1a34e5c704e2df |
| SHA1 | 9a38250a6412c52ca568dda553aae1a61f8ce08d |
| SHA256 | 551dcdce368087d4cd6b48101ff3980320a4311786fa1703e3ed1646a8909ee0 |
| SHA512 | b11c49e80fab1820696a4e4e42ea588af95cca83e06d08209d5cdbb005046845c1d7ce8e4b19306585e0e0241f2ec4d3e0ba448a61a23a897ac09ccb7b86e08e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | da3216d8b43699ef8888cd3be49f965d |
| SHA1 | 276926546061c4db4de1a115b7561e34101f6051 |
| SHA256 | 5ceeb931e9b81a64b0bdc68e79ab2b58b8b1b2cdbe94d26ac3ec890b743c79b3 |
| SHA512 | 110690928c9aade01818fa4500b529285b305e5adb44cbd8a08fed8ce2cb3be2c45b762449546b5b5a0c53c55eb6e6114bea66cadf1ad7b273d80c69906d2b75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b91a64faf3a0b4a5dc9206af943c5cc9 |
| SHA1 | dfe82d6b88c9357bba6f4046c3db3d25d1b0a5ab |
| SHA256 | 64a159bf673b2cc5ab0fa89bb2fc8f13104499f5898aee10f13c7a23e907790b |
| SHA512 | 9d82ea94de32afbbe0e8501bb7f9e7dca7239c3a131fdf40b47e9a80606741f85ac4234b145d7fede434191884b6df72882b8fb5707c84581e4ffc42b4623084 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1b360ff0dc265332ddc7c6a23d879358 |
| SHA1 | 094fa52072d301c34a48a1a4227d68f87483ab67 |
| SHA256 | ab8837e2fd6c004e37c137aed27d36aa898d1873c0a7639139dc02b5bee38301 |
| SHA512 | 1f8768a0daed01de6f3842192fd8f12d725ec54d6619d0d13b07fda1ea57310b09e1b4e90421c732914c521d6020ae2bfb9c26d7daab1135a9fac514fa6dff8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e85c20c4d691a390819e0ac604deb4e9 |
| SHA1 | 9a169e9ddf91ab9fe03e450dcf7142bca4ae80ae |
| SHA256 | 45d03ba9ea9b41896608b3cdfe47be399b08f6adb06e3007210f244d5438f30f |
| SHA512 | de3b9af7dbe0b7ad2b9b627849755f1a8b0c9157f2a3658d7b5d532d3dd1989225d54ef11619b19a4f7183c80ba5d277c0b7f06a8c20c019f01aa22981cbfc43 |
C:\Users\Admin\AppData\Local\Temp\NOX52B3.tmp
| MD5 | f529dd5c9109598721d753efaf306acd |
| SHA1 | 69aacdef7ebb9a1f974b659c8831a59107538dcc |
| SHA256 | dfd55944df560ef7d1d9bb058f03e0d80e53a9d4eca0461cd67077da25f680c0 |
| SHA512 | 689d35f0ca1889e52e55dbd50d5ae646ad8b52ad78cd76159a96508b7a4837c6d0a632584a462b4bfcd4676e7fbb62ac78d4b839874b5ed05ff36416dbe0c514 |
C:\Users\Admin\AppData\Local\Temp\GH_68AB.tmp
| MD5 | c2632b218b64cc59b9bc02c72035bbb6 |
| SHA1 | d7435d4490c1f47769ba1171f3b99021ea183333 |
| SHA256 | 9989efd33ca94daa09b8109d41f71f2a03e4c0783df81b7661896f815454f560 |
| SHA512 | 270f4bf006eee21ef037cfcd3b107fdaf4b8dafeb3fcb78698a54ba3959742c8c243fe6b9bf3078d54759dece7fb21260ff58f7f360f399b0989e5d8fb07cdd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1a025481ae37b6ca6b237a4a4eea6409 |
| SHA1 | b7f3f7e146191f33d21627788d39dfa73722e02c |
| SHA256 | 6ccd0d1f56c1e768e28d96d486f302bca6cd4f2afe2f778653642e63b5f46c8c |
| SHA512 | 742f535bf5ce6b6ee5603d73e136ddd5b3b7a36e311a79f61f2806763f5fa076c4f8d9e4f8e7e9af6ffcacf934b55774fd023cb93d6f94ca28381df4b41ccdf7 |
C:\Users\Admin\AppData\Local\Temp\NOX52F3.tmp
| MD5 | 90d2edf41c693375a6246787ab76987f |
| SHA1 | 874d1df6f6fecbf714881134283af3005a1de431 |
| SHA256 | a1e348fd9ebf170ee6864f960c010fa89de32d992c6bd52c3960e7231ba04b74 |
| SHA512 | 41f5028f4c0a41686ab77cd09770bfa38294d599bbc26db9c2591592f93f9c935ef0d0ab8b1a7a7fd83aac74f859a36b169d5ab59f484652f09a0f854cd3d4f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0d81487106a4ac8b34359e17db213eea |
| SHA1 | b6e28de52ed9ce21a3804a5b2c21075a5c9db01f |
| SHA256 | c1f89ae8857f56bebdac62a0789f972fc10baffcdc83217a8a670a4b2f3badba |
| SHA512 | 3bd792f32108f9a70dc00225c0c6d2b4764a4c5137530d084f06ea81ae14e5e4b9fb18c11fd4869cc90c3cd67b78094944fc04e036239856f35420a1975da13a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 86a3d5401872cc23d1e948da7e12ca42 |
| SHA1 | 732c7905e88f1677a2979a5bfa6a14b44373bd54 |
| SHA256 | f49b56772904e3abe1150148d877f91c57d7936a8a4997cb1e82a032a1c738b1 |
| SHA512 | fdb240b5871c600d74c7648c14c93c0dd72b6b7a8faa4dc5cdd81516d7ea13b5cbefcac7cb5dcd2e3cabc53b159fc8d524d40f40688e99c84d1fa51342e73717 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 76d7e1a3ac90ff58c164d0c76e9e54d4 |
| SHA1 | cf1574f0333f4881af4c3e96e7bce78b6716518e |
| SHA256 | 24d58d8ff05b7142ee894f5431ed30ca7ed9f5c37c4de419046e81392a4f0e87 |
| SHA512 | 3f1d72e80188386f58526b35ea17e818fceb273817f1cbbd0085e7c06d906b380ca7f5c8fcb575b768776bfd1a236de8aa8c20861ca51139e51857bb79aed884 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4eafdff3b8ac01e17a14dae8d95aff6e |
| SHA1 | 7e89b1994ebda91fb3d00e699e325fd1726e680e |
| SHA256 | 43a964eb3144f68dd1f79bcc0b8909d65b2ea464d7e167311880f176d6755815 |
| SHA512 | 725bb4d8c780c117c8b0e09075780c7b83a3d14407ac3413bdc9c386a649075c060281ca5b0b48ad6036d2358f095b13d8924c31e0be49cb1940c76200aa0eb6 |
memory/6092-11538-0x00007FFD5D390000-0x00007FFD5D453000-memory.dmp
memory/5028-11540-0x00007FFD5D390000-0x00007FFD5D453000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | db5f9da3050bad0fa75ccd58cadfae6c |
| SHA1 | d73035ae59818dc81d341f90f9720224de964074 |
| SHA256 | 6d8da4c5a5ad0a2a26f36736a19a632e99e1f5c06a4cd2542c9bd6ce18a42963 |
| SHA512 | 7f0b597858419a5e4e8fa6fe6926366710f3eabbf2b31d3663b3996837ab2397c3dcdb27f1af188172a43aed28bfd01c24119d421f78b9e35fceae12c3d04712 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dfe07f2c15075c28_0
| MD5 | e5f7e179e5db666061dc517a3aaac4ff |
| SHA1 | 7171ac42dcc4cb53558a08fbb1a06515b83de48f |
| SHA256 | a1f6965136a1d18fd25baa58caa413c1e8230c462c791bb2f01966bbd3f95ac5 |
| SHA512 | 163379ec5f858259dd99dbd56318b310b732860e27f2535e330520c225856dcd5580802f8a5e2a41219070c89915691fc347f4aaac6b5d57c2d0aa59c5847ca1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0
| MD5 | da73502ae7234eb688814156ab36622d |
| SHA1 | 006f1cf1919cc008f30e083d1c6813aec10295bb |
| SHA256 | 1f480f65606fa8ff1d0f14017b9019f80369b220e5d96e89d1653704cf7ee470 |
| SHA512 | d4909ecaaffe79917b110efb35243984aa5d777191be606759d4ab481ee13076e49679308c6af14ceff970786c01ad87a58a5dadf2bb226825e5596082307e60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0
| MD5 | a138cd383d4bc3302d95272523fb6d63 |
| SHA1 | 5e557c2fe14774b68bd66d0936c8ff285f4ad6b3 |
| SHA256 | 316a4b1229ea6068198fb40225449ac43a1f696df64c4c29a36fed3630b4d557 |
| SHA512 | 9759df0f9001297953b1343557dce31dfe08e9804083c1e1b919b7cdbcefb8626aa06d4fe0f58afb813e83ca675bc66a42515225d682939467ec9a8f515ee480 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0
| MD5 | a8454a161275a48a008d85ddacaa15f5 |
| SHA1 | d3b6723102d33e273585c1060a9f4027596d3f09 |
| SHA256 | 80b65597650712af57b0bc92ea131210eeff26cd0a23f2f4cbf983cae7c00c0a |
| SHA512 | 1178ba6d2f2b9a55040af9e7726b7c37a14d8d8aa6637166ef1f538926708b18439305dc53d490923cd0f690082ae3eb0e584ebb1e36b0ae249afd70c0032c12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\30dd1998b25f4108_0
| MD5 | 38a63d8d84db7303e186549e0015dda4 |
| SHA1 | 03090d0f8156b067dc3886d31b1a39c952ed7242 |
| SHA256 | 21043d476b4e9baa8f3ede9f2b9df8b2bd785130ad28ce745f6dd060303a3633 |
| SHA512 | 7dfb2efdfbc516d5e05980036c6c4dcc1cfd4bc17ae294f52a1312e627eedb3d62a1938731561696335a03bcd7d6606d0b92d3c192142c8263732f4f39b2a796 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\54c70e8d154012bd_0
| MD5 | 79e5e61e82f50316b18c870fc7073ec6 |
| SHA1 | f85d78d6bc8d8ad157af1bf430f62b6fa8c9a682 |
| SHA256 | 342b4496a834780bc31bd0bb87b1bf3e9dc77e14aaf3484f9ecf6f36f821f386 |
| SHA512 | 91fb29b0426668a75aeb7fa6dfd5dd67e2009bc014679a298c462346154a7d3a1c0f092f70ba7e162604d78c87d8e0b7addd54981752331fb39e6a64fbdd4c51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0
| MD5 | 19f7740f687ab3dc73e232db1ce645df |
| SHA1 | 3771f57aa3d2d1fa938826ae05ac545d0ff66e37 |
| SHA256 | 5764f98ac5c88e17752bb11b3970e75001b5589a2a1105df24d350a8e83f57a7 |
| SHA512 | ab7bcf800f90ef8e13c94780feafde33e366cfaa3fc544c4b91524151092be8b32fd3f8a099c1e379dd22e6697151cfa734704d6af022c700e36bf3f94c5036b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0
| MD5 | 0446ff4f9cc6ad70121af119f236adb4 |
| SHA1 | 3eb61d317913ec1f294a0dc9f5dfa71463daa2f0 |
| SHA256 | ccfec4816179c9a3a3d4d49df29ca6f3b048f172322348dd3fbaede2332889ec |
| SHA512 | 64c4a9765f6cd961adba898e3c9c99abf8839df6ef6836ea2f53bbb8bb5d020b82560166ea269f378aeb697a3fa9c60cd12a016a25cfa82b3eb5a0187e2353cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0
| MD5 | 152677bdee66da8d14d4a4c6d7ec52d3 |
| SHA1 | 8ad15926a7abddb0ca34554b3c9b5cd8a4c9c59b |
| SHA256 | 07fdd3601599c60b9d424056f3b8e5277e1b7aac21d787bc4652b58861abddc0 |
| SHA512 | 5f594eb3b7d1895fee43ae4641fa4cca393fd3015f517a158ce961ce3ffd10018166ceb428345153d6c5d34e993ef0d291dd037fc69a2dfb6befa831a4eb89eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0
| MD5 | d5a24ebef68504d9cdaf50ee57f770a4 |
| SHA1 | e365c5127ec27fa3bbc4e25ba6a1b06081f526b1 |
| SHA256 | 123b54df960714c4c0f1a36c549ba80ca0765a47dd2be776ad150550b26c862c |
| SHA512 | ec026ac809594c041608bcecfa4353888cc4dd7a189a590cd913cc1edfae32d7914496ead1602ed9030c0a51af945e4e8c7dbb8cb28a3223753d773bc3e9e0c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e254340cf899c0c5_0
| MD5 | dc929796e5a79e466c354c182b897f12 |
| SHA1 | 70a1c70f193d783db8c0916ff9b8743f0e178bdb |
| SHA256 | a8c6d4ef5ac3bcdd7b2d42220ffc1f4822392ec52c8ba90472f37e51431d9695 |
| SHA512 | dc862ddf565c6df9144733c612bddc44032d8fab10f6de47b90147ce606368c81fc645f018f4b21b0951e3705fcf2716d8016e306e1c6ba9b5db446c40742d4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0
| MD5 | 1231c5da228bb563fe70ce5b4339fd48 |
| SHA1 | 35dd78b9a89b7dca4b692eab567d5083e4eb02fd |
| SHA256 | 8bebdf53e1a4e552e32a7ba61a45e8fb2799af48afbe6ebe369768985d886ee6 |
| SHA512 | c10653f580768db47990ceaea6d6983f71c81337676f093bc087b542c42e0755793fefdae5effec2f3592ede62680aaefa95e9d9732ae2d11a74898287e644cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0
| MD5 | 3d6f8dc2ce1cdcb22ed67e84d7c2c27a |
| SHA1 | 2ddb4a89d3256c7f85d0cc0bf5404790d24fa376 |
| SHA256 | c0fea7b3fb44827783756f5b91d6498634a30008f601023519a5cb5814072220 |
| SHA512 | 3177f7f9c4e5e8fb156ceb055f1cc30affdfac6c7fd91b361dc4119e9bf23fe9309f4d0a33577198a677be37b91b7e5c67fabaf7a7c7bdcba670e35d4c6bd665 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eeea6a59c461170c_0
| MD5 | 2863e334a8709e9d5c8582b14a3155c2 |
| SHA1 | c11571c692c3ed73d1ff52e178f510122416550c |
| SHA256 | 83a73fbe3ae502e863f295f7d53e61dc2a50c794a97db8aece1feeabfc711f78 |
| SHA512 | acad836fb1ae111f2e0d9a88c78c6aa97297894723ce698d74f1c80422046fd019c016a242adedcaf2529a0b21880b2dbce40d7ad03286e0f1732ccbd8b4905b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02735674612cbc52_0
| MD5 | 35705cf37295bc2108027e30ab4bf183 |
| SHA1 | 948939f22ce734441cee0015af3647dda73e0d75 |
| SHA256 | 109a18db19cd612d75322d66e172a42cc155442aeb50f68ff95e10ee0e886b1a |
| SHA512 | 822685f17c9a1d376ecc24b4d1ab826b1ed4eada1dbc8ee47e7d3e8b807b56d762916007d3fcafd80b7327e3218241dbb07e49cb86fa9241db7865b65bf56c2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9dbb949d27873cbc_0
| MD5 | de2e819feec0f5dcd31760056834b007 |
| SHA1 | e9b4719f147c1375d1b3b67dbe3051b7951e48ed |
| SHA256 | fd2a9a51f6c6e79042624eb3ad42e9ced71e34deb6ea87fd9f6bc887d36082ab |
| SHA512 | 960160b1575f8d5d2ca9a0d8660120a512da77d8a519aaeb3f3ca4ecae16a35c57c8f7e12926bf6fe23a28762f29e8aa020bbcad2fc80e9975faf2d95a99f6be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa5fe3b36e22e31b_0
| MD5 | bc6e9da03d500c1dfdee133a842abcc7 |
| SHA1 | 55182c08b91f14fadb6d9e1f3de1a93debc72a54 |
| SHA256 | ee3eca62b523a5b1726119fc3a55ab208389195a0cd81748fe5b7616e65626b1 |
| SHA512 | 5ae5fb42a26f0a55923c43369d31afe56e923687d841abf23bcbc72090404b7eabf15688bf0b554605075cb5f10f0c504f47a0935bfe82bc064d4d470ca8a577 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6d3b0ad57bdf7db9_0
| MD5 | df602539aae1d8b817ab6083f4773e3e |
| SHA1 | 4f4acdf1e900a4886f113980978047661aa4b9ab |
| SHA256 | 5afa581b5afcf7e4fb35eca1b6c958a5fa192c4ffc5a3ad9c9cb9f951778796f |
| SHA512 | baba5b2cabb34a4788ff0bfde73d1e0af127dcb5076dde58a2e5c22d110cec7fd195552a35c8fd8aaa801f9d535198fde2957bac59ec9b669f66be4eddf3647e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1927a26afb9a8b4a_0
| MD5 | 632861aaf38afccbdc326773a241eb85 |
| SHA1 | 7ff167481f771853181027e319fccc37760da3df |
| SHA256 | eebeb14f5f9df0e8d6d1c21be8f5969453cf7b67ce422cde0b9938e9078f2df8 |
| SHA512 | 1ed2b283acf5c8c6baf8ac05ef42decabe4a82d4fc11fc8eeaf7b455767dabb3b073151dc137ad49d9e7b40a0b22d7433d5563bb7e1548390f5e9cced0aac53a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b4efbb7782bded86_0
| MD5 | c6bfbca55059a1d084139b2e7398ae7c |
| SHA1 | a3ca654ff6d8c9723a7594adca6bd02b81b6469c |
| SHA256 | 048c01ff0c0ac04c69fb0dde5120a8cd0f73a8d8206b8ecd92c09cb65df7f1d9 |
| SHA512 | c29d152f97788a2dd9146a79a3fdd0bd655069312be1142949739dc37bcad6cfa38a409719f5dcf9c5ea25c35ab0f47e91ce00cba682c5aae122218131c52d17 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0a44ad51d1ad22c6_0
| MD5 | 8da0116e1c70a1b4fb05f149f8f778c4 |
| SHA1 | e7031ddee139c5c09043e98db76157b972c417c4 |
| SHA256 | b0f2ffd9a4a1454aafaa4d8e26ba6bb5c98f5668c8dc9bf208d0e02e072c4ac4 |
| SHA512 | 562b62de61a7818dbb7d45f20bd10b74451efb0fd230ab81b41964f5593dfc51a4cdc492fddd44db2ace57141bc76bcb642e6c5224580e886bc6fdb1aa09fa34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fd2be14abb3904c_0
| MD5 | 6d9e72891c79ad479e7be0d0c707623a |
| SHA1 | e7e809fd2a2e6caadda3d3f24d6af533a0265e37 |
| SHA256 | ba8a47690a84da36866ce94f11d0994e2f29804884aaf4130aac36acf499a126 |
| SHA512 | 0a703b7b522806180aa841e4f8b97cd276452f630b8d7003ef2abdb547699935e0c9de38c3f96b4d2c42dee40bb3d118d35083f8533412c18b7b297934d67931 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b0f646c5573a611b_0
| MD5 | da5c0078f56ecb08965a511c769b2d99 |
| SHA1 | 700cd168098a785142ed366d54e8190958573f12 |
| SHA256 | 35a993487e2b521fd7190d1bc569d52e89070b02e56c9e644d00e09b1ee68728 |
| SHA512 | 4ac3c14d092827afb986552693a828e2ce326dfec4f9ab1ec3efff51e9b8e3a95c7e1d3b9878b7c1790f126db25b2ef66eeaa24a8d0abc74626e904a5028e01f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\273820857948f45a_0
| MD5 | 4439c176a4683a08335cd66af862e8aa |
| SHA1 | e81c162f8e4f1f76382e26a0060676468c5d4fe0 |
| SHA256 | 1e0bd9522edb23c1a31f693da3d98cbce67209989faa98eef84fb33ec4231368 |
| SHA512 | 84d5dfff75fd734acb3a7edcbb6d98ffa70463dacf8c759267d845483d982cdb8abdc72b591e41a87879f80b6a1d287d165ae6bc36e817677101ccc707bf9f33 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5b7ca01fd22bd42528301ec4fc364d23 |
| SHA1 | 5552be439d07e31e4197eb88af6c485675e8fa00 |
| SHA256 | e9241a0adfa3e6dae8536a7e821d996a2e46f4448be156684e9333f976131716 |
| SHA512 | 80f19ac0579800ce47610197dc35e5ffb4114d7a19510fff90ffcb3b347436dbff93bb3faff4616f885d94fb8b2c3cbb22d12d0c491b34e74e5c463bb0fd3dc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d386c5323fff6f77_0
| MD5 | e1db3ca3b1ca422287b513d5197f0aed |
| SHA1 | 7c9a731e18836512ef29e7d645816067f0e1747a |
| SHA256 | 5129c3b328a51aa14e4b9f2e2023d013e6e50768d16d9333adc9d9a77cae09f4 |
| SHA512 | 61bb15381c288fdb03eac7c94ef87f48c0f3d1665330e96b53be4303d2dd376a8b833e1b53eb36f098f4d835dae2c68226f24188a3a3823d2cd30064e982fe49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012f
| MD5 | 49cbefd08639aca7f6921c43a85d9905 |
| SHA1 | 8ab5b92fb186f50cfdb124fa9631d4b59ccada78 |
| SHA256 | 3cd2609cb9fc79af0d14a44ba31b2dd33ee28c64d6c108c06d27c61366b6b020 |
| SHA512 | c57894a7c80df7e7a5add407f52587d7f6d001237c5d8e90761237d7c6497adfba010ca0b64d3f80829aa010a6eaa6e38b5ab374c51f9db9013d09949f09fdf4 |
C:\Users\Admin\Downloads\Unconfirmed 48031.crdownload
| MD5 | 9855e448af8561fc920d69a7b45a309b |
| SHA1 | 9ceb185e61fde58d6db6e3c4e2e7932ca53ce712 |
| SHA256 | aebbda8979b54ca3094e835ec7bffb08aca6c79480675d46bc5df75d9750a583 |
| SHA512 | a37495c629c9fd636702f1e1479b0ffd8c7b921cc914a7208478d2b9c348149634bd7736ed41d6627902e8b8e5d5316dbeb3d5783b93574a48b7fb1786fc6d6c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ec6453b5952fb4e9094b92a21c0c2b0c |
| SHA1 | 611ab2c849baaa3a58feeebbd108dbdbc2b3bb23 |
| SHA256 | 5da0402f1b1b7106315dd0602e26105e6c3838b53fc120ec0f64e19593c3b66d |
| SHA512 | bb69f6db532f2a72f475e433192594adf24343925cb2bcfb18fe4e0b80687f29dfef88dacf7e2533aad1679aedbd8bf3390944e9fc861c75cf52d4df703f7827 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aa6e10762014ae1a5562ae210262fe2b |
| SHA1 | e01fa56b4f213db8f98551cbb35815e367179884 |
| SHA256 | 1930f4c47e767127ef8a5f574abf6a5beba950c7a43df671fa3068bdfa189651 |
| SHA512 | 18018dc26b0c7af65386f501ae6fc71b08eab21f71e10b4d23828742a4c2de90b0f549822986058334ebaa59311d7112e91d367236e210959165fc3b44653f00 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 54b4e076fae4319bbdac083dfa3684ff |
| SHA1 | 73192f9f1ef531d37d6b2da612f5e1575709d5ae |
| SHA256 | f3bb7e7b46335c04d61e826148bd599dde5d807e7af0b41050c897ed9e2b3219 |
| SHA512 | c8bc1ecb6d74501ace033a1aed03adb074a25a1ff602f807bb68f5eea6aaf950f88ab4fe3a4d251674e3100eb1b08838c44a9893c19b74dc9c91ffcc658dee8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7fb68f40-3607-4733-aa22-b7e9f021ac3e.tmp
| MD5 | d0ae8461d9578d5de0866183498fb2a1 |
| SHA1 | b829b746ab6991c6cd5bc1e338babd5fb15b66d5 |
| SHA256 | 2e6b795341aa76acea173ae80802c9b282ab28aa662641e61d616bca3e2d1216 |
| SHA512 | 525b183236c8d28b3e8ba95f0b7d78eea50e10ce76f091e8c48bf8ffc668f4d8600decf5f599f3b5404b319f3e91cd248a011f2d1995cd5eb0566c691ee54f8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 540335edd0ff0bfda433a1644a026a60 |
| SHA1 | aeff0dbea0181317833f465a150870527b5f5fe4 |
| SHA256 | 3e05aba45d471136bbf6deb0b08dfd7158c9c524c59b89efe48145c4545c94a4 |
| SHA512 | 89d1ca41c3574efaff0bdb1f426cd7f71ee1ffa018a1a24553a285ecfa4953416a7accb537c3483bafa8e9df480ca937df96b39918d6c19a497022d2219292c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 98a6468a69a1440c6d460c4b4eab4c46 |
| SHA1 | dad921a363e756e5ae3230066686cb033b18bd14 |
| SHA256 | 105b54ef35b57b43739e8f3e9ab1e21af6c5d5a72594f6c44c112ff30dd96a4c |
| SHA512 | e512f6db96bc45a9079412c4cc095e37bc98bd76bae5dd6cd951c2c8204a524468f48d06afb5656c96522b768a7b99e76213d74ff0187f623a0f6c8f175b0a44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 11428300d8d375b30aaa516f73063bf1 |
| SHA1 | 42f7c488a7d809fb7fb1c9321d5610f739e3ccfc |
| SHA256 | 35bf8e91514db04861c395fd6be28235628cf960d9fc16b4d5e3f4b14cf40847 |
| SHA512 | 8aad67bdc7488900c8051ef6539acc94a2553d1dd7165e62613d4691dca447de9721340886215d01d5a51037790700325a4049ff1edbb799d57e43403b99ef2d |
C:\Windows\Logs\DISM\dism.log
| MD5 | 375f773e1f77d84f3a05a31f7c3002b0 |
| SHA1 | b562dd08db8283282dda5c1056011959b940ebb2 |
| SHA256 | 7c87d9635ff613f174090dbe4f2c4da73ba2e64f65ada184eb659f1b810f6dcd |
| SHA512 | ede14c9d922d461bb36cd18d4bf0f823deb273657951809dab87475fb7363561592f21174cd38e1f45b1521a7bfd2ad9ba3835ca411127fa4b53fe52bbff7f37 |
memory/13644-14811-0x0000000000F10000-0x0000000000F46000-memory.dmp
memory/13644-14814-0x0000000004F60000-0x0000000005588000-memory.dmp
memory/13644-14817-0x0000000004F00000-0x0000000004F22000-memory.dmp
memory/13644-14819-0x0000000005600000-0x0000000005666000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_zo1txkch.vuc.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/13644-14823-0x0000000005670000-0x00000000056D6000-memory.dmp
memory/13644-14833-0x00000000057E0000-0x0000000005B34000-memory.dmp
memory/13644-14836-0x0000000005CA0000-0x0000000005CBE000-memory.dmp
memory/13644-14838-0x0000000005CF0000-0x0000000005D3C000-memory.dmp
memory/13644-14853-0x0000000006290000-0x00000000062C2000-memory.dmp
memory/13644-14864-0x0000000006240000-0x000000000625E000-memory.dmp
memory/13644-14854-0x0000000063DF0000-0x0000000063E3C000-memory.dmp
memory/13644-14866-0x0000000006E90000-0x0000000006F33000-memory.dmp
memory/13644-14868-0x0000000007620000-0x0000000007C9A000-memory.dmp
memory/13644-14870-0x0000000006FE0000-0x0000000006FFA000-memory.dmp
memory/13644-14874-0x0000000007050000-0x000000000705A000-memory.dmp
memory/13644-14877-0x0000000007260000-0x00000000072F6000-memory.dmp
memory/13644-14880-0x00000000071E0000-0x00000000071F1000-memory.dmp
memory/13644-14885-0x0000000007220000-0x000000000722E000-memory.dmp
memory/13644-14886-0x0000000007300000-0x000000000731A000-memory.dmp
memory/14248-14907-0x00000000059F0000-0x0000000005D44000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 10425e368278af5916d61226c784d58b |
| SHA1 | 0944d277b64c08dbe9c774a1b15c80588dd27e1e |
| SHA256 | 99d87e066def4c707fde3875fe454d49b4320e4b9cc00de57ea39a8282aef4eb |
| SHA512 | cbc444be55ffdcb68868cd1d704c455203fc379ee0e2fdbca3a60eab159a4a8d0729caba3cfce34e32681d6088bc56959e592f409085338585500168956d32d8 |
memory/14248-14942-0x0000000063DF0000-0x0000000063E3C000-memory.dmp
memory/13676-14998-0x0000000063DF0000-0x0000000063E3C000-memory.dmp
F:\LDPlayer\ldmutiplayer\fonts\Roboto-Regular.otf
| MD5 | 4acd5f0e312730f1d8b8805f3699c184 |
| SHA1 | 67c957e102bf2b2a86c5708257bc32f91c006739 |
| SHA256 | 72336333d602f1c3506e642e0d0393926c0ec91225bf2e4d216fcebd82bb6cb5 |
| SHA512 | 9982c1c53cee1b44fd0c3df6806b8cbf6b441d3ed97aeb466dba568adce1144373ce7833d8f44ac3fa58d01d8cdb7e8621b4bb125c4d02092c355444651a4837 |
F:\LDPlayer\LDPlayer9\fonts\NanumGothicLight.otf
| MD5 | e2e37d20b47d7ee294b91572f69e323a |
| SHA1 | afb760386f293285f679f9f93086037fc5e09dcc |
| SHA256 | 153161ab882db768c70a753af5e8129852b9c9cae5511a23653beb6414d834a2 |
| SHA512 | 001500f527e2d3c3b404cd66188149c620d45ee6510a1f9902aacc25b51f8213e6654f0c1ecc927d6ff672ffbe7dc044a84ec470a9eb86d2cba2840df7390901 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\ssleay32.dll
| MD5 | 0054560df6c69d2067689433172088ef |
| SHA1 | a30042b77ebd7c704be0e986349030bcdb82857d |
| SHA256 | 72553b45a5a7d2b4be026d59ceb3efb389c686636c6da926ffb0ca653494e750 |
| SHA512 | 418190401b83de32a8ce752f399b00c091afad5e3b21357a53c134cce3b4199e660572ee71e18b5c2f364d3b2509b5365d7b569d6d9da5c79ae78c572c1d0ba0 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr120.dll
| MD5 | 50097ec217ce0ebb9b4caa09cd2cd73a |
| SHA1 | 8cd3018c4170072464fbcd7cba563df1fc2b884c |
| SHA256 | 2a2ff2c61977079205c503e0bcfb96bf7aa4d5c9a0d1b1b62d3a49a9aa988112 |
| SHA512 | ac2d02e9bfc2be4c3cb1c2fff41a2dafcb7ce1123998bbf3eb5b4dc6410c308f506451de9564f7f28eb684d8119fb6afe459ab87237df7956f4256892bbab058 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr110.dll
| MD5 | 4ba25d2cbe1587a841dcfb8c8c4a6ea6 |
| SHA1 | 52693d4b5e0b55a929099b680348c3932f2c3c62 |
| SHA256 | b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49 |
| SHA512 | 82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp120.dll
| MD5 | 50260b0f19aaa7e37c4082fecef8ff41 |
| SHA1 | ce672489b29baa7119881497ed5044b21ad8fe30 |
| SHA256 | 891603d569fc6f1afed7c7d935b0a3c7363c35a0eb4a76c9e57ef083955bc2c9 |
| SHA512 | 6f99d39bfe9d4126417ff65571c78c279d75fc9547ee767a594620c0c6f45f4bb42fd0c5173d9bc91a68a0636205a637d5d1c7847bd5f8ce57e120d210b0c57d |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp110.dll
| MD5 | 3e29914113ec4b968ba5eb1f6d194a0a |
| SHA1 | 557b67e372e85eb39989cb53cffd3ef1adabb9fe |
| SHA256 | c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a |
| SHA512 | 75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssl-1_1.dll
| MD5 | e8fd6da54f056363b284608c3f6a832e |
| SHA1 | 32e88b82fd398568517ab03b33e9765b59c4946d |
| SHA256 | b681fd3c3b3f2d59f6a14be31e761d5929e104be06aa77c883ada9675ca6e9fd |
| SHA512 | 4f997deebf308de29a044e4ff2e8540235a41ea319268aa202e41a2be738b8d50f990ecc68f4a737a374f6d5f39ce8855edf0e2bb30ce274f75388e3ddd8c10b |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssh2.dll
| MD5 | 52c43baddd43be63fbfb398722f3b01d |
| SHA1 | be1b1064fdda4dde4b72ef523b8e02c050ccd820 |
| SHA256 | 8c91023203f3d360c0629ffd20c950061566fb6c780c83eaa52fb26abb6be86f |
| SHA512 | 04cc3d8e31bd7444068468dd32ffcc9092881ca4aaea7c92292e5f1b541f877bdec964774562cb7a531c3386220d88b005660a2b5a82957e28350a381bea1b28 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libeay32.dll
| MD5 | ba46e6e1c5861617b4d97de00149b905 |
| SHA1 | 4affc8aab49c7dc3ceeca81391c4f737d7672b32 |
| SHA256 | 2eac0a690be435dd72b7a269ee761340099bf444edb4f447fa0030023cbf8e1e |
| SHA512 | bf892b86477d63287f42385c0a944eee6354c7ae557b039516bf8932c7140ca8811b7ae7ac111805773495cf6854586e8a0e75e14dbb24eba56e4683029767b6 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcurl.dll
| MD5 | 2d40f6c6a4f88c8c2685ee25b53ec00d |
| SHA1 | faf96bac1e7665aa07029d8f94e1ac84014a863b |
| SHA256 | 1d7037da4222de3d7ca0af6a54b2942d58589c264333ef814cb131d703b5c334 |
| SHA512 | 4e6d0dc0dc3fb7e57c6d7843074ee7c89c777e9005893e089939eb765d9b6fb12f0e774dc1814f6a34e75d1775e19e62782465731fd5605182e7984d798ba779 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcrypto-1_1.dll
| MD5 | 01c4246df55a5fff93d086bb56110d2b |
| SHA1 | e2939375c4dd7b478913328b88eaa3c91913cfdc |
| SHA256 | c9501469ad2a2745509ab2d0db8b846f2bfb4ec019b98589d311a4bd7ac89889 |
| SHA512 | 39524d5b8fc7c9d0602bc6733776237522dcca5f51cc6ceebd5a5d2c4cbda904042cee2f611a9c9477cc7e08e8eadd8915bf41c7c78e097b5e50786143e98196 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\cximagecrt.dll
| MD5 | 66df6f7b7a98ff750aade522c22d239a |
| SHA1 | f69464fe18ed03de597bb46482ae899f43c94617 |
| SHA256 | 91e3035a01437b54adda33d424060c57320504e7e6a0c85db2654815ba29c71f |
| SHA512 | 48d4513e09edd7f270614258b2750d5e98f0dbce671ba41a524994e96ed3df657fce67545153ca32d2bf7efcb35371cae12c4264df9053e4eb5e6b28014ed20e |
F:\LDPlayer\LDPlayer9\ldmutiplayer\7za.exe
| MD5 | ad9d7cbdb4b19fb65960d69126e3ff68 |
| SHA1 | dcdc0e609a4e9d5ff9d96918c30cb79c6602cb3d |
| SHA256 | a6c324f2925b3b3dbd2ad989e8d09c33ecc150496321ae5a1722ab097708f326 |
| SHA512 | f0196bee7ad8005a36eea86e31429d2c78e96d57b53ff4a64b3e529a54670fa042322a3c3a21557c96b0b3134bf81f238a9e35124b2d0ce80c61ed548a9791e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5a235c9b9aaada9f44dc2ef8cfb7789e |
| SHA1 | f0393140d94b86ff0cd7d35425e7279e4c3b0543 |
| SHA256 | e583f4dcec13a41bd998a0760ec1fb9e434c9ff416d4b362b7f88648a880225c |
| SHA512 | 0bc6e4061f71eae292cdc30d4abbe4162c5ab937e5fb64fa6434c261a8962ee887c6f75fa3d2a592bc1f2c4977f19a9f7d537846f729b0a3186e4b0385f4042e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cd041efabade8de09b60584312ddae5a |
| SHA1 | 8ba8a2a1529888dd26bdee74d895c302043aa38a |
| SHA256 | 4daba8d3dbc92cb3c533a027c368a469ffab8ea023ba14e50c51713741a0d09f |
| SHA512 | 78a95e287f08495849dd470ac58e90f2f7db4e69f2a4c15ff2e8b3053ffd96bb635c70564d9c920b12beb1410d5bff8099c0d776e11e95365c4d10aa44d204aa |
F:\LDPlayer\LDPlayer9\dnplayer.exe
| MD5 | fa2c08e402cc1c1fca849ba2e4eb56aa |
| SHA1 | 133dbe827d469e8dcfb792734f1fced97690efca |
| SHA256 | bd6ed960624c4ffb99ce82611f23365733df329b1ff3216590292ee8034a4421 |
| SHA512 | d96f84f06784f6d2c2182301ae4437303f5f3ab8936e6e3512606c28cc99de268bd186a4eb73b092c1e54995fa849c38080a26fe6dc2b8c1e7171781677d3eb6 |
F:\LDPlayer\LDPlayer9\dnmultiplayer.exe
| MD5 | 38f88ca4211fb378c41412c23af886e2 |
| SHA1 | 7c904c5fdf84d13ffd47703be39380861b5a6a7f |
| SHA256 | 6b149b8b72bf3631111f0e7b95b4dbe2646b786a3de1b414110438927d3f9c38 |
| SHA512 | 6ff289ee872bb96de9de4a3ef82d043f93542545f1555885bd4b6aa008892a8e3fd5f59eb4ed76a402aaa884989725168206aaec6582ea37bd556e7f642d681b |
C:\Users\Admin\AppData\Roaming\XuanZhi9\ldopengl32x.dll
| MD5 | 395970be72d1bcc7755f95a04b3b303d |
| SHA1 | f4019b43fd95f1748e2392d5cb1aa4486aadbc13 |
| SHA256 | 5fa3f4cb4f4f603bd8b9a538b54658ebbcf9198d99f2b0e1ce447322b22fb312 |
| SHA512 | 2f4968b8564bd3bbc624a6838ec33de22413afb8711e08cc36b082863f4e146212c1b6173921ea110c65a0dc20b97c9e187a8ef006005711efcf4237db0bcd1e |
F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk
| MD5 | 4d592fd525e977bf3d832cdb1482faa0 |
| SHA1 | 131c31bcff32d11b6eda41c9f1e2e26cc5fbc0ef |
| SHA256 | f90ace0994c8cae3a6a95e8c68ca460e68f1662a78a77a2b38eba13cc8e487b6 |
| SHA512 | afa31b31e1d137a559190528998085c52602d79a618d930e8c425001fdfbd2437f732beda3d53f2d0e1fc770187184c3fb407828ac39f00967bf4ae015c6ba77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000131
| MD5 | 5b0406e780b5c49f1603153040939e76 |
| SHA1 | c12ef02ee7a117729581313433c9ae19a6b6bcdd |
| SHA256 | 734d29cacd7bfadcc98e2884d95ec5fdfd206bbf079acba0e1dddecfed9af259 |
| SHA512 | 0992005a54ba6e3e273cc3e468291ecb0b165e6d4a0caebad2ecf4b79c354f24f1a3928512664cf027c14704b54ed7a9a5fd3e379ea3d2b3da7c099c9e038cf9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000133
| MD5 | 05e9679509b61424a07cc4d4efb7247f |
| SHA1 | db4fcfac1d89c7e4f0bdbea9023034b64a9dbd81 |
| SHA256 | 31798b2630a882be758010dfa51b12026c8fd81f0e4068b38fd739cac78cba0b |
| SHA512 | 1cbe7343e19b41f3f116a93d598d7b67779d29c6bc0a7b086d112dfcc76fee60811290b67b5d2561751700be483f6cd460b9b4c8325397813314ba064e4c2208 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000135
| MD5 | af6fd8f7082ec75d40958762d07182ef |
| SHA1 | a0b5effdab21bf57bc2e868f8f3511418d682e8a |
| SHA256 | 896f47bc37d48d197f7f06c8662638500754708f02fa599df723272e5fef7cf8 |
| SHA512 | f16ef5a997e8b6b94948a7b8871e7e897ac1f5635afc615ce5b594d4600762b15e56b785b1222014db0d99e3a6c13db3c325021ed4224f0927b2291b8d58f203 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000136
| MD5 | d155610d38d34dccd977ac213ab42e1d |
| SHA1 | a343e08abb19f7d4110c64de08aee504cac318d3 |
| SHA256 | 6ec5dee6a9dfb42ef97cd410c2e3387f53d2eff7d1fcf159f96b5ab129036ab5 |
| SHA512 | eb735bd87238215d54613f6065e61d48e1578908117af2a215b88dbdc3c4d155cd2b60e035ff2cde17605445bd89129de07aceb74ce8c16dcd355e4214986c8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000138
| MD5 | 89a574ff00e6b0ec61d995d059ce6e65 |
| SHA1 | aea09e96808ab77165ffa712eaa58b8f056d0bb6 |
| SHA256 | e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44 |
| SHA512 | 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000139
| MD5 | cfa2ab4f9278c82c01d2320d480258fe |
| SHA1 | ba1468b2006b74fe48be560d3e87f181e8d8ba77 |
| SHA256 | d64d90cc9fa9be071a5e067a068d8afda2819b6e9926560dd0f8c2aaabeca22e |
| SHA512 | 4016e27b20442a84ea9550501eded854f84c632eeced46b594bcd4fc388de8e6a3fbfe3c1c4dbd05f870a2379034893bfd6fd73ac39ef4a85cbf280ab8d44979 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000132
| MD5 | 16dbf3aa6da6eb21d043d031679edf8c |
| SHA1 | cb79d8ba7a8c6d908c7b687cfd2d7c23a5622dac |
| SHA256 | c1ea5332105be56f65e515b24281c17f0673efdbc6406d22bd1236ecbd8b2192 |
| SHA512 | 6c7f6aec61237404623dfdfc8c14dca9d5303b90dfd65dadc80100c97f715a4b324cc13eb73a2ae83e6c2986065f041cae8f867a237046d9f29d53556f1a0ddc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013a
| MD5 | 8a42ba5472aa4afa3d3ac12f31d47408 |
| SHA1 | 2add574424ac47c1e83b0b7fae5d040c46ac38a7 |
| SHA256 | 759bfec59bce5ddea7751b7f93408074a8c27cb2c387b08b6b9f4aa111266ec4 |
| SHA512 | 3e1081a6e1c29f6dae28ab997c551a6d107d4f4b7e0981a19ba81a30a4e420dee1791321dca8f4b500c9e7e4a41c5e5c75013a72e5a5cde3f7e6c50393eb10b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000130
| MD5 | da93aa5083d4a8a231142493c28fdae3 |
| SHA1 | 7ec3646cb8219a1e3f4d2bfb9b80343ad4ad0fde |
| SHA256 | f953d546d5c0159ed38fb748e442276e47958eb0f95f29c6af82b7e31e3667ff |
| SHA512 | 4af42d49043a6d8d193ed491a66999fa5d57942b6d1ceea33574eaabd53bb7cf86573980ee9c4aac98b3e039011634c2450041343872de503661416cad2616f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013c
| MD5 | 6b04ab52540bdc8a646d6e42255a6c4b |
| SHA1 | 4cdfc59b5b62dafa3b20d23a165716b5218aa646 |
| SHA256 | 33353d2328ea91f6abf5fb5c5f3899853dcc724a993b9086cab92d880da99f4d |
| SHA512 | 4f3b417c77c65936486388b618a7c047c84fb2e2dd8a470f7fe4ffec1ad6699d02fa9c1bbd551414eef0f2e6747a9ee59ca87198b20f9f4a9a01394ae69fa730 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | acc8c36ed40168e7e84c0f2656ef11fb |
| SHA1 | 1a9044ee6c1e4e8edac1918e04fa752149ed4b72 |
| SHA256 | 6da11fc54c8f8d17aaa33b953e752ed993e07ce49527b5158b9a090183c6e1ca |
| SHA512 | d589912eeb88d1a6f57a859dcaffd69c3bcc5bc37c0a41089ad88a71c613aa0472e8e71ec60851d1a46afa1995b48a3bcf1970b7ffe9fc53be036b203b4f5f58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 689802830a7a8696ad20040a7d4d8046 |
| SHA1 | 2fd1927661290aa5566d1f472c460184727ca14d |
| SHA256 | fdd1a082486057b5c29f35c703aa536a7444a3d27326294ce0b75f252f105984 |
| SHA512 | 470eaca5128f3cbdd4f050d30a94240d0154218a7c8727854fb4a2a070a4d72989bbc3ea870e82807aff0219ed5bce55c40654e4eda452bc21f7d6e2e5144876 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00016a
| MD5 | 1aca735014a6bb648f468ee476680d5b |
| SHA1 | 6d28e3ae6e42784769199948211e3aa0806fa62c |
| SHA256 | e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a |
| SHA512 | 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3e67421331ee065a30c6e3201d8b6f09 |
| SHA1 | 2fe383d3ee66c34349caea654ff5775bf5a468c6 |
| SHA256 | fe62e7b8683c164084c09a50d3b2512b828397b48380c0ab8c426cd4abf37dfa |
| SHA512 | dceb1dd30fd95d637055d240a3f37ea3ec860a50824609d93b210c465229a73d8ec7522303a9816ab31276f0a3f92ce16dd1fb06e9083c2bb98adfd3f4373310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a77a4ad5c8188ae56bbb081448dcd697 |
| SHA1 | 02c78c8d096612c27a04365019a89ce3d7dd3a58 |
| SHA256 | 2c325f968d8206c3300e6ecc8dff1c58ad55d7715c567b51385cea30b336046c |
| SHA512 | b08f6e4a5f6cc36f39ef9d2524afcde7578cfbce0ef8df3aa862ba5156644221dd3dc7fa3db65d3bf77f994491a1931ed5b0efd9594a078fee30f68ab1e357f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 093237284023e7bff10065c6ff81eccb |
| SHA1 | d5959e2da14d3d7e634133ecb7d477abeef7f560 |
| SHA256 | 1adcf7ceb03dd64ca1189a1d7046a37e5b5ff0e51ed086e48d9ad61ab31adaca |
| SHA512 | 8b9e217b022a65d3a544db26409f25ca273cb60e6ad1decd95abe1cb25140c8b55030f02a2101d0c281516ca18b4cc0e7757b955d6e74935e172e16aca529103 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0
| MD5 | 1faafa566a286c41396671747920f5e4 |
| SHA1 | eaa32af86d83e7582a3485cb9285f87c1a09945c |
| SHA256 | 876c229c8c68582fa6ecbf743cf82ae619129ea83b25c2a4a731f28f88d8abf0 |
| SHA512 | 30c32dc74d4b5bdd58a92b4c55fa8016b1ffbcc6a3bcebed6a81e59a7b6087c4bf099dcabb44b677c458bf981d295e113d3d513e2c3f0776fa344fa40a5f30eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0
| MD5 | 7f4788f0dd5500668efadcb2a67a21ed |
| SHA1 | 458a81b76ea6ff28cff788d21978c066c5592465 |
| SHA256 | ba8ec28a117866396b53141d5c5b5ebeae5b9e9329e15acfa12b2d0b0b419643 |
| SHA512 | e2d05e74b63aa6dd86214c6d2f0a59d85eabfefe3e606e4a7559acf244562d1e762781b9d7ae2690526324b630382bf5382e8255c2ddae0c4824857d701bb889 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\03eef0e77feb64d4_0
| MD5 | b0f793b227ee09b9a73b8b51e71b77bc |
| SHA1 | 1dfece3a41bbbf4c8a677b0cc95dfcb054790bda |
| SHA256 | 704b424e589ae831259a5bcda96c47a54f08b0afdd63e91c5dbb9a65c52b0c97 |
| SHA512 | 469bf05a58b16283a2bd74be175e0315bcfc8e80c6e67a94d15a0bcbfef2ecdb0b1e15c8bef7bbe9f7ec3592e680118051ede527a6953a0f29af18bf4f003232 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0
| MD5 | d376e48b831ddba7b53abb938b00d66a |
| SHA1 | fcce6f339f47dcea09aa3a9baa6ced7555502619 |
| SHA256 | 4f9619d9496fe7e9054d0661049dd7758fcc07c7524fc5f0ed2c5f7527de4690 |
| SHA512 | db3e125e420ac832346cf4f594a5e098e6fc3fc840764ea4c338577cfe56e38cdd91a92a00d25c4261ec3f4beae48c7914b3512ebb4e797cd7ea284297d0114e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8908012b8e4a5af1_0
| MD5 | 7abbf7c90177afed030ba27347cb5f40 |
| SHA1 | 2071a1b00e5c5dca1df5cafc78ac5189f58b6a46 |
| SHA256 | b89cae827a623ad28b0c200f580b6cdd4fe170ba9c75bbcf7c904906a54dad78 |
| SHA512 | 2604d7e341cb21765489d29685a051b7b49cdaa9e097978197bf056ffd8a9aa4a8a9377b55ee999267971e2b253df6a63568319d302e7255683e6eef64338715 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ec4b11de0b23393_0
| MD5 | a16b18bf0db9fb39f5f2adb77f787e71 |
| SHA1 | c3073f553e0fe174b15e95a7ec318f9fa8e14abc |
| SHA256 | 4cebad8832b3879449c5c28f9a3b14ad53148fe1d3e4d8f365d1cb588b21bec4 |
| SHA512 | d821443ea7490701621fda0f12f54957621ea26607d89968eb5f3904924e037f15eae44b82fa4b2ac83f9c641b7fc44dc72dca1d1d304088660c37dbe38ab7b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\476831ba582729ec_0
| MD5 | 0dcb290fd83f648ecff308706e10ba61 |
| SHA1 | fe0afee3b07ad3c10adc9f980267b1bb9e0064a4 |
| SHA256 | b1c039eff62da217b6d51dfa43e9ab56e39aacebba7c4883a5882353f06ac95a |
| SHA512 | 4c67e926933448f2dea07139cee2f21e3bdd6d2c5011f17c61f3345f7df46977d24c72417aabb0caba39ad48ed031f48d0de834b2c764769a5004196ff419165 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5801d3329fb36c59_0
| MD5 | f17f223d7c354e30156e92cb3a2fc7b0 |
| SHA1 | 473029f48ff031324735892dc5242399a2535196 |
| SHA256 | 63f467c03aa00b399c089bea36c7133a23b3414095a20b264b6c2084a0022a82 |
| SHA512 | 1417ceff343fb687e597f898ef2d8c273390c8a3bcf6a72f04584d914a8d21c5bbc94758329e7868a36d945f10bed1535e0bac25577a0d6e1d9198fa19f66ba1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\534ab76442c26020_0
| MD5 | c2fae69a3a5639fd5012c1cbb3c50da1 |
| SHA1 | 99d2bf720a7e1f938abdccce248ff3c3c8891188 |
| SHA256 | 7a8f97636b2afc08ff90e2f44ffb8bec0bb0e0bc9de0517a9a2109d51e0bde33 |
| SHA512 | 789ce4d4151d172966ac220c829a0bf88051c0f1f84e6f05c152c4e31d83fdac5d1f96280f2d0f4f17d3c8b6118fc1e2896bac1762abdf53709b4bbc4e1bc209 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3c4b545fc30e58e9d7a4f07f3f3d6119 |
| SHA1 | 66022c9dcccbe0f1b03aa6c0acea189ce778e6ad |
| SHA256 | 4093307f58c33ca674af8b29e08a27c497ca6441e823fcc40247ff7a932e4451 |
| SHA512 | 0e9a74fba56bde7fc0774d454749b79a8ccbc86a48cc5ef730f9a3144c9becbeff7343879725d397bf06df2c1aa1bc3e96c36f087ba5266cc9e20b6e9cedca83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e
| MD5 | 86a24c421a052d323e49a952d88805b5 |
| SHA1 | 814a9daf46a34ad6bc4f5bc0de4940b166a85870 |
| SHA256 | a359121948e08165e21894786ee4e4e3c3f1aa55bb44dbaad470d4adf1b7db9b |
| SHA512 | 0993b3670d42d9032831122d0e43d1843da2361d8781b0cd75aa080a57f9da273ac8a54414f8598ee12b2878787245b564a07f7e401c0282a47b5a0f57a825b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005c
| MD5 | c15d33a9508923be839d315a999ab9c7 |
| SHA1 | d17f6e786a1464e13d4ec8e842f4eb121b103842 |
| SHA256 | 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 |
| SHA512 | 959490e7ae26d4821170482d302e8772dd641ffbbe08cfee47f3aa2d7b1126dccd6dec5f1448ca71a4a8602981966ef8790ae0077429857367a33718b5097d06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006c
| MD5 | a2d05ef35c1b3cbd27f8c4a52bd3551b |
| SHA1 | 8b727667e05c51ebf99a9fadc9dc91752e31b0f0 |
| SHA256 | e047a4407e6925ba2b45835277484933e4583f1afbf6d13a8f981ca00be54af5 |
| SHA512 | 630f96a81fb72329cd4394a2a7ebb31cfc3457e0ef6426dcbd9f8579ec80eae500ddb007bde4f08906f2f82b5145e6add41edf7d278922763b0a89b0e22c5b31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e
| MD5 | 532eb7675a4511688cecd72ba313f6d1 |
| SHA1 | fb6661e98405e24b19c2c591bf9ecdf7bca2c1bf |
| SHA256 | 18c3dcae832534a7e6c8a0ad74a3c3dfddc4921c21c421ffbc0606993f581686 |
| SHA512 | 5a6109fd372839659e81c3a976a49dab1bfaac5b237f8721c4912960b117a511e9e88ea7ae33781b199dff286aff7a20709a5124c97576b79a018bd3b09b4a4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3a8c31b46a0ffdc547c40874a2cb5c60 |
| SHA1 | ae5aee9d7db481d825a5f1d9cf3f621acc3840c2 |
| SHA256 | cf7b828c8875a658c1a6161d047ee3a7492c7ec622bbd9cd9c975489015f253d |
| SHA512 | 914d12d2f88d5bf51124267aecbe56db46b0e7e25f99b212523dcbdcb71839d617631bd313e07ee6f4e31074f09d4859c0f2eb0e5b8cea6ed4f10cb56611e798 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6f06068873ad9e5291e4b7631eee0213 |
| SHA1 | 24a06007a4897a8ee1f7b74c1fc230aa68c1f685 |
| SHA256 | b3fb89ce2d17150de361080584057bbd8fa9dc5dc813ddcb277b51b68ef22451 |
| SHA512 | aef017770d2e2c392ff8c6f9d9be70426b44823cf65dcb3d9a52cde52a23414907c82d6eb13e25bf50f43d15067a741fed7e65bcc2a831cc8debaab89cc85678 |
C:\Users\Admin\Downloads\Install-GooglePlayGames-Beta.exe
| MD5 | 5463dae20d2e1d73b1baa5b6d1fe9a48 |
| SHA1 | e0352fcf4573f01f82a597c3cf935c151514dd7b |
| SHA256 | d1b7bceab90670aec22ca60df6315c1f0556cbded296668a6f92f6301bd86da2 |
| SHA512 | 39f1f6e5fd2dc3f8239b0f2cfb4f86785775e46cc8207aa6138f2fa896ca8e54ccd3ba30479180edb6f68ba834ae68479b298154fe93447d3ccfc0fe1fee2b6a |
memory/21540-17916-0x000001C975080000-0x000001C975346000-memory.dmp
memory/21540-17919-0x000001C977780000-0x000001C977836000-memory.dmp
memory/21540-17924-0x000001C9756F0000-0x000001C9756FA000-memory.dmp
memory/21540-17925-0x000001C9758A0000-0x000001C9758AA000-memory.dmp
memory/21540-17926-0x000001C976EF0000-0x000001C976F1C000-memory.dmp
memory/21540-17927-0x000001C977A50000-0x000001C977B64000-memory.dmp
memory/21540-17928-0x000001C9758B0000-0x000001C9758BE000-memory.dmp
memory/21540-17931-0x000001C977840000-0x000001C977864000-memory.dmp
memory/21540-17932-0x000001C977870000-0x000001C9778E8000-memory.dmp
memory/21540-17933-0x000001C977B60000-0x000001C977BF8000-memory.dmp
memory/21540-17934-0x000001C9778F0000-0x000001C9778F8000-memory.dmp
memory/21540-17939-0x000001C977E50000-0x000001C977F0A000-memory.dmp
memory/21540-17950-0x000001C977E40000-0x000001C977E48000-memory.dmp
memory/21540-17962-0x000001C9784A0000-0x000001C9784A8000-memory.dmp
memory/21540-17965-0x000001C97C1B0000-0x000001C97C1E8000-memory.dmp
memory/21540-17966-0x000001C97C170000-0x000001C97C17E000-memory.dmp
memory/21540-17999-0x000001C97D4B0000-0x000001C97D4D6000-memory.dmp
memory/21540-18002-0x000001C97D4A0000-0x000001C97D4AC000-memory.dmp
memory/21540-18050-0x000001C97D600000-0x000001C97D606000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Play Games\CrashReporting\Crashpad\settings.dat
| MD5 | 7c3d49434ebc463db73ce9d7583469b1 |
| SHA1 | 8adcaba6bb529d88f7d6e2b103129ecbb487283c |
| SHA256 | 8f497f878a447864b706bafd93ffe178d2c32f9a0d2dae5324b26c4f6ec01b6d |
| SHA512 | df4aa6f0cf88dda8e717e67f46bca74cdddc3eda4f330dc50a3ccb9ee857d91129d91554da10134f455a1835eb041f45f73b6ed967545def4e7aa954f37597ef |
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
| MD5 | baf0b64af9fceab44942506f3af21c87 |
| SHA1 | e78fb7c2db9c1b1f9949f4fcd4b23596c1372e05 |
| SHA256 | 581edeca339bb8c5ebc1d0193ad77f5cafa329c5a9adf8f5299b1afabed6623b |
| SHA512 | ee590e4d5ccdd1ab6131e19806ffd0c12731dd12cf7bfb562dd8f5896d84a88eb7901c6196c85a0b7d60aee28f8cfbba62f8438d501eabd1bb01ec0b4f8d8004 |
memory/22468-18150-0x000002874EDA0000-0x000002874EE16000-memory.dmp
memory/22468-18157-0x000002874ED60000-0x000002874ED7E000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c69551f134cb72397350b7ea8a2fd3dc |
| SHA1 | c60292ce23a7c1399ffebb2871c58830338fc4da |
| SHA256 | 0ce6671c85c9b8a0b7785f54492cd9e9d7491940fe4d14eb54da4a905d6407a7 |
| SHA512 | 497a024a9c16cdad6da58fa201d1d62a9c927117335ea5071cfea23d38977f6993ef812a9dc9a8273e94f1fe6661ea5a35be9e9b12990bebca0f078805c6f4fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 202a4ddbcb11ee8e3658121ce8b9cc3d |
| SHA1 | 9c49fe3bdaed74d656969064e76523878a76ed94 |
| SHA256 | ff516f64141e8fa6d68b748d4fda93dc82cb205d11dfdeed16c9b6aa75bc0448 |
| SHA512 | a3b2bb6b3af75b2c5011aad793334fedf1f99fa40777c38e1cd33a87ee16abafc35fe6b31148bf63c73e3609a88319420d454eedd72752bf2be83b47bcd9db16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2a52c350a6b56e15a00079d2f4cb5fee |
| SHA1 | 948a78fb7768214cc2ae8d6155b3cff39e581ddc |
| SHA256 | 02ee7cdf05b657e3508d799f4caff778248a3bf7edcb3d7a18c9f2d2f53cc76c |
| SHA512 | d97c2d5c82530931079540861fd989973d7555fbd006686699c5bce7dafffbdd71cf9696f5e15c21640d889069ecc6f72c9b1b850ff998eb206a1a43aa425c84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a2c0e8648ab4694977a7ec93c30c86e1 |
| SHA1 | 8e046a734df86df7b367db0b3ec85758d3294de0 |
| SHA256 | 75c968e3757906de4791a5bcbf445b2420b94a2efad43c17b666fd458956cb44 |
| SHA512 | b475e39156aa799ab0729fab3dd384f40238024bd3680b2932f3f092a473026aa944032c6e0d1a0444b27c5075c6889ca1fd52ec87db8064f7347792c45d50fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 085c521ec4b2226226b37039958dc464 |
| SHA1 | 7f2f0b7790a237c8331c177ece83152e1c1f735e |
| SHA256 | 9892044b8512607f29249f74d9a37b808795cef550be09760f3963ae8a96739c |
| SHA512 | 079ce0c108fb09c163288ec4da4c4b9432f42540c5968052e9a090a54cf694c6e5117670ce44c866cd4073c1f9d133bf6beb6791c1c30a7e8ebbfcb07d7f9278 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c6d06ede218468753a937d880ce49ed1 |
| SHA1 | 3f6f15cf8d7af8c76aa465e6fa3d7874032e513a |
| SHA256 | 75245a3facdbc3bd42b281b9f9827820795ac541a3fc997aea3214a06a6a2990 |
| SHA512 | c10ad1af7d830451306f1ad19a4946690e15b64ba331dbad6c6d538673fd77d1325ffec3e14630959a8a6a76caeefe621eb20362bfcd33992ff8a6bf09a71a90 |
memory/25696-19934-0x000001BAFF7F0000-0x000001BAFF964000-memory.dmp
memory/25696-19937-0x000001BA818C0000-0x000001BA818D8000-memory.dmp
memory/25696-19938-0x000001BA81A40000-0x000001BA81A6C000-memory.dmp
memory/25696-19939-0x000001BA9A2C0000-0x000001BA9A2C6000-memory.dmp
memory/25696-19940-0x000001BA9A2B0000-0x000001BA9A2B6000-memory.dmp
memory/25696-19943-0x000001BAFFD10000-0x000001BAFFD42000-memory.dmp
memory/27560-20609-0x000001843DCB0000-0x000001843DCCC000-memory.dmp
memory/27216-20619-0x000001E981700000-0x000001E98176E000-memory.dmp
memory/27216-20620-0x000001E981CB0000-0x000001E981CB8000-memory.dmp
memory/27216-20621-0x000001E983410000-0x000001E9834A6000-memory.dmp
memory/27216-20622-0x000001E99BCD0000-0x000001E99BD48000-memory.dmp
memory/27216-20623-0x000001E983330000-0x000001E98335A000-memory.dmp
memory/27216-20624-0x000001E983360000-0x000001E98338C000-memory.dmp
memory/27216-20627-0x000001E981CD0000-0x000001E981CDC000-memory.dmp
memory/27216-20628-0x000001E983320000-0x000001E983334000-memory.dmp
memory/27216-20645-0x000001E99BEC0000-0x000001E99BEE6000-memory.dmp
memory/27216-20646-0x000001E9833B0000-0x000001E9833B8000-memory.dmp
memory/25696-20674-0x000001BA9A870000-0x000001BA9A87A000-memory.dmp
C:\Program Files\Google\Play Games\Bootstrapper.exe
| MD5 | 77feee14e1f41ba400e5b00c82868d3e |
| SHA1 | 7ff38566293e46350c16ceb4f40ae405147bc233 |
| SHA256 | 0f25e60430209861ab08569db34c39c689d27c4a93c730b870765e963fc4e0a3 |
| SHA512 | d35f0575c677fd0c319d8d5f91cd918e28e6f65d79458fec9967a5a0dbcc50d29be1a69326dc17944467a961067b2abad4d005451a6a228417833c3c3765ebe2 |
memory/28580-20710-0x000001E4C5560000-0x000001E4C55BC000-memory.dmp
memory/28656-20720-0x0000013369310000-0x0000013369E3A000-memory.dmp
memory/28656-20721-0x000001336C430000-0x000001336C4E6000-memory.dmp
C:\Program Files (x86)\Google\GoogleUpdater\prefs.json
| MD5 | 72f40e8e971ad7ec1a1476dcf9e77f1f |
| SHA1 | 8ae2a7dbd4d998d7ea9ce5192a63780af193c71d |
| SHA256 | f49e10d686d03cea8ee9ba99fed1476b332c1cf247387889819b5ea18f87e907 |
| SHA512 | 89a64cb0c08feb2a21aeb3dddf8c8d1b9818346c88b138b6e3cf26164fd65ed0f982d1cdb798995d7db00e1099df9aba174a001a918294ae393c00afbae30cb5 |
memory/28656-20733-0x000001336A240000-0x000001336A256000-memory.dmp
memory/28656-20734-0x000001336A200000-0x000001336A20A000-memory.dmp
memory/28656-20735-0x000001336A230000-0x000001336A236000-memory.dmp
memory/28656-20732-0x000001336A1F0000-0x000001336A1FA000-memory.dmp
memory/28656-20738-0x000001336A270000-0x000001336A276000-memory.dmp
memory/28656-20740-0x000001336C8A0000-0x000001336C982000-memory.dmp
memory/28656-20737-0x000001336C4F0000-0x000001336C50A000-memory.dmp
memory/28656-20746-0x000001336C510000-0x000001336C516000-memory.dmp
memory/28656-20747-0x000001336C990000-0x000001336CA54000-memory.dmp
memory/28656-20748-0x000001336C530000-0x000001336C53A000-memory.dmp
memory/28656-20753-0x000001336C6B0000-0x000001336C6C4000-memory.dmp
memory/28656-20754-0x000001336C570000-0x000001336C57E000-memory.dmp
memory/28656-20752-0x000001336C560000-0x000001336C568000-memory.dmp
memory/28656-20755-0x000001336A220000-0x000001336A22A000-memory.dmp
memory/28656-20751-0x000001336C7B0000-0x000001336C7E4000-memory.dmp
memory/28656-20750-0x000001336C550000-0x000001336C55A000-memory.dmp
memory/28656-20749-0x000001336C540000-0x000001336C54A000-memory.dmp
memory/28656-20745-0x000001336C410000-0x000001336C418000-memory.dmp
memory/28656-20744-0x000001336BC30000-0x000001336BC36000-memory.dmp
memory/28656-20743-0x000001336A2B0000-0x000001336A2BE000-memory.dmp
memory/28656-20736-0x000001336C6F0000-0x000001336C7A4000-memory.dmp
memory/28656-20762-0x000001336CE60000-0x000001336CE66000-memory.dmp
memory/28656-20767-0x000001336D000000-0x000001336D008000-memory.dmp
memory/28656-20772-0x000001336D120000-0x000001336D128000-memory.dmp
memory/28656-20776-0x000001336D370000-0x000001336D38E000-memory.dmp
memory/28656-20775-0x000001336D350000-0x000001336D362000-memory.dmp
memory/28656-20777-0x000001336D3F0000-0x000001336D450000-memory.dmp
memory/28656-20780-0x000001336D390000-0x000001336D3C6000-memory.dmp
memory/28656-20783-0x000001336D490000-0x000001336D4A4000-memory.dmp
memory/28656-20784-0x000001336D4B0000-0x000001336D4C8000-memory.dmp
memory/28656-20785-0x000001336E190000-0x000001336E20A000-memory.dmp
memory/28656-20788-0x000001336E110000-0x000001336E14A000-memory.dmp
C:\Program Files\Google\Play Games Services\24.10.14.0\Uninstaller\data\icudtl.dat
| MD5 | 692337664e861ad322138061132dddc6 |
| SHA1 | 8a99bc860eda0772f3b1f4a125fa4d474410e21c |
| SHA256 | c12537022ef818991a7bfed41a76d8d6ae962ffbc0e6511ac762a5d0845e7f7c |
| SHA512 | 3e2e6adb651e37e530734f999634d7c101fa1c45ae380be8ad169bbfb0a047f2878ff6c8d1428d6b9e7301b447ab2f8839484322ddb3831984be71d442829a55 |
C:\Program Files\Google\Play Games Services\24.10.14.0\Uninstaller\data\installer_uninstaller_windows.assets\shaders\ink_sparkle.frag
| MD5 | 51f20bf41c8f1f157941bb8431fb411c |
| SHA1 | db0cee9291c516df048e9d426adfe3b469737cbf |
| SHA256 | 35f467c45804fb1d3cb8c483da1a8f636c8ecb6f63919b3f1bfc8ec8e2fcaf15 |
| SHA512 | 0748bd823aaf84bc58a91dec01cf28e10ea8b0fc772cc9db7626af9102742d6ae6d1db56c28ae939bf67d4a2e32efb9438f32f798f7b193e1f2342138a076601 |
C:\Program Files (x86)\Google\GoogleUpdater\prefs.json
| MD5 | 13b657dab2d7e2892de5e55a387c6f14 |
| SHA1 | 1d34f8e74ba3db803f55a09f5868aa3b843e5015 |
| SHA256 | 63901978b4729540a7886145036993d454308df5559d292738cbf854d04824f5 |
| SHA512 | f492cb52fdb91a126ae286f5e1d02662fda74c7a5ca943b56d5763b7746f7287fcab6eba9f4c37985f050b7679a21a47c57e04d41063ff6a01305d78dfed6b32 |
C:\Program Files (x86)\Google\GoogleUpdater\prefs.json
| MD5 | 0d98bf7fcac6884585f68fb5f56441a4 |
| SHA1 | 1c9d8c33fc49362737b7493bef1d9d8b3d9b2a31 |
| SHA256 | e0e84470eb1e1dee336678a5f5ea2565a819717356502784cd929ddbcd02dd6c |
| SHA512 | 54f8b1f84762a03af90eba05584cedab6c26f95deab21260a8cf9383afcb7a5ea5412c05bb627c3f6d5ccbb34336f899766eb2f61265cc422d91ef1555648581 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | abda4d3a17526328b95aad4cfbf82980 |
| SHA1 | f0e1d7c57c6504d2712cec813bc6fd92446ec9e8 |
| SHA256 | ee22a58fa0825364628a7618894bcacb1df5a6a775cafcfb6dea146e56a7a476 |
| SHA512 | 91769a876df0aea973129c758d9a36b319a9285374c95ea1b16e9712f9aa65a1be5acf996c8f53d8cae5faf68e4e5829cd379f523055f8bcfaa0deae0d729170 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ff32f8bce72c770990062bdf3f2f53e1 |
| SHA1 | 26746feb5490b9d92f71d527844ae2d0a657d99b |
| SHA256 | 48538375a2a8c76275fbd878e68b3ac77d5b93c386c69a708734eee8d8fa4cad |
| SHA512 | 39306f98795498fdf4fb4c330c13b97ff13af770a04abc11edeb72a632f6c0d90ee29e909c76f5cbae12809b942a32979ef8d277739ee260fb887689dc619234 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a7c559b7d17f466fa2c653dbd87c2e52 |
| SHA1 | 1971cc0ac65645987b4222dba5583b656be09a97 |
| SHA256 | e1b290d39aecf7f7298f5e97c793c052edc7671fa6eedb1aeb0865bf0bfceefc |
| SHA512 | 16c7aa0211b37c3041244ca80d1d08e46dd9257de6054fcfadfd9f04623ba26725cfb21866f43e916f264a66c6d811a68ff5b7beea7f37a14e3dde4020f77eab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6ee5c01a8c3833668f089e041903bf11 |
| SHA1 | 4e8141835271c89e09ace42aad3f4c51e11ededc |
| SHA256 | 6444da0e943a9ec51ae8ab0d566e89a3ab59ff9c2b7abd3198d7f62f0af74b92 |
| SHA512 | 9cd9b7d4b3b4bc71b05e6548836662815b2b315091a1152a14bcbb219d41756fbf19b09a998760353cb0fea699b18eeb30cdf0510f8e0baf404cd1984576bd6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 8970ac8c302df1dda8da057af84c6aee |
| SHA1 | 36cc0b23d6ba07077eeaa7455f98052b8d810640 |
| SHA256 | a0c33df02d28fa4f6739b20adcda643a946339a9e6083fd8690ccc76bd15201a |
| SHA512 | 7f15deea4be33974e1a2abfd4bb20ceb2ef9484ee6e706df00f8b2da9aaa3c9b70ce8b2783a753f47d46e2549abedacffd63cc506e757b508942fcbcdb3bcb07 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e528410de9d4d811d064063a8fcc1d1f |
| SHA1 | f60ff630794923f97f66dda39cc83d14cd952f9c |
| SHA256 | 41e2f371ee38e80c8c9106b85a14090ec30f9c74563dce2bc7e80e9039298ec8 |
| SHA512 | b257d0a979969069c38bcff113440630620bdef60e9cdd07fffed9dbf1bd3407475b4eb93cd5bd1f842dbbbebba5f7e31623af0e02305b6c0bc609c73f101493 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 26ac46cea3c35b3f4726c00a64e1d7c1 |
| SHA1 | 559e6971f423d0279f7f41a03b5c0af0bce4d01e |
| SHA256 | 171c2d18845f26ade70f2721dfcd63024d18e459098ef7da25f04f911cc145a7 |
| SHA512 | 5b815fb44652726d5b5ef4e8c05f5250dde4b1049f58b10f6239043a5a03e34688bc39ad71af8c689ee52809178bd4236cab056a7c3b517362c52d8da9bb0c0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ce92c5573c5deb6b44b8af58c82c0713 |
| SHA1 | 8eb3e5cf81498a340492dc794e60b154b18b7994 |
| SHA256 | b70c4e55cbf82dfb1461cd8a2bbddc8ac8c456c939642dff47e9a82a124ef225 |
| SHA512 | c9738eb9f0fa56ec281f11651faa0107195ee0f704a05d6187dcb01915794701b0f45b5f901fcdd74f0727f602585403570890815c5859ebf738ad920aee2f78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d85e69408d35beb8b9bdb51a512d0577 |
| SHA1 | 4bb7edce68af7e7222e611885cafc3299b717417 |
| SHA256 | 5a59821b992128221efd5c3ea663b49c9dd6cc5e283f281f055a097f7f97dcb6 |
| SHA512 | d8c42205fe0016306ec9b4a66342bd0f6c96adac50115e20769fdfddb631265b2603b0256c4f7d094743de04d0762f7f2ca551083c6794b377947f2eef86d1cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4f9eb276ef9eac81bbfb9087217835a9 |
| SHA1 | b64f2e95d76ecd4adf1e3024844390a1ff76c56c |
| SHA256 | 351730a6dd3546d61be71a64903836bd865860f3bc13ab7cd0a4216fa4d34a77 |
| SHA512 | 5a045ace664b064112db5603aab176c484df4ef94aabe1fda715c67c6d3a5a5a088c041cd67706b8932fdb9e3eb6da8e907d2bf96af7fbf3f63f16fd2ef9f084 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e4a921a6086ce84c050e538e8765aeb4 |
| SHA1 | 08897a3dac4985734edd41d823ac3526ba0b8896 |
| SHA256 | 2ba99d75462a68753e66172a8ada5fad883febbfc67e957683509147f5b2bef8 |
| SHA512 | fdef0cf08bb2df39330e0758a70e778c83345ca00eea2a170a57a57dcb8c15a9d209ffa1e1be6712d520c6cd3639cba5c30ed25ccef625ea6b4606dd6aa5cfc9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2d0c47dd658a0db838dc60be3f03c104 |
| SHA1 | c7148424cf452bc8bf9c83071429a23175c42062 |
| SHA256 | 3f31521f24307ba6b4fdea4a0aa40b26aee9e53e7498acfdd552c9f4faee6156 |
| SHA512 | da4334479b481e3801bf9f392c8fbd7b3ca5c55090ab34eda013e3d5f8b0b6c7a77dbe45d08293e798e148335a8ab8241bb41a30da8eb54c72229f92b0aa9b06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6a0a33a8f0f5009bce9582b2735d6153 |
| SHA1 | 712db20ae2049e5a418f732b2394da3977be78fa |
| SHA256 | 56f242a22a763e2a26dd3d6012e63ac2940bf26650917e9781b67b939ede30fb |
| SHA512 | 29e78c92ed6af92c51a7b9cdb6ba22c6eb5b1a2a62f77d6a719c14de903faffb929f0cbe2041b28c1d32751f3cb9b4f983b347ef53b007ba8742b0c585a5cd24 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f7f20672bf1e6e659b04535f54a4519e |
| SHA1 | 3538f16480b0be228e85399fb8f0d5e33258568c |
| SHA256 | c2510f7e474fcea7a2da8cc24b1254f9a364b5d1a071dc7c33e5877ea7d194ce |
| SHA512 | 6928c122a4faea3581fe9aa8dc3fc2de58fe95a48580e429e4f4f9ee8f75bc671b13bca8886c3be89e9da4f13179f8167dbc94c5ead8a34520bedbfb6ebe0501 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7fd6b85727e01df7d6223a75e1ce5c0a |
| SHA1 | 9e91411ed64f22e5ec5b67cfee7c30d5cd86e8fa |
| SHA256 | ce67925c078d8eabd082abf3a7e2548a11219d8830ade19133aa35eda1744cb3 |
| SHA512 | 075810a3f4528d6965a7fffd27bc6ee3a6e90d6e3ece95167d49b6c6fd1f4778a3e9bc81dfd3ee83b80fb12fd85051499cd416713e81872bbdb581e84292fade |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5f9422ee59fef48748709b73c2788704 |
| SHA1 | 2fdcb57c295a8f6647f2c5d5478cdc10a70508c0 |
| SHA256 | a76616a895908aabab1d4b0db296679bba9f8baf9ae0b19bddfc434365e3d0dd |
| SHA512 | 9c3d999c7b6ad15fb2102fee69827c01668fbe21e21d36c148b47d84562ef7f9dc8371f4b17faa81e2ec037a1e4d39d4d6e0e0cdd0c34f0ed05b55717723395f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9cd92490a07c14e64bfc15508e2a0b0a |
| SHA1 | 1ee5764f58decda093a3f34feca38b364baf6059 |
| SHA256 | 026db6273eee25adc573949a0ff9c99a645e58e9846be43aebc6947fde287a63 |
| SHA512 | 122ef5440b3526365f1b41603167f2a64461dcfc9bf3685db3bd1bbea47005e9717fdb388a6a0adc7ef2972a5fb351532cbe98fbfba89ac3b763315d19bb11f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a008adaa62ed7fa335aaf28f5d7a5f8e |
| SHA1 | f45dbe0c51456ca82669941ec3832fd733b9422a |
| SHA256 | 385a0b31dd6253519ba6da96124b3515562fd6c3b813bf39b70ca856d922d6d8 |
| SHA512 | a51a0db0d0c7f20e974f1de361f7a36f0042be07f0a0b633c76a82fad9682bcaa5fc17adccdf9d16da76876575e45b3aa7b00e9d1ba7a065331a79583d330c93 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | a8bc992bad7bae98e96d1c839fc939e0 |
| SHA1 | 83c183c786ee2952427db80c6e91de04d800b3de |
| SHA256 | 6e7da6e50ed27be4e94e33192e0cc7b6c71570a360054a35786b7a8c36f94567 |
| SHA512 | 3cb4d5b9bffdf5a8471e278693ae9f5121cf976ed4e431f7f8fea5bfb7e783c44ad8f5309f986e3badacbefc1704cb2ef611da0ef06ebbe7d56fe74afea5597c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 9051830be32814cfd6cfb4b99e248adb |
| SHA1 | 4fd5e933812bc135e1144dd891a1cb7d792fa77e |
| SHA256 | 710b12881da46852ce1e1c840d760a7a1f71f4c8dc6328036442dbc177ca3eb1 |
| SHA512 | b25ca1caef336c75e3be067079322707be764656ce28e9035180e300643b6f4cb83d3c8c622196394be6f47204c040b74096b0edb75171c237c10e1803cede06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000070
| MD5 | 3f6c5d514290596ff4f2e65fd6799db7 |
| SHA1 | 9f906b1a03663311398ac99a6406da9b030d49b7 |
| SHA256 | 12af5ae614f78775181955bb0ec8ce5e7f7ff01561ddba709f3c551d6d4b1d8c |
| SHA512 | a9993a9de8a08aa30efb662b7852cb040de2216e7271805cb0cb9e064354cd04f8d7928aefd3c95f10bc3cfb6e987a1e6f5e858c3904c20e5a920688a39f3873 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000071
| MD5 | a8425d91152031937e78fe3b0f1209f2 |
| SHA1 | 43ca3f237a333ef9cceb0a8b9dd37490bbf1854e |
| SHA256 | 583c4e0da6965f71539110ce7d07e4b35ca83ec377849f7ecb3112f8ef15d903 |
| SHA512 | 08bf38e9fa662b55a33681169afbab1563ab0e40a31e0c21cf9637b7ef0e6dd79f28702784266d17dda13983a1fe23d9c29a93de7cd964496b556e77e0d59531 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000072
| MD5 | c69b39cca3a3c5a67c0b25111f965411 |
| SHA1 | 1314022da524c52eb53fa547cdaf0db012a0e589 |
| SHA256 | d44d542daa3d49d6185f400cb3890eeacf2ececd3ca6ac68b940cca9215ccd2d |
| SHA512 | 94a33f12f04ff64e9a277546197a7e8867ea7f69d6f09fb917de60223e7a4464ec468a352c66977a25689dd91e4eb2ade06a4c597bbd846810fd6ae6c2d0f569 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 92e95560c9dbbae82edb62cecc7662ee |
| SHA1 | 0954a801f4fd9634d7595c2df99c7595238ec8ee |
| SHA256 | 7f5f7abcc61030b4df94517133e4b38d91468f4099a865766d7aace10b9db112 |
| SHA512 | 9ce27db78905da3be067b317a031c216a4c1797a8a609b408987740132f564b2389e9947d5a973bdf4a37c187429d9eeb4739c46388ec84f5e3407e1c8d54072 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6c4139e32fb029f4e4f39c2ff11ca400 |
| SHA1 | 01ebc2332bfeda5b3033ff04d0eae66127e13bbb |
| SHA256 | a699678aaab36d718d74e44875fc45412dd8d18a6da9cb1d0f75f76c076c1309 |
| SHA512 | 1299c72ea83c6bafb33a52b3027bb9b2bd8f7d6d81aadf325fd402dda9cac1c22b4405bca83f7fcb68012c603f5ec20ff6a3fe205ac365e4b434be3dd6f12826 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 40e73e814b81ab5c3a489e206c843bc3 |
| SHA1 | 5c4a64b6ecdb8a0bc630b6470139e737b9b756b5 |
| SHA256 | 7b5bf466aa52e67c0ec702ed9e32e8954e7263c408eaf4351063f2ee088b702c |
| SHA512 | 93733f29a0b5891aae87bac78817783aa102dd0a4eec5fc6fff3c3d5319e2cac9af8f69c793a14e33ea84a48a0e17fa60a8265a290fe04deff3965328e6fa354 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e15a514e24b1f5bba223f766c92199b8 |
| SHA1 | f763ad45ea3c0c8b2c4b0bfb293ef579da886a7f |
| SHA256 | 6e3b7a1371d806f19d4413889460e644038ebef44eceb8de07573e3b08941c5e |
| SHA512 | e6fc657a41f3ee69fa5cf02effe76ac71c7bd227956dc87dfb3a27d9e7b6656b9c822b3617012885f773564c6c5ee6cdec901c4aae9212e89862239b7d565072 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1
| MD5 | 0af68be40e750be46f0a844bfcc6dc37 |
| SHA1 | 98f73df9d8a6390313d9ba53a210c6be2b25191f |
| SHA256 | 36f02fd8f1e4f9dadc89004ac1d8241b939a629484c6159846e170698a62577e |
| SHA512 | 8afc093a255cd712a824af710eb81778231ce7f0941f62169f08ec12c8d44087b5be42633259c07771cbaf6e9c9c067d4f9f05a6ac18c328151cedfa708e40da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7838e791a3acc77ccb1f0a0996a1cbdb |
| SHA1 | 9a4a47e6df789abcb7641c02e6dfc64f99307cc8 |
| SHA256 | 1350c737d8da7afba0be797570312e60c9ca7e5cb7eed7263abfae722fc30adf |
| SHA512 | 4b99d4a9740474bbcbe8fc5c1fdf2736f9a087296fe3f840ad78473be617cf0a7ecf28d553cc317e5af6d37622eb6e9fbfbcfce7099dff9ad24adda1b41832a8 |