Analysis Overview
Threat Level: Likely malicious
The file http://google.com was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Possible privilege escalation attempt
Creates new service(s)
Manipulates Digital Signatures
Event Triggered Execution: Component Object Model Hijacking
Modifies file permissions
Executes dropped EXE
Loads dropped DLL
Enumerates connected drives
Checks installed software on the system
Subvert Trust Controls: Mark-of-the-Web Bypass
Launches sc.exe
Drops file in Windows directory
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Program crash
Enumerates physical storage devices
Browser Information Discovery
Opens file in notepad (likely ransom note)
Suspicious use of FindShellTrayWindow
Checks processor information in registry
Modifies Internet Explorer settings
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: LoadsDriver
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
NTFS ADS
Suspicious use of SendNotifyMessage
Modifies registry class
Runs net.exe
Suspicious behavior: AddClipboardFormatListener
Suspicious use of SetWindowsHookEx
Suspicious behavior: GetForegroundWindowSpam
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-15 11:24
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-15 11:24
Reported
2024-10-15 11:58
Platform
win11-20241007-en
Max time kernel
1943s
Max time network
1882s
Command Line
Signatures
Creates new service(s)
Downloads MZ/PE file
Manipulates Digital Signatures
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$Function = "DriverInitializePolicy" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubCleanup" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubInitialize" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.20\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.28\FuncName = "WVTAsn1SpcLinkDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubDefCertInit" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubLoadMessage" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPPutSignedDataMsg" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubAuthenticode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.27\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.27\FuncName = "WVTAsn1SpcFinancialCriteriaInfoDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\CRYPTOGRAPHY\OID\ENCODINGTYPE 0\CRYPTSIPDLLGETSIGNEDDATAMSG\{C689AAB9-8E78-11D0-8C47-00C04FC295EE} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\CRYPTOGRAPHY\OID\ENCODINGTYPE 0\CRYPTSIPDLLREMOVESIGNEDDATAMSG\{C689AAB9-8E78-11D0-8C47-00C04FC295EE} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubDumpStructure" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "WintrustCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.11\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2007\FuncName = "WVTAsn1SpcSpOpusInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.20\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.15\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.20\FuncName = "WVTAsn1SpcLinkEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubCleanup" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.2\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\2.16.840.1.113730.4.1\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "GenericChainFinalProv" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.26\FuncName = "WVTAsn1SpcMinimalCriteriaInfoDecode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubCheckCert" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.2\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubLoadSignature" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.26\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.16.4\Dll = "cryptdlg.dll" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubLoadMessage" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.12\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "WintrustCertificateTrust" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2130\FuncName = "WVTAsn1SpcSigInfoEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.4.4\FuncName = "WVTAsn1SealingTimestampAttributeEncode" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.4.1.311.10.3.3\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2222\Dll = "WINTRUST.DLL" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\F: | C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\SysWOW64\takeown.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\ldplayer9box\load.cmd | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\Qt5Core.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxRes.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\api-ms-win-core-synch-l1-2-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\Ld9VirtualBox.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\SUPLoggerCtl.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\tstPDMAsyncCompletion.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\tstVMREQ.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxDD.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\api-ms-win-crt-math-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\VBoxRT-x86.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-crt-conio-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\NetFltUninstall.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxNetDHCP.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-core-heap-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\UICommon.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-core-processenvironment-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\tstVBoxDbg.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VirtualBoxVM.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\api-ms-win-core-errorhandling-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-core-namedpipe-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-crt-convert-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\api-ms-win-core-handle-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\GLES12Translator.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\driver-PreW10\Ld9VMMR0.r0 | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxDD2.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxDragAndDropSvc.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxSharedFolders.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-core-datetime-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\driver-PreW10\Ld9BoxDDR0.r0 | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\padlock.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\SDL.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\tstPDMAsyncCompletionStress.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\api-ms-win-core-interlocked-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\api-ms-win-crt-conio-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\msvcp100.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\msvcp120.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\vccorlib140.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\concrt140.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\driver-PreW10\Ld9BoxSup.inf | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\api-ms-win-crt-process-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-core-sysinfo-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxNetNAT.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxRT.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\ucrtbase.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\Qt5Widgets.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxDDU.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxGuestPropSvc.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\Qt5PrintSupport.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxVMMPreload.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\capi.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\libssl-1_1.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File opened for modification | C:\Program Files\ldplayer9box\msvcp140.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\vcruntime140.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\driver-PreW10\Ld9BoxNetLwf.cat | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\x86\api-ms-win-core-util-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-core-debug-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\ossltest.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\SUPInstall.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\VBoxAutostartSvc.exe | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-crt-environment-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\api-ms-win-crt-heap-l1-1-0.dll | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| File created | C:\Program Files\ldplayer9box\driver-PreW10\Ld9BoxNetLwf.sys | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Windows\SysWOW64\dism.exe | N/A |
| File opened for modification | C:\Windows\Logs\DISM\dism.log | C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\sc.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\UnityHubSetup.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\UnityHubSetup.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\UnityHubSetup.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\UnityHubSetup.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\UnityHubSetup.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\dism.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\LDPlayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\net.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | F:\LDPlayer\LDPlayer9\driverconfig.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\net1.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\sc.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\ldnews.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\dnplayer.exe = "11001" | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\UnityHubSetup.exe = "11000" | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\UnityHubSetup.exe = "11000" | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\UnityHubSetup.exe = "11000" | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\UnityHubSetup.exe = "11000" | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Users\Admin\Downloads\UnityHubSetup.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133734651807844361" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-AEDF-461C-BE2C-99E91BDAD8A1}\NumMethods\ = "47" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-26F1-4EDB-8DD2-6BDDD0912368} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{00020422-0000-0000-C000-000000000046} | F:\LDPlayer\LDPlayer9\dnrepairer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-C196-4D26-B8DB-4C8C389F1F82} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-93AF-42A7-7F13-79AD6EF1A18D}\NumMethods\ = "45" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-58D9-43AE-8B03-C1FD7088EF15}\NumMethods | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-B7DB-4616-AAC6-CFB94D89BA78}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-F6D4-4AB6-9CBF-558EB8959A6A} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-D4FC-485F-8613-5AF88BFCFCDC}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-A862-4DC9-8C89-BF4BA74A886A} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-42F8-CD96-7570-6A8800E3342C}\ = "IDnDBase" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-80E1-4A8A-93A1-67C5F92A838A} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3E78-11E9-B25E-7768F80C0E07} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-5637-472A-9736-72019EABD7DE}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\ShowCmd = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-32E7-4F6C-85EE-422304C71B90} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\WOW6432Node\CLSID | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-C8E9-466B-9660-45CB3E9979E4}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-26F1-4EDB-8DD2-6BDDD0912368}\NumMethods\ = "16" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3E87-11E9-8AF2-576E84223953}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-AEDF-461C-BE2C-99E91BDAD8A1} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-F7B7-4B05-900E-2A9253C00F51}\ = "ICloudProfile" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-23D0-430A-A7FF-7ED7F05534BC} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0126-43E0-B05D-326E74ABB356}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-FD1C-411A-95C5-E9BB1414E632}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-81a9-4005-9d52-fc45a78bf3f5} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-BF98-47FB-AB2F-B5177533F493}\TypeLib\Version = "1.3" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4453-4F3E-C9B8-5686939C80B6}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7FF8-4A84-BD34-0C651E118BB5} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-5409-414B-BD16-77DF7BA3451E} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8084-11E9-B185-DBE296E54799}\ = "IDisplaySourceBitmap" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-34B8-42D3-ACFB-7E96DAF77C22}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8CE7-469F-A4C2-6476F581FF72}\ProxyStubClsid32 | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-9070-4F9C-B0D5-53054496DBE0}\ = "IMousePointerShape" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-9070-4f9c-b0d5-53054496dbe0} | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-319C-4E7E-8150-C5837BD265F6} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-04D0-4DB6-8D66-DC2F033120E1}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-5637-472A-9736-72019EABD7DE}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-44A0-A470-BA20-27890B96DBA9}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0721-4CDE-867C-1A82ABAF914C}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-787B-44AB-B343-A082A3F2DFB1}\ = "IMedium" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-6E0B-492A-A8D0-968472A94DC7}\NumMethods\ = "15" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-7E67-4144-BF34-41C38E8B4CC7}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-8079-447A-A33E-47A69C7980DB}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-CF37-453B-9289-3B0F521CAF27}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4974-A19C-4DC6-CC98C2269626}\ = "IGuestDirectory" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-2354-4267-883F-2F417D216519}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-C8E9-466B-9660-45CB3E9979E4}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6588-40A3-9B0A-68C05BA52C4B}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-057D-4391-B928-F14B06B710C5}\NumMethods | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-CC7B-431B-98B2-951FDA8EAB89}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-A227-4F23-8278-2F675EEA1BB2} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-A227-4F23-8278-2F675EEA1BB2}\ = "ISerialPort" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-BCB2-4905-A7AB-CC85448A742B}\ = "IGuestProcessOutputEvent" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7071-4894-93D6-DCBEC010FA91}\NumMethods\ = "58" | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-C380-4510-BC7C-19314A7352F1}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-486E-472F-481B-969746AF2480}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-2FD3-47E2-A5DC-2C2431D833CC}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-2F05-4D28-855F-488F96BAD2B2}\TypeLib | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-CD54-400C-B858-797BCB82570E} | C:\Windows\SYSTEM32\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-D545-44AA-8013-181B8C288554}\ = "IExtPackPlugIn" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-CC7B-431B-98B2-951FDA8EAB89}\NumMethods\ = "31" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-73A5-46CC-8227-93FE57D006A6}\NumMethods | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-26F1-4EDB-8DD2-6BDDD0912368}\ProxyStubClsid32 | C:\Program Files\ldplayer9box\Ld9BoxSVC.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\UnityHubSetup.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\zip.txt:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Runs net.exe
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | F:\LDPlayer\LDPlayer9\dnplayer.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb92293cb8,0x7ffb92293cc8,0x7ffb92293cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2808 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5436 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8da5cc40,0x7ffb8da5cc4c,0x7ffb8da5cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1932,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1928 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1760,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2084 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2092,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2184 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3084,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3092 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3144 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Windows\system32\BackgroundTransferHost.exe
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3544,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3528 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4388,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4632 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4624,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4628 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4816,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4856 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4860,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4912 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5076,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4896 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3436,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4976 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4340,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3724 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x00000000000004C0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4956,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3748 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5516,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5548 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5684,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5696 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5264,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3424 /prefetch:8
C:\Users\Admin\Downloads\UnityHubSetup.exe
"C:\Users\Admin\Downloads\UnityHubSetup.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 492 -ip 492
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 492 -s 1536
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8da5cc40,0x7ffb8da5cc4c,0x7ffb8da5cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1956,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=1952 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1788,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=1988 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2248 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3264 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3192,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3576,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3108 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4596,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4632 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4636,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4712 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4976,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4984 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4828,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4804 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\UnityHubSetup.exe
"C:\Users\Admin\Downloads\UnityHubSetup.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4396 -ip 4396
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4396 -s 1552
C:\Users\Admin\Downloads\UnityHubSetup.exe
"C:\Users\Admin\Downloads\UnityHubSetup.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 4688 -ip 4688
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4688 -s 1504
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8da5cc40,0x7ffb8da5cc4c,0x7ffb8da5cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2056,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2044 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1684,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2088 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1652,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2244 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2940,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3228 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3256 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4396,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4288 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4512,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4560 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4528,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4672 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4556,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4552 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4876,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4860 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4536,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3732 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3364,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3244 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4652,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5160,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4332 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5532,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5520 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5544,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5564 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5852,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5864 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5872,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5996 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6024,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6152 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4660,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6304 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=3344,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3284 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5844,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5032 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6240,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6040 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6036,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6112 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5888,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6272 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5828,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5588 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6608,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6672 /prefetch:1
C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe
"C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe"
F:\LDPlayer\LDPlayer9\LDPlayer.exe
"F:\LDPlayer\LDPlayer9\\LDPlayer.exe" -silence -downloader -openid=1001 -language=en -path="F:\LDPlayer\LDPlayer9\"
F:\LDPlayer\LDPlayer9\dnrepairer.exe
"F:\LDPlayer\LDPlayer9\dnrepairer.exe" listener=328234
C:\Windows\SysWOW64\net.exe
"net" start cryptsvc
C:\Windows\SysWOW64\net1.exe
C:\Windows\system32\net1 start cryptsvc
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Softpub.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Wintrust.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"C:\Windows\system32\regsvr32" Initpki.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" dssenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" rsaenh.dll /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" cryptdlg.dll /s
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\vms" /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\vms" /grant everyone:F /t
C:\Windows\SysWOW64\takeown.exe
"takeown" /f "F:\LDPlayer\LDPlayer9\\system.vmdk"
C:\Windows\SysWOW64\icacls.exe
"icacls" "F:\LDPlayer\LDPlayer9\\system.vmdk" /grant everyone:F /t
C:\Windows\SysWOW64\dism.exe
C:\Windows\system32\dism.exe /Online /English /Get-Features
C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe
C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe {EC9C9265-CD06-4CEE-9109-2B4E3105B26E}
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" /RegServer
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxC.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll" /s
C:\Windows\SYSTEM32\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\VBoxProxyStub.dll" /s
C:\Windows\SysWOW64\regsvr32.exe
"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxProxyStub-x86.dll" /s
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" create Ld9BoxSup binPath= "C:\Program Files\ldplayer9box\Ld9BoxSup.sys" type= kernel start= auto
C:\Windows\SysWOW64\sc.exe
"C:\Windows\system32\sc" start Ld9BoxSup
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxSup" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxNat" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\VBoxNetNAT.exe' -RemoteAddress LocalSubnet -Action Allow
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"powershell.exe" New-NetFirewallRule -DisplayName "dnplayer" -Direction Inbound -Program 'F:\LDPlayer\LDPlayer9\dnplayer.exe' -RemoteAddress LocalSubnet -Action Allow
F:\LDPlayer\LDPlayer9\driverconfig.exe
"F:\LDPlayer\LDPlayer9\driverconfig.exe"
C:\Windows\SysWOW64\takeown.exe
"takeown" /f F:\LDPlayer\ldmutiplayer\ /r /d y
C:\Windows\SysWOW64\icacls.exe
"icacls" F:\LDPlayer\ldmutiplayer\ /grant everyone:F /t
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/4bUcwDd53d
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb92293cb8,0x7ffb92293cc8,0x7ffb92293cd8
F:\LDPlayer\LDPlayer9\dnplayer.exe
"F:\LDPlayer\LDPlayer9\\dnplayer.exe"
C:\Windows\SysWOW64\sc.exe
sc query HvHost
C:\Windows\SysWOW64\sc.exe
sc query vmms
C:\Windows\SysWOW64\sc.exe
sc query vmcompute
C:\Program Files\ldplayer9box\Ld9BoxSVC.exe
"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\..\system.vmdk" --uuid 20160302-bbbb-bbbb-54d7-bbbb00000000
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2096 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2340 /prefetch:3
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\data.vmdk" --uuid 20160302-cccc-cccc-54d7-000000000000
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\ldplayer9box\vbox-img.exe
"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk" --uuid 20160302-dddd-dddd-54d7-000000000000
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3724 /prefetch:1
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe
"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.ldplayer.net/blog/how-to-enable-vt.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb92293cb8,0x7ffb92293cc8,0x7ffb92293cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5840 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6888 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8da5cc40,0x7ffb8da5cc4c,0x7ffb8da5cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1720,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=1716 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2044,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2096 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2168,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2180 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x104,0x108,0x10c,0x94,0x110,0x7ffb8da5cc40,0x7ffb8da5cc4c,0x7ffb8da5cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3128 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3324,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3344 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4632,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4600 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4748,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4256 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4740,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4736 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4916,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4952 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4908,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4980 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5216,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5272 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5412,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5448 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5180,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5212 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3336,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3428,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3260 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3432,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5292 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5400,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3232 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3400,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5632,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3396 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5796,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3384 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=3232,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5864 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6276,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6264 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5788,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5960 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6280,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6124 /prefetch:8
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\zip.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6524,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6240 /prefetch:1
C:\Users\Admin\Downloads\UnityHubSetup.exe
"C:\Users\Admin\Downloads\UnityHubSetup.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 180 -p 1360 -ip 1360
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1360 -s 1544
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6596,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5892 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6828,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6836 /prefetch:1
C:\Windows\system32\BackgroundTransferHost.exe
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 216.58.204.78:80 | google.com | tcp |
| GB | 216.58.204.78:80 | google.com | tcp |
| GB | 142.250.200.36:80 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | apis.google.com | tcp |
| GB | 216.58.212.238:443 | play.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.180.1:443 | lh5.googleusercontent.com | tcp |
| GB | 142.250.180.1:443 | lh5.googleusercontent.com | tcp |
| GB | 142.250.200.35:443 | id.google.com | tcp |
| GB | 216.58.212.238:443 | play.google.com | udp |
| GB | 96.17.178.56:443 | unity.com | tcp |
| GB | 96.17.178.56:443 | unity.com | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 34.120.195.249:443 | o488710.ingest.sentry.io | tcp |
| US | 34.120.195.249:443 | o488710.ingest.sentry.io | tcp |
| US | 34.120.195.249:443 | o488710.ingest.sentry.io | udp |
| GB | 92.123.128.149:443 | www.bing.com | tcp |
| GB | 104.86.110.114:443 | tcp | |
| GB | 92.123.128.174:443 | r.bing.com | tcp |
| GB | 92.123.128.174:443 | r.bing.com | tcp |
| GB | 92.123.128.174:443 | r.bing.com | tcp |
| GB | 92.123.128.174:443 | r.bing.com | tcp |
| GB | 92.123.128.174:443 | r.bing.com | tcp |
| GB | 92.123.128.174:443 | r.bing.com | tcp |
| GB | 92.123.128.174:443 | r.bing.com | tcp |
| GB | 92.123.128.174:443 | r.bing.com | tcp |
| GB | 92.123.128.174:443 | r.bing.com | tcp |
| GB | 92.123.128.174:443 | r.bing.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.179.238:443 | apis.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 172.217.169.78:443 | clients2.google.com | udp |
| GB | 172.217.169.78:443 | clients2.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 96.17.178.56:443 | unity.com | tcp |
| GB | 96.17.178.56:443 | unity.com | tcp |
| GB | 96.17.178.56:443 | unity.com | tcp |
| GB | 96.17.178.56:443 | unity.com | tcp |
| GB | 96.17.178.56:443 | unity.com | tcp |
| GB | 96.17.178.56:443 | unity.com | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 34.120.195.249:443 | o488710.ingest.sentry.io | tcp |
| US | 34.120.195.249:443 | o488710.ingest.sentry.io | tcp |
| BE | 35.205.92.229:443 | api.unity.com | tcp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 35.225.183.115:443 | plausible.it.unity3d.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.42.61:443 | stream.mux.com | tcp |
| US | 104.18.42.61:443 | stream.mux.com | tcp |
| US | 104.18.42.61:443 | stream.mux.com | tcp |
| US | 104.18.42.61:443 | stream.mux.com | tcp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.183.225.35.in-addr.arpa | udp |
| US | 35.225.183.115:443 | plausible.it.unity3d.com | tcp |
| US | 151.101.194.217:443 | chunk-gcp-us-east1-vop1.fastly.mux.com | tcp |
| US | 151.101.194.217:443 | chunk-gcp-us-east1-vop1.fastly.mux.com | tcp |
| US | 151.101.130.217:443 | chunk-gcp-us-east1-vop1.fastly.mux.com | tcp |
| US | 151.101.130.217:443 | chunk-gcp-us-east1-vop1.fastly.mux.com | tcp |
| US | 34.120.195.249:443 | o488710.ingest.sentry.io | udp |
| GB | 2.19.117.71:443 | public-cdn.cloud.unity3d.com | tcp |
| GB | 2.19.117.71:443 | public-cdn.cloud.unity3d.com | tcp |
| US | 104.18.32.137:443 | privacyportal-eu.onetrust.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 172.217.169.78:443 | clients2.google.com | udp |
| GB | 172.217.169.78:443 | clients2.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 172.217.169.78:443 | clients2.google.com | udp |
| GB | 172.217.169.78:443 | clients2.google.com | tcp |
| GB | 142.250.200.35:443 | id.google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 8.8.8.8:53 | res.ldrescdn.com | udp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| GB | 163.181.154.238:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.238:443 | res.ldrescdn.com | tcp |
| GB | 79.133.176.186:443 | cdn.ldplayer.net | tcp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 238.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.176.133.79.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | tcp |
| SG | 47.236.4.49:443 | usersdk.ldmnq.com | tcp |
| GB | 142.250.179.246:443 | play-lh.googleusercontent.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| GB | 79.133.176.174:443 | apien.ldplayer.net | tcp |
| GB | 79.133.176.174:443 | apien.ldplayer.net | tcp |
| GB | 79.133.176.174:443 | apien.ldplayer.net | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | hm.baidu.com | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| CN | 111.45.11.83:443 | hm.baidu.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | 174.176.133.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.4.236.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| CN | 111.45.11.83:443 | hm.baidu.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 163.181.154.238:443 | res.ldrescdn.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 163.181.154.238:443 | res.ldrescdn.com | tcp |
| GB | 172.217.169.35:443 | www.google.co.uk | tcp |
| GB | 172.217.169.35:443 | www.google.co.uk | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| GB | 172.217.169.35:443 | www.google.co.uk | udp |
| GB | 216.58.213.2:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 18.65.39.76:443 | tagan.adlightning.com | tcp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| NL | 89.149.193.81:443 | prg.smartadserver.com | tcp |
| NL | 185.184.8.90:443 | prebid-eu.creativecdn.com | tcp |
| FR | 163.5.194.30:443 | prebid.a-mo.net | tcp |
| DK | 37.157.4.29:443 | adx.adform.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| NL | 18.238.243.82:443 | config.aps.amazon-adsystem.com | tcp |
| DK | 37.157.6.237:443 | cm.adform.net | tcp |
| NL | 18.239.88.34:443 | aax.amazon-adsystem.com | tcp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| NL | 18.239.18.78:443 | tags.crwdcntrl.net | tcp |
| US | 104.22.53.173:443 | cdn.hadronid.net | tcp |
| DK | 37.157.4.29:443 | adx.adform.net | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| FR | 5.196.111.68:443 | ssbsync-global.smartadserver.com | tcp |
| IE | 34.255.228.185:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.70.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.68.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.243.238.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.88.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.253.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.4.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.175.78.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.53.22.104.in-addr.arpa | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.213.2:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | tcp |
| NL | 89.207.16.146:443 | proc.ad.cpe.dotomi.com | tcp |
| GB | 142.250.180.1:443 | 8d607f7f76058292eb88f46e8eaa8580.safeframe.googlesyndication.com | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 172.67.68.162:443 | prebid-stag.setupad.net | tcp |
| DK | 37.157.2.228:443 | c1.adform.net | tcp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | 159.33.239.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| DE | 159.89.25.223:443 | node.setupad.com | tcp |
| IE | 54.75.14.246:443 | ice.360yield.com | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| NL | 185.89.210.90:443 | ib.adnxs.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| IE | 52.208.128.117:443 | ce.lijit.com | tcp |
| IE | 34.248.113.108:443 | rtb.gumgum.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| DE | 80.82.210.217:443 | dsp-cookie.adfarm1.adition.com | tcp |
| FR | 163.5.194.37:443 | pb-am.a-mo.net | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| US | 34.96.105.8:443 | tr.blismedia.com | tcp |
| IE | 63.34.215.139:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | udp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | udp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| US | 34.96.105.8:443 | tr.blismedia.com | udp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.215.34.63.in-addr.arpa | udp |
| DK | 37.157.6.237:443 | cm.adform.net | tcp |
| FR | 5.196.111.68:443 | ssbsync-global.smartadserver.com | tcp |
| NL | 35.214.241.248:443 | ads.creative-serving.com | tcp |
| NL | 69.173.156.148:443 | pixel.rubiconproject.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| DE | 79.127.216.47:443 | id.rtb.mx | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| IE | 108.129.11.192:443 | ap.lijit.com | tcp |
| DE | 57.129.18.109:443 | ws.rqtrk.eu | tcp |
| NL | 188.42.34.65:443 | ads.betweendigital.com | tcp |
| NL | 35.214.241.248:443 | ads.creative-serving.com | udp |
| FR | 163.5.194.30:443 | pb-am.a-mo.net | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | udp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| FR | 163.5.194.30:443 | pb-am.a-mo.net | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| NL | 198.47.127.20:443 | image4.pubmatic.com | tcp |
| FR | 163.5.194.36:443 | pb-am.a-mo.net | tcp |
| US | 8.8.8.8:53 | 248.241.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.11.129.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.18.129.57.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.34.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.194.5.163.in-addr.arpa | udp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| DE | 79.127.216.47:443 | id.rtb.mx | tcp |
| NL | 185.64.189.116:443 | ow.pubmatic.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.48.146:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 79.133.176.192:443 | ad.ldplayer.net | tcp |
| GB | 79.133.176.174:443 | apien.ldplayer.net | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 241.154.181.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.176.133.79.in-addr.arpa | udp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | www.ldplayer.net | udp |
| GB | 163.181.154.241:443 | www.ldplayer.net | tcp |
| GB | 163.181.154.238:443 | www.ldplayer.net | tcp |
| GB | 163.181.154.238:443 | www.ldplayer.net | tcp |
| US | 8.8.8.8:53 | cdn.ldplayer.net | udp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| GB | 79.133.176.186:443 | cdn.ldplayer.net | tcp |
| GB | 79.133.176.186:443 | cdn.ldplayer.net | tcp |
| GB | 163.181.154.241:443 | www.ldplayer.net | tcp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 79.133.176.192:443 | ad.ldplayer.net | tcp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| US | 104.26.4.6:443 | cmp.setupcmp.com | tcp |
| GB | 79.133.176.185:80 | apien.ldmnq.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.239:443 | res.ldrescdn.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | 1.178.250.142.in-addr.arpa | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apien.ldplayer.net | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | usersdk.ldmnq.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 79.133.176.174:443 | apien.ldplayer.net | tcp |
| SG | 8.222.254.73:443 | usersdk.ldmnq.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| SG | 8.222.254.73:443 | usersdk.ldmnq.com | tcp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| GB | 142.250.179.238:443 | apis.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | apis.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| NL | 18.65.39.121:443 | tagan.adlightning.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | 73.254.222.8.in-addr.arpa | udp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| GB | 79.133.176.185:443 | apien.ldmnq.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| US | 8.8.8.8:53 | 121.39.65.18.in-addr.arpa | udp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| GB | 163.181.154.241:443 | res.ldrescdn.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 104.22.53.173:443 | cdn.hadronid.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| NL | 18.238.243.122:443 | config.aps.amazon-adsystem.com | tcp |
| US | 67.202.6.126:443 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | tcp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| GB | 104.78.175.230:443 | secure.cdn.fastclick.net | tcp |
| NL | 18.239.18.78:443 | tags.crwdcntrl.net | tcp |
| NL | 18.239.68.199:443 | aax.amazon-adsystem.com | tcp |
| NL | 18.239.68.199:443 | aax.amazon-adsystem.com | tcp |
| NL | 18.239.68.199:443 | aax.amazon-adsystem.com | tcp |
| NL | 18.239.83.27:80 | crt.rootg2.amazontrust.com | tcp |
| NL | 18.239.68.199:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 27.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| NL | 63.215.202.146:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| BG | 142.250.187.131:443 | id.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| GB | 172.217.169.78:443 | clients2.google.com | udp |
| GB | 172.217.169.78:443 | clients2.google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| BZ | 190.115.31.179:443 | fitgirl-repacks.site | tcp |
| BZ | 190.115.31.179:443 | fitgirl-repacks.site | tcp |
| BZ | 190.115.31.179:443 | fitgirl-repacks.site | tcp |
| BZ | 190.115.31.179:443 | fitgirl-repacks.site | tcp |
| BZ | 190.115.31.179:443 | fitgirl-repacks.site | tcp |
| BZ | 190.115.31.179:443 | fitgirl-repacks.site | tcp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 8.8.8.8:53 | i0.wp.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| GB | 172.217.16.234:443 | ogads-pa.googleapis.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | udp |
| GB | 216.58.213.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.34:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 216.58.213.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.34:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.22:443 | i.ytimg.com | udp |
| GB | 216.58.213.10:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 22.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 192.0.76.3:443 | stats.wp.com | udp |
| RU | 82.146.61.17:443 | i3.imageban.ru | tcp |
| US | 104.21.30.45:443 | s01.riotpixels.net | tcp |
| US | 104.21.30.45:443 | s01.riotpixels.net | tcp |
| US | 104.21.30.45:443 | s01.riotpixels.net | tcp |
| FR | 87.98.254.167:443 | torrent-stats.info | tcp |
| US | 104.21.30.45:443 | s01.riotpixels.net | tcp |
| US | 104.21.30.45:443 | s01.riotpixels.net | tcp |
| US | 104.21.30.45:443 | s01.riotpixels.net | tcp |
| US | 199.232.196.134:443 | fitgirl-repacks-site.disqus.com | tcp |
| US | 199.232.196.134:443 | fitgirl-repacks-site.disqus.com | tcp |
| US | 192.0.77.48:443 | s.w.org | tcp |
| US | 151.101.64.134:443 | disqus.com | tcp |
| CZ | 65.9.95.83:443 | c.disquscdn.com | tcp |
| US | 151.101.64.134:443 | disqus.com | tcp |
| CZ | 65.9.95.83:443 | c.disquscdn.com | tcp |
| CZ | 65.9.95.83:443 | c.disquscdn.com | tcp |
| US | 8.8.8.8:53 | 134.196.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.77.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.64.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.95.9.65.in-addr.arpa | udp |
| US | 199.232.198.49:443 | a.disquscdn.com | tcp |
| US | 199.232.196.134:443 | referrer.disqus.com | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | udp |
| US | 199.232.196.134:443 | referrer.disqus.com | tcp |
| US | 54.227.95.54:443 | realtime.services.disqus.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| US | 192.0.76.3:443 | stats.wp.com | udp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.14:443 | google.com | tcp |
| NO | 91.149.227.100:443 | pastefg.hermietkreeft.site | tcp |
| NO | 91.149.227.100:443 | pastefg.hermietkreeft.site | tcp |
| US | 34.37.6.135:443 | e2c72.gcp.gvt2.com | tcp |
| BZ | 190.115.31.179:443 | fitgirl-repacks.site | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | tcp |
| NO | 91.149.227.100:443 | pastefg.hermietkreeft.site | tcp |
| GB | 142.250.179.227:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 135.6.37.34.in-addr.arpa | udp |
| US | 13.107.136.10:443 | artxxx-my.sharepoint.com | tcp |
| US | 13.107.136.10:443 | artxxx-my.sharepoint.com | tcp |
| GB | 104.123.88.104:443 | shell.cdn.office.net | tcp |
| GB | 2.22.249.212:443 | res-1.cdn.office.net | tcp |
| GB | 2.22.249.212:443 | res-1.cdn.office.net | tcp |
| GB | 2.22.249.212:443 | res-1.cdn.office.net | tcp |
| GB | 2.22.249.212:443 | res-1.cdn.office.net | tcp |
| GB | 2.22.249.212:443 | res-1.cdn.office.net | tcp |
| GB | 2.22.249.212:443 | res-1.cdn.office.net | tcp |
| GB | 2.22.249.212:443 | res-1.cdn.office.net | tcp |
| GB | 2.22.249.212:443 | res-1.cdn.office.net | udp |
| US | 8.8.8.8:53 | 104.88.123.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.249.22.2.in-addr.arpa | udp |
| GB | 2.22.249.212:443 | res-1.cdn.office.net | udp |
| GB | 2.22.249.175:443 | r4.res.office365.com | tcp |
| US | 13.107.6.163:443 | upload.fp.measure.office.com | tcp |
| IE | 20.50.80.213:443 | eu-mobile.events.data.microsoft.com | tcp |
| IE | 20.50.80.213:443 | eu-mobile.events.data.microsoft.com | tcp |
| US | 52.182.143.214:443 | browser.events.data.microsoft.com | tcp |
| US | 13.107.136.10:443 | artxxx-my.sharepoint.com | tcp |
| US | 52.182.143.214:443 | browser.events.data.microsoft.com | tcp |
| GB | 2.22.249.154:443 | res.cdn.office.net | tcp |
| GB | 2.22.249.154:443 | res.cdn.office.net | tcp |
| US | 52.96.32.2:443 | f433f088b08930821e88addb9dd44e16.fp.measure.office.com | tcp |
| GB | 40.99.150.178:443 | outlook.office365.com | tcp |
| GB | 52.97.133.242:443 | outlook.office365.com | tcp |
| GB | 40.99.150.178:443 | outlook.office365.com | tcp |
| GB | 52.97.133.242:443 | outlook.office365.com | tcp |
| GB | 2.19.117.14:443 | spo.nel.measure.office.net | tcp |
| GB | 2.19.117.14:443 | spo.nel.measure.office.net | tcp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| GB | 142.250.200.14:443 | www.youtube.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.14:443 | google.com | tcp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 2.22.249.197:443 | res-1.cdn.office.net | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.14:443 | google.com | udp |
| US | 13.107.138.10:443 | artxxx-my.sharepoint.com | tcp |
| GB | 172.217.169.14:443 | google.com | udp |
| US | 13.107.138.10:443 | artxxx-my.sharepoint.com | tcp |
| IE | 20.50.73.9:443 | browser.events.data.microsoft.com | tcp |
| US | 13.107.138.10:443 | artxxx-my.sharepoint.com | tcp |
| GB | 2.19.117.14:443 | spo.nel.measure.office.net | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 172.217.169.14:443 | google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| SG | 8.219.136.97:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 151.101.1.140:443 | styles.redditmedia.com | tcp |
| US | 151.101.1.140:443 | styles.redditmedia.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.redditstatic.com | udp |
| US | 151.101.129.140:443 | w3-reporting.reddit.com | tcp |
| US | 151.101.129.140:443 | w3-reporting.reddit.com | tcp |
| US | 151.101.1.140:443 | w3-reporting.reddit.com | tcp |
| US | 151.101.129.140:443 | w3-reporting.reddit.com | tcp |
| US | 151.101.193.140:443 | w3-reporting.reddit.com | tcp |
| US | 151.101.193.140:443 | w3-reporting.reddit.com | tcp |
| US | 151.101.193.140:443 | w3-reporting.reddit.com | tcp |
| US | 151.101.193.140:443 | w3-reporting.reddit.com | tcp |
| US | 151.101.193.140:443 | w3-reporting.reddit.com | tcp |
| US | 151.101.193.140:443 | w3-reporting.reddit.com | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | 140.193.101.151.in-addr.arpa | udp |
| US | 151.101.193.140:443 | w3-reporting.reddit.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| SG | 8.219.4.49:443 | middledata.ldplayer.net | tcp |
| GB | 104.86.110.114:443 | tcp | |
| GB | 92.123.128.164:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 164.128.123.92.in-addr.arpa | udp |
| US | 13.89.179.11:443 | browser.pipe.aria.microsoft.com | tcp |
| GB | 92.123.128.174:443 | r.bing.com | tcp |
| GB | 104.86.110.114:443 | tcp | |
| US | 20.140.151.75:443 | fp-afd.azurefd.us | tcp |
| JP | 104.215.5.225:443 | c94e47342d7aae3b6d8cafef5cbc1060.azr.footprintdns.com | tcp |
| US | 8.8.8.8:53 | 254.18.107.13.in-addr.arpa | udp |
| US | 13.89.179.11:443 | browser.pipe.aria.microsoft.com | tcp |
| US | 172.202.64.254:443 | arc-ring.msedge.net | tcp |
| TW | 51.53.80.32:443 | e99bcfee42003b3b895e5c75fdd641d0.azr.footprintdns.com | tcp |
| US | 8.8.8.8:53 | dual-s-ring.msedge.net | udp |
| US | 52.123.129.254:443 | dual-s-ring.msedge.net | tcp |
| US | 8.8.8.8:53 | 254.129.123.52.in-addr.arpa | udp |
| US | 150.171.31.254:443 | ev2-ring.msedge.net | tcp |
| US | 52.247.12.246:443 | ca39aae5df274587d804175d7d872854.azr.footprintdns.com | tcp |
| US | 8.8.8.8:53 | 254.31.171.150.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 02a4b762e84a74f9ee8a7d8ddd34fedb |
| SHA1 | 4a870e3bd7fd56235062789d780610f95e3b8785 |
| SHA256 | 366e497233268d7cdf699242e4b2c7ecc1999d0a84e12744f5af2b638e9d86da |
| SHA512 | 19028c45f2e05a0cb32865a2554513c1536bf9da63512ff4e964c94a3e171f373493c7787d2d2a6df8012648bbefab63a9de924f119c50c39c727cf81bdc659f |
\??\pipe\LOCAL\crashpad_4736_RMJBCAKQMJYEUFWE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 826c7cac03e3ae47bfe2a7e50281605e |
| SHA1 | 100fbea3e078edec43db48c3312fbbf83f11fca0 |
| SHA256 | 239b1d7cc6f76e1d1832b0587664f114f38a21539cb8548e25626ed5053ea2ab |
| SHA512 | a82f3c817a6460fd8907a4ac6ab37c2129fb5466707edcfb565c255680d7f7212a5669fe2a42976150f16e4e549ea8310078f22ed35514ee1b7b45b46d8cc96e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0c5188d52a8a90cf53edfd9617388e9e |
| SHA1 | 0fdf707e90e1443fe1f3a4e69cd04260886a3e97 |
| SHA256 | 1d2c55359f1d6972651861219bc61b2b88237a10a8cec01a391b6d4b8f8f346f |
| SHA512 | be9c14f8ae0540cc10d6fd6aea5e25139f2a553b9f95e29086c727d885221710960b81b1ac9fc24b5fd8fcfeaa9548d59d7c6da262b3b08647179800f49d7a4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f3048720f1b295da5a55c4cfc506cf4d |
| SHA1 | d14b4077fc270389ede0d5f178e7a237e3cb3657 |
| SHA256 | 72df439992d58906fd97fe941266720bac58778e5b610f1ac3f52d95923c37d6 |
| SHA512 | 24ea6cb03ad72a4c89e7f73f2c67bd067b08bef385e86be11bf60c016a3b32cc2b13d060d3dc0ed4cbac007709b009e6194bbf7c9e848a5452482bfe85f14403 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 25d0eba8a449086b03def7ce1b75304a |
| SHA1 | 504f47ea4b563d9e3ecd2d000115a76339c25299 |
| SHA256 | 2c7bef3258668498eb318db0c2de3ae9aececf7313167bb1dc5aa256a59072ac |
| SHA512 | 4439dbd5e04a2ddc353f5396a31377fabaa23363b441dea5d10afb74738f944b437e1c5977576239c025873a4a37c7c79e42b160a63f851bb277097cc66399dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e57cc066bbcf1ecfbeda92812aced8d3 |
| SHA1 | 35f05a17050d071b80bfdf90d27b5f4a53d7e07c |
| SHA256 | ac6880491f7e779a2e45f101de2cd3c836e81e42f89322f3f21ec3ad63b42c91 |
| SHA512 | 1f82fb475bc4194727c4711f7c176d219323bd928c83b1e2c0090077b4c94f254031401aeb94140d6c5d0236556edb4e299d325dd79c1884e63195341a437983 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 76bbfcdb4df1e9ed82f05e72dfe12ca3 |
| SHA1 | 58469797afda060876ed6ee3b29ee2558dab41e0 |
| SHA256 | 22265f5f97293235421e3989d55fdf153b18db9b994aac71dd01309fccd2780b |
| SHA512 | a7ce9667105e70c9a225ffdbfab5a4f41d82901c4618a90429a0c29f79e9eecefa0ff96f364cb735ea47aa36e32e42df191be033bd8ad62a57200ef100d2ca26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1f791d98d59698e5f8640f675a8f4e7a |
| SHA1 | 3545c099a6bb5cfec40e03c6bd205feb7d9086d1 |
| SHA256 | 2a9409f7e85f96a9a7f990c77bd81af77e687db9522bc4e99fcade8e2280d46a |
| SHA512 | b3de18430086f0dadfaf27bca45d00484b41b1f5697b25a7b27d31dd2851e636b026df5d44c6a849aef14a7c4913d0c93ca604d71a1a5114e45a21839f6dbdc2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000a
| MD5 | 8235f98068f731038d8520df4727c625 |
| SHA1 | 6ef1e3ca36d59de490e593ec195b632e8e09565d |
| SHA256 | 98280dcf81e7ed7a29b2d383c12027481bf771aa6358012ee5ffcc8b3af21e38 |
| SHA512 | d75d4b688898ee9c9ee07f7be6e9dafd0154518ac54042270666969dd15dbc3b7c8cf92997c510f42f20a5ad8270d5324dd8f2ef91666a9d6d0450d60bacfd83 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 40106196ce683eaaef49b6df1430e865 |
| SHA1 | 820ae5fadc452bba9de18c5dba0ba6b5daf9f696 |
| SHA256 | 32ef32fcce2573980bd727a0b76c196013f18b313bc45846c1ddad524ca240a6 |
| SHA512 | 9164c3e9bb2c9c3befbf749bdb66705f373beb393d651cb75023ef2c5554a435e67fd65e9ea14f042dfc558e946898b230fb50a6015121dfc0f4c648bd91da07 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584a62.TMP
| MD5 | 8a09a2dbcbecb43ee467d530102e5655 |
| SHA1 | 3ee4e208a073f1bd71678248da4b18e4fb59b99d |
| SHA256 | bfed521af9d28b3acff51ab2fb3f79c908427f8a56f4efc2e787e6d77342e433 |
| SHA512 | 4aa237510b1546a1922e572e717d5e751830103fb7401e789801861cbed0dabdcd1baaab5414f79eb3106b5230fdaf317001daeef5197cd2da96b0369e433550 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\5fd4b130-c443-401b-a3c8-5058db874feb.tmp
| MD5 | bf30f20572c30dd58117b8fc70c40a45 |
| SHA1 | 625921f6362a6b1a179144bbb474ea4edbad3531 |
| SHA256 | 2ccbb6fd08446fdf141a9ed3153c922ee35e8fecf9fe1880947f40fb390be78a |
| SHA512 | 23858a3ded5b3c8859fada1d70191fd85fc3ed6e2b607f2a11169a9923e795dc28b2b728326ee09e252b4c151f085ef4b625154e3da165b34b9eedebf5cca549 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 826303d9c71b4649e46f21e1a98b11cb |
| SHA1 | 8d6f84bf9072ceebe2c289a9d0a4cc3e5286d3cf |
| SHA256 | a0847ba85a66fb3d40cdc94cdd6eedc111aee1f632dcbdc00a8104a5fee73e0e |
| SHA512 | 351c4ac3d230a85e72b51c77cb4da59ded0226911fd280851e68afb2ae8513e34fe69a7533373f1b82668c414ea2ca53ce3fd9a689893316119e91a0d2d5c707 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4f25f517bfadeecb39a2d1475b185823 |
| SHA1 | e1d856aec89d747bdde8a9dc1efbb9afd2095507 |
| SHA256 | 7a7f4a23417c973b7223b7fcf7d8dd06826587ffe4f3e0d945d88194902647b9 |
| SHA512 | 02c529ebfcbb64fbbaabf69ac439e8e864fba14004a53b0dc3aab075a101480be5bcf2897b9d9d7100a42ca7df0b3b94c2f4460dd2d8bd5406fc520843a2face |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ac8060e6f6895eaced71ef9cc3323ca2 |
| SHA1 | 42e42daac624e5f497d4e22f3d7cf33f9b1c0b17 |
| SHA256 | cfd52ac48afd2bc1ac101aa02ad99f70af8a809c57d4fc2eb1b73d9b9b3dfd24 |
| SHA512 | f976483b1763238d8eb227cea61536f3bc9060f6b63191e5248bea8a418432b3598ecb602923613961cdcdb4c93e214cb23ad847c0193e96263c7e3e64dcb5e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1c3f6fc335638a9324f1950d9e49befc |
| SHA1 | 8d456d7cdda04cbf4bfd11f223f793fa47ab1ee5 |
| SHA256 | d418149eb64e7da51cd73d398ae40a7e6b3e4f9042227b547d39a21f83fe6ee6 |
| SHA512 | ac05c5bea22298734ab5c11c444a9fdbdf15f99934e717d0f4a9be59db3c2472bec3d4640ee71db34f541ea47b130b83c1da0b9da1283d41441fb2d76b5907aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e31ab997453444ef82b19b2966867c8b |
| SHA1 | 588754aaf4877e54391da337e166656ff78adb2d |
| SHA256 | a229dde9bfbe36ab3056bb851f07b3b5ed344afd2cac7740fe36a439d8fc0187 |
| SHA512 | c06cb7064121b1594b4b6d9cf9b1302d7ae1f1c17a26f08537b7715c14c16fd9e39d68747a3c22cba4ea1afc16ef069b26e118ec3236541b4d253520e30eee2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | b3e3a4fb1521dcf945116fa9e812c472 |
| SHA1 | d7a0940a75e394d6acdb5b48bdf80c462dd20b34 |
| SHA256 | 7caad4b574a502372caf8e2aa1062d9c01f8fe04635217130fa8545a787f2e0f |
| SHA512 | f803e26f1ceb9887a9182a05f715fe0d921cebb4aad048b84d950980a8a0d88c81e887216a76a041109e6a12854dd8f9ce130c3ec7d19b27deed1a111647cae7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\5d67e2d6-3e0f-4ff1-8fcc-b294f0a82f58.tmp
| MD5 | b9f71c1676ec60554147307dbee1c23c |
| SHA1 | dc9b30b5b91c4cf616b634afae080ebfc4cf97e1 |
| SHA256 | 3f5ebafd100ff53a373c24594a10fe9c72b5531e717b20bef33b248155ec7697 |
| SHA512 | a5a843f611024f445221895dfd80dee33e2695dcb55adb1c162abea395d4a95924744e0551cbe88b6805c4fc56eb0590c18131fe21f82bb349fc5dad830f775f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c8849f4fb7044225458f11d499ec788a |
| SHA1 | 46368fe615d85d0310c8d1b054310be840e78606 |
| SHA256 | d2087afed025fd074956c3d9cbc4f90dcb206bb17bbc78f8d2ebbeac60f74933 |
| SHA512 | 7f65b6410c1749f7bee12d9b8e36b1b2860ddca3fdcf1507a58045bc3fa4140d3aab05fcbc64940a665d5f04ed3fbe18889320d721d697842a56263bb396ffcd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ad85d47edd66e749a4cbb94433a20793 |
| SHA1 | c501b1ac7bfdd9c73ee2d7435bf1484fe5d5896a |
| SHA256 | 4f426ee2365c6d121e3eed0dcb05dff82bd5d52baaf218233b5b7a421107a172 |
| SHA512 | e3a0278cdd52ecc798f46a5037aa0a453bcb156a7a077ad050b63c70c71400d40c739dee2e76da64cca920f90927923da15329d529a2f5a19cbd07569d332c6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f9ae20bcc81596d133b4a75c2731383b |
| SHA1 | 95e4b7cfffa49789808f5211ab6b25d2d041ad70 |
| SHA256 | 0144a798efda56742108961d9996867137571763f5cb4b71617c32a91b481c2e |
| SHA512 | 4300bcf59d5cd8ab090a9a6f3f54ed37fc728af052b6e669a3e658d90db5f45e465cbe387e51d994a98018be554b24c7ac22d5a2f7cd6545c6b3cbdb9cb9f5fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | 1585c4c0ffdb55b2a4fdc0b0f5c317be |
| SHA1 | aac0e0f12332063c75c690458b2cfe5acb800d0a |
| SHA256 | 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5 |
| SHA512 | 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | be73c294e1d3603b91940bc8ebb1298a |
| SHA1 | 455c4113e038d15b16a4aa4946e6d0d11b1c16aa |
| SHA256 | 56f4c309770d06688d1c83b517bc5d9bdceef117ac6499abd9967347ed2d108e |
| SHA512 | e7f719302db4805ae9b99bdae462ebf25ff4c3dda8134fe7107a2d7781d3d1bfcd76e317150d25d437f95db090ef26508200947a187d4607ece3e2fd01e75b13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 089fb3c1416da9442ce9c58a249f0774 |
| SHA1 | 0bfb874ef51d92105907e8beb0ab4f782cd8bfe1 |
| SHA256 | e6f446d10a01fd770e35e2cbd3e6cd876d142d575d017543acab6a471fb11f18 |
| SHA512 | e1e492e3232d237f92238e3f28d6454f51c0c10795d136d00e34330a9d827e9a85d305f3213ec9fd80036325e8e85cf729147622dd7d044aabdae58535c3e083 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 387d1b908a8f2c83fcc7e9a41d10455e |
| SHA1 | a061402bc094c47dffe0d77b0c7824a608d6c852 |
| SHA256 | d9a303b9b86ed4be4ea1e1ecd04299f39de545d3c779f1f82a655f29607f7405 |
| SHA512 | 64ac0435e1e5a392e8c96cb66250bfa2eeeea55ea1164ab5f14420f78a7f3fabc98d1ee88b5fa28157a0e02fc467b13de7f23ef6f38cecff4437bda0e9561c1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aea98dde604173e31315ddebed956e73 |
| SHA1 | bce3abd76365148e2de37ab96b267b7672b6cc86 |
| SHA256 | 93cf9907d4fb55ad71571ef79f628ad9a4eb7b6cd7b5813b6caf90d07a8e965b |
| SHA512 | f350fffe214cc041a596ae88110a7f9ae85cc6068b4e9cac078309da49b92ed7339d98e0a3bf239545dd38f9db6590379d00bc7180a1796dffa5c9193fdd6c42 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9322d6298445db7e5baa830d19f7f9f5 |
| SHA1 | a0552ff5a6c39c3bdba35d6b9f5d17d2633b63a3 |
| SHA256 | 74fc73b4ee4ccb833be96c257912aad527bd0287438b9f32e10ea6bc4eaf1445 |
| SHA512 | b9e4cc053d108841dc9f6fd6791cf988dcec80432289d09e03df0e7279e0b7537c83a3104a958b207cf26f025aad15ce9688c3560ad479a90976d76b0df6999d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 112f541baeba3358495ab85e33eea27d |
| SHA1 | 1bd6a54481c7a9d61a0eaa6d7459f30f72fbae52 |
| SHA256 | 78b8d40907ab3a7fc552d3ea7dcacf7f8a55ad37ed26e8f55b2752109c3fd3ec |
| SHA512 | 38b60aa4fbeebe888c90e9846dbb4728574b0932240e66cd7f576e2484faac5fdec8c8f7a5be028c9fe23504cb5901eaea61e2ffdaf547154db8dd748a662005 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1ec582aef491e279ded00ce4c47a7a22 |
| SHA1 | 5189b0968570a97ad7fee2f7bac2d1a7ab110d01 |
| SHA256 | 2b678695f55723b09e339058b38098a92082b1f8dec3d6cc5996d629b2f4f2ea |
| SHA512 | dd62d8ebfaaff164d4df6d36d898c2e0ad73d962be53d878b2f76034c6b167762f05ad493c2746b44690ed37010cdd813dfdb5bcc3c2af85238fe85e97194ba2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b0c724eb465cb1b11bc1d52524a78acc |
| SHA1 | 0c3fd20953d531878f0aa93573571f94b9759d64 |
| SHA256 | a9513c9c7413d961561bb51dccfb08db5f5e32d61d4819e159c07f50de78e685 |
| SHA512 | f71911556c1eda2127b6b927b6ab09ac926732b40e12f99b655fe28588f813d358aa24cffebb2693d5e4503092a95d2a487235958210d063a95ad9e1cff924a1 |
C:\Users\Admin\Downloads\UnityHubSetup.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3901dc261957b1a0a6fbfaabc164722e |
| SHA1 | f934e153239bccdf9ff73266e18c286f756e1835 |
| SHA256 | 40f744d888237efb548529fd291374cdf2b732fa17aea8fc72d939c5e7496fa7 |
| SHA512 | b5b001943fff6d37e2d69d1723c1ad9de990f831dd2d9a6a3e8dc4ce831c96325563ea15d680fd389038e525c2ee957676365ae97db46ad6efe88060b9a6c1e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 23a71cf5924f2b3ce2dd4f3034547a70 |
| SHA1 | f7962a0f57ac798cbc06c04919fe7c0d4214b0c4 |
| SHA256 | fa64570328ac1ca64b85304b4c8e09d5e1fdfb720c68dedc3d249fc8dccc6a83 |
| SHA512 | 935f8f36831560e639a85501368f920f7320af023bcba9a8bfe09efbcd61a02dd892c3338813aa560282698d5c43b6f8cb60ab75dbc93962dd4bbf080ad8b96b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3c645d73bd70bc9b1785054751f57e5f |
| SHA1 | 5f8ecfe1ebea5a3008c74b86b350416864a01af5 |
| SHA256 | c379748461e40f66f00b29dd74d3673c4be22934d4c66ed5f4aa67078ac8e13e |
| SHA512 | 97fe3b922d288f5517336596ded956814a24fead76934020f81727988f0c4a47e635c51d75d05ed8a062f2b4492ed3aa986005b8c02f7dd6daa1b8ad1f6df3b1 |
C:\Users\Admin\AppData\Local\Temp\nshC7AC.tmp\System.dll
| MD5 | 0d7ad4f45dc6f5aa87f606d0331c6901 |
| SHA1 | 48df0911f0484cbe2a8cdd5362140b63c41ee457 |
| SHA256 | 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca |
| SHA512 | c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9 |
C:\Users\Admin\AppData\Local\Temp\nshC7AC.tmp\UAC.dll
| MD5 | adb29e6b186daa765dc750128649b63d |
| SHA1 | 160cbdc4cb0ac2c142d361df138c537aa7e708c9 |
| SHA256 | 2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08 |
| SHA512 | b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada |
C:\Users\Admin\AppData\Local\Temp\nshC7AC.tmp\StdUtils.dll
| MD5 | c6a6e03f77c313b267498515488c5740 |
| SHA1 | 3d49fc2784b9450962ed6b82b46e9c3c957d7c15 |
| SHA256 | b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e |
| SHA512 | 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803 |
C:\Users\Admin\AppData\Local\Temp\nshC7AC.tmp\EmbedHTML.dll
| MD5 | c08431578109da597240a3cbaf65fd63 |
| SHA1 | 687ef12f3db594332a3c9e679b8822eb9bed89e1 |
| SHA256 | ee95b019b9c8681be56038bf4a4455f74c4f83c287fbaded6b5aa7b5dcf4a38e |
| SHA512 | 8c8814a4c11ebe48be075e228477f394077efac04f2b7ffbc39339270d9a0b699f8398a17aa4cd4a0570c8f8c9e7de757facd30c326f1dde480a799542b07e8f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9ea33a0f0088247a518a422dab36b1f7 |
| SHA1 | 86a9556bd05508d210b24e3a2121fd6a6f183980 |
| SHA256 | 5012397820db5683641f429722d51fdb16f7c39dfe998c7dfffb5e5310990387 |
| SHA512 | 7a9a78ddec2cdc2767b7060c16d12616dc3f7bd9e2db36b0ce7993a85a165acf4791921020774ef7a95c39178850f729eaaab4e059513e0bf71bf10466fe1be1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 39a25f99c8366b25ac53b3d140540154 |
| SHA1 | ebe0b0d5839fffcad2fb37105817f78ae6e9733b |
| SHA256 | ac2521bde18c20e818ab738d8dec1f9bbc753e7b825aeeb0504dd221b22e6479 |
| SHA512 | c303fd1cae602e98ee60cb1febb9f9b3bac7a45f6850c2ced1b7ed166389a76f915f0473ae75113792c8fb7039ae6c228980055a9a8af6e1a44b4e88378586b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 88324ee6869c9d2254373af08bfa9f2b |
| SHA1 | d111bfd44b6fb80db6b8bf94969a943a67ef143b |
| SHA256 | 553e39c59dbd2c6b80b0aaae6ce34434ecf84c0c24a80a3856fe8e69b2f88b30 |
| SHA512 | deb26f8abb5ac38ad7abbfed992098266c6f79fd07cb2c2b9366c6c679c581677949c412410db56d54e500a7ed32c73de906be548ff79b0cdd6be0827fb36f0e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 142cf3efac32edbacda360d2960b4bc7 |
| SHA1 | 4f392983c449611d8b86eb83d093b1857d345b4e |
| SHA256 | 5424e1adbc765ea350c811b3120b30ba3d9074c1b5ff5b3bbe59ea8194ed3b12 |
| SHA512 | f629db04b6dfe6d4b6e51289d2bb39d47a1dd0d4039160542f062ac1fe4261db4f84fc1fbec143e879baeb50476ae146d924ccf62d0fe46e83135bad87d0f2e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1
| MD5 | 50c2eaa4fa0b4f3a59db796794325bec |
| SHA1 | e6e5b4c03349c7cdd3b6701ea575b83f567ac99f |
| SHA256 | b292448e45fd63fd0e020957b0d667c2acb13247fba945f2a760b430ec69386a |
| SHA512 | 0ca68515b673a128cb3f08303c3a73b5f1898e0e0e8877ac4826866a5c98d6022278d0e1ae27f92b551ba7b41e023834631208dcb192d77e5ad1a8209f150e20 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 79e90b79849ab24f7077995c4e45f1d5 |
| SHA1 | 3dae744f25bcaa1b690d61b789a8b1e58a790953 |
| SHA256 | 3d2a7a2b6c89618f30d26fd5dac9ff7d52d6cf1d3651fd7aaa1d1229464b1507 |
| SHA512 | 6169379e245102bc4b1ff74bc2c7cf356f24fdef55e5f3f8a7323da36f6ca92f1ec38bf230cacecc89c33e12e1b201de417a570a998f31cb281bed3ae8f8deb1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | bc6142469cd7dadf107be9ad87ea4753 |
| SHA1 | 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c |
| SHA256 | b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557 |
| SHA512 | 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 6ee91c368f2ccb27602daade4d6a0c6d |
| SHA1 | 07417fb3286163c5aa48364a5b07e1b4c170fe66 |
| SHA256 | 9b9b540f18a899f45bc1261fdf85db06ac0524e47cad52edb27e1de5defcb1e9 |
| SHA512 | 6263d93d37f93669a203152df119c59f59ed5bc48e6ca2b4b9b1941ddb3a1176c4bc76f6e02665a6563c6eff2b8683a88aa51aeeeb8aecfea343182f8a01bcc3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | 68cf502e2ad004b6ebe2e620c55274dd |
| SHA1 | 557b74a22427f1146155cac0ccd7346e535b487d |
| SHA256 | fa6e62d495b4d2d4f6f5c1f99d1a5662cf609b1353a77fe152630cbab893a37f |
| SHA512 | 3e3662cb49138a24ffcb240f6afb2e684f337c3a1419dd6a0d2e224b87859217a4aee80d588a095e47d30ef8fc9397e040519f128784a8be5ed520a39fa3f971 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | bf3941267721bd7937dc6764cce1eb6a |
| SHA1 | d159642e19e03c48ee52fb67b44bbc5c27c2aaad |
| SHA256 | c6b1d1be90c8f728dc2a75f052d049c7e0f39cfafa2be67f238bbd3113721972 |
| SHA512 | 2fe3b1503814593db8ca32af3035b7645dff8a7c52c6d867b93b72792534cf52f3f1fde44f118b8b16c4618b120ae7d59a8921368722eaf67038f52cdc014cd5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | a11454e926e1316ff204c51490080b58 |
| SHA1 | 4506cf5752c819ff30cc7be1689a7dacb875fd9c |
| SHA256 | 4e48a05e1b8a89a995c09c71e1bede50474a7f5d0bb19a82c9901bd774ed95c2 |
| SHA512 | e9ca0d00e4694b2b0dfd60bade7a7bdf85c4208d321f6be493a8a1c556a67502096aeed862e7465b3b6b1635d83a0888431edbd095a4c4a30cf58f5e2970acda |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | ad084ae94f2a62341c8a94c326acae69 |
| SHA1 | 12a3d4b5b0224b69c252e6de42f9c2d38221e2d0 |
| SHA256 | be5a10dd2bb7d409794492a1c6aab8ac0aa7f6f8ffb487d2eac22c10e556afed |
| SHA512 | c95be5871884c93e3f5d857f7065fa749d78573ef136577f3dcac7855ecd32231a990986be3b206b75b7ae31d88e2c55fffaf05da6bb4e41eb836f2a8d36d9ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | abda4d3a17526328b95aad4cfbf82980 |
| SHA1 | f0e1d7c57c6504d2712cec813bc6fd92446ec9e8 |
| SHA256 | ee22a58fa0825364628a7618894bcacb1df5a6a775cafcfb6dea146e56a7a476 |
| SHA512 | 91769a876df0aea973129c758d9a36b319a9285374c95ea1b16e9712f9aa65a1be5acf996c8f53d8cae5faf68e4e5829cd379f523055f8bcfaa0deae0d729170 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 50c1a7bfbe54367271f77203fd806c5a |
| SHA1 | c224ff0ad20341cffc7a0d5d3cbd131143af902c |
| SHA256 | 22c4ba20611acbef25780904e39fe8b610b8f5185aa0c82c60083c03e8da91d6 |
| SHA512 | db83429f4641fac4e78156b660d32993b47ccbba2349220cd30a5d1a8058f8afdfb89b9ed854efea96101c35101273bbe2afd144dfd06e3e470820f2240715de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | bda14d5442dc4ceed2514149ca42db81 |
| SHA1 | d3e0f14d070e572320517dcd1e31c48201aa35d8 |
| SHA256 | a8673f1311ff748a80798ffbce7c0bdc9933c4c9e8d3202e9a63c9728ade1562 |
| SHA512 | ac721da7295f4afc68b967f1085f4d3a5f8e76808b47fc910ce1c35b30a218a3831c8d8ae44074fc8cdd058eecbc413edac5be313c9d38073b0bf4c0db49702f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
| MD5 | fb9a919ea8a2c070b5b38a282d047bf1 |
| SHA1 | a4f54d653c92d3ab8909f0911c813bb2b2d3733f |
| SHA256 | b6ddefb422cddc768988e9fcdd490d8190b981eb857d2d6131f7352ffbe7ee8d |
| SHA512 | a97dc8bcab60b364fd1dad2f236c99f61bb38f3eefb22b24d5308fc4be929790b0453f960bb5819bc45bba844b511d94bc0a6e57e50ec32b6987bf00949ecb78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG
| MD5 | 0dba01ab2f4e3dfa9f4ef35b6f02798d |
| SHA1 | 3361b1218e7dfa71d1ef72085e55a22b9c3028b0 |
| SHA256 | 94458ac1c50f7e2152cc6af79a6303042c84eb04229ead74f0734a6edcaf950d |
| SHA512 | a9f5bfd95ccf85ee28f0b4ab0d306239ba4c51aff82daba56365bfb68abf6cfb17f68e702eb9ba2f6999f6eeb556c0f3e605f6d4cee4ab4835244310814b90ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
| MD5 | d04ce95af110ce57369a565549bdb435 |
| SHA1 | 8aff697371b9251421420da745e94af269205c05 |
| SHA256 | 5b8254f881d1be274109543f7b189a04cebe9394aadcae8aac60862a86c055cb |
| SHA512 | 025cd0e15da0a4f5f12dcd6e91d31f4e40b0eddf5aee4dbb38ee49b96adfc4621b4ed235ad8d7a1c422d45b7c6e14caf6890275dda1fa6c019accd1beda9fcb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | f1876deb695d3f59a8f44228dc98fa88 |
| SHA1 | e168bca9408342fe00c0fc3af8fdc9931a2ca7b3 |
| SHA256 | 8aa6642ea90482e7cd9ed1105f402eaecebc80a9127aedceb7b05c0a96d75c56 |
| SHA512 | 96208d2f91ef7fc527b59ddd2d4d9863be34d62859fdeda0afe486ed547ef039c49bb7edfc5bcdf1b7d8a857941730f8829fabcc5f2481dc1646fd58c9ceb660 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | b6169ff9c9d2f3331cb88a69e796a426 |
| SHA1 | 2c0834fb66c58e767011b1ee0591cb83cab9d198 |
| SHA256 | 3c3bfcd73a39eb0eb88ae2f9cb03052ac28ad21ea42bf22a64ac119c4f7c83f0 |
| SHA512 | f8364e85194ce59f045695528f32e4ac96c4a5be2ba68adc52d678e24c9957de46d0a1d60cca4f310b87a425814b873cd07b463ab281dd3e267ddc7642bee4a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 486ddd735493462e7d7e40ff6e494e05 |
| SHA1 | 479071b94ab7aaf36bbda808ffac38889d4f865b |
| SHA256 | f98c2d6da6f9961766e920efc320d11153f919452c047f8c9dbbcd7c4437aa09 |
| SHA512 | 97edd713459c8100694cf9600797473e3f8042b99452976c835ea3b66656b77dae7b5868187f35c7df18f5511dca4315e7708e81eb45ac2f75506faa878989f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 1ad32d9a035ac763e5bd132a75e82a32 |
| SHA1 | 7f739b346e13efb79be7be90eb2c868524f0cd81 |
| SHA256 | e26d1aeb59625a9cc25357cf306270044685fa8b8015428df4d5d4911acd7b4b |
| SHA512 | 4e6c6f9c974fb101a3bfbdf18a98db7e743cba4382bdcf9fe41695633e6adabb0f3eb0906026230e0e5e9c5962d3e87be22cdc4cd405b8da5f32cacbcd938ab8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | 0f344098f314e18ee76279f27141d293 |
| SHA1 | 0e6952abf67caf6aa73c8da0ac3cd177eb52a779 |
| SHA256 | f5dd23640d4919a124367176bd927cd65e719d6e2f73ea08803194050242c735 |
| SHA512 | 22daba5a19642bbc3f9a52b96acb2dbdfc0a22f236918c4d89008f603f580a4e24754054702c2be9e86bf51a726b79874b851098a0930cb131987f865f405f77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal
| MD5 | d4bea4bf6f416f26ad86ce0143c7511b |
| SHA1 | b42ae32a367538e46536c9e064c872a15b409258 |
| SHA256 | 3c72b17033526e7218d1a30064f42b147c125d4e419c8155b515362c381e701d |
| SHA512 | fd6757be32ecdee63462f25ee26188762185d512f507036a2686f148ac0a42c781e42b7eddbf85774785618892d77c8e38ad44ea74e4bc53165d0a6f0c292cd7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db
| MD5 | 05d12410ed600723b8db30bc86512c54 |
| SHA1 | 9909545cb4d0b1100c6a9f987c824c6d8f0e911a |
| SHA256 | f75d9931f122a32b49aa1acf6bb1b334103ac319e575cf6dcf905e305846aeb6 |
| SHA512 | 91c87ed7ca154188b9c606bd85972d8ec798a276e5f6d30ee53cc128e2fd7110490214e4c861872cec4a77f686ee110746b4ed9d716cfa0a8e5527823c52811f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | ef48733031b712ca7027624fff3ab208 |
| SHA1 | da4f3812e6afc4b90d2185f4709dfbb6b47714fa |
| SHA256 | c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99 |
| SHA512 | ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\0f4239b1-f8bc-4ef9-b59c-775c33629c14.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ebf3aa80080a274d001a51c8c68bd0d4 |
| SHA1 | 30bef8b51437232d78fc409103af1b591928de5d |
| SHA256 | b3f8a5458f9607f1c14b097079b13bab7b76116dc2452a9d17f664a8190f7dba |
| SHA512 | a42fbb22324b9d2a5b220f4e46bc88b84adbd3da5bc9bb1869e3d1c4783889453cfb2c667887b531f21f7d1740aac15a6fc1c9842caca9c9cdc82ec597c066c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2ef40b7ed3fa63b930b9df9cd269b46d |
| SHA1 | a35a5c1873f7fea1fa6efeb581aab90bb5d4ad38 |
| SHA256 | 662f8f3336f034089c392fca5f0e979ac78a66961942384da513f7d807742b55 |
| SHA512 | 84dbc47fea695b3441e888af5cfe142341c4ac51a28914d986f8f70d9c4edb4bbdf26f8dd64c6d6d6aa3e3fc99a3b1bdcc949c03051af50700a628a9fadbe419 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4908bedb51c85b552037441d08f7c3a4 |
| SHA1 | 0299a52769aa28f733261dd846c2c42eaaea7501 |
| SHA256 | 30f4f2e51d16c52d8025db3e34958934482a33a2b62cf9d3d3225d5524c87b44 |
| SHA512 | 649b9c8d1133d97af4ef004c310e89664d44ce7d6070e55b4b5dff718aff161221b56cef0a189a9ddd99018a5615c06bd3e7309dceec4986922c63d70e0b3520 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b5a22dbbb53e949377f6d8191aa066e0 |
| SHA1 | 601a749b2fca7924c0a41c22823736ef137a583f |
| SHA256 | fcebbcfdf43617436964ec88403d2666d6cdb0e7ad5abb7ef3e1aa65337f699b |
| SHA512 | 9447f41e3f7c73d799f6ae028617f87c9a6ca6f0d3b653ec85ef4c4c24788f6758155cff54e51205541e0ebc7005ff1db894bea54fde08acc7c59e596ea2721a |
C:\Users\Admin\AppData\Local\Temp\nsa4D19.tmp\license.html
| MD5 | 2a55eef1dbfa31a5df65484d2cdfce8c |
| SHA1 | f1b36d4cafdb2922bca1f4721cffc170fcd1b64c |
| SHA256 | 223f54604da92aa58886ef5467837077a76d6d5061ee701128f45a4fe8e60a96 |
| SHA512 | ec414f6aa58cd692bef59c4577502f97f56c0b7d53c8972bf6095691ca6e7601d8f07555ab69b18793767b1fac32c808a5d2731d33a4c352f732842648cb8b8b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d58d96ba0c7b9afaf4133f1ee2be3069 |
| SHA1 | d6cac29f513f94664d9935775bc45487c4d0687b |
| SHA256 | 9d3dc5526c4fe1db920331c1a7c40477f7f958468d77acf2a30fa9b610530be5 |
| SHA512 | fb535cd128074e7787ae75b5baa3801283ca721d2e258dd8d09499f3ff18e56e84633bf485f349e24ca745f4493bc3b05a168c308233aed45d3168f587c89843 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d5769d9fe31b4970e0436e5e1b7aa58e |
| SHA1 | 761fb0641fbb5c9d1179d80c120090e7d8a3cae5 |
| SHA256 | 51d12b2d5b10cc6117edc2dad83ce41b87edec48639ef93eaae733fc71295da8 |
| SHA512 | 04f5dad65cfb4ba85565ed6404d23aa14ff8bb0963383fd718a792f1714a84483aa30095b4b415c7fde83d9b2548f4dfbf582f018572904bc924308b1f9ad48f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7194922d0a945a92e7b1c95f7ef3f04d |
| SHA1 | 73e654a053181141074e751a39746174dfd9cfcb |
| SHA256 | f580cbed8215a905594610ff7bb324c6913216063c27dd4bd7f5b4489e9c3adf |
| SHA512 | 1fdd43c9770d31cc7044eb71c91b79dee2c9b3d98b31c4af62c4ef92403e645e7dbb6187e62eaa7ae0ba9f0337321ab2fa8603f62ef966a1467a7d3db1099109 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt
| MD5 | a7a2f6dbe4e14a9267f786d0d5e06097 |
| SHA1 | 5513aebb0bda58551acacbfc338d903316851a7b |
| SHA256 | dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc |
| SHA512 | aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe5b0fac.TMP
| MD5 | 692ed566e2c88ba5d198b2fad7e14519 |
| SHA1 | 08467667c1c0dd5ec19bb509cf7183ca81a912f9 |
| SHA256 | 46846c9095257a69f528d63754e72825d958b93d61def5a0770e936a73f9b2d3 |
| SHA512 | f2fa54f82f0f92a89532688e9f52d70881d188d3a9746c8f5629ad8ca735afe520e06158dfd1f0101aaa79dd2ba36a6d060c1cbaf7024177ccd3cdc9e7783c7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 94a9eb42c6b46a5666f18b743f45ca0d |
| SHA1 | 4813e9070097eb08502927383a860a120271bfda |
| SHA256 | 6cf4201e4aeb85b8ffc5f9a780bd18fd6fce8e62794b2283b3cda8e6006e3a30 |
| SHA512 | 5bfe6119051f43701398db0a3771d7421b25394153cda691ffc64357342c2354db7da151265cdbf83988deb8aae74e3fafa1b55a324c369add515132e9867477 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d
| MD5 | 24e2a32e7e8a190a08af9d386f5b59b3 |
| SHA1 | 4a609894398d5e85d07af10af19f85edfedb7f17 |
| SHA256 | a99e8f750e7601902e9fd11052906362b1031381f9f6fe63ffe2c4cd2b8a6d05 |
| SHA512 | 901e49d54709d2232b1dc521a1f91098d38efa173d1a40247019dbe74cbf624fb2c546f4f643e24056137b08c3365cc2cd67841ec522fdcd5cf77ee9d613f8f6 |
C:\Users\Admin\Downloads\Unconfirmed 612581.crdownload
| MD5 | 9855e448af8561fc920d69a7b45a309b |
| SHA1 | 9ceb185e61fde58d6db6e3c4e2e7932ca53ce712 |
| SHA256 | aebbda8979b54ca3094e835ec7bffb08aca6c79480675d46bc5df75d9750a583 |
| SHA512 | a37495c629c9fd636702f1e1479b0ffd8c7b921cc914a7208478d2b9c348149634bd7736ed41d6627902e8b8e5d5316dbeb3d5783b93574a48b7fb1786fc6d6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 088f6951f2ae63460e9b84a5fe412675 |
| SHA1 | 2d4b3a5fd4c34f366064e45288be8276892a299c |
| SHA256 | 607310563407f3a543bcbb3b3ca504d58830aadc1d742da0dbd55420386e9e14 |
| SHA512 | abd0c3654e78817d0a59198cc72b4b66972f45a430f71763e2abdc17a7be35e2382ee63ffbd7c92f20e5a48a3936e0f7bf1f41b78f1d4a896fe63b54e9a34ab5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 281d3b274317881e32a179f99fc8155b |
| SHA1 | ab1b4fe8466e6f3af929890c091eafc4baf05d8f |
| SHA256 | eee7b28f5ef586fcd2e6551db9429ff752c7d07405a3bf2be3e3d11274dad154 |
| SHA512 | 211a967a462de701a1c232ef64e970eee72175bfc709025fc5589c46ff18c0a001eb00882fa329e38667d61e4bd1ccb71b1c472e9f4d4be8640cd39c26766971 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8835c7c1251f8d638d102e36363a17cd |
| SHA1 | fbad21071d938503fedb2feffad75ee176f62437 |
| SHA256 | 924393f879f28b602fc5b0dd3fb9a3e6e06eb1aef3bcf96b1aeb895df2da4059 |
| SHA512 | 1572229c285f16fca16cb7bc0b71fb219e99943bee8c5bd89f2a574d77e9e2db289f21e1c39be8bfcb2a19a861f76737cdd34730f0d34cea3d9aadcf0503fe10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5f6d374e8653c7836b516c2f9e726753 |
| SHA1 | 5853881082215c8c6cd163a7b6741146f7b78cef |
| SHA256 | 3a08ccf1907fab905840d256c8d69c9657cba5f88e39dd53fed22c3a90ad65ce |
| SHA512 | fca01f5c573e61afe2983dfe5c9d7dde7a5a28cd90d876201c31275ef7fbdb1b27b3e165d6759b6fd01a2c8add14aa30734bd031ba42efbeec8c1b86544c2b37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5b0db31a99b82fe48fa8a16a523d68ba |
| SHA1 | 6257b5b0749272212386fbfbe9071cec23013df3 |
| SHA256 | 9acb2ace75d519878df3ad1c623bf17b5a5e9d31e2e6bf6e6c28c5e8d0dcf89e |
| SHA512 | 9622cbfcff7fb087e398dce9b3e73bb89372ca176c15660215431fb081a07acff763c50c473fd285e3a226d966a495d1d6aeb9888a0a4cf9f4df698b3ddf42c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eaf2f13eb973cb9e8c65347beec1c85f |
| SHA1 | ef89a6f6d25fb999bac2cb191cfbf4cda941add1 |
| SHA256 | 9685ac649288f776f7aac97596088ed1709078bca723404b6bafc0ceaf085ac2 |
| SHA512 | 7f34a7c8bbd9011c74d80118578c9fb0bb8f12a9022dac1a39a2045cf019f158870cc51b57b9be57a0e821a034620176d60876b0a18541a0daaf933901528ab1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a9692eec9ecfe627b52c52123283b992 |
| SHA1 | f72325bd146f3d0cd8ff75c9ab4a3c0b61ffaa99 |
| SHA256 | e04241a057473017e1587b7928b0304be0b4505ccd88765917d713e89951c0e9 |
| SHA512 | e9ba0b6b92190b90e33b519e00aef13a46be316dbbd79f03e66b74a3762abf642d9b18c7b555712370b42a067a4adcae4711906dfe1a5cb8adbfa31c35d4e116 |
C:\Windows\Logs\DISM\dism.log
| MD5 | 02ba43cb8c74093ef194e163827210cf |
| SHA1 | b402503d1b49b51dc27a19b5aab5729aeb03db97 |
| SHA256 | 46503a9ebdc8d63b1691359e1af005d863342e3d66811485611a2e0f0feb4ed6 |
| SHA512 | d08f20e22a21712131d6961cc5e3fa34490d6380aa01c32618bcfac8f16d70601a0363a07172e9d2487937135ce377e27da0682dafc365d52469feb52463989c |
memory/3388-2583-0x0000000004E20000-0x0000000004E56000-memory.dmp
memory/3388-2584-0x0000000005580000-0x0000000005BAA000-memory.dmp
memory/3388-2585-0x0000000005530000-0x0000000005552000-memory.dmp
memory/3388-2586-0x0000000005D20000-0x0000000005D86000-memory.dmp
memory/3388-2587-0x0000000005D90000-0x0000000005DF6000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_jiwgosfi.0tm.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/3388-2596-0x0000000005E00000-0x0000000006157000-memory.dmp
memory/3388-2597-0x00000000062C0000-0x00000000062DE000-memory.dmp
memory/3388-2598-0x00000000062E0000-0x000000000632C000-memory.dmp
memory/3388-2599-0x0000000006870000-0x00000000068A4000-memory.dmp
memory/3388-2600-0x000000006F680000-0x000000006F6CC000-memory.dmp
memory/3388-2609-0x00000000068D0000-0x00000000068EE000-memory.dmp
memory/3388-2610-0x00000000074A0000-0x0000000007544000-memory.dmp
memory/3388-2611-0x0000000007C40000-0x00000000082BA000-memory.dmp
memory/3388-2612-0x0000000007600000-0x000000000761A000-memory.dmp
memory/3388-2613-0x0000000007680000-0x000000000768A000-memory.dmp
memory/3388-2614-0x0000000007890000-0x0000000007926000-memory.dmp
memory/3388-2615-0x0000000007810000-0x0000000007821000-memory.dmp
memory/3388-2616-0x0000000007850000-0x000000000785E000-memory.dmp
memory/3388-2617-0x0000000007930000-0x000000000794A000-memory.dmp
memory/2500-2625-0x0000000005850000-0x0000000005BA7000-memory.dmp
memory/2500-2629-0x000000006F680000-0x000000006F6CC000-memory.dmp
memory/1288-2647-0x000000006F680000-0x000000006F6CC000-memory.dmp
F:\LDPlayer\ldmutiplayer\fonts\Roboto-Regular.otf
| MD5 | 4acd5f0e312730f1d8b8805f3699c184 |
| SHA1 | 67c957e102bf2b2a86c5708257bc32f91c006739 |
| SHA256 | 72336333d602f1c3506e642e0d0393926c0ec91225bf2e4d216fcebd82bb6cb5 |
| SHA512 | 9982c1c53cee1b44fd0c3df6806b8cbf6b441d3ed97aeb466dba568adce1144373ce7833d8f44ac3fa58d01d8cdb7e8621b4bb125c4d02092c355444651a4837 |
F:\LDPlayer\LDPlayer9\fonts\NanumGothicLight.otf
| MD5 | e2e37d20b47d7ee294b91572f69e323a |
| SHA1 | afb760386f293285f679f9f93086037fc5e09dcc |
| SHA256 | 153161ab882db768c70a753af5e8129852b9c9cae5511a23653beb6414d834a2 |
| SHA512 | 001500f527e2d3c3b404cd66188149c620d45ee6510a1f9902aacc25b51f8213e6654f0c1ecc927d6ff672ffbe7dc044a84ec470a9eb86d2cba2840df7390901 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\ssleay32.dll
| MD5 | 0054560df6c69d2067689433172088ef |
| SHA1 | a30042b77ebd7c704be0e986349030bcdb82857d |
| SHA256 | 72553b45a5a7d2b4be026d59ceb3efb389c686636c6da926ffb0ca653494e750 |
| SHA512 | 418190401b83de32a8ce752f399b00c091afad5e3b21357a53c134cce3b4199e660572ee71e18b5c2f364d3b2509b5365d7b569d6d9da5c79ae78c572c1d0ba0 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr120.dll
| MD5 | 50097ec217ce0ebb9b4caa09cd2cd73a |
| SHA1 | 8cd3018c4170072464fbcd7cba563df1fc2b884c |
| SHA256 | 2a2ff2c61977079205c503e0bcfb96bf7aa4d5c9a0d1b1b62d3a49a9aa988112 |
| SHA512 | ac2d02e9bfc2be4c3cb1c2fff41a2dafcb7ce1123998bbf3eb5b4dc6410c308f506451de9564f7f28eb684d8119fb6afe459ab87237df7956f4256892bbab058 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr110.dll
| MD5 | 4ba25d2cbe1587a841dcfb8c8c4a6ea6 |
| SHA1 | 52693d4b5e0b55a929099b680348c3932f2c3c62 |
| SHA256 | b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49 |
| SHA512 | 82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp120.dll
| MD5 | 50260b0f19aaa7e37c4082fecef8ff41 |
| SHA1 | ce672489b29baa7119881497ed5044b21ad8fe30 |
| SHA256 | 891603d569fc6f1afed7c7d935b0a3c7363c35a0eb4a76c9e57ef083955bc2c9 |
| SHA512 | 6f99d39bfe9d4126417ff65571c78c279d75fc9547ee767a594620c0c6f45f4bb42fd0c5173d9bc91a68a0636205a637d5d1c7847bd5f8ce57e120d210b0c57d |
F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp110.dll
| MD5 | 3e29914113ec4b968ba5eb1f6d194a0a |
| SHA1 | 557b67e372e85eb39989cb53cffd3ef1adabb9fe |
| SHA256 | c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a |
| SHA512 | 75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssl-1_1.dll
| MD5 | e8fd6da54f056363b284608c3f6a832e |
| SHA1 | 32e88b82fd398568517ab03b33e9765b59c4946d |
| SHA256 | b681fd3c3b3f2d59f6a14be31e761d5929e104be06aa77c883ada9675ca6e9fd |
| SHA512 | 4f997deebf308de29a044e4ff2e8540235a41ea319268aa202e41a2be738b8d50f990ecc68f4a737a374f6d5f39ce8855edf0e2bb30ce274f75388e3ddd8c10b |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libssh2.dll
| MD5 | 52c43baddd43be63fbfb398722f3b01d |
| SHA1 | be1b1064fdda4dde4b72ef523b8e02c050ccd820 |
| SHA256 | 8c91023203f3d360c0629ffd20c950061566fb6c780c83eaa52fb26abb6be86f |
| SHA512 | 04cc3d8e31bd7444068468dd32ffcc9092881ca4aaea7c92292e5f1b541f877bdec964774562cb7a531c3386220d88b005660a2b5a82957e28350a381bea1b28 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libeay32.dll
| MD5 | ba46e6e1c5861617b4d97de00149b905 |
| SHA1 | 4affc8aab49c7dc3ceeca81391c4f737d7672b32 |
| SHA256 | 2eac0a690be435dd72b7a269ee761340099bf444edb4f447fa0030023cbf8e1e |
| SHA512 | bf892b86477d63287f42385c0a944eee6354c7ae557b039516bf8932c7140ca8811b7ae7ac111805773495cf6854586e8a0e75e14dbb24eba56e4683029767b6 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcurl.dll
| MD5 | 2d40f6c6a4f88c8c2685ee25b53ec00d |
| SHA1 | faf96bac1e7665aa07029d8f94e1ac84014a863b |
| SHA256 | 1d7037da4222de3d7ca0af6a54b2942d58589c264333ef814cb131d703b5c334 |
| SHA512 | 4e6d0dc0dc3fb7e57c6d7843074ee7c89c777e9005893e089939eb765d9b6fb12f0e774dc1814f6a34e75d1775e19e62782465731fd5605182e7984d798ba779 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\libcrypto-1_1.dll
| MD5 | 01c4246df55a5fff93d086bb56110d2b |
| SHA1 | e2939375c4dd7b478913328b88eaa3c91913cfdc |
| SHA256 | c9501469ad2a2745509ab2d0db8b846f2bfb4ec019b98589d311a4bd7ac89889 |
| SHA512 | 39524d5b8fc7c9d0602bc6733776237522dcca5f51cc6ceebd5a5d2c4cbda904042cee2f611a9c9477cc7e08e8eadd8915bf41c7c78e097b5e50786143e98196 |
F:\LDPlayer\LDPlayer9\ldmutiplayer\cximagecrt.dll
| MD5 | 66df6f7b7a98ff750aade522c22d239a |
| SHA1 | f69464fe18ed03de597bb46482ae899f43c94617 |
| SHA256 | 91e3035a01437b54adda33d424060c57320504e7e6a0c85db2654815ba29c71f |
| SHA512 | 48d4513e09edd7f270614258b2750d5e98f0dbce671ba41a524994e96ed3df657fce67545153ca32d2bf7efcb35371cae12c4264df9053e4eb5e6b28014ed20e |
F:\LDPlayer\LDPlayer9\ldmutiplayer\7za.exe
| MD5 | ad9d7cbdb4b19fb65960d69126e3ff68 |
| SHA1 | dcdc0e609a4e9d5ff9d96918c30cb79c6602cb3d |
| SHA256 | a6c324f2925b3b3dbd2ad989e8d09c33ecc150496321ae5a1722ab097708f326 |
| SHA512 | f0196bee7ad8005a36eea86e31429d2c78e96d57b53ff4a64b3e529a54670fa042322a3c3a21557c96b0b3134bf81f238a9e35124b2d0ce80c61ed548a9791e7 |
F:\LDPlayer\LDPlayer9\dnplayer.exe
| MD5 | fa2c08e402cc1c1fca849ba2e4eb56aa |
| SHA1 | 133dbe827d469e8dcfb792734f1fced97690efca |
| SHA256 | bd6ed960624c4ffb99ce82611f23365733df329b1ff3216590292ee8034a4421 |
| SHA512 | d96f84f06784f6d2c2182301ae4437303f5f3ab8936e6e3512606c28cc99de268bd186a4eb73b092c1e54995fa849c38080a26fe6dc2b8c1e7171781677d3eb6 |
F:\LDPlayer\LDPlayer9\dnmultiplayer.exe
| MD5 | 38f88ca4211fb378c41412c23af886e2 |
| SHA1 | 7c904c5fdf84d13ffd47703be39380861b5a6a7f |
| SHA256 | 6b149b8b72bf3631111f0e7b95b4dbe2646b786a3de1b414110438927d3f9c38 |
| SHA512 | 6ff289ee872bb96de9de4a3ef82d043f93542545f1555885bd4b6aa008892a8e3fd5f59eb4ed76a402aaa884989725168206aaec6582ea37bd556e7f642d681b |
memory/1404-2739-0x00000000011A0000-0x00000000011B6000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 49ce2522dfafce29b5b2537f304f6340 |
| SHA1 | 5da05153b123d275faebec9dafd823197f1daef7 |
| SHA256 | 054ccb20828b309994b76468681664341528ff3d7c5d77b8c01bad56e3f7f441 |
| SHA512 | 664c058063425db71263b3125ed47f2437f4c2479f4441427b8d1cd0b396fcdcac9b93ffe50016a975592220ac0f3c1aceae2837ca11cf32d1ec878c9277b34b |
C:\Users\Admin\AppData\Roaming\XuanZhi9\ldopengl32x.dll
| MD5 | 395970be72d1bcc7755f95a04b3b303d |
| SHA1 | f4019b43fd95f1748e2392d5cb1aa4486aadbc13 |
| SHA256 | 5fa3f4cb4f4f603bd8b9a538b54658ebbcf9198d99f2b0e1ce447322b22fb312 |
| SHA512 | 2f4968b8564bd3bbc624a6838ec33de22413afb8711e08cc36b082863f4e146212c1b6173921ea110c65a0dc20b97c9e187a8ef006005711efcf4237db0bcd1e |
memory/1404-2760-0x00000000367E0000-0x00000000367F0000-memory.dmp
F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk
| MD5 | 4d592fd525e977bf3d832cdb1482faa0 |
| SHA1 | 131c31bcff32d11b6eda41c9f1e2e26cc5fbc0ef |
| SHA256 | f90ace0994c8cae3a6a95e8c68ca460e68f1662a78a77a2b38eba13cc8e487b6 |
| SHA512 | afa31b31e1d137a559190528998085c52602d79a618d930e8c425001fdfbd2437f732beda3d53f2d0e1fc770187184c3fb407828ac39f00967bf4ae015c6ba77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3a876dd091637c121157e20a9342f88f |
| SHA1 | 41b327f93b6be2903b1cf8f3216443aab631a17d |
| SHA256 | 273eb2a7dc021fc63a2bd9a42e018bbf8cc8c4ac4f682472dff0a72ce522e36c |
| SHA512 | 3c73f4aea1dfc27d297c16acafa4be9a1202629830d2a81ccbc372ceb5cca6b1a5f8b1e27fbea372421fb0c6ee45b2539e568c8c72a2d8b03ee00ca170ec680a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f7e703dc4a3814b361ccad9835ccbfed |
| SHA1 | b49f53aa045fa16520f13c76333b35382cb2cad8 |
| SHA256 | 9487ad07b0be1a5c3dfb48a85cca577af382bd19ae36e45d2c3635b88b79b2b6 |
| SHA512 | df75e4a5a2ca3c8bd9e371531c5c204e4135c2c53bbea57e8399ee546409c9314a368d184ca6625ff8d0007f45b04ba1b631f5fe097800ac6d37b1ddcc52ee1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b849ea8b902e975282ae18f6b8482d4d |
| SHA1 | 41185c7cd8878990e197ede55c746011dc377481 |
| SHA256 | 130a1634480ab2d2b921449810400ebf268b184049376a80043161d909fdc31d |
| SHA512 | 9f2a27517fae0bc2e50de37828b45960e8d694d4fb87e1018b74e0744d98161d5a19fa1ed9fc7b5faff8f8738b6c599fe661d1521d821aa6a62150a88a5e71c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | 97244a4b866e404446dc139016cf23fc |
| SHA1 | 54b2c9d1498907d75c6722b145729361b2353f47 |
| SHA256 | 2fb7c27a7ff245726c6d886d5342cbd81ebb451c0dcd9a231af2252e8952ffac |
| SHA512 | aede88d704c2bc0210189880d4260b9e35a9081eb21c51409048287ff35fa88aeecb036661baff2605419897ab644a4fc8e7fcfd93c14096d5e91503f5a4fc65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | de0a1ae888593d372e5321d9f70c0816 |
| SHA1 | eaa5b002d57479a13cad0f1783a8126dade06cc6 |
| SHA256 | a88d0dd70ee834f329d0844523c24c6316aa717bc398690d64f0f168f2f86d50 |
| SHA512 | 4c104e6ae260b6c43d572fafbf11540fabfcee629184da92c4d25d5a970cae8e336c6784617eb44d33a708f19f5837391b961b3affa172f26c96e891337f9135 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037
| MD5 | 574b412678877da62c68048e452f7808 |
| SHA1 | 79b064d03b1d70cffab75559138baea385f5efd1 |
| SHA256 | 00be94a8193aae2f38c48ae1af55ce3b7d242cbad68d3309aeffda8f426268df |
| SHA512 | 4626fd1debe6dd5db06693fb7e0783dd2bb06d433fa48dcca2a6c134550aff8554dc40254a6cc50b3dba2bb02c566ec6185a4eee3daf79aa9f32fb3687fe8b8a |
memory/1404-3040-0x0000000072E60000-0x0000000072EB9000-memory.dmp
memory/1404-3034-0x0000000070B80000-0x0000000071126000-memory.dmp
memory/1404-3039-0x0000000070A10000-0x0000000070A8A000-memory.dmp
memory/1404-3038-0x0000000070A90000-0x0000000070B0E000-memory.dmp
memory/1404-3041-0x0000000071130000-0x0000000072B2B000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 26ffde245be3bb76b68616ab3c2ede06 |
| SHA1 | 37cc65aec26513f4182b5e9245b6cf906bac9714 |
| SHA256 | 4dc0f04690d8e29e6ad87eab9776e83b410295c80de21b3d35289d90dd3f45e3 |
| SHA512 | 2c6d68bed49221a766f7268f3d973379cab24e586dc54e95b6d954a7083618c5519b04ee7f60faf71ea55efe6714a99f1c098191825a480498b7f11c4d03b87a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044
| MD5 | 05e9679509b61424a07cc4d4efb7247f |
| SHA1 | db4fcfac1d89c7e4f0bdbea9023034b64a9dbd81 |
| SHA256 | 31798b2630a882be758010dfa51b12026c8fd81f0e4068b38fd739cac78cba0b |
| SHA512 | 1cbe7343e19b41f3f116a93d598d7b67779d29c6bc0a7b086d112dfcc76fee60811290b67b5d2561751700be483f6cd460b9b4c8325397813314ba064e4c2208 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047
| MD5 | d155610d38d34dccd977ac213ab42e1d |
| SHA1 | a343e08abb19f7d4110c64de08aee504cac318d3 |
| SHA256 | 6ec5dee6a9dfb42ef97cd410c2e3387f53d2eff7d1fcf159f96b5ab129036ab5 |
| SHA512 | eb735bd87238215d54613f6065e61d48e1578908117af2a215b88dbdc3c4d155cd2b60e035ff2cde17605445bd89129de07aceb74ce8c16dcd355e4214986c8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048
| MD5 | 89a574ff00e6b0ec61d995d059ce6e65 |
| SHA1 | aea09e96808ab77165ffa712eaa58b8f056d0bb6 |
| SHA256 | e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44 |
| SHA512 | 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049
| MD5 | cfa2ab4f9278c82c01d2320d480258fe |
| SHA1 | ba1468b2006b74fe48be560d3e87f181e8d8ba77 |
| SHA256 | d64d90cc9fa9be071a5e067a068d8afda2819b6e9926560dd0f8c2aaabeca22e |
| SHA512 | 4016e27b20442a84ea9550501eded854f84c632eeced46b594bcd4fc388de8e6a3fbfe3c1c4dbd05f870a2379034893bfd6fd73ac39ef4a85cbf280ab8d44979 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a
| MD5 | 8a42ba5472aa4afa3d3ac12f31d47408 |
| SHA1 | 2add574424ac47c1e83b0b7fae5d040c46ac38a7 |
| SHA256 | 759bfec59bce5ddea7751b7f93408074a8c27cb2c387b08b6b9f4aa111266ec4 |
| SHA512 | 3e1081a6e1c29f6dae28ab997c551a6d107d4f4b7e0981a19ba81a30a4e420dee1791321dca8f4b500c9e7e4a41c5e5c75013a72e5a5cde3f7e6c50393eb10b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6c18a568b0ef5f87964d2249cca65f88 |
| SHA1 | f30b6e7922fd53d5e14b6487c2868d9eb173af5b |
| SHA256 | 702d35252605afac54eda44c06bc5306dc0b76a1f0ee412809dcf15b110cc742 |
| SHA512 | 0553e92c774ea86f3599702951b2bcb4c14e37ad789db6f8378b5c8bd6285332ef1c8f35f754656320553575c3555bf61f618e354f9e3f6758f4bd6b16ec7c1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0c29b1909feee99c397554292c602f76 |
| SHA1 | dc4fcd612b6eb1c438011b7927d5bd6bed97cdd0 |
| SHA256 | d51c81d66d4618fe51e2c4ff7aa47239fb889fd0807b19323f3afe46870229e0 |
| SHA512 | b6d2c68f26a5ffde7e20b6eadb47bf138b4b29b0aa5fd8273a33f70b219919b35e5a3be8b922684b226110abf4aac8f76d55986f9100b04ff32e202abded015d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 16743a0bcf03bc5d7a58c9eb87563650 |
| SHA1 | 182c6b62d43388f60c9f874543027b87ae37886f |
| SHA256 | e8dd822555bd6bd2005b7bb72ba83c9c0f0497eaedff88f1996461ada97a5b44 |
| SHA512 | e498d2aba4ab125f797f918ae0571dad1f238a8d817ead50c0ee6a05b18be9de7509dd202044c8fdf478b8c97dcdcfd85abded03d46823ab4e350f6480077948 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6e64a715f494518a9f03f182f277e140 |
| SHA1 | ce9188041216306595363578f5417d0e9bb82fb8 |
| SHA256 | 59232156e34e654ef23d490ad2881b93d23603cdaf83e1bbab2862e32133368a |
| SHA512 | d8fb97e67c4a0b5f8b533570d0c8d6db27693902135b86c5f4c232bf262c418462e547dc3d9c1f5a93eb85529022a2cbe21f292cb643d23d83a7bdd276ea2096 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 83efccc5ee688d3bb5af25536fb44e39 |
| SHA1 | f9bd78111b05a16f6976e9ab9fed0df62367b511 |
| SHA256 | 61875c66cdb46b5f175271a2393e380493e53c336907746536133666987c1f87 |
| SHA512 | 1bcd1d85dcf0b144759a65fa4ace3b10ec6dea477911a565bab2a6bba3f45fb22ee8244ff5a86432821c4ac7edf50a723df62ea5a10d9f3a069918679ef66634 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c8434d7c65b48fe056bd82aa61cee98d |
| SHA1 | c045550e4e78ad9c79d8492e58940e2363bd8970 |
| SHA256 | ab6d16e757ec7d06e63528ee8d71075953267f7d76921daf63f472eb90c41dbf |
| SHA512 | 6e274c477f92ebe74a6857ccdde6af90560144a4d736735879773c2dd043e847b3309a92574c708883e9ec867ddc07c8bca45938c0e0e269123b33c442a943bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 07475d1a436f00e8f38b9558c028554e |
| SHA1 | af8c2af6d8793df9cb762e8a6e0e51390eec2032 |
| SHA256 | 4959f23b02ba87645aa1659931fb2aa6e5b10da3da338513dac3813dee0c8c1c |
| SHA512 | 1a86f6f551007eca7c5185337c72d93ac39aedfcf4811ebc0dcdd660ff53e9ca9b48adfbab977803d50e2e30a6b1fc8a766220f9823a7fd63583b3a123da31d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b806bfa452505d21fb528156e9ce7b34 |
| SHA1 | 92a8c698f7e86b52c8d30ab9af2c96aa5e675032 |
| SHA256 | ac9648b040a0b9443e595b55a37cdc92bafa0f7c79d69ec065d672a46babd0e9 |
| SHA512 | f080be358d5df070901b6d3668e48c9765e86bd53e639b54b8d295ccfc3ea365a776d2cf063ceb9bd62a3d6b32a4b27e46f5bc563405237211cf7ea1422352fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e45d7bd262de520cee1da905b1acc6c5 |
| SHA1 | efbf81302a5510a99e2837ea6e65e450fbbdd38b |
| SHA256 | b1eaab8f93686205970a6539c554689c49b695d2a4f0e7f81323135ed7c18240 |
| SHA512 | c566b0b8097ed1844a93f458773db455386fd6c9013b843a24345a26f93c7e61ed7e40d1e7206c42719c8dcd5417e209f53fa551b835da644f1fa1591eeaacd5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 25d605823f8df62402ea6a0d1688338c |
| SHA1 | 54cf596154987760c008626cc363410dad4a1ad6 |
| SHA256 | 285a17b6e528263af8454922c106b97a8474b9fc3843e728ded79abbee927d5f |
| SHA512 | 9bd17342486c1a9b87643c38b0ba0982eec68f97f00cc900a3ee08ed8ebebd809cd6e72e5979573fed4f1158baa1946200f1d5618910bbfbaf63b308a76426a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | da5b1767e025b3ac0431053dce295226 |
| SHA1 | e9ee504c52cb98b6627c5164c35c96e0c5c407f4 |
| SHA256 | 070640402c6b7f72d5f0cc46073b103995a0d618fd987ba04055f5ed5bd42e23 |
| SHA512 | 05c869772cb59cf4226341f1f7631450a823f068b537754aaef20ae074fa3f2eabd81ccb968c01561984505b3ca626f855825105290c27c36b0bfc596da81a56 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ec0a3b6111770e45b6c63774408d6011 |
| SHA1 | 58665f0e72b0ec3835731c06517f4f61bd1e0afb |
| SHA256 | 076aff617665b5b9a891205edc713c9ef2f6fb2dcad89c4e2be9461c41dff258 |
| SHA512 | c0a09288a8ea4cf3577a65fa432087a790782465a4a2b4bd5c97f2d895fb10064fd19dae40dcd3f3937eb3539a5445fab325df6c4aff4964f7be33f1ab5b4e17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 54a971d9e328a3850ee28f1124d6f8aa |
| SHA1 | 323969e93a9beb734bdeb8d881e1c0395f23480d |
| SHA256 | 5ac5f884896a5c660178b9809cafa97366f1b93585db0021df9a8d94fb9cb11d |
| SHA512 | 421cd7bb1a6d6e69048b6656a61f99f8977b45e8cc1abee156f710bcec646a8918014ca709678f2c86e5a7c9ad0612afa44166072527e6643b79613667ce19e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 8e25e5e072663a7c872c62c1af91d4ec |
| SHA1 | 122d2e36f810416693f058695b0dea56f6674a4a |
| SHA256 | e463936dec625b02daf9f5cb6422e7e2307081d2c28cef0ca88610c8e181675b |
| SHA512 | 03bd5fd161d56f80ec7035cf7d3919e73691e7e4c95306454b33e025cb9aa4420e99e96e409507aea0f8d8366647a76479fe8c2cfd7bbeed5955b9b8f8e9bbc9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8989d569626042fc9cc0639d00870e11 |
| SHA1 | a1b9d254b191cef8118f8d4edd4aa7280b6b3ca8 |
| SHA256 | bf07ac1da533a409f522a9dcba42ef7d8a2bbb2ebe8cbaf43468d040c6380c37 |
| SHA512 | 02e011ecabef6980a255e813a73b332645949bd68901ce26d6d53229834fe64cf6d11ae85afa2c54abeefada4b4734e55e8b37079341be8e17897e9da29d6476 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 264953953632630e820f4c4638c9bb6f |
| SHA1 | 7453918863d73dd2458512bc3cd7733a93ed4ad1 |
| SHA256 | aad08ae39103de842127c7db8d23c08b26af8dd23478798f40e950a7666e2c29 |
| SHA512 | 33460b9112dded81943f236f53b887e15c5edae38065faaf48a24b975c9c15e068b54b0bad535433d1dd13a38c911181d4f51447d5240f7fb2338c2df7e18cfb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1d50527f1d9da70fba42d97c8d5f8122 |
| SHA1 | c80556b58c3747ce591ea91c787cbf239ce48d91 |
| SHA256 | dad99f13ff4c323c09ffd98c82d0b0c74b22a514fa2e39c8659e8e55d9db0d5e |
| SHA512 | 32c21718c6bbaedb7cac2b6d8f0ddb3d04224d3296a6b369d50539a518b1d6b98b2fcb69e8098e0ccfae72d6b685662f6268e3b9ca1c85f6bfe33324c19fef38 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 936683d79459b2e260fbb94628cbe673 |
| SHA1 | e005002cf97464e487921b86a43efbd522c1e669 |
| SHA256 | 81b543f4f9540b64a79d9e7d52729141bc2bf6edd7edb2410993e574e9058d69 |
| SHA512 | 9177505e9813a30cf1aa84ec87bf0ace3d5f9950aa7e4b4da7885bf93690fb5b18dfd76bc08b65f31e50a0ac638ff810807a3d073f1aeebc9f155e63a878a503 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3abd35f18560c97e18f4a8626a018436 |
| SHA1 | f42535de130260efd843995fc745c08e1949ca3c |
| SHA256 | e8dd36421149c5d6b725e98e8cd693b4480fd08179639853d70a50c43ee30774 |
| SHA512 | 1cfef4cc1f5708d7bd42b90ba88b22264e0cfd0b234541211d7c7ee3bc32c149e53ffa20c31793d8ddbb5c31df3d5e59641a19d3be40e580181a8b4832f21940 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d1c22a62393c3786e03b12848bfd0f90 |
| SHA1 | b16292d1b1eaa9214282baad864c3f2d5448aad0 |
| SHA256 | 2360ecebe5f02ce048e9c49546587b1faf66af8ef6987cc618b8db0e91c2e987 |
| SHA512 | 5c505eecdb22bbd98a7db81f00f7dd82ba3f7a44f2ddd13e5355a042e7fa75fe76ae87943ba714a32ab9fa2b93f5969fe494b46ac909a040fb8fad1fc0ed8791 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009f
| MD5 | 0e517981100ca39652ce2154bebbf537 |
| SHA1 | 13b66e8b24fe84e30fce9a55d768cbb337aa7cb3 |
| SHA256 | 10c2671e31732afa316c7431ee03b84f09074b9ccdba769b86b1a2e998da0381 |
| SHA512 | 07aab4f2927743ceb4f729d4cb368512df61702de4752c90b886802c9b0c14176b5a731f99aa8fef6cfd61c51de2cb46a1b9fa618326ca8ac8c02903e598717c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a1
| MD5 | 6499d15e8ab4c113563fef0cab905275 |
| SHA1 | bee743dc9dfd69c29fe994f5431cdd2df43c680b |
| SHA256 | e7dda044b203311fae549a5df9329597dbe5ec52ed7aaad4925834776daef25e |
| SHA512 | d5e6663b28cd19f5de0e786d23a90f0d53c2e5792b05dd85f2de455d7ac358850b778fd29bb1b6a0cf1eb34fcf84572d75818017a2f15afa594eaa71773534c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a2
| MD5 | 88a9890100088ed7d63d4919f91abff1 |
| SHA1 | 674d39846d4d859bb9521970a7f599aa87e0cabb |
| SHA256 | 76856a079aca8ee2ef7717c8d80d8c0d4b7a805e809f97218e53c71875b798a6 |
| SHA512 | bf452b030430506dd53049979e6f0d531c7c3c760cc6fd726183cbd8efa955a9f4dbfba0d73d9b985a38f44a76eccf5ac8d4d75e733334b6015bb5ebd6a43cd2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt
| MD5 | 0353d2fe8324be912cb6ac14c955d87d |
| SHA1 | e22de95399e356c74f798eac0dcc90cea3743d5b |
| SHA256 | 429a859a7dba726aeca648094eb785a5194b8fd8dd8f9cfc27317b2a186c949e |
| SHA512 | feae614ab3016cf121e2ef47aa7f98c0800626721eea53eef3ad80a5ba4420da62556d920cfdd1ef5dd14198fd03c2df37d20aa319718646af7ae7382c8a825a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt~RFe5fd441.TMP
| MD5 | f81ac907ccf65d3a743fda8514fa7b2f |
| SHA1 | 67f5487f4f8a6e6f49270599728c7a329a091a49 |
| SHA256 | d3005b9fa394af7cf3444d6a656be5e5750dcaba0d7b21ae24b8e7f78169bc0f |
| SHA512 | d58d64504bfcfe9644de678ed5cc3b91f01511cb0fbf155d0e4f2251b2665b841616b4af06d0ef13ae732877ea7354efd089173a4ef0bdb51fd5cd59607203d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a8
| MD5 | 3684c7775bc328aedb86315ec6891439 |
| SHA1 | cfbff177f45afdf36026595ba0abd3bb59f86a43 |
| SHA256 | e8d182897c2ec12664cd8e86b31ed441f775479b41a7f1ba39278d32e29fed87 |
| SHA512 | 2f5f00b2018c4632260b7b26ed4d524dcdcc02f66c3e561a3ccef3a023c042ffefc3028329b4c58b59c4186936d51514b892bed0da00a410502b81bc95b6230f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt
| MD5 | 27b630ce03d827e783157fa297ee5a4e |
| SHA1 | 374b7aff871ab14e35a6e4380ba1af82bbd4c7a1 |
| SHA256 | bce1c3df8dd48796dc44f3008f675f5af462c89deadaad60caa6ddb0bc59edca |
| SHA512 | 8768806e73d00d9d69b9974212ed678b2ab13fc6609bafe2626a537b246606a6861748af426e600b1887365b34e7126495e80eacbe1ffbd1a90c887c4e18f2b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\e4dee7d9-1de6-4696-aa85-4832f221ab27\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt
| MD5 | c898bbf2c55816882577225dbdb819f5 |
| SHA1 | b93bb91d6c71f1a5e53a813bce87bb58df1a5453 |
| SHA256 | 266ea5fcc89ca56dcc78f6bf8f71b16a2976ba557212fdaee0a2935b566b9bdc |
| SHA512 | 9799b9473881bbe815dec1e3ce5ca83021862ea3ff3725a08db99c7b7a58e67f5ecd62f46efd007e152c5f9e792d8ecd9ada6a2172a2ff12f5fa0e12ba6886f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7006715889b0032825fa41d9b9612a06 |
| SHA1 | 0c7090bad60c2df7e8c920a239eafd6a4c937293 |
| SHA256 | 1b05c58898d6ab175eedd0a948bf45e70f4d724a2d2dc293bf3b9740fb1c9dad |
| SHA512 | 9c503578a01cc8f1f6089b80e0cf9a6f3fd32f157cde34dbf75a76e5d8cc66845fb273035168bcae8dc84a7adda467fc2fe28f9182793ad9b7aae4a4235c120a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 787caa7bb6546875791ef62987da1346 |
| SHA1 | 391543d4761212a5ce5f051172e4f3a22003c657 |
| SHA256 | 4fe8f189f0d56e83f3ef712d32ae523b2af584517a04d9eda5a6ca5cf7a4b058 |
| SHA512 | 57da5b599fe0c86b2d14aee8f5da6ccd8db0b77735e9243915704d778c3e86f7b6712f0bfb4168873b2ca66ad45d3054f1e614002b2cce2410002916bdbbcdbd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5e10a85699cd873aaeadb43660125bd3 |
| SHA1 | c5934f9fde75630a772b55ed1a5d1856c2ce5b0f |
| SHA256 | 797b15bf02a4828ef97173c8e34c6d349799b06641fc9fd1c7856a63ca7567c4 |
| SHA512 | 2bfa554376ae53e9d994293a8f36acf474b89b7c8c30121c2d34e6d284a70c6fa4da98ebada5355506b26903a62270b716584c7773bbb479e7397ccebeaa995f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 09ce509489fd14f12a079be6a07fcd1f |
| SHA1 | 2c147778b6de1eaf4a2f3585566ea40655d86613 |
| SHA256 | 5c0825733b5009bf0e0d2433ef2b2bce18f747f263e01e8175163d86051592fb |
| SHA512 | 5831fab40a37e0a217deaa18c20774a6f166cde33c83d6cc543c39312d99ea02c54c1ef01d7e593cdd8c079bf17f9f4192e1356a2c9ed3ce1c4498f143afe2d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a2e5aa67d0488fe28b1fa91af338f602 |
| SHA1 | 5dcf180e6f561372e179165b58bd012e0b7fec5d |
| SHA256 | 5b41ec50b32430592f8633c4bb5fe723e43447fdd4ee557738cc5a209dac12f5 |
| SHA512 | 50647f661685d646b839fc78bb5233f7527a56e75d3e35c4bae9aeaa1d4fef2e1ec76caeaed901081ce263cf7d4132d94e687dc5fb1e0c2dab4fccce5cc2d726 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e6e2e60b495e8d936db982db97e92d2e |
| SHA1 | 38236c9cd0717e85aeb06120b2da1ae09e44bfeb |
| SHA256 | e5ca743c69db57d5d1c747ebedc9b1bbf7fe39126dbdb4665119f642578971e4 |
| SHA512 | f3e5856add2f112669c779ca04c0bf0147f275f0a0b2f28ccb2119437f4e598ac3302170194531ca77023e1a143f166d5860fb41302861aab3dc68b6645b102d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0fabaca57db20cb802be0ff0358efc32 |
| SHA1 | ba77f427f0e034af93cc68aa3d23b8c02a7e694b |
| SHA256 | 7d112a89cfb714ae9a9cd90d95ef1d39846125b0d6ce92a8e5b4151b862d4417 |
| SHA512 | eed200551c286b33ba6021375ada8beb26f0699cdeba7aa3e30cc6c151d563ca627fb2459a34794e474c98953cc5859fa5b1a47b80a7b55836b7706a25311747 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e36a5f8369d58212de288116f2155323 |
| SHA1 | 246a6ee2e096c95cb31f0eb6f69180ef48467d31 |
| SHA256 | 1b82fea7e77109c8a894841dda27bd283d337d23f81bb038eeafbb59677dc357 |
| SHA512 | 5fcb18528b290c50a325f03939324bddf5b33c5eb244bd8682feb517ce7cdf245f98d91e33baf6d8d9892484f0e48873cabe62858f9d70b1e3b3f8c95806db2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cb9fc5eb2fb9375fc126c09abb06c647 |
| SHA1 | 31c0d8648fe9a9052b5f7da0ccb555616875049f |
| SHA256 | 54d83bc7dff2ede338d131377ad6d7d12f4b8d84d1592b8f934a4cfb1ff9e381 |
| SHA512 | 138d71b1ca182fe9de6c8147c891107f4ba41fd9e4d0ef1dc920a1a14fe43fe679f7d03d1cc80c351aa16c914bc69f28e0084aef5c1f194f7167c1040ecbc588 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f4af3d908ee348b0cf0947dc0890f629 |
| SHA1 | d719be53938cc9cfcef8abcef84b2c04431b3963 |
| SHA256 | 01ec8788faa411afbbaeee0515c6f63c277e41089ed52c42a932f0325a393370 |
| SHA512 | 99245c00c32a1cbdb540d251bc04ef83d1b7c33d8168199cbf08ff6b26db3d3cd5be3bc44fb6d936e2579f9107b96c9cc9ce40e93639f38043322c189ed22503 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fdc1de367b4741584bea9e6c5d55d9aa |
| SHA1 | df7278304f0f749b7c66325eb8b8e7daaf93aac0 |
| SHA256 | 3e60c9df88e260b622b4146d9f6bc1be9f725e69f5d277d049f239946ce14aa0 |
| SHA512 | c8a867a2a5f217e2e8f21fa41974e3d870d610935cbed07a4f097e3a7aded6e2017be24da7599cfac50374c40ba9a7952093cb311f140b7b0cfa5c3d691690d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | eb2bdbb82791116ed5340ceddbe7d56c |
| SHA1 | 3881ba052beb10b3bef7a7cbc41c7fc6cc7fb7ec |
| SHA256 | d6acbddf1a5eb72123b766bbbf48ef3e1b290a137efe7aa59c07fc6e4bc58d1b |
| SHA512 | 52efe27f860d864c0f2cdd2eae688ab4e33049add6fbe476bdcb9fe2272c69a85217842478ef8a3db4388a434bab44eafcdf1d885e86486335e9d4d992e56b87 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\index.txt
| MD5 | 4993b2cc6805992c47a363a7728d5023 |
| SHA1 | 8de12fe99be72b8944085fa3957a5695222cd31d |
| SHA256 | 0526d66cebe7ce1353a97fc6fae303159f59023791cec102ee31902b634bf06e |
| SHA512 | 3fa64a60cc9f4dd5aa8001e6aaad38d945a76a91911dacb1ceecb11c4af055c065d3e5bf7f165274aef8826b72053d4cd2438520fded09f258362a789a2322a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\index.txt~RFe6166c8.TMP
| MD5 | d37293f72d9239c467c0ef011d0d4938 |
| SHA1 | d8bd1be946955e995a8316be5107856642bcbb8c |
| SHA256 | 2545a172bdaad496ca0c611ef9221fc070f8e3f492477c98c6b821eb95dd9252 |
| SHA512 | 6bb5ebb7bd77bf724ec275222ed997e93b02c8d952832bb8a177061d87ed23ec92a2186c23b56340b183395e19bd63a3776f53d3769ed814a959c927d8ffe814 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c5
| MD5 | 225e6a64d999677229d5e7737d4333a7 |
| SHA1 | 42395338a8c05b39186bfbda642e271c8109e6ed |
| SHA256 | f7cff3616ffc2eff26856ae98246a42e858609bf3eb0abd20519da9e9f773408 |
| SHA512 | f5f6833deab7ee31f8c30ae8e8cd13f315fae460f2cd4d92013c005d4303660667ad6728842578734c11ada1afb8815258132c79a81ac85aa4c4051335382bcd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c7e126ecdb6e0335d9ae4084b0f5dd3b |
| SHA1 | 899431b2269dc3cefbda216de90f61250011a73d |
| SHA256 | 7f7b482a1002a6aeac915a3507da907d897d31c2e6e1e06cddfec975ff5b79d3 |
| SHA512 | 5aae9b92313dddfedd31c74841ff9605d40827f68536688323fa0c9d3811d6273787008baa90b769be19d8bb802f3888ab96d9a111159f7a4f73c555f521adc9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\todelete_7a48c130a6a40c0e_1_2
| MD5 | 9af607e97aa302684d15b762852f0d39 |
| SHA1 | 95fd61aa5d37763554762f3a3a7cd8900a39b44a |
| SHA256 | b14582e096014f5fab7593be59ffca037b259fec3a33925795342ec3589b81ee |
| SHA512 | d6f68d5913716ce5e24c8757d32e6037119414c9d9d91086d357cb360cd9920052f9c10e8bdfe840a1124326caa78fe14a343ff069c664871036e4ce3c83bdb9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\todelete_7a48c130a6a40c0e_0_2
| MD5 | 6d2bd7ab3eb2f9f5177943533f3d9c1b |
| SHA1 | d2a20ff48347edcd1e486af7e6c6d1507b2a39da |
| SHA256 | b4ecdc17b83274407d18ddc1e220d8882f0d89af111bb00fc91d4c229dbeb4d0 |
| SHA512 | 485ac197ff2411582ae662ad91a34f550d62cd91af9bf7cddbf0151533164d4e9bba20ad9e9a63e94bb243040f952416c4a1660f944656b283d8e1b3ff6eb36b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | cf37f12f3b48474d49f4124c905c7c69 |
| SHA1 | 0201369f087e4ca81af7b4e076cd16ac193eb58d |
| SHA256 | 5cc5eff177663252401ad34b5d479b64eec7655257c9bc4c67943798b63c03ab |
| SHA512 | 40009ae6c27d220d6364a919c95bcef5d3594bb2cae5d9e8ddecfaa4910a5baeb24cb7de34545da4cb102173e55f478ff36d7dce7284dd8ec021f4b1c42734a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ba116e5f8f2506f2d7db0106d56aa82b |
| SHA1 | bb4134ba62f4f7edb36030ac3cde687ad930e262 |
| SHA256 | ba9b9bf7d319b40c747f2682c9f0f0680f8aa3478b9df548a2ec49bc117c1442 |
| SHA512 | 1f309ab31a26454132479e56156679126598dc234ecf0a4971f479d440fd6819d1e1e70701fe80a5cc0a63260a06f9de7d4233c725c8532d2ac02097a096df90 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1276cb74d104fc08baf5231e950f05c2 |
| SHA1 | 5c72d8373c9e3d5cc8012fea1d1f22748b81e451 |
| SHA256 | a896231e9132e6120af42ebc8cf25c3fc8f3c3a1e8e387ca1e7cb86d599d638a |
| SHA512 | 75c6a8958d8eafee6230d5ba4d4f8928c8c7bb235dde910f255ab08ed0794f9ef6756f3d8708443842f62ea0c5b442d8b1a808186623428fb7d245201d2bd9fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 176cb7293e62169e71b1a60c7df028ff |
| SHA1 | 9cb14d7aaa50640707294e2f346ea2382e2ae3c2 |
| SHA256 | 48b38e33266ceebabde92281cb7cf7cf9618120ca6dc57da36e50a23308022c3 |
| SHA512 | bcdad608faf4f53c8ed2cfbb8ac3d69a4f4ee0749e937091fc5eceb40dee9476437ce1a417a55b57aece5def1c0cc6170ce161307e0010952ed705f3fcf8fd15 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\index-dir\the-real-index
| MD5 | acaf6afac01cab8dea8418e2d6b01d76 |
| SHA1 | 7d356becd6c7430d15f9409c612f82bd45b876ba |
| SHA256 | 0a164bafba38bbc85aec8aa6f468d222fd69507c6a55c0f63a90c82393ec82c6 |
| SHA512 | 204d4267c41862b5433eb53b49aa6798820a1c7126c48193761c64a98e826a1a578c054dfa53413fbaefa5c6b97266092f62847c3cac21b91c47187344d6e0d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\index-dir\the-real-index~RFe61ba37.TMP
| MD5 | bacfff0683f38b32b12526b7a0b1a0f3 |
| SHA1 | e79673a83ad9cedcbc6c357d3484a027c8a6b5f6 |
| SHA256 | 0bdfbcc8c8efc34456b168741f16453cf4cd00cc5588af8631c3bd982a9e0ac4 |
| SHA512 | 4ef5e80f4c519d507fffd298ecd920cb9c1d6806fc7a728670b35e131a251b2d7dd9546748d00549cbc11a94506b3d36ea7aa8d933f7cdad6c4194b477a14376 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3d8f06295ce444f3a389413a443139e8 |
| SHA1 | 72699a14c383941863981346e83b5a356e970cb2 |
| SHA256 | 287da6d541a061fad639ac5f2873a5884311ce761d4078df4921b5cfe1f1896f |
| SHA512 | 7257ebe19ff32107d517ad6d229403c3a648c5af199e53c94dc17fa15a4009f49f69d9b10388f5e45d45446c3c30e8ae477e8292cdc47bec3f1ae4d25c474b27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\6d62fbae-518d-48a2-a097-602138a9c4ad\index-dir\the-real-index
| MD5 | e6b0156f2423dac9586a749268c15295 |
| SHA1 | e84d164bfa583bc0510d715d7c94fd82dbf04181 |
| SHA256 | 467c8590fb94ba281b63f0dc49f956cadfc30984ce65e5d260439cbd112fba6e |
| SHA512 | 015e29d464b3f4ef736f77a1f5c172ff49c9910597c957f166a89032cd7cd8c8caec2996019149f4377e22c9fe80d7c22e2f2d0110530e02f762d6dfd28f1dc0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\6d62fbae-518d-48a2-a097-602138a9c4ad\index-dir\the-real-index~RFe61baa4.TMP
| MD5 | 95b1eb4c4d9a2e6ff0485a8e02c8e74a |
| SHA1 | f3de6dd2e32ab110f74f1335c60976a9e7a9c7f2 |
| SHA256 | ab0aef987a8d58084e21ab22bf547532caee8f4d95fff9d20a0ae35fdc42dc03 |
| SHA512 | 2e08efad96296438cd13281f1724e9edad212f51992444916042483173148f9eb41e7f67cb94f9f7266d51e07bec438d377246e2131399ffac9a9df2d98f33b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\index.txt
| MD5 | 459b64a1fe1eabf8370c8fb1f5a5fd90 |
| SHA1 | 002656048bd0756b3200902deb576d206644dafd |
| SHA256 | 1550c0f54841b1885a7a5b1e7ef04ce81d5c6b69a6af69ba7fce014673017bb7 |
| SHA512 | 0038705f8c74139498a8d13f0a3b5fec50a8ffd378ef4b13973871189b45220486f77b8e24eafcd252c55c9482e9365aa5c0768ded2298911ec798bf4f4018ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bdbed5f82f357cdbb6dbd9c60aa392d1 |
| SHA1 | a10ca1d7d2141572eadd9ff81bd318f0fd2d5b17 |
| SHA256 | 609c7248bfbdff448d481f9ac454a36899af0b6403ad4b53d0213b0127596ea7 |
| SHA512 | 34f3df9b5d8f13c078d5b98fd9265de2f98f91be215b96cfb241c11c607ed89a7116380abe38418188aff8b19a840f96473b8ba235c1eda6f6558185b6f37224 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 835e17aff6408a4bf37bcfc2ec82f458 |
| SHA1 | 3c7d1f2218fd7ae365a6b6a7be6d59e0d2f8669e |
| SHA256 | 2c36f72e37eaedbfcafa9910825c5149b7d698d0456d99f5ff50c2b99adce657 |
| SHA512 | 80e694f1f2b5aa132b8c7e9a3b0cfe9c580d40377b36167d12cf885a7dc38169e97f5e1d33b4d5dd77d61594cb5c07852dd29ddf71472214fdcf75ae473da8f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7b2333c895de9d122048f709ebaa805e |
| SHA1 | 87baefaea3084302cdf83cd6e0c7852d3eb42858 |
| SHA256 | 917374930f3899ea20d5a7b9ea24ab12eb7fbba9e89456377889bb6a0dc39566 |
| SHA512 | 7187ec3957e75e5fe37295fc716263460891df60d49b77db532b1fd5db5bc8e0580b7ce25b21a7363e47c70844990b74634c8f7f98359bc26912e7a280af90c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\index-dir\the-real-index
| MD5 | 58fc30c727785817e43533ce49f246c1 |
| SHA1 | 045bc5840cbb0e1fcd6e9ed6a818e771e126016a |
| SHA256 | bf1fcf9b9606d3f5facde0db473de4530add8a508a2fffdb4222a17f44c4d4cf |
| SHA512 | ad162e97c4b640347a6ee87a8680ebc2c6da191e1f59939ff7ebda097a43053bb198d945eacc4d9dfa27af202b1c2639a3f51421e2e76257623407bcbaed297f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\index.txt
| MD5 | 3b4cfdfd9ea42ca572991cb5cace416c |
| SHA1 | 6522f9e2bf17c6ecf38941d7968af07342cf2f3d |
| SHA256 | 1e47c01508b436390076906c65ada4c2333a60773a3fd2c943d706371eab5135 |
| SHA512 | 9fe25c3069557997be416e1ce36bc3cb65e9eff2f7a7dad0a8ec291a743383a94e56cb2746fe886450fe5a2019949e6dd6b84304a3c102c37cb99dc9915a656c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0efa3b54aaa93debb5066cdbebc384cb |
| SHA1 | 7de7c11ac1a92082d72705e79d3226fd6d6f6b08 |
| SHA256 | c1d4df761ead21121151e5d384f0543741728d6ae3b56bfae8b0c60fd62efdf6 |
| SHA512 | be00518dbaa81275938832163c8a6ab587286caa37bc2a3efef7a398c2f86794f5f8f1e7e77bddd177684f14209f21f4aa7e96ec090b1e8dbfa6f7557464443a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8a4d5ce530ac9a657b43c44ffb16a25f |
| SHA1 | b18d9c1b90826926a09bf7366dc1968110367b5b |
| SHA256 | a75b157681f41d8a92dbf057ef9add02909ea88f0c60803c6a69dd0500656364 |
| SHA512 | ec32e5523cb44c4b2f671fe9c4f4cfe425888c7f1a5122d17bad350307c7ac9492b69ec09563c9c29cd6b43d4eebeb049125928e2081b8180d80699477dc377f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a040ca0b8fc640d812f0d6891a1b91ec |
| SHA1 | d5e58ef136775ebf57fa32ed50163eb852e6bfcd |
| SHA256 | c39a003fe8712aa59f49cfe5cac3c20606726ccfe9e914924c7d2ef494ea498d |
| SHA512 | 152a411967d0297266b8259c28d0a016e742d52d0c0fb182962f92ef72e968d7be87ef85b5e6ea4191d0812095c29d335b45ce9571733b4c157e0498e9b15565 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8f90005b2d34ed52aedc42e71315d439 |
| SHA1 | 5a4b374baf2824e531fb4119196d574771935da6 |
| SHA256 | 84c55a5142815a673070f66ae142bddbc685bdc3124e37a42f46acc7eae78852 |
| SHA512 | 5e0b23aa72f18f7f5c1c9efaab58c2202dea694efe86c3d823309aacbf14002987c64eb6a194c1715cd5280bdeffabb6780b1bef2c0b95ea15524a0d7cd39a48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4ab8260772a47f90338dba5b6841dde6 |
| SHA1 | 41187e77bb7b45250285d2b1bdaed38417fb4c5d |
| SHA256 | 38072cbd6d4205dd9599d23a61de0809c66583d3ad4c2ab288f31bbb8655279d |
| SHA512 | 22b46ed7570c244fc4cae8df1a3e2e0f97fbfff85666c55001d2b6015df684be1b8d4d7af6da42645619a057731f51d3f69c3eadb9e9c4b064c6a1fd46c8430b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1ebc8a257ffed5aeb71ca69bfca53280 |
| SHA1 | f8d29815eea22a4fadc819e1cea84e4f2518d34f |
| SHA256 | 101d08f9b76d6713d513c3ec0f32354d3142a49ee58472a6f9e7a71dcc3d6b02 |
| SHA512 | bf6ac4198291fc061834a28bff488c66677fa9e76a082385a5ffbcf0743524ce97b92fffc1acaf3549e286a75a1881aef97e1a6ce9d9d5a34e2ddd18c3500af7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 36a812752cd1e0b6492b784e3230b653 |
| SHA1 | 1ba1522767ef2d8e10194797fedbaae483f07bb9 |
| SHA256 | 06d312294452fbd374f8391467413416062b06b483c80e53623ba53c4069cd97 |
| SHA512 | d1b938685b03665772a5fa38ef3bdef2273996c3f5f997c58c932cfe27ae0d094bd522656bdabc2bebf49ceb564491ecf0a2edcce7c93272e305b794f404e360 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3cef592c3fcc585923712aa4af7c42a5 |
| SHA1 | 7f5894d7cd83272533421b9105477c2c2eb6907c |
| SHA256 | df1411130c5966d58a8f2d7d92a6f833157c60169596f33493514f01383bde7b |
| SHA512 | 74e5a7f95471615b8a2f0022e4c3b12e003bceda5113aead042af60e265ef72f8d592f92eb823dcc6ee4a3b368885a8c766d6b7b9f8b696351623d93627c8193 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | effba076437636af533c0218cdb59e5e |
| SHA1 | b43af9933200642a50bbb79801cb08e66e746cb4 |
| SHA256 | af7f07dd19d3cc5dda704ce9889f036652e85a8a7b61445a7a2f2621bda5afdc |
| SHA512 | a40af5356bad1ac942c7d0a32b1a053a9173af0cc407ca1ea0e3fa8b2a78483be2448a18e0fab57b5495fb2d8f495024218ea17bd63aa31d5ae40c6ad63dc9a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4e1b8c47ba786ef35ee2ef24a93ca4d7 |
| SHA1 | be8ce78fb34aa9574df9b7ac6d15fa38e0f4ed5a |
| SHA256 | c203321f7a69effd0153b4480597f0d8e4a03b9a47b675f3fb31f2e6d3ea7e80 |
| SHA512 | 8eaddf6f452121f8e410e37c31b7e34d3c10238786e1e43265959676d7dba2876f9a7652bcb0fdcaa37f960a71ad0b343a6627b014831596e1a2f64b2e983725 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d34645944b206944f4efc648ff93efde |
| SHA1 | 38ed81c374e878c63f1300c500cb50f8b33316b1 |
| SHA256 | 5cca4e16052bf419922e787a93e8e058fd53738b291b096606489acc025feafd |
| SHA512 | b73307cfb953503eb6aa1df6d3554deaf99146b390306b4cb15f2022181edd55d61bf1fe468a70459cdbb26792b4bc9e1552a0fe6d4a82bed14aa4016871b02b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9e5bf92570cd5c992441d2d53eccee8f |
| SHA1 | 87d9f6cc2b2da783c6d5fa04d7f28d471d540551 |
| SHA256 | 01fc8fad747de02a11a59947d8748fcd4a2c710e49a177ce7433070c70201770 |
| SHA512 | e7b20ec1826480feaddc781c310baa85a3718264a86e008d5d0b43bd79d3b80799b8020969cf45518a98d7c72bfc2aeebc2c055b287a1952867f93eaecd7f9d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\a4e5036f58e9d133_1
| MD5 | a9a98294d06e4049a8d0f76f8ed131ef |
| SHA1 | 6f6e981d3dca45e2cd0fb8d7d5f16bdbadb317b3 |
| SHA256 | 50616ddaa6c48c35fec5bbf03b0cd812af53b230a4ff682b75d3a7f72f7d527f |
| SHA512 | 5b8aee6ada45cf9235c5f4289ab91b17e37cd954039672fe7bbf099198ef830523d54d367991b3eaad0a0153a1fccc5a07ebbd8acf34786886e996122cf5cde6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\a4e5036f58e9d133_0
| MD5 | cfe7ac730fd450f1a653d32079e307c3 |
| SHA1 | e6af1e768b69c6e1a70a7e8b352cb91114cbba30 |
| SHA256 | 9264a4c585e3b5a8ad8d52cb15a24eb85b3eb070b1fa613e65fac7a76d759d3e |
| SHA512 | e5619a9a21a8cc0ea65e3370c28304177e04189d3a6f326f4ab0e8ca83879ec9a156323cb6fdeeb27af95278b264cfbf86428e710b98e70420e8bf57180c8020 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\d8da3c21b1afe4b4_1
| MD5 | a0cd43dc50e9697c4af3540c073cdf02 |
| SHA1 | 1eac13fe0b07b6d4a2904631fc0619c0540bd6cb |
| SHA256 | cd32f579f1c9a00d33632e433eb82889cd4921d967dc91f3e65e8cffbb287d08 |
| SHA512 | 7c2c0c5837220c270c4cbdbc5b3bc90ebb6a7bae30ae5f6b9c5836f7e84ca95e7e49620e3244cf2c785011c4e2e51492d9ad44540d1fcf3114436ba26cf0438a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e2c7006e81b11393105caad2e9c1ac8a |
| SHA1 | 25a65a192df4c7d29cebdf9c3cedb03cc4315a26 |
| SHA256 | 1698e15e71928d747cc0314b9981be3fd9443834725548ca27c270430edeb5b6 |
| SHA512 | 80e3e45ce732cbfb4c79e8f37c467a228248f95383015af80b6fcb8ed19ac86a5f828aee7bfb4f1254f85753db5cf4ac956f579bcf701fd69da5e564d7327293 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ca7418f40e832934ec109fa16f2ce509 |
| SHA1 | bfe8124c4107e511012512b45e1d0c756c8664ef |
| SHA256 | fb85aec82161f6606b951282248cdcd755c2cbcd7036e15f32a38d9b0f786611 |
| SHA512 | f8e2295e10d3c05a1ddcef1bfaed52125e9616ebcec2a792fb378be622647e84df2b2f61b3136f9910a7b4f41a60c742b03a80e80775e99f57ec60c554aaa056 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e2a6377794b4f24ca3b152d806f8cde6 |
| SHA1 | afb98c9b5b96aa6fe0a3cec86d8a057216abeacd |
| SHA256 | 903bb53662696b8bbe29c70495f58b9b1cfe010997a80105bad26c840b7ad7d3 |
| SHA512 | f4003a38a55760496dd995b08328ac962e950313f249be4eb68fd57e1ce993ddc89edd9a7f5e36874daf19b8dcffb4331489b1cbecc4112cf81a042675fc0b0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 62fb6af4dc591f0637260641d2f8d041 |
| SHA1 | cdfde79bbadaef9c363c73ef00ee1c081205bdd9 |
| SHA256 | 2475cc432e50d1732b4680b4e2e06bf82e32137e6cfba41d34486b19706026a8 |
| SHA512 | 22e0d9876da453733b49e42cd0da862cc9e196a36b28d9ac330b6368bdbbeb47d6e0e85f094bc814108187ad2b2dbeecf0a48cebf875581d99274e7b5149be9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\index-dir\the-real-index~RFe652806.TMP
| MD5 | eab9c7a0aee57953382c944fb5b39409 |
| SHA1 | 8ccfbbd1ce39a6a2153729f2bcfe128e030ff48b |
| SHA256 | 417616ae4ce39b49134febac9a6f63547ac67baf513af9b325b6e6e858d721a1 |
| SHA512 | f2755eee4480e28d99aa008c5e430524be8a8e0d0e1ce9ff289460b9dc77d090ebbbdf09a79c4fb21dad5b516f9388aa241d93cb8455372d626530ba4af9d5d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\index-dir\the-real-index
| MD5 | c2774cc1936906857243dd3327917b09 |
| SHA1 | 3039b1e931f1b26651540225453a61839b56276f |
| SHA256 | 3d92af8d800d05fef8170ce62280a3d945eb0d96cbdd5da3879caa1c488eaa0c |
| SHA512 | 984b2b93bd451b11bca64d78206fb8c2590635918c8d45c4996305e656aa7ce09605e6295e9200864604255a7ed491e239ebc86a9d861979a6a9dcc54bd3d8b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\index.txt
| MD5 | 72ed5780068b4b1d097b025c54e2b167 |
| SHA1 | 589bc114aa0bd872603612008a4f09523a8366b1 |
| SHA256 | a3ed0236506f26ae92404ec912ab0609747d929c208d84c58b3fa19673143906 |
| SHA512 | ebbfc3b9251cc5cca596c8f96068abaa22f055ad65fa039638cba099bdac0042c97f83947441ec8f8dbc31702ba8729543ca23f66f49a1bd8c23986ae3fcbcf4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 86116a7cb879b8b4e7091d51419fcd28 |
| SHA1 | bcde337df6b886c50ac0cdad655f01998070b1f4 |
| SHA256 | c6f954106b28aea34f43f1c93d9128e1c575e52eb68b7b1639967e293b98630d |
| SHA512 | 63e10d85346aa595fe0ee258d2e0e1308a062d109226a08aa04b7d374d31b7ad208225e4fb1bc5e7c59f735e0e349bcd5fd566ad5e29a94b501f27ca4c38d6ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | be5f0791a122870292ea63103a333be8 |
| SHA1 | 7063bcdcdf608ca97319778ca61404ee21145ea9 |
| SHA256 | c836d443f5fab64a81bc2941ae0f8dcd56d242e72175cc911a816d6429fe083a |
| SHA512 | 2ea41204215437ecaee6c369f0e16043394c3546de48b31f1be3cd5d32f8d4907de5465342a2acfbe85e52c5e39cac89ae1056dd268aac5784130b1d71b5f00e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9b8fc171ae63d4e7d9ed3f6bee04fbd1 |
| SHA1 | 649bf65bfe3a839b7b76a2b065b3c70795de0eeb |
| SHA256 | a74c41c5f161dd02a8d3c37956ff2c47b3e04d713daf48933fd3e21f8a341d96 |
| SHA512 | c866ff57118641660e3b28e6e6fbf72bdfed200c2e71165059a3c68d0af13b21b736cd809557f23a5272d0049f0dd4109a7846dfcf7f4621a08c591cc3d9759f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9ecaa6153647d994fd306b47b685bef9 |
| SHA1 | 26039b20181c1b017d4c0bb6bfd8ea87760c30e3 |
| SHA256 | b76f864373d7ec8bbcb9398de13ce79a2afbf6b7c2b0224f4b9bbb709ad9c3ff |
| SHA512 | 0e565f0dec54df293d6de9049ea2e0234c4b31ceab612a24a3bbb362b2e547498025e076c4a34fed7ab1f4257c6522250932cc4bfb1bf601e17059d113336754 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f88be20c3afac9bb7a1baa321452b442 |
| SHA1 | 16d2a84b78c04e9c982c955ca754ff4aa9dbc7df |
| SHA256 | ac60a9212f79b2d3bccacff6e6c18cab5200b28246fb850c1fd3ab9ac0485023 |
| SHA512 | c5da700d402cd8dc2a812287cd900aea1ca15b2f0fa88ad9463219eea886ba35b008907793de35ea87252327c2b0e2beda821b2c8c257fa66ebf411ca3e20e00 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5cbfa7a2708f24bb2d5d7232d0ff1505 |
| SHA1 | 0a3b46db3013723aeca0a3760a411bbc0b14a6a3 |
| SHA256 | dee33036f640073cb11a950623dddc25d8738f323a9083955ce85772d2091da4 |
| SHA512 | 92fb7a8493acc4cde62fc2235742090c00b72fe4742918ec1cf87210e7aa1e526539f5aa2bc0e009596fb6aa7498101988d60d10639bfaf0340d2f927fc989aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f656c8af-081d-44fa-bd71-bffc86028b86.tmp
| MD5 | 66e2b895417da881a126eeea8c15e354 |
| SHA1 | 6a843c3693c6d8b8db33fa39c16c432d6271503c |
| SHA256 | 528d62a9da84f69b189f1de306cc4d3b45fd00951d52011fed0e32a5abadc7d6 |
| SHA512 | b9886e13d6c502ae4b000c54c42ec25bacae917bb8dcc91f4ce2416eda83416f2c6d3fc822a502ee38db8915922637d07c2bff0ef66ae7bcf1ce8d6c8e944624 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 04f621630ded5358ccee5980b61c3744 |
| SHA1 | cb510644b4e121bf8529e07fb0cff70bcc09bc43 |
| SHA256 | eb65bfcd3f101f9f4df5f5a131a75308bd1f48c44c1830b4e4ef0945688070cd |
| SHA512 | 239b16cff9d8b00c44b5b480ba410dc8d5494bf0809f13619331d65a57ade04dbeaaa7d8e04f14b65304c00b6e3cac42661a2d74b6b41a887f1a4e0cdc4318fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b546e8aef08614f9ce5b3e39a01036b0 |
| SHA1 | e73ed5f8b4910ce0acb9c82e34b0cc288ccab6a5 |
| SHA256 | ccf4bd9bbd3bf0ce14743892182daa2e584a46a66257b5d4cf1b598f63a4210a |
| SHA512 | 4aa83c923143fe821a93a016926557f75393febade4ae61edf506f90d1f30d2f7f2e0a0dc398166073a0a8fd119cb49e6a47947bf3221c2a637547da3d3ab103 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 91d2761d2cb484548d8b580041787c98 |
| SHA1 | f6d565ed5b506a2464347d43f10407d52a9ff4e5 |
| SHA256 | 9051402c3529eafa656ed7de48e1bce82690c9ca852bf0cfcc493ba40466f07d |
| SHA512 | aea056d64458d5181e9829f762c054f1ee92b6084f0b65059952fbdc81df8d3778355253fb717ae958c204c95e9a3a3680e8c33d0420d0be318126253dc1af4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 15f84cfb379bcd6297fea057640342a2 |
| SHA1 | 4671c8268d38df8281929d55fc8b2f982350e0e9 |
| SHA256 | b912aaa0a2d84f41ce8ba7a6409f148de7a54dd504358a885e31ff1f43a7be9a |
| SHA512 | 9bd85b8d7e982332955c5efb3ce1d1e2890dea53771d889e52372fc35a616280c83208b37e575039f4b1e1fd5d607227ae5cf19f485c7d540facaea6dd01b869 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 400546bff176d10e49d50c716fdaf367 |
| SHA1 | 6f68c1be3d4ee512041a295f49c71b0d03193677 |
| SHA256 | 1228dd5f6970e0734833c2ced3fc55a1630973280239e516fc40ab2f329e154c |
| SHA512 | 101831ddb156e1e0ec232487691a430ab158721d64012ac70c9969bc5d03af70ca12e6bf31d5af8948e56f0c1f14efca90289a318ce781dd44a21865c1965a14 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2923e8b5751b6c1f39248920c5af6e8d |
| SHA1 | 1bc7db87a0a473edc481c46530ff5321210e21e4 |
| SHA256 | efd0c78dc2040a85e9e4db0ea7ac64752caafcb8f2c1ebc8e6919951dd7cf472 |
| SHA512 | 5f105da50e04052024f985dba84fb86dfa5e9c565d5e936afa112ddce34acdbe1cdc4203242f885637eaa10ad80b9201ddb0ffc5fa538dfed608c72045913524 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0163a9b3b540b1db97d3dae65c18aa5f |
| SHA1 | 059c5e1bdde4f5ef7f119c56e824f5ad35940a46 |
| SHA256 | b623ac4bd773bdf84eede8d4c0bdc87b262fc007bd3063a3c86a9254d02b59b8 |
| SHA512 | eb88a34786b508ec7e84f4640442fee1089f77c8bc0e60218fdadf80709e8648b63bfbc788f6064b1cd1ccac5b83a1f4f3d53b18de1e746a27f14dd1ec6448ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 183411ca0a6835915298e0c1ca336537 |
| SHA1 | 936cf0e1c6b392efcadbb70bb66acdbe0ed64546 |
| SHA256 | 0e8018096a1a0c94435687f8f3520485650e7f45003cfe3b3b2ef6fd1131e964 |
| SHA512 | 75a70762560c22b043b771cef9ea3865667e207c5d53560b2c8b8c7f41b37d025cda8b6122ba1925ac542758cbeba228f1834db0267be29809e8221e3aa46ef8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 49147d8859c51fe87b640d64dfdeb661 |
| SHA1 | b6e1b49b0300d23d2129e0854be7c442a4ae3355 |
| SHA256 | 91364f1af5bf5c41970b821095c469f6d56a0cccb45d085dd328572e9e4fdf74 |
| SHA512 | 638178f9efa24729fbc20060bde531403ddbf922d9dd72bae33375f9a6da753caac1691a74e5ee8505bd24114b5ae2180daa3bb5c3ffcecf8def0c118440ca7e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 07c52311e984b65c47dd32716948fd4f |
| SHA1 | 66eb395d5cdac5a137030de0d7eea7da0f79e0c8 |
| SHA256 | b589710afd3db5e404023ab8c470056ba173a340e426078456a19f3e5da567a9 |
| SHA512 | 9d0132e51fa006d2ab9e84587970b283074b86b2ee90d0c771f94343f5329d76441a079662c5c1f4123cd2a8a76af3c55a37d5a0b26b10e52dbc4790c4c2fb48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 54f700650e30c41fb60253bc27683bd3 |
| SHA1 | bf56c56d4eddfe1069e8bf85b665786d95f9ed9e |
| SHA256 | 362de6437d598597549b7abb9297a042af75f3fcfbdac8b8e09dd464c1684678 |
| SHA512 | f32bc970df559d0fbd9dfc11f481c01b85d6fc832222b5273884b8425e0c3cf158feeffbacca8a90a383ea82a6722ac1291684ff06bcd806542f927be3d24b55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e65308e6144d02d865ad6ca8ff19255e |
| SHA1 | ff9f1f43d7d1b011708d31e9d424049cd5e3ef9b |
| SHA256 | 8ca381eef4c021c156a259d3d8122cc28454b5c3322ae1d9ef1ec1f675167d8c |
| SHA512 | 154b9967ff4136ba50bc475f2c805fd85fe69a163f6c6daafc033604e30f2c1ea895f5fb22f31b1666ece66d90d6708f3a456db8f42283e4a31cba28566a0349 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f6d3bc1eb14cc9ff68d22809169beabe |
| SHA1 | 469d52f2a9477724bba84eae0150d7fb87945daa |
| SHA256 | 34a001faa9ba4195057bf0bec32072f25c66bfd496a8abfaa8d60551c8db9988 |
| SHA512 | 6a11b357f1611d802ac98ceb81539ff0b0f76421c2672ba10f4bf6dc8d920a0e6eda3008d410729600eb7d148574c390800ded5630db61bddb4a5ba2555f3212 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 330fedd5b34846269cb3f2e1ef6f2325 |
| SHA1 | 0944df3ea34760bbbab1a913d3dc273919326d13 |
| SHA256 | fa4b633c7d1c026556f1cecf12acc9cc687ebe3de88374db5a1bbfd3d515def7 |
| SHA512 | 7ef3494b3c194e3326461153db139f554ce626b3ffb593139aaca805efecbaac86e5889fb95e815cddd4f48481951e0ef9ebf7ce054e2e218f474a045e704f3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5c821468f7ee66c9aec9c92972a89b3e |
| SHA1 | e55c66dcb50e83947d9a549adacda0eb7c5df642 |
| SHA256 | c4f81ac2f6a68a046e5fc1fd36da60276bad1a68a04e7d46b0360b93299cc505 |
| SHA512 | f64490256c2b8c60cc99570cf0f03358f99821d5037600a469c576da3b598e7656ff00c522bca764149ecf0fccf0ffe55fa4c083f8513e89fba94783524004fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b7128461747b51d817367faa66bc1ea9 |
| SHA1 | 6948b9c38519cd0c1b9394a792eac4f01e9895f7 |
| SHA256 | 02e56806707edef0d8384afc1b19b959e167d4a30d87dfcc3a316ae5c3be9a4d |
| SHA512 | faa2ff41b0d34089c861c8754ca841692e4c88c72fa319d4a0f092b444d6a1a9fa60e102c3b42e5b909d00c94782e38aa3cba04b4d6ab8f22af8612f0312dddb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 78ada48712b0a3f2da78ee2260a27a02 |
| SHA1 | bdfabef04ed2c1776d3a45c8284360557771c121 |
| SHA256 | 88d712edfceebdce5f8618b8dce0574040a5e8844b67671d3cecc5617630d35e |
| SHA512 | 5e0b569fb58848d0417f1c09371d1f54bf710d2ff8acd11af9c4fb5776e0d2922d2b978fea5398627cbbf458d44e6be3a732cad8df6531b68f61508f13851760 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a98cb21256b9fa5f58ee6b19bdea2fb9 |
| SHA1 | 16a31942a6f7834d94c508772da86f57785a0270 |
| SHA256 | 2eca5fc5714360adb2660d381490d47630930c54a3d93d48a2dce98ab743434f |
| SHA512 | d06d5fdf2f396bad02863ddbd648d9e6c046ba0bfa2401b2a0ef6de97d503abcd8b73abc149ce6cd0398d3b426023ab9f58d411cd1888cf51a209f8b7d87ba8b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 02c9e04c131afa2046ac745aaae531ee |
| SHA1 | b51e30225539495c57c8a76a5e95eaf66a638645 |
| SHA256 | 563574b423cdbc2fa0bf7e710e2302ce5a9f5e43bac622aa734b555bfca6bdfa |
| SHA512 | 8f2fa8826cd6e90508b8400ee1b37970f4587b83aaca0247420e49e6ee35a7657f75e79d878ae6e576181e432644216cb83aeb1f27412e8c6901188424b57880 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 320958348005b4c022925856fffbb7c1 |
| SHA1 | 722a1f80bbfb482b09e38497c65f2ccdf8ff4c4d |
| SHA256 | 65fbf4b0a541166a836f8b721d8da1aff3faeb0d7a9839a36d845a5fc1933bf2 |
| SHA512 | 5ebf89c5612ce4cdf83eec023ac2097776da74352cf0a224ede39031716fd1e7067d0cd335a2a95656e2d4c725d6abb80ec4aa532211c2534437d6f59011f3ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 73e6b29f865566a460edadf413c6a62c |
| SHA1 | 8e1784a1ea65231ea79bef5620dfac22a8b3a2f6 |
| SHA256 | b100c610a78c423d3da8be0e90081423743943da664b8e3aac1c25cd25799c99 |
| SHA512 | 06f3cead3a02a12fe3ecab4cbf024ef1ae5f24c305e0741f4aacd37d513558fd2bdde2d670c0987d6e745526f092e7c799791db8d3f49316b8975b677ec88a0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | afeb1f2d94a0d3c87b1449c2b6127d3b |
| SHA1 | b895f5ffd83c0b3d59763e0555fea085aab78630 |
| SHA256 | c71b14fcb8fe98a8813d5b9f2ca55b2ca561332efcf70abbafebb3b475689bb2 |
| SHA512 | 1d8535f835584ce508429be9a31aef08988681a7c5a94b3198bd5495a1cdd6bd1a2064ae6f4d9625c8ebe683668d0dcc236b04f4bbb774fc2ade465393594f4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5fbe835a360f21f0b3878116a2c54835 |
| SHA1 | abfa430843396fb4c615a32650d8e34553fff609 |
| SHA256 | 28a577a49277fb165133dc9e23e4c8572d9dcac95bf5cf42c29c1b796fd8455f |
| SHA512 | 64220f8fc88aa2a5f64e263c93028b44f703ff3f8dd880e1c379e9857e6becd401b9742d53b724eebcc580568c3b782c763ce6693592085245ea5ef60ff14252 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3d6e1da1e5cf996f0eacc306ea04435a |
| SHA1 | f41ab2fafbb12faeeab91249eb23d0d27bc2872f |
| SHA256 | 307c33927fc1f318657f9d4738f7712aaec8fb758c91f27789521ba4cf084470 |
| SHA512 | b008fac67771b5aa60d5e46905a32fa815a8720399f4a681734652ade5a31fff766afddffeb93c6838c837e2296bd48909d8e9d344e30f2d4d72294f42d97dd5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3f8fd8da5ddfc7d1d786b9866acaec7a |
| SHA1 | e5de19e619889604cc760f127bca59f1b7495c87 |
| SHA256 | fb9a906f4867813cb5ad3be7ef777a71fdb82af17b3b3885e837b85b1c67c7c2 |
| SHA512 | 15e10fe6046fd1d6a0d4c84164d57d353a81cdaefd3ebbad8a004dbf8fd51956404f57f7d98591c6571fa0daa2acc9fd13deb7b4a4b3810f30f00d7fbb55d7d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a8b502c7a299e4159c0902b7d11f3641 |
| SHA1 | 8e0765d9704b9d817cd8fc77f4f443e15dde3c82 |
| SHA256 | 5de60f9fe5dedce71165e52c878c1385189ec7e911f54d09aeed8631cb1bdc67 |
| SHA512 | 02f26942d3c3a9ff8431f9dfcb49f085ed5048db5f41624a017f80d4682616c312b1dae08a1dc149e06c3cdd345a70bd933f8a9a686f85a78ecadb5ae5792f0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 00003fd42b23a8022cade6698d6f0a85 |
| SHA1 | c147c56d33be32b01dbca74ba98c6b4290a21a46 |
| SHA256 | 8d387e41f1b5bf2b469b665a5b8a93f13d248ec920ffd1db5c6d7808a3c5f104 |
| SHA512 | 636858f18b9e47edc9d308ed60089298f9a0ef6d3882d1de503dc643308937ce4c2b405d57f49ae282a1238b598ebea7637030f5fafe2dac54a4a73a3b48d786 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6a2e0744b7cea037663bb1b50996fbd7 |
| SHA1 | 9f5f11a43d8d10505e7ae3672183a2ce7429b553 |
| SHA256 | 3e6357fdcd0f6b9e3fddc4797f80870b2b419a38aac0fff4d363c18e5ae6bfec |
| SHA512 | 6b30f7af2f768e79c6e9bec9f15ddd5a4a3bdef9a41e2f925b15cfd94df791395c5dc5728c5c16f2c56d9764f504b9b96c658ab41253549407e6b284e857b0f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7c267cce90589e2d05e5f8bb2556807c |
| SHA1 | b8ab0048a087382116b1485c4ae843d50acbd833 |
| SHA256 | 0365894cada277a9907e0c573f8b67f2316a9994dae777f3c63af2ab1a8a341a |
| SHA512 | 9d7c5582f77353c4dc0834622f77e13c3f49b8da713bfe56c4d8f2151c60ba3a02aa63b8255f4cf1d08e680db4454f6af2a8273e7ce05436413845c3f4ab73a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cbbd728328291c145da6581d38c1c11e |
| SHA1 | 0aeb705b4d1794c024a025647a6de95b7e07150d |
| SHA256 | 7ef96d282bca65f455afbccfc42279d6ccde779f9417cb0a98964c74a476477a |
| SHA512 | 1f5d92d55c1e58396ceb3fb77ad95c51258194cf482a496e24b0edec5d2a38e0ce0dcc1654c033c8968f171312f69ebe96d8a41f96deb5f0363c2a11ca0b7af2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f886f15f8b87f59c336e1a2c5e1bed44 |
| SHA1 | 79186ac192d5fd64a56ac07502a685c3b4759ae4 |
| SHA256 | eb08885654ec39dbf0d21b319147dc84939bd8308fbc4d8364029420e2729a17 |
| SHA512 | 7bbb9147fda7ab48a81afb8b87e9035cd9ff4a2c6c56d236da35bf58590b0621314cfbda67d73cc4e9d913ded76ae0aa8c5305ac9883436cf3625bdaa0128b18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 561704d57afaadcc7d409a786666d132 |
| SHA1 | 8eb69d95d98a50eb20808ac0282635d6b9a0a54e |
| SHA256 | b7c62a6ced485c8aecf4f3d07463e3eac5cea265b28bdba2bbf259d4b1822392 |
| SHA512 | 578604cc9b0a3664b1a06a2221016f21a5ff436835f6e00c0d25c5f389ff97d0170ff70d31e4639f98df729b209141eb4507c71be95b89312e427c2f97caa736 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a08c75935128756ba91bac2b1290f409 |
| SHA1 | 3d1be067cf753abff4158a4d6a7c029c13892183 |
| SHA256 | 041c6f615906343a20f2e3a7e39bbc8fb2277ab2b1306ce12640466cc4b1d99b |
| SHA512 | b9524231ea39085550480b4a313f1808d94ea9c4e1cf0b030bdea2c3bbbc6ad5ce708a468b573dc53bd6166015e035f276da61106a738dddb001c88e523a132b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7bde0f5557a10b41268ad37b3d34cae3 |
| SHA1 | 2ead3642b55b82c1acd88f199e22cc9e8c9d4972 |
| SHA256 | ec9cc066f695a6bf8066e74f007deb87e775441fd2d93a0503e30b14332ffdce |
| SHA512 | 9907aba62ededff22b73559a7dc1c563b4321fe231c6e0b0437e799f2467e82418dd120a94330e613cce696ab1c1853d5e446281d442b4a65ffa08cc8e3b7509 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 970f3a104527772eef62bda8f3277da6 |
| SHA1 | 62c422491a0504f79479cfcb4bb91ba6fc6574e4 |
| SHA256 | 6939b18d0d41d42dc2e6812581e823776b984952713bb2ff0a69f6149a52cf50 |
| SHA512 | a2fec8d878cd2c8ec340eaefbbb4c7b293794616a3847d9a45f6a3122203be557e3e3a50d9d0132065dfdf56e569e5752900614f33381cf15f3a34bbb0f680f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 49f2884016d316b1ef0079e04d0a43f4 |
| SHA1 | 3c891bc86627fbcf42d2ff8994fd014d2f5e3ac8 |
| SHA256 | 087aecabd0d36a27e68ff3a9e8f71ed768176ee9a3d92287e91107295f10b91d |
| SHA512 | a59e30d4b750141eb6fb1bde5a34dbc7fe7f22a6e75e6ed2f8b4659613fc721ac500fcc1d5bf4010a37b6936df3b2d82a700eb5a55f91679fa0bf38dcf84d9d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e2de1d1c2708b0b20871c9f8f37a588c |
| SHA1 | 31994f68d01fe384efc61155e73ca49bcc039cb0 |
| SHA256 | 0f3d33683cc4fa433a3e8a2ae40d8f130df49213a93a46d5892231374fc18021 |
| SHA512 | 1c10d3894aa5d54bcae14def2f3935489a95581661f0d0fbf79492598c04e1cd6045dae099edf70f206feab3b827962d6814a0f12da4e511e03102c70c269ef3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cfb1decee30286429869a4e26fd03de1 |
| SHA1 | 1899e0c15f7e3272b4d29a853269b022df502c3d |
| SHA256 | 2ad5d2b00f68f52f91e37ed87a27604a4f84f0a0f548732f04b6571598be20a7 |
| SHA512 | f91456fab9f89a2c5fcbfdc4860bb19e248e7251eccc216cd2c0c129cde5fd57907d124666873158895d1c4b8560c0065d3bbd51163b1060b9cdc0c5696e6754 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f43dd5c0b055798101d6fac8b9fbffbc |
| SHA1 | 02591f97f957fdcd8bb314f9409152c51a3d17b3 |
| SHA256 | e615b2236eed1e883869765d8ddff1bf5229d9e7c05d7f62b270bc947659ce08 |
| SHA512 | 62b19cb992c8c35b3cff50f935a232a8ad02e536280817ac92352fd4c0781ce2426f0950e7f03d936e5efbff5229bf4f4351fcbf8ad1c996478c631d0516a304 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b977addfe674765b8cef4306160a754c |
| SHA1 | 49f66bcca0f96c38a2d04c876f706003fa258558 |
| SHA256 | 884d3396ab9f0090cd41d2bf19a3e1daec4fd014f45ccce73ec55135adc4deda |
| SHA512 | a1abe212c1906e3c2e07a5aa4d39856fb66985885ca1fd38b04c3736e7e757793cce3c333851d55acaeb8a824237e5528deb8f046a089317264602c0e6bc0617 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\a44695b6-0272-42b0-a82b-458bb7653083.down_data
| MD5 | 5683c0028832cae4ef93ca39c8ac5029 |
| SHA1 | 248755e4e1db552e0b6f8651b04ca6d1b31a86fb |
| SHA256 | 855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e |
| SHA512 | aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3 |