Analysis Overview
SHA256
2c010bcae341cf1003c194a4b566a0cb0c8dff2443d2f9fbd9e7a2d9abc8af6a
Threat Level: Known bad
The file OptiFine_1.19.4_HD_U_I4.jar was found to be: Known bad.
Malicious Activity Summary
Quasar RAT
Suspicious use of NtCreateProcessExOtherParentProcess
Quasar payload
Quasar family
Downloads MZ/PE file
Uses Session Manager for persistence
Checks computer location settings
Loads dropped DLL
Executes dropped EXE
Legitimate hosting services abused for malware hosting/C2
Adds Run key to start application
Checks for any installed AV software in registry
Writes to the Master Boot Record (MBR)
Drops file in System32 directory
Drops file in Program Files directory
Drops file in Windows directory
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Modifies Internet Explorer settings
Modifies registry class
Suspicious use of SendNotifyMessage
Checks processor information in registry
Suspicious behavior: GetForegroundWindowSpam
Scheduled Task/Job: Scheduled Task
Uses Volume Shadow Copy service COM API
Gathers network information
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Uses Task Scheduler COM API
Suspicious behavior: EnumeratesProcesses
Modifies data under HKEY_USERS
Suspicious use of WriteProcessMemory
Checks SCSI registry key(s)
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Uses Volume Shadow Copy WMI provider
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-31 00:48
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-31 00:48
Reported
2024-10-31 01:06
Platform
win10ltsc2021-20241023-en
Max time kernel
994s
Max time network
1020s
Command Line
Signatures
Quasar RAT
Quasar family
Quasar payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious use of NtCreateProcessExOtherParentProcess
| Description | Indicator | Process | Target |
| PID 1712 created 3688 | N/A | C:\Windows\system32\taskmgr.exe | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_ui.exe |
| PID 1712 created 3688 | N/A | C:\Windows\system32\taskmgr.exe | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_ui.exe |
Downloads MZ/PE file
Uses Session Manager for persistence
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Session Manager\BootExecute = 6100750074006f0063006800650063006b0020006100750074006f00630068006b0020002a0000006900630061007200750073005f0072007600720074002e0065007800650000000000 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Desktop\Client-built.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Executes dropped EXE
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\avast_one_free_antivirus.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av-vps\icarus.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe | N/A |
| N/A | N/A | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Java update = "\"C:\\Users\\Admin\\AppData\\Roaming\\SubDir\\Client.exe\"" | C:\Users\Admin\Desktop\Client-built.exe | N/A |
Checks for any installed AV software in registry
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\icarus_rvrt.exe | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File opened for modification | C:\Windows\system32\icarus_rvrt.exe | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File opened for modification | C:\Windows\system32\icarus_rvrt.exe | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe | N/A |
| File opened for modification | C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\ | C:\Users\Admin\Desktop\Client-built.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Avast Software\Avast\AvastSvc.exe.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-memory-l1-1-0.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\1033\aswClnTg.htm.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\mfc140.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\Inf\x64\aswSnx.sys.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\dll_loader.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\aswAMSI.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\gui_resources\default_one\mainVars_test.json.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\FAF\helsinki.ttf.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\ashShell.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-console-l1-1-0.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-process-l1-1-0.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\dnd_helper.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\SetupInf.exe.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\FAF\Dustismo_Roman.ttf.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\aswRunDll.exe.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\chrome_100_percent.pak.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\gui_resources\default_one\libs.js.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\mfcm140.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\firefox_pass.exe.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\gui_resources\default_one\firewall.js.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\FAF\Sanctuary.ttf.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-interlocked-l1-1-0.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\FAF\garto16.ttf.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\Licenses\rapidjson.txt.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-rtlsupport-l1-1-0.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\su_controller.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\aswCmnOS.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\Licenses\libevent.txt.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\RegSvr.exe.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processenvironment-l1-1-0.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-private-l1-1-0.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\libwaheap.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\Licenses\pugixml.txt.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\Inf\x64\aswStm.sys.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\mfcm140.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-util-l1-1-0.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\FAF\GOODDP__.TTF.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\Inf\x64\aswSP.sys.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\gui_resources\default_one\programDeactivator.js.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\FAF\newscycle-regular.ttf.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\1033\Base.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\Licenses\Detours.txt.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\aswCmnIS.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\sched.exe.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\aswRvrt.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\gui_resources\default_one\mainSprite_dark.css.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\ucrtbase.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\aswProperty.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-rtlsupport-l1-1-0.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\vcruntime140_threads.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\locales\es-419.pak.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\aswCmnIS.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\avast.local_vc142.crt.manifest.ipending.1db16a57 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\libwaapi.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| File created | C:\Program Files\Avast Software\Avast\x86\aswBrowser.dll.ipending.1db16a57.lzma | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Logs\Cbs\FilterList.log | C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4467_none_7e0f83e07c8c1985\TiWorker.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\SysWOW64\mspaint.exe | N/A |
| File opened for modification | C:\Windows\Logs\CBS\CBS.log | C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4467_none_7e0f83e07c8c1985\TiWorker.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\notepad.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\avast_one_free_antivirus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\mspaint.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av-vps\icarus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\wermgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_ui.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av-vps\icarus.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\wermgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\system32\wermgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_ui.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Windows\system32\wermgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Windows\system32\wermgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Gathers network information
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\ipconfig.exe | N/A |
| N/A | N/A | C:\Windows\system32\ipconfig.exe | N/A |
| N/A | N/A | C:\Windows\system32\NETSTAT.EXE | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\explorer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133748094500472341" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\MRUListEx = 00000000ffffffff | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\MRUListEx = ffffffff | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\1\0\0 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\7CCD586D-2ABC-42FF-A23B-3731F4F183D9 = "65F115A51CCCDBF623206AEDE3B3D8A4" | C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\7CCD586D-2ABC-42FF-A23B-3731F4F183D9 = "65F115A51CCCDBF623206AEDE3B3D8A4" | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0 = 48003100000000005f596b06100073610000360009000400efbe5f5967065f596b062e000000c4510400000029000000000000000000000000000000a560bd0073006100000012000000 | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 03000000010000000200000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616193" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616209" | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202020202020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\1 | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WFlags = "0" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4152190078-1497776152-96910572-1000\{DEFEF825-1170-4D42-B6E0-83EB750000C8} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\1\0\0\NodeSlot = "5" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0000000001000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\5E1D6A55-0134-486E-A166-38C2E4919BB1 = "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAjLkezrJaX0qG2VQVPWJpVAQAAAACAAAAAAAQZgAAAAEAACAAAAC75O8CF5UUWFSCNnSKqMM+Lb1Jgk27G4/S2n9a8fCo9gAAAAAOgAAAAAIAACAAAABWtYyFnaud2vAOpA/He3295iW1YQAL5Ki3hBsgEGp3hTAAAAB6hE45P/k58mdY0E4r5AfplwJO1rNEfx7bWdTwvPfjbfYEW15xEWZaoLggDFPyJttAAAAAXZUhxtumdLpKqHC8m8yQTUV3tLx9TbT7rFR5QfGBCyoC9R6t/D27iJIjlPio4o8PeKn5+v3mt2g5al5Go14L3g==" | C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\56C7A9DA-4B11-406A-8B1A-EFF157C294D6 = "d8ff6bc9-3357-4680-89aa-6123fcaa0277" | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\Shell\SniffedFolderType = "Generic" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3\NodeSlot = "8" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\7CCD586D-2ABC-42FF-A23B-3731F4F183D9 = "65F115A51CCCDBF623206AEDE3B3D8A4" | C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\MRUListEx = 00000000ffffffff | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Scheduled Task/Job: Scheduled Task
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\OptiFine_1.19.4_HD_U_I4.jar
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x220,0x224,0x228,0x200,0x22c,0x7ffb11fdcc40,0x7ffb11fdcc4c,0x7ffb11fdcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1944,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1932 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2180,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2216 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2280,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2296 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3176,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3180 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3188,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3224 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4580,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4572 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4704,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3680 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4552,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4836 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3716,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4988 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3720,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5132 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4092,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4420 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3444,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4908 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4400,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5348 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3180,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5476 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4064,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4480 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\sa\" -an -ai#7zMap8134:90:7zEvent23300
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe
"C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe"
C:\Windows\explorer.exe
"C:\Windows\explorer.exe" /select, "C:\Users\Admin\Desktop\sa\Quasar v1.4.1\quasar.p12"
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" cryptext.dll,CryptExtAddPFX C:\Users\Admin\Desktop\sa\Quasar v1.4.1\quasar.p12
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=508,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4540 /prefetch:8
C:\Windows\System32\ipconfig.exe
"C:\Windows\System32\ipconfig.exe"
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\system32\ipconfig.exe
ipconfig
C:\Users\Admin\Desktop\Client-built.exe
"C:\Users\Admin\Desktop\Client-built.exe"
C:\Windows\SYSTEM32\schtasks.exe
"schtasks" /create /tn "Java update" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\SubDir\Client.exe" /rl HIGHEST /f
C:\Users\Admin\AppData\Local\Temp\4OBdI2c6xa6o.exe
"C:\Users\Admin\AppData\Local\Temp\4OBdI2c6xa6o.exe"
C:\Users\Admin\Desktop\Client-built.exe
"C:\Users\Admin\Desktop\Client-built.exe"
C:\Windows\SYSTEM32\schtasks.exe
"schtasks" /create /tn "Java update" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\SubDir\Client.exe" /rl HIGHEST /f
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4656,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1268 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3424,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4700 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3456,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3572 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5484,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3164 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=3548,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5716 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5476,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3216 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=6016,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6000 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6024,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5988 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\System32\CredentialUIBroker.exe
"C:\Windows\System32\CredentialUIBroker.exe" NonAppContainer -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5252,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6180 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5588,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5724 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5896,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5256 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5912,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5936 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5708,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5704 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=5684,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5848 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5692,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6224 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6528,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6504 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3468,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6652 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6480,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6788 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=4712,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6788 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6660,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6420 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=6836,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3380 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=4088,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1544 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=6932,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5676 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=6484,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6496 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=5952,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5848 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=6904,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6316 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=5676,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5772 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x48c 0x484
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=3440,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5992 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=3216,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6944 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=6288,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7080 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=5024,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6448 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6152,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6900 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=5928,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4484 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7280,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7272 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4848,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5920 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5780,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7404 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=6456,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=7076,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5696 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5956,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5188 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=5380,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3484 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=7152,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6332 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=7576,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5592 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=7148,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6900 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7100,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7092 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5096,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6224 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6360,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7328 /prefetch:8
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe"
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=3732,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ffb01fb46f8,0x7ffb01fb4708,0x7ffb01fb4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2732 /prefetch:1
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\system32\NETSTAT.EXE
netstat
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x144,0x148,0x14c,0x120,0x150,0x7ffb01fb46f8,0x7ffb01fb4708,0x7ffb01fb4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=4476,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6972 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6232,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6208 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=6240,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7660 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7240,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7672 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6828,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7832 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=900,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7796 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=7532,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7036 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=6428,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=8044 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=7992,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7556 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=7284,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7188 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=6260,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7548 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=5248,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7268 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=7496,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7984,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6316 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7936,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7872 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8064,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=8012 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+send+a+virus+to+my+friend
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x144,0x148,0x14c,0x120,0x150,0x7ffb01fb46f8,0x7ffb01fb4708,0x7ffb01fb4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2804 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
C:\Users\Admin\Downloads\avast_one_free_antivirus.exe
"C:\Users\Admin\Downloads\avast_one_free_antivirus.exe"
C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe
"C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe" /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /ga_clientid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe /icarus-info-path:C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\icarus-info.xml /install /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_ui.exe
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_ui.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /is-a1
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /er_slave:avast-av_slave_ep_e82cefb5-bb0e-4834-9dce-604b3bcb2824 /slave:avast-av
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av-vps\icarus.exe
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av-vps\icarus.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /er_slave:avast-av-vps_slave_ep_7268b904-8c8e-4773-acd3-583cd4f34a47 /slave:avast-av-vps
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /er_slave:avast-vpn_slave_ep_43d20d8f-2cdf-4c34-8251-89c6246e98ce /slave:avast-vpn
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /er_slave:avast-du_slave_ep_b378ba86-3da8-4918-9a59-0e34090bead6 /slave:avast-du
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /er_slave:avast-tu_slave_ep_96554f53-e673-40f2-b14d-ace05feea332 /slave:avast-tu
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+download+memz
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x144,0x148,0x14c,0x120,0x150,0x7ffb01fb46f8,0x7ffb01fb4708,0x7ffb01fb4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2988 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\System32\cmd.exe"
C:\Windows\SysWOW64\mspaint.exe
"C:\Windows\System32\mspaint.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4467_none_7e0f83e07c8c1985\TiWorker.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4467_none_7e0f83e07c8c1985\TiWorker.exe -Embedding
C:\Windows\system32\wermgr.exe
"C:\Windows\system32\wermgr.exe" "-outproc" "0" "3564" "996" "836" "1000" "0" "0" "1004" "1008" "0" "0" "0" "0"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=internet+explorer+is+the+best+browser
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x144,0x148,0x14c,0x120,0x150,0x7ffb01fb46f8,0x7ffb01fb4708,0x7ffb01fb4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2468 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fd.api.iris.microsoft.com | udp |
| NL | 20.103.156.88:443 | fd.api.iris.microsoft.com | tcp |
| US | 8.8.8.8:53 | 200.163.202.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.108.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 13.87.96.169:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.178.10:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.178.10:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.96.87.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.178.10:443 | ogads-pa.googleapis.com | tcp |
| GB | 142.250.178.10:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.206:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | user-images.githubusercontent.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 21.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 172.217.16.238:443 | google.com | tcp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.73.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ipwho.is | udp |
| DE | 195.201.57.90:443 | ipwho.is | tcp |
| US | 8.8.8.8:53 | 90.57.201.195.in-addr.arpa | udp |
| N/A | 10.127.0.227:4782 | tcp | |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.16.238:443 | google.com | udp |
| US | 8.8.8.8:53 | ipwho.is | udp |
| DE | 195.201.57.90:443 | ipwho.is | tcp |
| N/A | 10.127.0.227:4782 | tcp | |
| US | 8.8.8.8:53 | tria.ge | udp |
| US | 172.64.147.112:443 | tria.ge | tcp |
| US | 172.64.147.112:443 | tria.ge | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | hatching.io | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| NL | 154.61.71.12:443 | hatching.io | tcp |
| NL | 154.61.71.12:443 | hatching.io | tcp |
| NL | 154.61.71.12:443 | hatching.io | tcp |
| NL | 154.61.71.12:443 | hatching.io | tcp |
| NL | 154.61.71.12:443 | hatching.io | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 112.147.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.71.61.154.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 74.125.71.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 84.71.125.74.in-addr.arpa | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 142.250.178.14:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | signaler-pa.googleapis.com | udp |
| GB | 142.250.178.14:443 | accounts.youtube.com | tcp |
| US | 8.8.8.8:53 | accounts.google.co.uk | udp |
| BE | 64.233.184.94:443 | accounts.google.co.uk | tcp |
| US | 8.8.8.8:53 | accounts.google.com.gt | udp |
| BE | 64.233.184.94:443 | accounts.google.com.gt | tcp |
| US | 8.8.8.8:53 | 94.184.233.64.in-addr.arpa | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.234:443 | signaler-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 74.125.71.84:443 | accounts.google.com | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | tcp |
| GB | 74.125.71.84:443 | accounts.google.com | tcp |
| US | 172.64.147.112:443 | tria.ge | tcp |
| GB | 142.250.187.234:443 | signaler-pa.googleapis.com | udp |
| US | 172.64.147.112:443 | tria.ge | tcp |
| US | 172.64.147.112:443 | tria.ge | tcp |
| US | 172.64.147.112:443 | tria.ge | tcp |
| US | 172.64.147.112:443 | tria.ge | tcp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | udp |
| US | 172.64.147.112:443 | tria.ge | tcp |
| US | 8.8.8.8:53 | google.com.gt | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.187.195:443 | google.com.gt | tcp |
| GB | 172.217.16.227:443 | google.co.uk | tcp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | lh3.google.com | udp |
| GB | 216.58.204.78:443 | lh3.google.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ogads-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 172.217.16.234:443 | ogads-pa.clients6.google.com | tcp |
| GB | 216.58.213.10:443 | ajax.googleapis.com | tcp |
| GB | 142.250.200.1:443 | lh3.googleusercontent.com | tcp |
| GB | 172.217.16.234:443 | ogads-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 216.58.204.78:443 | lh3.google.com | tcp |
| GB | 142.250.200.1:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.179.227:443 | id.google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.234:443 | ogads-pa.clients6.google.com | tcp |
| GB | 172.217.16.234:443 | ogads-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| GB | 74.125.71.84:443 | accounts.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| GB | 142.250.187.234:443 | signaler-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| GB | 74.125.71.84:443 | accounts.google.com | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.16.227:443 | google.co.uk | udp |
| GB | 142.250.187.195:443 | google.com.gt | udp |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.16.238:443 | google.com | tcp |
| US | 8.8.8.8:53 | e2c39.gcp.gvt2.com | udp |
| FI | 35.217.17.196:443 | e2c39.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c1.gcp.gvt2.com | udp |
| TW | 34.80.89.126:443 | e2c1.gcp.gvt2.com | tcp |
| TW | 34.80.89.126:443 | e2c1.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 196.17.217.35.in-addr.arpa | udp |
| N/A | 10.127.0.227:4782 | tcp | |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| NL | 216.58.208.99:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 99.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.recordedfuture.com | udp |
| US | 172.64.152.166:443 | www.recordedfuture.com | tcp |
| US | 172.64.152.166:443 | www.recordedfuture.com | tcp |
| US | 8.8.8.8:53 | cms.recordedfuture.com | udp |
| US | 104.18.35.90:443 | cms.recordedfuture.com | tcp |
| US | 104.18.35.90:443 | cms.recordedfuture.com | tcp |
| US | 104.18.35.90:443 | cms.recordedfuture.com | tcp |
| US | 104.18.35.90:443 | cms.recordedfuture.com | tcp |
| US | 8.8.8.8:53 | www.gartner.com | udp |
| US | 8.8.8.8:53 | js.hsforms.net | udp |
| US | 104.18.142.119:443 | js.hsforms.net | tcp |
| US | 172.64.153.35:443 | www.gartner.com | tcp |
| US | 8.8.8.8:53 | 166.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | forms.hsforms.com | udp |
| US | 104.18.80.204:443 | forms.hsforms.com | tcp |
| US | 8.8.8.8:53 | 90.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.142.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.80.18.104.in-addr.arpa | udp |
| US | 172.64.153.35:443 | www.gartner.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 172.64.153.35:443 | www.gartner.com | tcp |
| US | 8.8.8.8:53 | forms-na1.hsforms.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.19.175.188:443 | forms-na1.hsforms.com | tcp |
| US | 104.19.175.188:443 | forms-na1.hsforms.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | tcp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | tcp |
| US | 172.64.153.35:443 | www.gartner.com | udp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.175.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | forms-na1.hubspot.com | udp |
| US | 104.16.118.116:443 | forms-na1.hubspot.com | tcp |
| US | 104.16.118.116:443 | forms-na1.hubspot.com | tcp |
| US | 104.16.118.116:443 | forms-na1.hubspot.com | tcp |
| US | 8.8.8.8:53 | dev.visualwebsiteoptimizer.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 8.8.8.8:53 | 116.118.16.104.in-addr.arpa | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | j.6sc.co | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | ssl.google-analytics.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 95.100.195.6:443 | j.6sc.co | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | js.hs-scripts.com | udp |
| US | 8.8.8.8:53 | cdn.matomo.cloud | udp |
| GB | 151.101.188.157:443 | static.ads-twitter.com | tcp |
| GB | 2.18.190.140:443 | snap.licdn.com | tcp |
| GB | 216.58.213.10:443 | content-autofill.googleapis.com | tcp |
| NL | 18.239.94.49:443 | cdn.matomo.cloud | tcp |
| NL | 18.239.94.49:443 | cdn.matomo.cloud | tcp |
| GB | 172.217.169.8:443 | ssl.google-analytics.com | tcp |
| US | 104.16.141.209:443 | js.hs-scripts.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | t.co | udp |
| GB | 74.125.133.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| GB | 172.217.169.8:443 | ssl.google-analytics.com | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| US | 172.64.153.35:443 | www.gartner.com | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| US | 172.66.0.227:443 | t.co | tcp |
| US | 8.8.8.8:53 | js.hsleadflows.net | udp |
| US | 8.8.8.8:53 | js.hs-banner.com | udp |
| US | 104.244.42.67:443 | analytics.twitter.com | tcp |
| US | 8.8.8.8:53 | js.hubspot.com | udp |
| US | 8.8.8.8:53 | js.hs-analytics.net | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | c.6sc.co | udp |
| US | 8.8.8.8:53 | ipv6.6sc.co | udp |
| US | 8.8.8.8:53 | recordedfuture.matomo.cloud | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 104.17.175.201:443 | js.hs-analytics.net | tcp |
| US | 172.64.147.16:443 | js.hs-banner.com | tcp |
| DE | 18.195.235.189:443 | recordedfuture.matomo.cloud | tcp |
| DE | 18.195.235.189:443 | recordedfuture.matomo.cloud | tcp |
| US | 104.18.138.17:443 | js.hsleadflows.net | tcp |
| US | 95.100.195.61:443 | ipv6.6sc.co | tcp |
| US | 8.8.8.8:53 | eps.6sc.co | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 75.2.108.141:443 | eps.6sc.co | tcp |
| US | 8.8.8.8:53 | 232.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.102.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.188.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.141.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.133.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.0.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.6sc.co | udp |
| US | 104.17.175.201:443 | js.hs-analytics.net | tcp |
| US | 172.64.147.16:443 | js.hs-banner.com | tcp |
| DE | 18.195.235.189:443 | recordedfuture.matomo.cloud | tcp |
| US | 104.18.138.17:443 | js.hsleadflows.net | tcp |
| US | 95.100.195.61:443 | b.6sc.co | tcp |
| US | 75.2.108.141:443 | eps.6sc.co | tcp |
| US | 8.8.8.8:53 | cta-service-cms2.hubspot.com | udp |
| US | 8.8.8.8:53 | track.hubspot.com | udp |
| US | 104.16.118.116:443 | track.hubspot.com | tcp |
| US | 104.16.118.116:443 | track.hubspot.com | tcp |
| US | 8.8.8.8:53 | v.eps.6sc.co | udp |
| US | 8.8.8.8:53 | 252628.hs-sites.com | udp |
| US | 8.8.8.8:53 | perf-na1.hsforms.com | udp |
| NL | 18.239.36.33:443 | v.eps.6sc.co | tcp |
| US | 104.16.192.117:443 | 252628.hs-sites.com | tcp |
| US | 104.18.80.204:443 | perf-na1.hsforms.com | tcp |
| US | 8.8.8.8:53 | forms.hubspot.com | udp |
| DE | 37.252.173.215:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | 35.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.147.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.175.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.108.2.75.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.235.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.138.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.195.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.192.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn2.hubspot.net | udp |
| US | 104.16.118.116:443 | forms.hubspot.com | tcp |
| US | 8.8.8.8:53 | static.hsappstatic.net | udp |
| US | 104.18.88.62:443 | cdn2.hubspot.net | tcp |
| US | 104.17.172.91:443 | static.hsappstatic.net | tcp |
| US | 8.8.8.8:53 | bf28149orj.bf.dynatrace.com | udp |
| US | 52.22.53.165:443 | bf28149orj.bf.dynatrace.com | tcp |
| US | 104.18.80.204:443 | perf-na1.hsforms.com | udp |
| US | 8.8.8.8:53 | static.hubspot.com | udp |
| US | 52.22.53.165:443 | bf28149orj.bf.dynatrace.com | tcp |
| US | 8.8.8.8:53 | 215.173.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.88.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.172.17.104.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 104.17.172.91:443 | static.hsappstatic.net | tcp |
| GB | 216.58.204.78:443 | lh3.google.com | udp |
| GB | 142.250.200.1:443 | lh3.googleusercontent.com | udp |
| US | 104.16.192.117:443 | 252628.hs-sites.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.179.227:443 | id.google.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| GB | 74.125.71.84:443 | accounts.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 142.250.178.14:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| GB | 172.217.16.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 172.217.16.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 172.217.16.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 172.217.16.238:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | www.names.org | udp |
| GB | 142.250.187.238:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.187.238:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 18.245.143.49:443 | www.names.org | tcp |
| GB | 18.245.143.49:443 | www.names.org | tcp |
| US | 8.8.8.8:53 | a.pub.network | udp |
| US | 8.8.8.8:53 | b.pub.network | udp |
| US | 8.8.8.8:53 | c.pub.network | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | confiant-integrations.global.ssl.fastly.net | udp |
| US | 34.160.152.31:443 | c.pub.network | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.18.21.206:443 | a.pub.network | tcp |
| US | 104.18.21.206:443 | a.pub.network | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| GB | 18.245.143.49:443 | www.names.org | udp |
| US | 151.101.1.194:443 | confiant-integrations.global.ssl.fastly.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | cmp.quantcast.com | udp |
| US | 8.8.8.8:53 | pixel.quantserve.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| DE | 91.228.74.166:443 | pixel.quantserve.com | tcp |
| NL | 18.239.83.25:443 | cmp.quantcast.com | tcp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| NL | 18.239.50.110:443 | rules.quantcount.com | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 98.82.156.207:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | d.pub.network | udp |
| DE | 91.228.74.159:443 | secure.quantserve.com | tcp |
| US | 104.18.21.206:443 | a.pub.network | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| US | 104.18.21.206:443 | a.pub.network | udp |
| NL | 18.239.70.203:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | js.datadome.co | udp |
| US | 34.160.152.31:443 | d.pub.network | tcp |
| NL | 18.239.83.17:443 | js.datadome.co | tcp |
| US | 34.160.152.31:443 | d.pub.network | tcp |
| US | 8.8.8.8:53 | optimise.net | udp |
| US | 8.8.8.8:53 | api.floors.dev | udp |
| US | 8.8.8.8:53 | www.aatrk.com | udp |
| US | 34.160.128.112:443 | api.floors.dev | tcp |
| US | 8.8.8.8:53 | www.homearea.com | udp |
| US | 34.111.152.239:443 | optimise.net | tcp |
| GB | 13.224.81.55:443 | www.aatrk.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.143.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.152.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.83.239.18.in-addr.arpa | udp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.50.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.70.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.156.82.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | api-js.datadome.co | udp |
| GB | 3.162.20.13:443 | www.homearea.com | tcp |
| GB | 52.56.32.58:443 | api-js.datadome.co | tcp |
| GB | 142.250.187.226:443 | securepubads.g.doubleclick.net | tcp |
| GB | 13.224.81.55:443 | www.aatrk.com | udp |
| GB | 142.250.187.226:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.privacy-mgmt.com | udp |
| NL | 108.156.60.119:443 | cdn.privacy-mgmt.com | tcp |
| NL | 108.156.60.119:443 | cdn.privacy-mgmt.com | tcp |
| US | 8.8.8.8:53 | 112.128.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.152.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.20.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.32.56.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.60.156.108.in-addr.arpa | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 216.58.213.1:443 | ep2.adtrafficquality.google | tcp |
| NL | 108.156.60.119:443 | cdn.privacy-mgmt.com | tcp |
| GB | 216.58.213.1:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| GB | 216.58.213.1:443 | ep2.adtrafficquality.google | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | udp |
| GB | 52.56.32.58:443 | api-js.datadome.co | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.178.14:443 | ogs.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 216.58.204.78:443 | lh3.google.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.1:443 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | tria.ge | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.204.78:443 | lh3.google.com | udp |
| GB | 142.250.200.1:443 | lh3.googleusercontent.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 246.16.217.172.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 74.125.71.84:443 | accounts.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | udp |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 51.140.244.186:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | 186.244.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | udp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 172.217.16.238:443 | google.com | udp |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.179.228:80 | google.co.ck | tcp |
| GB | 142.250.179.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 51.11.108.188:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 172.217.169.36:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.0.127.10.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c43.gcp.gvt2.com | udp |
| NL | 35.214.142.18:443 | e2c43.gcp.gvt2.com | tcp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | tcp |
| NL | 216.58.208.99:443 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | 18.142.214.35.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | lh3.google.com | udp |
| GB | 216.58.204.78:443 | lh3.google.com | udp |
| US | 8.8.8.8:53 | ogads-pa.clients6.google.com | udp |
| GB | 172.217.169.42:443 | ogads-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 142.250.200.1:443 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| GB | 216.58.204.78:443 | lh3.google.com | udp |
| GB | 142.250.200.1:443 | lh3.googleusercontent.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.42:443 | ogads-pa.clients6.google.com | udp |
| GB | 74.125.71.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.avast.com | udp |
| US | 23.192.21.124:443 | www.avast.com | tcp |
| US | 23.192.21.124:443 | www.avast.com | tcp |
| GB | 142.250.187.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 124.21.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | static3.avast.com | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 230.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.87.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.251.103.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | s.go-mpulse.net | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| US | 23.192.20.199:443 | s.go-mpulse.net | tcp |
| US | 23.192.21.87:443 | assets.adobedtm.com | tcp |
| GB | 104.103.251.197:443 | static3.avast.com | tcp |
| US | 8.8.8.8:53 | www.nortonlifelock.com | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 34.250.133.195:443 | dpm.demdex.net | tcp |
| US | 23.192.20.183:443 | www.nortonlifelock.com | tcp |
| US | 8.8.8.8:53 | widget.trustpilot.com | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.20.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.21.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mhubc.avast.com | udp |
| NL | 108.156.60.21:443 | widget.trustpilot.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 13.107.246.65:443 | mhubc.avast.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | symantec.demdex.net | udp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| US | 8.8.8.8:53 | c.go-mpulse.net | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 52.44.201.226:443 | symantec.demdex.net | tcp |
| IE | 54.154.185.216:443 | cm.everesttech.net | tcp |
| US | 23.192.20.199:443 | c.go-mpulse.net | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | mstatic.avast.com | udp |
| US | 8.8.8.8:53 | oms.avast.com | udp |
| NL | 20.50.2.44:443 | mstatic.avast.com | tcp |
| IE | 66.235.152.156:443 | oms.avast.com | tcp |
| US | 8.8.8.8:53 | znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com | udp |
| US | 104.17.209.240:443 | znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com | tcp |
| US | 8.8.8.8:53 | siteintercept.qualtrics.com | udp |
| US | 8.8.8.8:53 | trial-eum-clientnsv4-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | trial-eum-clienttons-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | 195.133.250.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.20.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.185.154.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.201.44.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.2.50.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.152.235.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.209.17.104.in-addr.arpa | udp |
| GB | 2.18.190.133:443 | trial-eum-clientnsv4-s.akamaihd.net | tcp |
| GB | 2.18.190.140:443 | trial-eum-clienttons-s.akamaihd.net | tcp |
| US | 8.8.8.8:53 | 684dd312.akstat.io | udp |
| US | 8.8.8.8:53 | rldr2lacck7ikzzc26kq-pjk3pc-db3164806-clientnsv4-s.akamaihd.net | udp |
| US | 8.8.8.8:53 | 138-199-29-44_s-2-18-190-140_ts-1730336661-clienttons-s.akamaihd.net | udp |
| GB | 2.18.190.141:443 | rldr2lacck7ikzzc26kq-pjk3pc-db3164806-clientnsv4-s.akamaihd.net | tcp |
| GB | 2.18.190.132:443 | 138-199-29-44_s-2-18-190-140_ts-1730336661-clienttons-s.akamaihd.net | tcp |
| US | 8.8.8.8:53 | 133.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | www.upsellit.com | udp |
| US | 8.8.8.8:53 | privacyportal-de.onetrust.com | udp |
| US | 8.8.8.8:53 | analytics.ff.avast.com | udp |
| NL | 18.239.94.35:443 | static.hotjar.com | tcp |
| US | 150.171.27.10:443 | bat.bing.com | tcp |
| US | 34.117.39.58:443 | www.upsellit.com | tcp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 104.18.32.137:443 | privacyportal-de.onetrust.com | tcp |
| US | 34.117.223.223:443 | analytics.ff.avast.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| GB | 74.125.133.155:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | 4711400.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 172.217.16.230:443 | 4711400.fls.doubleclick.net | tcp |
| NL | 13.227.219.71:443 | script.hotjar.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| GB | 172.217.16.230:443 | 4711400.fls.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.214.35:443 | www.facebook.com | tcp |
| GB | 157.240.214.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | 141.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.39.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.223.117.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.214.240.157.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 34.117.223.223:443 | analytics.ff.avast.com | udp |
| US | 8.8.8.8:53 | bits.avcdn.net | udp |
| DE | 23.197.10.165:443 | bits.avcdn.net | tcp |
| US | 8.8.8.8:53 | 165.10.197.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | v7event.stats.avast.com | udp |
| US | 8.8.8.8:53 | ip-info.ff.avast.com | udp |
| US | 34.117.223.223:80 | v7event.stats.avast.com | tcp |
| GB | 142.250.180.14:80 | www.google-analytics.com | tcp |
| US | 34.111.175.102:443 | ip-info.ff.avast.com | tcp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.175.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| US | 8.8.8.8:53 | 84.189.26.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| US | 8.8.8.8:53 | shepherd.avcdn.net | udp |
| US | 34.160.176.28:443 | shepherd.avcdn.net | tcp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| US | 8.8.8.8:53 | shepherd.avcdn.net | udp |
| US | 8.8.8.8:53 | shepherd.avcdn.net | udp |
| US | 34.160.176.28:443 | shepherd.avcdn.net | tcp |
| US | 34.160.176.28:443 | shepherd.avcdn.net | tcp |
| US | 8.8.8.8:53 | 28.176.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | shepherd.avcdn.net | udp |
| US | 34.160.176.28:443 | shepherd.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| US | 8.8.8.8:53 | shepherd.avcdn.net | udp |
| US | 34.160.176.28:443 | shepherd.avcdn.net | tcp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| GB | 142.250.179.228:80 | google.co.ck | tcp |
| GB | 142.250.179.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 172.217.169.36:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| US | 8.8.8.8:53 | shepherd.avcdn.net | udp |
| US | 34.160.176.28:443 | shepherd.avcdn.net | tcp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| US | 8.8.8.8:53 | honzik.avcdn.net | udp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| GB | 184.26.189.84:443 | honzik.avcdn.net | tcp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 34.117.223.223:443 | analytics.avcdn.net | tcp |
| US | 8.8.8.8:53 | analytics.avcdn.net | udp |
| US | 8.8.8.8:53 | 3.22.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fe2cr.update.microsoft.com | udp |
| US | 40.83.50.87:443 | fe2cr.update.microsoft.com | tcp |
| US | 8.8.8.8:53 | 87.50.83.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download.windowsupdate.com | udp |
| CH | 173.222.108.210:80 | download.windowsupdate.com | tcp |
| US | 8.8.8.8:53 | 210.108.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| GB | 142.250.179.228:80 | google.co.ck | tcp |
| GB | 142.250.179.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.11.108.188:443 | nav.smartscreen.microsoft.com | tcp |
| GB | 172.217.169.36:80 | www.google.com | tcp |
Files
memory/3500-2-0x0000024C00000000-0x0000024C00270000-memory.dmp
memory/3500-18-0x0000024C73480000-0x0000024C73481000-memory.dmp
memory/3500-24-0x0000024C00270000-0x0000024C00280000-memory.dmp
memory/3500-26-0x0000024C00280000-0x0000024C00290000-memory.dmp
memory/3500-29-0x0000024C00290000-0x0000024C002A0000-memory.dmp
memory/3500-32-0x0000024C002A0000-0x0000024C002B0000-memory.dmp
memory/3500-34-0x0000024C00000000-0x0000024C00270000-memory.dmp
memory/3500-35-0x0000024C002B0000-0x0000024C002C0000-memory.dmp
memory/3500-37-0x0000024C002C0000-0x0000024C002D0000-memory.dmp
memory/3500-39-0x0000024C002D0000-0x0000024C002E0000-memory.dmp
memory/3500-41-0x0000024C002E0000-0x0000024C002F0000-memory.dmp
memory/3500-45-0x0000024C00270000-0x0000024C00280000-memory.dmp
memory/3500-46-0x0000024C002F0000-0x0000024C00300000-memory.dmp
memory/3500-49-0x0000024C00280000-0x0000024C00290000-memory.dmp
memory/3500-50-0x0000024C00300000-0x0000024C00310000-memory.dmp
memory/3500-53-0x0000024C00310000-0x0000024C00320000-memory.dmp
memory/3500-55-0x0000024C00290000-0x0000024C002A0000-memory.dmp
memory/3500-58-0x0000024C00320000-0x0000024C00330000-memory.dmp
memory/3500-57-0x0000024C002A0000-0x0000024C002B0000-memory.dmp
memory/3500-60-0x0000024C002B0000-0x0000024C002C0000-memory.dmp
memory/3500-61-0x0000024C00330000-0x0000024C00340000-memory.dmp
memory/3500-64-0x0000024C002C0000-0x0000024C002D0000-memory.dmp
memory/3500-65-0x0000024C00340000-0x0000024C00350000-memory.dmp
memory/3500-67-0x0000024C002D0000-0x0000024C002E0000-memory.dmp
memory/3500-68-0x0000024C00350000-0x0000024C00360000-memory.dmp
memory/3500-70-0x0000024C002E0000-0x0000024C002F0000-memory.dmp
memory/3500-71-0x0000024C00360000-0x0000024C00370000-memory.dmp
memory/3500-73-0x0000024C002F0000-0x0000024C00300000-memory.dmp
memory/3500-76-0x0000024C00300000-0x0000024C00310000-memory.dmp
memory/3500-78-0x0000024C00370000-0x0000024C00380000-memory.dmp
memory/3500-77-0x0000024C00310000-0x0000024C00320000-memory.dmp
memory/3500-81-0x0000024C00320000-0x0000024C00330000-memory.dmp
memory/3500-82-0x0000024C00380000-0x0000024C00390000-memory.dmp
memory/3500-84-0x0000024C00330000-0x0000024C00340000-memory.dmp
memory/3500-85-0x0000024C00390000-0x0000024C003A0000-memory.dmp
memory/3500-86-0x0000024C73480000-0x0000024C73481000-memory.dmp
memory/3500-88-0x0000024C00340000-0x0000024C00350000-memory.dmp
memory/3500-89-0x0000024C003A0000-0x0000024C003B0000-memory.dmp
memory/3500-91-0x0000024C00350000-0x0000024C00360000-memory.dmp
memory/3500-92-0x0000024C003B0000-0x0000024C003C0000-memory.dmp
memory/3500-94-0x0000024C00360000-0x0000024C00370000-memory.dmp
memory/3500-97-0x0000024C00370000-0x0000024C00380000-memory.dmp
memory/3500-98-0x0000024C003C0000-0x0000024C003D0000-memory.dmp
memory/3500-101-0x0000024C00380000-0x0000024C00390000-memory.dmp
memory/3500-102-0x0000024C003D0000-0x0000024C003E0000-memory.dmp
memory/3500-104-0x0000024C00390000-0x0000024C003A0000-memory.dmp
memory/3500-105-0x0000024C003E0000-0x0000024C003F0000-memory.dmp
memory/3500-107-0x0000024C003A0000-0x0000024C003B0000-memory.dmp
memory/3500-109-0x0000024C003B0000-0x0000024C003C0000-memory.dmp
memory/3500-114-0x0000024C003C0000-0x0000024C003D0000-memory.dmp
memory/3500-115-0x0000024C003D0000-0x0000024C003E0000-memory.dmp
memory/3500-116-0x0000024C003E0000-0x0000024C003F0000-memory.dmp
memory/3500-118-0x0000024C003F0000-0x0000024C00400000-memory.dmp
memory/3500-122-0x0000024C003F0000-0x0000024C00400000-memory.dmp
memory/3500-132-0x0000024C00400000-0x0000024C00410000-memory.dmp
memory/3500-138-0x0000024C73480000-0x0000024C73481000-memory.dmp
memory/3500-142-0x0000024C00290000-0x0000024C002A0000-memory.dmp
memory/3500-141-0x0000024C00280000-0x0000024C00290000-memory.dmp
memory/3500-140-0x0000024C00270000-0x0000024C00280000-memory.dmp
memory/3500-139-0x0000024C00000000-0x0000024C00270000-memory.dmp
memory/3500-146-0x0000024C002D0000-0x0000024C002E0000-memory.dmp
memory/3500-145-0x0000024C002C0000-0x0000024C002D0000-memory.dmp
memory/3500-144-0x0000024C002B0000-0x0000024C002C0000-memory.dmp
memory/3500-143-0x0000024C002A0000-0x0000024C002B0000-memory.dmp
memory/3500-165-0x0000024C00400000-0x0000024C00410000-memory.dmp
memory/3500-164-0x0000024C003F0000-0x0000024C00400000-memory.dmp
memory/3500-163-0x0000024C003E0000-0x0000024C003F0000-memory.dmp
memory/3500-162-0x0000024C003D0000-0x0000024C003E0000-memory.dmp
memory/3500-161-0x0000024C003C0000-0x0000024C003D0000-memory.dmp
memory/3500-160-0x0000024C003B0000-0x0000024C003C0000-memory.dmp
memory/3500-159-0x0000024C003A0000-0x0000024C003B0000-memory.dmp
memory/3500-158-0x0000024C00390000-0x0000024C003A0000-memory.dmp
memory/3500-157-0x0000024C00380000-0x0000024C00390000-memory.dmp
memory/3500-156-0x0000024C00370000-0x0000024C00380000-memory.dmp
memory/3500-155-0x0000024C00360000-0x0000024C00370000-memory.dmp
memory/3500-154-0x0000024C00350000-0x0000024C00360000-memory.dmp
memory/3500-153-0x0000024C00340000-0x0000024C00350000-memory.dmp
memory/3500-152-0x0000024C00330000-0x0000024C00340000-memory.dmp
memory/3500-151-0x0000024C00320000-0x0000024C00330000-memory.dmp
memory/3500-150-0x0000024C00310000-0x0000024C00320000-memory.dmp
memory/3500-149-0x0000024C00300000-0x0000024C00310000-memory.dmp
memory/3500-148-0x0000024C002F0000-0x0000024C00300000-memory.dmp
memory/3500-147-0x0000024C002E0000-0x0000024C002F0000-memory.dmp
\??\pipe\crashpad_1664_EHNWSJDIKOHTFNRE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 9e5f8b4712bfb0d2a69c191267f7a756 |
| SHA1 | d13e0f42fc1baa3c30bed208a56f5082578f4553 |
| SHA256 | 19dc79b0cdb9794f1a586d33713640fed4cc8f378c788b25d6953df8e813c9ce |
| SHA512 | f971b69b6023c4b4b3ba734bed7f1c2fdeeb2ff5bbf4efaa44aa18dbd4ed8e0a99cd54234676767cf30cd68cf22923c86caefcc073445fb6038b7b77f8aafcc1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 762b060ce9247f006d8bc009a4074bf5 |
| SHA1 | 11c1715e05d18602605e769bb0aeca2a00c35f83 |
| SHA256 | 8face4f9e7fe996cc0f509b114f02915ea29162834ac62a43686b0496fb9e4c0 |
| SHA512 | 786e19f4365997530ae9c8fbb67c6712525347e7b315102d208d7a503ce215cf3ddd487bbd35806438c5828ad29ba5cc945c3a6b7b16f0d462d791bb1222dfd9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8c954c2f0cd817b683d122a74bea66f3 |
| SHA1 | 1ee2882ece773cdfedd5391c20358c57d2b7d973 |
| SHA256 | 337b3a855565ce48681dbc50bbcca59fc8766ea699da70c150310a27ecfec055 |
| SHA512 | deb1936dc3fbf8149155a31a27efbb55e2e2d9cfb503251329228832294d489332ca8e1cf792d8d1d9cad56884c9b7b933dbd69703107fbe30fc8720ec1902ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5010f54a03c94c2699d62cf207a3f462 |
| SHA1 | 45436007b47c57eacc36cb209acefceb9d45916a |
| SHA256 | a98acfaf1b32cbf066aded9da7b9233e51a0032eac91783b28020af5a0178c37 |
| SHA512 | b1b9120d6df36a4e6b3b2b70777bd124d6c0b5dd1e1cefc5862b85ba7bee8930d713f76af06c8792beef5b3ebae12b0141f71e75d2e1f19a0b35ee315a7e24e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | f20ce43ead41f0a0338e4b9a160f774a |
| SHA1 | cd94c7018e3a4828e4188207a3b68f6c7b859502 |
| SHA256 | 0540d93926f998abbdcfa2ec79b29d2030c55ec66e84406fb5c1d0ee8ca69bfd |
| SHA512 | 5d3b1b69adad853c841b988410bca031246f45a7b5d2d6c05562f45f0426918dd299ff5d84f4336962ab81baec3ff9eff715bcefa9797a5c07aa98346225d65b |
C:\Users\Admin\Downloads\Quasar.v1.4.1.zip.crdownload
| MD5 | 13aa4bf4f5ed1ac503c69470b1ede5c1 |
| SHA1 | c0b7dadff8ac37f6d9fd00ae7f375e12812bfc00 |
| SHA256 | 4cdeb2eae1cec1ab07077142313c524e9cf360cdec63497538c4405c2d8ded62 |
| SHA512 | 767b03e4e0c2a97cb0282b523bcad734f0c6d226cd1e856f6861e6ae83401d0d30946ad219c8c5de3c90028a0141d3dc0111c85e0a0952156cf09e189709fa7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cff35b3594c9071c8cc90a683e821f6e |
| SHA1 | a6f8dd4a0bad7654f8a8e865e82d9274596b9eb1 |
| SHA256 | f937677ac81b41e754211189b989191c90258ef2ebad40245e2df7694b6fb504 |
| SHA512 | 7a9b692b4bea8bf891cc1b46fdbdc6e6bb10befb14129a663e645d39011517ae1f0f2d9d8e75f3161fc4b37e5beeaa8819b7245e1eae9c4dda9ea44c045acf04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 861f9ec5371182e2215b18d7b359b8d5 |
| SHA1 | 049ae11e96ca20a462901622d1fd9ab92c93482a |
| SHA256 | 5adf9535a489afb6073bddd609311b54c9da58ae4641a13cb7e0596f29de2e86 |
| SHA512 | d3aab42b0e3833cce5435dee7a1d25b54a8f19b8c600fd5d4af55f6cc39d60041067fe7edee978c800a96343424a0cc6073b97f4f6d1097b034538030fe7c374 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1cafa8ca2d609314f93c99e8d792c77b |
| SHA1 | 0ae7749f8e94ff6c0884eb4137cca376c5d8b534 |
| SHA256 | 797119eeb31b8b3e405c6bf539bd5482bb7b233659846a6b65fd37e5c0e5a942 |
| SHA512 | 285f0ca35bffe39d88a1752703cdc02317a6da68fbe29f2f93260c68320f11176f377307baab2afdedf27613dc83fecc7aa74c4065d5142f0a71823512b74f05 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | db825f9630dbd64f3ec7413031f4f79d |
| SHA1 | e6f3a9b950626d9a02bea35216a241b582c289bc |
| SHA256 | d4c177f4458443dc2af5b211ad3ce7dc8f2423582137e3fbc919c57be4bdf4c4 |
| SHA512 | 068de7ea0a67bafc6c6435e246702191a97fe29cdc9a941c66a10ecf5a40b3f6aeba07952598cc5e141036b9bb80e10f8c5540e29d4e3f202da8f20b2d8aab0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ea6855f3ea610ea6e292d55442e44fd5 |
| SHA1 | 96771c9bab29665caa686ac83832cf52b2e50db2 |
| SHA256 | d3ee97f16be2adea77ed12bbed14d8dde047eac534317c3780a69cae29fc5f68 |
| SHA512 | 26047f7304cd778a0b75d848915369688dac008b8f88317dca03186a1782e07f18e0f0cce5ca525ab99b969fcaacbdf59129711d6cb8b365b9ce52302f0424c0 |
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe
| MD5 | 12ebf922aa80d13f8887e4c8c5e7be83 |
| SHA1 | 7f87a80513e13efd45175e8f2511c2cd17ff51e8 |
| SHA256 | 43315abb9c8be9a39782bd8694a7ea9f16a867500dc804454d04b8bf2c15c51e |
| SHA512 | fda5071e15cf077d202b08db741bbfb3dbd815acc41deec7b7d44e055cac408e2f2de7233f8f9c5c618afd00ffc2fc4c6e8352cbdf18f9aab55d980dcb58a275 |
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe.config
| MD5 | c8cd50e8472b71736e6543f5176a0c12 |
| SHA1 | 0bd6549820de5a07ac034777b3de60021121405e |
| SHA256 | b44739eeff82db2b575a45b668893e2fe8fdd24a709cbf0554732fd3520b2190 |
| SHA512 | 6e8f77fcca5968788cc9f73c9543ce9ab7b416372bc681093aa8a3aad43af1f06c56fcbc296c7897a3654b86a6f9d0e8b0fe036677cf290957924377bc177d9f |
memory/3084-496-0x000001916EA20000-0x000001916EB58000-memory.dmp
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.Common.dll
| MD5 | 2185564051ea2e046d9f711ed3cd93ff |
| SHA1 | 2f2d7fd470da6d126582ad80df2802aabd6c9cea |
| SHA256 | de930a748e4dc08c851ba0a22afce8dcfd0f15f23b291f9306c8ef6ccd7460a2 |
| SHA512 | 00af241c1f89b478e66d758db26ed0a413b690d695abf91211b5cbc3985133632327ea0fc41140bd61d02271b6aa278a8e8f539d8ca6ce94972aef50c1a9c868 |
memory/3084-498-0x0000019170800000-0x0000019170816000-memory.dmp
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\BouncyCastle.Crypto.dll
| MD5 | 0cf454b6ed4d9e46bc40306421e4b800 |
| SHA1 | 9611aa929d35cbd86b87e40b628f60d5177d2411 |
| SHA256 | e51721dc0647f4838b1abc592bd95fd8cb924716e8a64f83d4b947821fa1fa42 |
| SHA512 | 85262f1bc67a89911640f59a759b476b30ca644bd1a1d9cd3213cc8aae16d7cc6ea689815f19b146db1d26f7a75772ceb48e71e27940e3686a83eb2cf7e46048 |
memory/3084-500-0x0000019174BE0000-0x0000019174F0E000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3ef4d54ebadda1f3a7358cba343a97f6 |
| SHA1 | 481b2189a08f6ad3afe776fe8c5114b98a8e2097 |
| SHA256 | ebbb1291f46df30d84dd403eefa3facb7bc7fb9929039a36edf9923a8eeeffd9 |
| SHA512 | dbae096f53aacb6c8cae048dc2b056d43568a9fc62aa4b33f81f864fd7472ecab4185804e0815c7bf252daa289655e9744d34bba2aa8c78d1e70022268703e03 |
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\quasar.p12
| MD5 | cc4974ff2603107ca21acb7b0891f820 |
| SHA1 | 29b598b3a9f3202885f2be303b8e8b58bc31ffa8 |
| SHA256 | 10ce4883df79198210df9d163ef9f0a4ff46677b54be95390e08929ea4790024 |
| SHA512 | d0804ebb0e87caaa52afc311578e0bfe35484580b8442ef386e9c1cde050ad51ccb82e0251ede1f2f158f56f426e6a4d6720834ee719d49bf17590774970148b |
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Open.Nat.dll
| MD5 | cc6f6503d29a99f37b73bfd881de8ae0 |
| SHA1 | 92d3334898dbb718408f1f134fe2914ef666ce46 |
| SHA256 | 0b1e0d8f87f557b52315d98c1f4727e539f5120d20b4ca9edba548983213fbb5 |
| SHA512 | 7f4c0a35b612b864ad9bc6a46370801ed7433424791622bf77bf47d6a776cb6a49e4977b34725ead5d0feaa1c9516db2ca75cb8872c77a8f2fab6c37740b681f |
memory/3084-534-0x00000191726F0000-0x0000019172740000-memory.dmp
memory/3084-533-0x0000019172680000-0x0000019172698000-memory.dmp
memory/3084-535-0x0000019174970000-0x0000019174A22000-memory.dmp
memory/3084-537-0x0000019174060000-0x00000191740AC000-memory.dmp
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\protobuf-net.dll
| MD5 | abc82ae4f579a0bbfa2a93db1486eb38 |
| SHA1 | faa645b92e3de7037c23e99dd2101ef3da5756e5 |
| SHA256 | ca6608346291ec82ee4acf8017c90e72db2ee7598015f695120c328d25319ec6 |
| SHA512 | e06ee564fdd3fe2e26b0dec744a969a94e4b63a2e37692a7dcc244cb7949b584d895e9d3766ea52c9fe72b7a31dacf4551f86ea0d7c987b80903ff43be9faed3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 35adff4908425436a55db1703a16ea6f |
| SHA1 | d7528c2fe590f4a832e45a56ac7a4620f9c9ddc0 |
| SHA256 | 57b33d99d5cfda6fa703aba645a42637d83043731017f104261c608bdf9849e0 |
| SHA512 | f24e31b41634027af3f2123bad1488043031290d024ddde8138972e54c0e2b02133259248bf21deb66a967635812b69f422969f504e68580ca0d710e60cd338b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 1e8c8f22324cf62f6e5aa4f2b8927a77 |
| SHA1 | 57edfce7eec2d554b69437ddb95fe44a59ccfb51 |
| SHA256 | aab9ad4c6a6812f9ac866eae7d1878b99af583dd319aa319c67bd04f8022beb9 |
| SHA512 | 28c22593b98b4ef0185c6fe238873d13eaca14ffe74ea4eac985f80ff6587e66f2dedba0b4b83939404453d9983a703d531a6862ab65d3dbb36f43468c3fb17d |
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Mono.Cecil.dll
| MD5 | de69bb29d6a9dfb615a90df3580d63b1 |
| SHA1 | 74446b4dcc146ce61e5216bf7efac186adf7849b |
| SHA256 | f66f97866433e688acc3e4cd1e6ef14505f81df6b26dd6215e376767f6f954bc |
| SHA512 | 6e96a510966a4acbca900773d4409720b0771fede37f24431bf0d8b9c611eaa152ba05ee588bb17f796d7b8caaccc10534e7cc1c907c28ddfa54ac4ce3952015 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ad0e19e4edfdd8109deab11e9494a0f1 |
| SHA1 | 43ae184817f0b022316670ec9efbfdafee5885ff |
| SHA256 | d82abe8dffa8db4ba55cf30afab3d1a9ddf92bcf2349650872a0cd767f856662 |
| SHA512 | 0666ca53ea4aa1d133df7795b9eccb45ebb1dfc4d9baca8dee0772841c3064a0bad081ea507ebdf2bdb76f208e1ad05645b067fa1f11ce8c6c541de75f819b2d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3a248b83a6dcfff82b3f874e95e10621 |
| SHA1 | 4c7c719cad30ad826abe417fdfea16a282c19106 |
| SHA256 | 6ab4b998380364f725c4dde883c745f10b0bf13f960f10978e4251f064ed3930 |
| SHA512 | 99d372e68d900dd09906fffa25db915819b6b892535df9423a6d6978a7df2862bdb2de272dbbda5289afd26f74d2e6b4fc867b58c7467c672f738c64ffb9bb8d |
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\settings.xml
| MD5 | 70b71053a65db7533de2fe6168e2ee73 |
| SHA1 | 925f9cb54d56521adcd4134a164a26b28bac3d7b |
| SHA256 | 01decc4425e8a882a12f23443a42d51d10a199a44013c8cacc84d83632f796e6 |
| SHA512 | 791e363061dc32e112993e3d20e0a9e7acaeab7857a699147e1e9c8804fafc91fcca95be847302235e831e0a280796f641b919d160ca80d64386a8109c3f2d2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5ef9025ee28a6a401de1db78e30fac24 |
| SHA1 | 4c46a68fdd84744d52c0f8979a0a11be8fcca3e5 |
| SHA256 | 55776a0fb9dc61620db53f2c42e042a4c4a728691f9e9e39c8769e083cf66918 |
| SHA512 | cd63c28d70683bb8c4bb155cc8e5e038a4e8fcb3bff3dd2494da0a07a444a442422214e626b7fcafb167d505b6e26573b654b56f3e6b55bb7139b2c5802b3491 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f8eceb645caa79944d1397c8e18e9b43 |
| SHA1 | 35a817d32d672eff7717e885b2ef64b7151162d0 |
| SHA256 | d03fbfd55e5714abc66d81d6539d22824b9fb4e98c11471041c0bcc934042d83 |
| SHA512 | 6b7081aab6a615ba0be0593a098ce591b59903f995daf77270949e6c2b23cafb29e4b76e85073434f364cf1214add85508a4135a46bdbfdef91b93eedae2e5f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 94de7a16eb871077c3a6ce8b50537a94 |
| SHA1 | 067eb20b044d36181e578fa3048fb3cb4c9042e8 |
| SHA256 | 38d22268de4060efd173c69700bbd8613139e0952f97a4d34fa4d3f82fe16a45 |
| SHA512 | 848b41fa2b2a251d4eb19175077dffabd9cbae6a5f3cd0743dbddbfeba3e2b76b2ca5b78f3b8e540c4eeccc770143a42e3ba3134b4da9faa9f3520017ec1b3e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 58a471295fa4e8494f2b1f7ff37e84c2 |
| SHA1 | 7c5595dbc5a4b4861965afbb64870373b040cc04 |
| SHA256 | aed41b76eecc98a0a6bb3d8a1953df9af1eb3c81bffffffe1bedf525b249aebe |
| SHA512 | d04c4b0a12d287363bd2514298b10f1d1ae5b167d4505f32f896ceb1d69728651dbe04fdd8a1be536ac47d3fbc9539b4e7e3b1fe9456b0ffd31db50fb7623297 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bd5c78cd9631a5f143266b48495052da |
| SHA1 | 0e502b5a2b535652b8819021bbf7d3db3b21e50a |
| SHA256 | b37defe22e24ad859e961db2e91c1c2e351b9f0d423b1d721c62b91aecb0d17a |
| SHA512 | 3ee331f3f5ca8a0bbbbd23ea5aebac7b36559b08de0eab526b34cdea52e915eac6f025c89cfc88cd24119b7c0b75baebab8b7ad5b7772a23af6639308c15cd2f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 83791c6cf936d925990fbf98034c4160 |
| SHA1 | 67a1cdad288e2463fdc3efadb2c1ddafb5907208 |
| SHA256 | 7551ecac007ec03156f1152bf1dd2763b828c835dc2a4738e2c9bed72280fd70 |
| SHA512 | 7962ce1272a59c013432d7da34afc2d319ffc2bafd06633eaff465a6952658dd4596d0c768fd669182f4858478d3947e36501858acbcf3a181c5ef0563fe0433 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9a20a82587bfb199782871564bfaa774 |
| SHA1 | 9f5a56af3e61d27c894fb64bbc2e4c7c2eae9cfe |
| SHA256 | fc7158df1820deb54375bfa69c571916e06679efb0300ca89c595d8d9eb9960c |
| SHA512 | de88c171017c110ec3248e430f0539a1867238485cee745135dc113c4de4e8a639801ed94390173fb8bf0563bf0af1356a29e65967ffbf2a781f0cf57bfb5c11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c7ad19cc9538f430fca78a4bc4bf50fe |
| SHA1 | c90178cf83d2ac6bbccf02c5334bb38b112bf357 |
| SHA256 | 2193ae56ca90b01725c1082bec4ded47e872fb06fb7d91b1432a2c9c24540117 |
| SHA512 | df8606f7ab2b4d9ac29e402cc967b55d7d92e5a6a0d84fb48c74f7f29404e1ce888a4da63db4583aba069274a9153dde901cf48d8c081d51454f0d6b8c25b5be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3aa4d9783f0667a91e65ba13d9853493 |
| SHA1 | 42ebc68111490bf4c592eef72d6356e9cca53eab |
| SHA256 | 00b7ed263c49f9d47e0b1bbbcfa49662e74b7afc1e3f7411344a36ef565d16d2 |
| SHA512 | c4c6d5a096411711d73e8bfcaf312f46143ff7a10f6a861fa2150e4cd9f37390771638fb67a76bdc97110bb149f091f35b498a9424029fd09e6a8baca74e7e0f |
memory/3084-694-0x0000019178110000-0x000001917816E000-memory.dmp
memory/3084-696-0x0000019174950000-0x000001917496A000-memory.dmp
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Vestris.ResourceLib.dll
| MD5 | 944ce5123c94c66a50376e7b37e3a6a6 |
| SHA1 | a1936ac79c987a5ba47ca3d023f740401f73529b |
| SHA256 | 7da3f0e77c4dddc82df7c16c8c781fade599b7c91e3d32eefbce215b8f06b12a |
| SHA512 | 4c034ff51cc01567f3cb0796575528ca44623b864eb606266bcf955a9259ed26b20bec0086d79038158d3a5af2ada0a90f59d7c6aae9e545294fe77825dbe08b |
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\client.bin
| MD5 | f4d16cfe4cad388255e43f258329f805 |
| SHA1 | fe7cc6c9eb76b5ad97867b46d053fae601fd4a2d |
| SHA256 | 8fb6ae3496d4ac025eab443d3e322b0faa3461d25b54093c9205d35746e3250e |
| SHA512 | 867045eac0f7765e6bea51e62bc4ed68b1e81ce6c2843d2e08714eb391a8ac94c2571c09828286252248400ea5c12bffa50a25c8ec5ad9e6d0bb836320ec188f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 70230e772586110abc85b843635eedba |
| SHA1 | 63a5349665caa3eb6602a5cb9a4aca787d2b50c9 |
| SHA256 | bc745a6d2d34fff8543e81ceae243a6c5d53e86cf4bcf2c3a7f4bae00c580953 |
| SHA512 | 787dd82e3806a4c013fba5a842d6d93aa85e5196826cbe9c26d2edfee7d6c80ff3758a23e516956cddcb8daf68c86cbf834bd2de0dc21b3291413b15da5044a0 |
C:\Users\Admin\Desktop\Client-built.exe
| MD5 | fa0417d4b9f177a8cecfd88b345a7b28 |
| SHA1 | 85770ee9f13a58e5eb95fcfb3868fcf626ad6552 |
| SHA256 | 9e9ff4b542d31bc8a8a52099758c9cb274727d341881c8df448d8f33ffc20117 |
| SHA512 | f7d6ae87130fb63da8c53a26e384d364b2706096f3cce6a74add75ed62c50e6b93748e388eae27132b772a5e017db1166c519a946a067d46157917f2f638b79e |
memory/1008-716-0x0000000000D60000-0x0000000001084000-memory.dmp
memory/1008-717-0x000000001D440000-0x000000001D452000-memory.dmp
memory/1008-718-0x000000001D520000-0x000000001D55C000-memory.dmp
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\settings.xml
| MD5 | b6af1da05c1a00991f04f8b898cea532 |
| SHA1 | 24c48b062d8d864eefd32f2d84a36e1a7282e911 |
| SHA256 | f2ef0d8f29904a65ce6dbe29baf9379fb4659afb6930a5af5d9fb88f73b73f41 |
| SHA512 | 2ab2de469911c3fee5b9bbfdbb373e5eb15023bf25b9e1835ebbf5890c66cfd7a06d7d5911e2fb630afadf9b30489e589634cefe52ca4c4156ae24b24c00c8aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 13527fc0da66213a5459f42b318eb47b |
| SHA1 | 14308a1f18dace28426b8047c5b80dc27c1541c5 |
| SHA256 | c659f261c98ba5bb7dde10904aedaafb27eacb96ab5d3bc4b23e20a195b75ca3 |
| SHA512 | 65be1ba246d075bdb6f54571962564394d4de8e130ac89ecf9e7006222fb3920fb3c0dcb76f9a8a4b0662d7a66a785017650f6870ee3f30b3587f2435c6e5dc3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0e5e6fa7e46aa9ec633c94dee20f01dd |
| SHA1 | 8fe4c0507d66acbf1032f073ff9622dee834070f |
| SHA256 | a18fc01221ed063ac679f5520fa0d2c2a510057eedf535fe0d6c7bf4dab77068 |
| SHA512 | 7ff26af3c9fe0ef78c72d28b28fc63ce72fb557a56c38f006ed9cea5b9bdb054648ca315ab14401521b77d4d6c2334d63c9f36dcd7b7f82a8a7a5757189d0a97 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 22e21745fa85219f29257455aa7b0ecf |
| SHA1 | 5caccf5ea31c73df089150594c668a621c4a12e2 |
| SHA256 | a05f37be3e0c05dd3f1efd392199a9966edc728bf9932e2aea60efed14a450d7 |
| SHA512 | 6a6495addf2f2fb6fc06f38c23b3e198ffc5527aa666b16f9f974d0e31e630f292efc6b83079d8ab8f1f082cd443b55406746a46d7be98d1fb1f35722f6d8c69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d6fd92ad3596db0d40bfecbf2cde8415 |
| SHA1 | 57d314eea6d5f6f9f67a39e09b7effe947b799ee |
| SHA256 | 5ef79104e9aa5483f5e807d30b6b0c8b9587da54a5ad082df6c096b11414b2df |
| SHA512 | c538cc48afeac1d3662c1f4288648df38eed51b9cc6ad71ce0844b3162ac63a85b738a5b48e8a49d8483df1562398362046c7fa69c17cdba5c5f9fe452f77958 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e54cfb044529a0c5bc68c4ccc5258ed9 |
| SHA1 | 137220c7ca2eb3fec606b27213e83f5d88b359ce |
| SHA256 | f87f265b2581f3e53844d3037cbb2d2ce2d91a00aceccc7c95ae0e5f5ddace7e |
| SHA512 | 951096906febb0d6d035ed6b20ac0d4ddbcc4a35732720906af199fb8c212516b284ea353787ae068b8f5d064003622dc791dff60d54fb1b7402912982a7cd99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f4799bd534b653acb1a3a9fb631c6435 |
| SHA1 | 562b24d7ad4bc903af7be52dfe2c8e39e0a462a8 |
| SHA256 | 4482aab701821fc5cb587b8aefc7c226c04bf14a063485684788d9f9a3f9403e |
| SHA512 | bbc9f3fde77c3460829c1f91b3b71ad894eb6287c42375efe4b202564dfee75f31aeb306446ac6cdf16dea8323e98ff1b49768f3e28be21ad225417addaf03bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 38697218a70bb223a7b4d42406237ca5 |
| SHA1 | f1f3eddf705cf5f829554fd46476bb9582e68fcc |
| SHA256 | 3f748a409e9d5bd6ec3ab08f665b10cf85967f36b1600000fe137ff44b613ed6 |
| SHA512 | 28d84081329c3fbb8620317d9808bbbb339cebccfe5e960ddbcd9fc6e02c562b5e84e8ece91e19f0b128081257fbdae64ab083cc4c7920c26bd8e0087c961cf5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 01c7612dd87b67af29b5d5dacb8fa869 |
| SHA1 | cd562802ba2433656895a91794b396583a87fa61 |
| SHA256 | f3a27b9c219ae5f0372173eb3b240573f3e40a839610f51698c1af1ca53d4459 |
| SHA512 | fdfd2243dd3ad863f428a5c17c0c00e94dd31c265cf7df55633d80a6ceccc4ae1ae531352856000d6e91a4c02a364e2dde1d8d8bd702f4b7951b019922edd741 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2da6f4508e7bfa45c24547ca5000914b |
| SHA1 | 3ca681876809f39fc7b05676df460e3f473e48e9 |
| SHA256 | af13e9c4129ea8e192343105d3bb86cd4b2fc6876dc8279d51bb358857fc8221 |
| SHA512 | 4cde5a03e0afc10dcf55d5c67dee32e0b5f995f18af11187d31c0d051e3627d8f320ea8a7bbba40bb8946ae436072b55eba0f8b46c1e8bac4b06632f723fcc95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 56762a44a00e56673ff7564539b1ef8b |
| SHA1 | def147b7164b6fa4a16f0383dd92889e840500d9 |
| SHA256 | d7346a136f997c951762a4a38e4796f5ec5e6cb218f853f90b5f13bdc59bf608 |
| SHA512 | 92e91e70a5241ccf051e20fc06aea718dd2fdb9ce513c6b0d9a5840dfe8835dc38f1852ad49443b0626efab72206ca34e71a554eb23a544ddfa92301c30aa232 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c988311d76ce82c257415fb752a110cc |
| SHA1 | 957bafcead4535b3cab2d4e183441836620e4a06 |
| SHA256 | 282d95aca9e7ff8bc544f257e2da80c685f5ea966dface63b993510801e49511 |
| SHA512 | bda5d46563b9ca87b14ca00637cce994c12eb0616a492a3a146ef2d1a902f54defb2053b518322b51e4b718fe2fd44b0138ddc97b00c02bf9bdadb588315493d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 07437adbd35b00a22e3b64cf810fe72d |
| SHA1 | 94c68aada1ce28ebc2c0d57a244a338f6ef356c3 |
| SHA256 | 666cb8547dd16150add1bf2d7dfa74eb9e5da830373bb381d0ad812641544882 |
| SHA512 | cdc7cfa1309075736b28e82bafb9f6af9a6b70db93a586c1c99681eaac5c0c3469931ebc627edef759924e6a9fd8799cd094435568eb8fcee7dd043b0b8e2173 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0ceceb879babdadd0514135068673618 |
| SHA1 | fe632231f945410d13aba54bc6ce48ab50c31b78 |
| SHA256 | 08ef1993481ae29316e9ab13d38ba7e45bbeab482340eeb163fb331df85c8c63 |
| SHA512 | d76a9d7df0e5bfa16870f89be77799ada3f1cbfda614e2bc79366daac2125026ecd58f1df45978bfc698f88867bef27619ddb6bacdcd2bf837fbddbfbd1348e3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 125c03a81a837b12b3704d78832c264e |
| SHA1 | 8df14093a932e8f4609aa8e7430206b32e9f4788 |
| SHA256 | 60eef385faf059c9d9059096f7e022298a1cfebe8ebe9d279f8f66094c046578 |
| SHA512 | abbef393115f2caf13198386269d5a3dc28683022872823e1249c881b523e9751d54a0aa56bb23e9c51f566392e59a62d8726de63bfb66516d4856812d7f9d24 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6d703881964147a26510f6da0edd06e4 |
| SHA1 | 836cb8d49168e727b3110001a7b23a4a2c743aed |
| SHA256 | 89f84ac949a430fdbd53f926d09e239002cb4c1f0613c417f8041880ebdfae35 |
| SHA512 | c4c8989fe63da83237e1377a64aa2396dea236e4e943b1bfb1cb4b835a56dba31a68bb816e01edefd7bbcc0e154d6a614ca4c5ea2c61f3ad394135a0ba228625 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9a909d08708a87033784635a5fb15768 |
| SHA1 | a2f88d56cd9055472d2f9c2f1a247611de399b91 |
| SHA256 | c276836c3c84ad94e17dd1a36844baa411c1f53de43fd135a41083f0b49c5274 |
| SHA512 | b77dd9ddc0fe531fdbe37597713d60590529c4071d95ab30fac2ac19a6a54942d29c46c1a5d1881451c018cdb842b9dcbe3df739f3bc6138b9bfcccafcd60fb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 21b73ce5f4568dcdf9bc15d5163405db |
| SHA1 | c034ac026a0177d1249c3767e2c745f37a864f4a |
| SHA256 | 2628cc80bd1afa4f70f3dbbb1f0043031bf68a9ff4c501e6a2fefc91bc7c2e70 |
| SHA512 | 7b7a3ff0e58c98248d0ae741ca0f148306761b051519be4e2e35e79562d68acf72ee824ae018bece80655c05f3dc9dfc4565613fe7b7a53060564e1c9201edb9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 443c76a695bddffc576b3c91ed567a22 |
| SHA1 | 1d700add80a683735d66fe98810c05bf2921b89a |
| SHA256 | c8cbaf1c193cc98ddf5e04798297c9c05541fb56f20a2cf34749dc3a4ee8906a |
| SHA512 | f551b3ad6f9315983426fcb8692044f4ea1cc0a05256339452798048f5ed661d6ac33c4a0b75835ed45bbfe3f4a870454513de148c4193d57e575b6ba0fded9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a2d90f5a0ebd01964f344747f666eea0 |
| SHA1 | 86cec9026af39be607dac44e122757c0e0189d2f |
| SHA256 | 3da696d8efce1ea6302c57a0d63746fd34a9846bfe96ea51c6b6821a22d3ebd1 |
| SHA512 | 56377e1506e36c0c3fd890cbab623ff4563f60f75e5a119f43b0395fa6338428e08ed0bce8481f082416361e75326547ef85912be4b4855425eea1e99810aee0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 361f6c7fdcf0cce94ccdd06e8ad9f61b |
| SHA1 | 342e02f622c8bb6368f1d67291e1b0852e548a8b |
| SHA256 | d919fccb5d3440dcd50e3c34ebe230057e0f47cc9d1d10f864b49f99739f9be6 |
| SHA512 | 78162f6bccbf035c0188888d073f8a600d3cb0e1c6232890827e9290eb4e79935ab23b1bb3b0808b136e62d603f018eff0306167541dcc2fd947003871e056bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 25bc2ca8fc61367d7280973a2a821348 |
| SHA1 | 1887c719ff013393ddcfca62aebed88396cdc8a2 |
| SHA256 | 441b31e7e6d223c0a96e4de1aa13eacaa5ccb36a3c6ecc1518f746cb21198487 |
| SHA512 | 7bfefc20fdf3c558677e5e39ae2594c88089961c5ec86c423cc808c677682e71f0ce924f6176dee2c9f290cfe3b3ba617dabfcd426e2ab62764bc03047a8dbdd |
C:\Users\Admin\Desktop\sa\Quasar v1.4.1\settings.xml
| MD5 | 53fd65acfd4628c232cb06a9bb786ee4 |
| SHA1 | 982f941ab7a74c370d9c6e37d76e91532aab08a3 |
| SHA256 | 9f4abc63d75d25c56c64d4e4aebaca21d30a0e26fd9cf399984098b42e0eca8f |
| SHA512 | a86b30e9ba8432d70a61fb99ca9f1c7b92e67baae3d645428a84c918fd683457e78d57e273f304e49f9dcfe2d792ea8e87a5c2988ead7d3c1fc75e0c47bd1c64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 18c202017dd27438508adff145940a41 |
| SHA1 | 2c5256120e57d6d1c224a72c473831cc98876623 |
| SHA256 | 6f9843ef1d13690631871e4cf373be7376f6c9af54e37da38ea94f01f32e6ce2 |
| SHA512 | 7cd13b51cb02310e892ba38ae925feb832c67d6844fe80fe3d6633d943f3906908f187dc4a62145861354cdef98a202e90350b6dc582ffcd577906d23046c5d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5800600b13fc61c0deb654542130f566 |
| SHA1 | af109a869e6e9c245b42a4c0c17189f64dc68cb5 |
| SHA256 | 46c85b8433a8d73e30adfdddea6363e79e7ebfbd5d86eadbed07f469a5d2eabe |
| SHA512 | 0f964fb8a9b2fa86ab1e321c63839e8e183984f15193fff985ff5488d5f6a3cb60e2469df769e19a923aa230cbed0f8396600e6445b0661d68e43599c7373618 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2ccc910d78e923d8b746a51951102cf5 |
| SHA1 | b847921a8a078a9e55a2b0c661d61bcf0c68a78f |
| SHA256 | 15ef65b53cc4af2595dec8b20616753d0f9035a96c02b769f7df621262b659cc |
| SHA512 | c85661f908cfd8600b3c66ede1d077e25dd52e216d5d07177b8e55fcbd9326fc2629eb130d630c7f3c42b3ad19121192442cfd94c34ac1aea451bc38ea8c8013 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f882581ce7618306073180403b24e3d3 |
| SHA1 | 0b0eab12b08174790d0cb4adac24c53ce4cd8f92 |
| SHA256 | 8ad0d74a9c9585f81e94e2ac8dc1feb8055b55f47becb3568498977abf281ded |
| SHA512 | a8699dbd436cb6b287973d90af414af6430ad798b900e5d1fc35bc403d34d4d6fd68a5f470de48eef732cec46e6714b83e731b5d0688f39deab68a1f501b8bc5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9e7ead095315aa088ccae36754efda66 |
| SHA1 | d32e67b140b13f730d4966130a660372183fe78f |
| SHA256 | 7c7db02df75f7bdbd1a95e373333c6a0cb3e4f65d10f3fb9a1ec2c686f06f51c |
| SHA512 | 5d22de4b16f98c5f013f087784591bbce290c37c5f2ad83b75e26ec0045d9de6dbc4ba16558d405ad234cfeb690a578aea99a5e5c562d87bfb35c723da1f5ef1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2aaab00a5355fcb7a7746f260dc87dff |
| SHA1 | 0410ffa8b339e53f2be0eab9e35007f8a4f3ad90 |
| SHA256 | e14c065cd244ea0bbd90574bc30625f213b1978e8d4a16252f6adf0c844ff062 |
| SHA512 | 65cd6ccbbf64cc7c1e3421351ac2abe65881dfb07583a9c2165f844eb943f3ecdbcd3c00466fe86c2d2b6903ab8a9fd666a13379c058d6c4258881c1062481d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\7afe2a21-1dc6-45ed-a4d4-1f294d5bc6fd.tmp
| MD5 | 3192b28df8636a05ba333108a960bbd7 |
| SHA1 | c00c3928c13fe3e89fb671ce8fa61e61f16155e1 |
| SHA256 | fe28261c3980c081656ee935aea838913aceedef4985ec7d9572f75a6c425551 |
| SHA512 | 6c800db1705081dd336ff411b14ac01da766727dcd7465481a7ca0f7c8ef01612c7adc48e0b776ae30576e03cc9f1fc6085cdd22c91671f41d2901ece7dc62b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ad79a4fdd5063d26f574719ac4f29e6d |
| SHA1 | 4905a12dec7ce6fb4d9908b53e75fa05d75da90f |
| SHA256 | f34e1841f4bd013052280d5b71c8f2f5770b4966a95a95ba0527cecac144d8c8 |
| SHA512 | 4bcaab1ee7039279cf3e04a1cbc1069573e0d46c630bdab8b07d0c0fe72ab0cb348aa45a2e8957347b360cf21af0103856a9767d1968a0a1a9af4dceada367f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7f947e7d0a2f4414ca4ecf5aaeb65da8 |
| SHA1 | 3bd99314655033a8fb93c451cdb550081f5580a8 |
| SHA256 | b5f9b66e6378ea9c2f74508fa003bf030ba613da34ee5ff73157eb1d301e91ca |
| SHA512 | 870f351d7250467cb1f6deb0a3496c50df2edd022f97c9ba6b208459ff92ef2707d6a4d36bdb03756b951f1e072fa012533a0f7316948bcdcea5f779089126d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d4e9b6dcfdd16af995ca4d908533cea8 |
| SHA1 | c1f84caf330e21bf65f366fc2fe7fc3fec3c5006 |
| SHA256 | 3fc580f13de6ac390dba00c52b4f3e1c0b802949e410a3763d820a5faeac6cba |
| SHA512 | ed64ca47716593f597059aba3628a523144eca611432dfc83be983e97b73db69f93efe8d1a51433eae67c7554d8044454b958e12dcc6f3d966df81d39f422df5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\043f1a86-e439-4df9-a21b-4ce16af06d07.tmp
| MD5 | 4cce83add24aa896673d5fd23a0982e6 |
| SHA1 | 525267373c6f6fa958c2fedcbff911293b594a5a |
| SHA256 | 2586747cee8e2d2b27a4117ac930008afa15201ecb9194aa28cadcdd1f576f45 |
| SHA512 | 00a63aa3fb8411c5da7eff769730423b363e5e6718de3f956b50d1fdb581d4fac5a68a2a52dd2d2d3c5c88b8127acaa5adff583f5ba3eb0ab138f96b6159b80e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c09e91532d2294b0e506187626553571 |
| SHA1 | 9db03bb282160f2291ce61f3509308624f3446a0 |
| SHA256 | c22bdd69f353ac58c1501d83c04793e423c3a885ce126916768511ccf790e9a9 |
| SHA512 | c1218a128eb49800dadfa4120bfd20bc7a5460c1c1b48959b04ffcb20c583e993657200acb4b4b28ea54a416762ed051a61d84976cea195afed12611e110e6cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 25b3db05cc0f40d9dabf06fd21e6b3bd |
| SHA1 | 495eee0dc168579a1a6250aaa13f6617164afdb9 |
| SHA256 | bc17a30ae8604462881c0ac024c4584d9bcc424cd74225e752f8d6ac33fed159 |
| SHA512 | fc6a703373bbd4ecd9d722603b325f9abdd8d6300ca3cae49a68bacc24a980546370b8e63be97f86a02fa25ed40884591ddc916507bf138bf15f502b64d9bfa9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0b600feef06b70c1e286300c07298128 |
| SHA1 | 8204cb164baf78fa0a0b0ee3b39a4de3744f284e |
| SHA256 | 951cdecc50f308ed1ae668905126669874de46f6f7537da60505515a197fcf9c |
| SHA512 | 697c609bf4cfb4dba240b94504672b0762f2edaa8faa96b57e122c5ee8572150f1642c7baa537464a1d1a7fd8e94d046ec7b3341b2f6b560a5b4c67b4bf89e1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f2af3702841a366ba40750c302e6d0b2 |
| SHA1 | 2e7e5e9623add9b3eaba44ec78353d9fedbb9f70 |
| SHA256 | c0b6992784ad474b184850e286151605071606951294d8f5e70c832d0053a703 |
| SHA512 | a9dfb3997d670336436306568be9f2c0dcd8a125f95d734467389657a3782eb1dc5b89feb181614b51258c8fd37cd79ad37b989e6669d79c83b5cf8beab98264 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0c0e8a3f7a0ab183e7fd8ca8657b6b44 |
| SHA1 | 6f2170dbcff0754f8e63ae1cd9b50cd9536ebb27 |
| SHA256 | 10110f9c199d24776c329f2eef13859ee8a226f2443442b926379cabda4f1fbe |
| SHA512 | 4b2f39ac99c4ceab79517d8430ea7852922101439ca1eb2e70dd4f595346ab53eca606918aee461659c160bbadad415cb6e0d02209331c71fa459ed161eef68a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2999c54edcce48b3e2f6cbc7ff8dc5c6 |
| SHA1 | c023f1c7475cb015fc37c516d3dc90ce28914048 |
| SHA256 | 16902d255b5eac4ee233e70d5a81cebd87aac574c2f6ada7fe14aae6abe52ce7 |
| SHA512 | 145a92ad0f0afe619a41e271f78fe219cb2dd57f3e0ba5ba3789f348da3d21e93b39a475eb7ad0ff719b297871774e084e2f6774c336b6d0e82741cb04f88779 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5e9f565776e74919484cd366f2fa749f |
| SHA1 | 708737c9e72cb1ad14ff60e214b1fb1f2d816ba3 |
| SHA256 | c937e29a3bf2ba3a8915e2c508400a888ed0f0602aef99174a2c5d35ff0e89a9 |
| SHA512 | 3e62ed49b70e0636714d9f80372bc14ea583413276a20d02cf963e828c172571df5714830e25c03c5754791841c3bded42003c729a6d7a37ef9f794cf5ec34cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f91c5873983c7af5037769f71972c4f2 |
| SHA1 | 32f8318a1eff3a12aa3b35c83e244e5bb4a458d1 |
| SHA256 | b154b3346b18bfb5310e4d2e90501e5c2ed939a729e709c2eb9f6e904ba72d13 |
| SHA512 | 94404f797e335eedc4bbd5f5411cf700769241086e269c909417144bf637bd24d97f2d1c7bfd29f777a09e5c4363d860a2586559fa7e1e2c8347b12a1b09d40f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7922860124c677b773e6b779974335b7 |
| SHA1 | a990d80c64f252dbc36d12a70214b2c55a47d8a7 |
| SHA256 | 380469cd36420edde1cee1f49a9309c477c4f4ad95b93eddfdac869e23ebcbe7 |
| SHA512 | 20e8d7781abbe103529666dcad4985b2d9dca813dc6385f5c73f9c55865264dd7cc7462fe0c2e72117b046c9cc97780e18aa44a08348645fdb137187418231ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ea5488ae3be5e7ac1336ff7461bf2aea |
| SHA1 | d96cd49a53d1ae51abebf1e7a501d72360836972 |
| SHA256 | 0a2b062d19ef43cb6264db7492748e07569e317e4ed955905c0ff3b09d0e9c47 |
| SHA512 | ba42b5b2728262e1a241e42bdde64ae7098e96e82a10d968b817d7909ad267683ff2895579ced984f93836b2c8c693fa912d50d17bef0c8f98e6850ef95ea8ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 09945ce12c88dcd78fb14e489c706135 |
| SHA1 | 0d2e2c2473ef63518042ba37907db2ee303d4d51 |
| SHA256 | 95aefec90f833e6e0dbcc4b3cc2cb6d066862e45702d9ecc4545f093e16c5bf4 |
| SHA512 | 05f0bf0c104eae9149b8d9886c640f3b9a39be20c518bb3767a02761f6d7d2029f2c7380ba93cfd55035ec1bcc14bb6df3540cbc1d4d5d2dc890ce1ca382e520 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5dc56210b634ab2f44a70825a78d7735 |
| SHA1 | bec2209fd43190d8e5d3e1940f45a318a2de02c5 |
| SHA256 | acfa646e25e13e511c649f68e3aff5b9fda7467af50cba237a28c1f7a9ac16e9 |
| SHA512 | 30a4eab001e0198b224afdfc853dc6be66a62bf5e335b11e0bd280b6279710c68366aa230301dc6c6d49eef9677922c30a09b7c4aaac2325a3a364a8dc25cca6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c098f103cd0401a1fd16a0e0d5885e08 |
| SHA1 | 1168726fbebba27c5d0052764d038a5b4a10db09 |
| SHA256 | 06b7c82b1d667f1e5691e24d567e57602839c09687e49499d114b5676c71cf25 |
| SHA512 | e8ba74fadde196f96aa7e1b38e1ca3b7baf11a90c6b0a37d331a9793aef722124f64b2651f979d6267641e10e939d0a70fa45779f2263b140cd4775b137e312c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cdb59955eb00fec05713debbcc2cd44d |
| SHA1 | a178e456eae5771e9eeeb42c3c2bde5f074bd2fb |
| SHA256 | fc5db6981563b1a00fd25b94c55c8647e51f64d29a373e9c04349b78a9462f08 |
| SHA512 | cabf1f3e231b8fdde3bba0f428ccc935d4cf63aa5a2fcc5a7b06daeafd22cc382998a0181e414fff080ac5fb14836593be404dcd4ec8a33e93f06e07dfc257cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d978d87c82b7d8706be93415904b138a |
| SHA1 | 127ff148e57f000582c6f6ef40b0ab4043df0fa2 |
| SHA256 | 06574094f3e5e4ce4925cc9032e3e33451d7dc2588bc09d6e3e29ce869fb789d |
| SHA512 | b6c1b2c8087564a52a17bba3bcecc370cf63bcfbbe69e9e6ab10ba3f77eda0902d0c3dc52c0d6133e68f75eab76ed6b489c09eeef8884e7e98aa333444227fd5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e286050b1970464c14ad750735fe4e86 |
| SHA1 | 07a1c7710aea4180ad1cb76ccb2d37edb7241d22 |
| SHA256 | 2c349580ea83c90c8f53566210af0f7a0f0b7341c2efdf9344d10b00fe13fcab |
| SHA512 | 95f738521e2a09a3b7fdaa2bf267f5eb7051d66834797f5cf91b852276ad7c41f6c1161d8d5bb4e17d2b675e6ae151f09b1211f309d3e99d3a30f3f25bcb3ac0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ff01a75d5d4776bac2852b7a5176cd4a |
| SHA1 | ecec1433b0d653988886e9945b0a7dffabe2ded4 |
| SHA256 | b5ac0b852e052f694089cbb2d3bd5ced46db1b5eddd09c03e77d0c5990903296 |
| SHA512 | 54c372479a8ae70c75989f9fd760ff63736b08dac8d0fbc6ac13f02b6b25cc9d7559c2858cc5d46a4a223503510503a9a8d3c69c9b7e40ece8968c2e0c94fbeb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e1c0f7db031837bf4961c943bfcb93bf |
| SHA1 | 779ec9d70398ee5246f9228d8528c9d15374f108 |
| SHA256 | 2285be8a137e22ebefd23d38b9d2ba23ffe8e9427dc6532ae582529d3786bbb5 |
| SHA512 | 82ff36319a2f013dbfd3032717ef0ecfa312c589e2c1d1415048918bb5d69e330519a23114cbd149f1a5a60bd8f19b434a00a41d5d01be83a573f3097c945606 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7c7ca71f627ccbdafb4e99394bd51507 |
| SHA1 | c0a3f54d7e48efe316f87f599a339ceff12cf12d |
| SHA256 | 5e22f8dd451bf313f00076e3cf2ff30105ee7af1e1f7245208061e89cf7121ca |
| SHA512 | a7bf3c8930bd460462a83d0202bd40d4ab425c0dbd1f9642dae1259ce2b7019ed9ae184458f35c46aeee6ce45651cdc482ce8839fbabddb3db6059bfaa6329df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f04b4de97376b13b1f60f7238b57d733 |
| SHA1 | c1cf20cfd320d0aad33a88ce79f162d085292663 |
| SHA256 | a16ead0c6da4cd7c7a9cb8c9e09db0547913f485484478f95342e51c48932bda |
| SHA512 | 3f0d6063212315a0053ac957a3ef685eff3cecad75567529f92648a265a9c443cb72b9a7da0d1da76bdfefa6221238d14d1c3362e8cfe1a2519825388d64dca6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c
| MD5 | 877686d92d0d426526ef400ffa7c0a92 |
| SHA1 | 935f07d443c8391020d1144269622240cf498d90 |
| SHA256 | e20a1540237999fd8b74a9ea54d99408987c36c79571d16ed86a0eda6b58611a |
| SHA512 | 426398e74179b1cf047fcc42c0036e07ed1e2ddb042cc589e515ef88502a8b8532c0851af9cf5c1c6c5650019af237cd4fdb2c6f55fb03112ba5b440637e1e5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c92add1db0139d095e24949c5c19261f |
| SHA1 | 39dfa3056cfbb781bfe4c9eea8c46c10c0625409 |
| SHA256 | 51e768318e869f6cd8e9a8d25bee0df157f706be2ee9217b23773a95297a3aea |
| SHA512 | 57a299f3291548f464dce6cfb36394566f31ccf76642cb7335edec4687586ea9659c53e51598fe651a658eb9732a914e7180ddabaf06721663cb5e48b912aba2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b17ccd79bd098b049b9efd60ef5dc28d |
| SHA1 | ba88dd9d94604a40b7fce86895392a462736b16a |
| SHA256 | c1d94a995dd62f8ec1eab24b03fc83fc72add739bd0c0f55197de535e67781d7 |
| SHA512 | 0073b6dbb3f9e7ce3010caa0d0f09040a18c6666aaed26e888f3e3428c8ecf1e2e7d2057f6cfbdda87d547da6afe95a95e74995ce43218815f4990abf6ca1279 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0f4369926d57b3130bb239b1927707b6 |
| SHA1 | c539732790e82f5b48a474f7f380e0e73ff4a027 |
| SHA256 | f114180844857c15f0312a8f187807d98e4b2635d44d7d5cc75367c1187e1db9 |
| SHA512 | 065282ddd907d3d5ad42e6629f7d2c5bd2300a3dcd5325e752df7ef8c2aac36543e1ee87a8d6d6ff15c30c0369ed0fd346045096bef301449b6cb0fd216a9afd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d
| MD5 | 533d24e33f09c7fe16650f8c1ae8044f |
| SHA1 | cce7c586312443ba1b25a70515a81d31b80f1fb9 |
| SHA256 | a36b72411e04dbe9bb94c64394aad715072a935ed533d1b8298f60943b267568 |
| SHA512 | 4df0ca82999523aae12e56a171011e24e2bf45938b95866acc297d05931175df4d10ce6980d936cc4086f4bc227d7abca5ec64e42cf2c897517590964f3db9b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 27fb5583007b704a5c159fa574143f87 |
| SHA1 | 74262842277b513a9b42e14cd7beb9fc0d646a7f |
| SHA256 | ebaddfac01bd1a50ef19c81ac1e941fa3062cfd2616f46428e101475e68081a2 |
| SHA512 | 8c94dfcf474e5e159a81f1e2679bcd5fa37304c0cbb19998ab0f6cf477a003c014ccac735020381d91aa3f66be31ba7e68c164746924d9a9e5f18b78241ac4ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7267d192580b7d753600f22aaba20d26 |
| SHA1 | 557e268a53609a0108429e9ee82c345b5ffa7485 |
| SHA256 | 0e8a85a69491c6fcf0653d2b1ff46103fd2bd762306f948e7c750b9950fe73c4 |
| SHA512 | 55f0fe685b436d428745ab9b80abf61cfc935995e550dbf914849667e8d26737e8362b3a26b3b1a71b3ca95b7e559489b0cf80d6f40603e12dcab782b0ecb94f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e23897896d19a1d786103457f152f0d6 |
| SHA1 | eabe9abbec52264902ff0c73453aaef59bfd28b0 |
| SHA256 | 0402f52e4b773307b06134d12807bea75e71af36e330751a85fac794a54d6db2 |
| SHA512 | 237eb4dc53e4f1e59b726fa3126e9fe625201d8b191302356a2a535c51184287de7d4082882ca6eab87c744a9b3602e2fd5d8e6db6274bed04b0025913d12097 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c
| MD5 | f61f0d4d0f968d5bba39a84c76277e1a |
| SHA1 | aa3693ea140eca418b4b2a30f6a68f6f43b4beb2 |
| SHA256 | 57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc |
| SHA512 | 6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a703433aa5b2fb574785aaebe7abbcbe |
| SHA1 | 85ea3cde8d2fd9fd4b885a39fea8347f31fc1ccc |
| SHA256 | b9b38a8498b08170f4244012ee0d80c57ba4e98c1d6dc6337e78a3b43fc70f65 |
| SHA512 | 6c3ba635a97dbe439f48f79390807def00d24cc28a1c33c18bdd4a6c48969201991a24929b870c44ac454873a4706f093b989455bed57de7d003a18a6805bebd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 83ec1819591ed83f7f67ee6348c76076 |
| SHA1 | 880f6182fe703368a6c4f9c4cc3805fef822d306 |
| SHA256 | ea88c92cf5e8ff18fcd4cd86dc0ca3dbfeaf60abf6e928e29c5878630ea14c9b |
| SHA512 | 6c4aa7b0b45e4662bc419ff9ba304ce3ce11cda24fc8f5bcd48dc4ddb836dc1ee11f9b8380ed516b63c9750623e52e7eb5f1bc09e2e7aa59b6b8233294c622f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f09647f67d16d069fef2a6e6e4d6c923 |
| SHA1 | a6ad88129d605aeae4ffb0b8525fdf883ea3c729 |
| SHA256 | 8d1453f50c3470aaa114ff4969b23fa7e7aef9f75ab9b6bc9711569df13a9ac3 |
| SHA512 | 41d2fd7c568eac697a20b747fb6556f579d2168ce588ce9e3a3438ec718ee2b1e20d3554466092dc1bccbfb578ce15d18f15f9b6d3e924e3d90d97318a80c220 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5a38c5ea965ae8c26f413c16023c8a57 |
| SHA1 | ba566ec6d37a8001e8008270a771b9d3e175bec2 |
| SHA256 | 318918492b1925066c1773ba37daaba3bc3ab02122d9b4cc0c03543a8c2aae44 |
| SHA512 | 67e21b4f6162f4efa99daeba8a2a8d51a5219bd3291b1db2d15e80c777d28aea92000861c150ce3ba9eb5cc5241cd40e3d7432d8626f369cf458e5746cc4ce5f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027
| MD5 | 25078ead20895b7583f06a0537a2e441 |
| SHA1 | 4daeac4c9b6576ebd72da1f0d7b99d91f72a470d |
| SHA256 | 51bf5ea5812943ea5399448d2e600c44e0b4dfc6fd2e4026e24f749dabbe0293 |
| SHA512 | b560e8e652f46d899cd613ce9bae7fe8b4d75e884bcea73d0a2b10436c956d62e215748a044860582c3c944ca9ae8bcad506ba34d208623e314f97f302ef7295 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
| MD5 | 1c1441e4c0ffab4ed8d316ee1f772511 |
| SHA1 | 9d21edc040fc31d521619e49c005b40f8a6d526a |
| SHA256 | db65d7520a3ba1eb104590d3b33162d3142fff76f546192ca5e1ae0775f3d33e |
| SHA512 | cdcbd0400832af06c761ebfa1648a3f3b24cf6efa74964a41f9625dad6f650183941efb6365957e22310592d144773016a70c380437a7c25bb59dc90f14d5377 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
| MD5 | 312b350243aedfac822d670b426119ce |
| SHA1 | 606fe36b7d8ae094542f2451465d1c37ad44d0ea |
| SHA256 | 65c0aad79549d8be4c3ab226e0b1219e439571288d9c29453849a3a74d531588 |
| SHA512 | fde59b65405d7496f28937d8ce307283b307c3576084cfc45da2645743abf5c33d5491bb04aed0a009aa444e2d584ab704f287b4d9a8adfb654456e1051e56d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025
| MD5 | 87737478bd71de50615d94b3e29e3c50 |
| SHA1 | 0f4882084f0302621c0139893a38b2f8f731b84f |
| SHA256 | 38365aa4d49c1d2fe78bdce8e9252e4bcff80ee7465aa7a57cfe292337f9b3b1 |
| SHA512 | 48e29c74621a7a8be0c1e437064a1c065ed5454808e534f4d0ef744624b89ccce293234ea7f51d50420d98655641b08947dba291582676842dd9d78cf06e05da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023
| MD5 | d6aebed852d589c8ff2695ba6c425199 |
| SHA1 | cf40e06fc7759de953ce58428603aa39aaff5c81 |
| SHA256 | 376c01c8335e2b88b71fb27e63c5e11ac595e8932ae3d7423c4c5e2d57e65c11 |
| SHA512 | f6925b95b4764534f48cf43294c1d1f241266f93d38e160c01119deb4bf354eeb3a2dbc3139f3032f9cad58524971973fce73cd6d15856a6c673f21115099956 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024
| MD5 | cf699a3473c2132452c8096fd46028bd |
| SHA1 | 75afc4f148ae4872afc15c75bf0ceef08ac50c66 |
| SHA256 | bd79eba3f7f2f88aafe881a2b4c75a86a06653002259767ee4717388827a6371 |
| SHA512 | bfda14c2e28e3bc5692bb35b79b7b6eb275c6531447ef374f9855a31ea42725a11e27827af37ca9de6cfc27fa0a8833ebf1bc5fe32c12d9c17af05f18c6e9d44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026
| MD5 | 1fb0c230afc70508d2a9d03e5917acd3 |
| SHA1 | 52c36e5bf03aad574da62945d8ef40fa2cd4ba3d |
| SHA256 | 60ad0b7ae50f20ddbeb40f897ec40555041f93bf41c7a759967dc9dff4cc87a6 |
| SHA512 | f2e877dc3232c9387de9fffe425bfba3309c0444225595e8a0e2332c6c5774f32596167e17ceeefe7cb3b65e8abd4ca56417756694045710c51bdc60959a6e17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 799e5ba1a48a10aee18b4cc39784ee26 |
| SHA1 | 6c278af75c9c8deddeb3b761f1cda44380cf75ef |
| SHA256 | 8cfc061f09e4b58439b18f96b6b2b599b0fa184506b6e1db26b4ceb6de02a671 |
| SHA512 | a64da1de7f0da55eb89f309a0e94df1fd224b2e92e98b83caad37a1539ca9bf9418d169d12ceb8e66fc1f5b7447cb6d97b5766a3a6a6462200cce3aff9d5cb63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 17deb7c1e56c7e156efe4936c0e808fa |
| SHA1 | 2d6cb66d3dd43ab1bd0c6e42ac39a6b436e7600f |
| SHA256 | a3d84476eed28b736f0cec0cc8f54563cb5f21e6a36152622187f160b9d38047 |
| SHA512 | e08d11777ed6112f9ff792aeae21938fdefbeac7d78154ec669e22689d6ac8a415973e2ec204a74b1bb42dda4f229276967a9c4512c7666e6cdc691491fbf568 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2330f2b601a9991a74c28f508abf12be |
| SHA1 | c1892bb661965dc8b7eceade23f1b468b5b1b5dd |
| SHA256 | 44ae19585068e3392874acc3bf007d6c3d1a938a92f2e35ca3e13014793f2a24 |
| SHA512 | 6f9f2ba5c3acb6165d9c95b4a0ad54ab39fa77048b31ea98efd7a596a24997beb32b37d41c77e40c21bc6971ee3bfb60dc853e8c43a38dd8748f947032302c40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030
| MD5 | 63691d9ff03808024ceb37622e1e66e4 |
| SHA1 | 7c8613bf108a513554849f05f3824cd6d191e70a |
| SHA256 | ad77f294d439f983efa1079a6f7dad23bf3647cccd241ac540a23880f491b5b7 |
| SHA512 | 525ed5dbd9df03532296b9404cd9ddcc5bff93826b1134106bc1cfad26250efe18baaa2112626c3d6c0cd19ddc464842809724b400eb9d5ca28ee0fee288581f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042
| MD5 | f9c81aff9c898c9d39547f31d9f40f52 |
| SHA1 | 023d8f4afafbc961fbe7c88a95b8add576fb15f7 |
| SHA256 | da38fa6f3a6a110af4e6afa706782cb78c39d64d190872b2c1810bce75e48980 |
| SHA512 | cb00f7e0bcfa877f94fea2ff1307d4db605efa6d30499b0fc4d059fedef4b15d43d6c0d810ae4df289faf235fec76aa4ead6bd687e30e1e5185ab86ccb538f31 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043
| MD5 | f80c0bee705ffc9863e9f1c6c9177f84 |
| SHA1 | c4262478f9c6a7c82b8754b5dca4ca3ec989dba7 |
| SHA256 | 122d44c390b688fa4ba154ad7d4b8a1febafa1718329972638b950d13ddf8d19 |
| SHA512 | 71e13043e29fee9ce5c6c7d92a499ee7e0766e81fe2628c99b3142db1b8cb7ada32fbd33c35a8a20d64072f41330680e13d7580406915c48bb21eca78177aac9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044
| MD5 | 40027f5913e0ff768e138eeaf4f9be8b |
| SHA1 | 004fc2c768fe366484a2f40511543cf218cb2748 |
| SHA256 | cbfd9186d5214f400a1a105305c4ba32890a4b44900decf9092fd96d37e359ca |
| SHA512 | 25ee89986d0c6339eee485d80385f9c3da8dd1244dab6af7dbe37fd0a602f5dba9d0be8bf356f9d1acbbcb6191e48071b19272d69b50e03fccc285c515c64868 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
| MD5 | 2e23d6e099f830cf0b14356b3c3443ce |
| SHA1 | 027db4ff48118566db039d6b5f574a8ac73002bc |
| SHA256 | 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885 |
| SHA512 | 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
| MD5 | a65f7f00889531aa44dda3b0bd4f4da2 |
| SHA1 | c8be192464c7e60d4d5699f6b3dabf01b3a9d1d3 |
| SHA256 | 0dcf11ca854f5c350637f7f53cccdaf95492dbbf779b905138e26b1ec1dc91e3 |
| SHA512 | 6f48f0f7cc1a35a9068c1284579db065e0fd4b2651355d68a8ff5ae9df86090be3f6e5ac4589585166829087c8bd3c37431a7066358eaced0cdb6c5a0d544fae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | 2766b860b167839e5722e40659620a47 |
| SHA1 | 47766dc72bcace431ee8debed7efcf066dcd2b59 |
| SHA256 | 725a5e52a501bcd107624aafa44a857c00d02286fde07be774afeac2efed68c3 |
| SHA512 | a97f77977518ca755e9460cac34e0b5358ba98b3624c53f0e1ef7b947e62a6f3f99caf2852fb3132c822525d88b67b9c1ed778b3e40083d9df36028c85f73ae8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
| MD5 | 2940076ef5b451648e126653123622ea |
| SHA1 | 46adb402ebad36dc277bc281d15b4b9643c4cb6e |
| SHA256 | 2766045315b53c22ce78b0c83624a7f52000765c55061a9deae19ca67897d664 |
| SHA512 | f695bdf186be90f1df6d303bf5beb5bec9c71a069978fb6adb23b68c893ef7ca0c5da2cdc32d39cdc9a8f0bbcf0050abeb3cc02c75a2861d9434591ac8680922 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
| MD5 | 76d82c7d8c864c474936304e74ce3f4c |
| SHA1 | 8447bf273d15b973b48937326a90c60baa2903bf |
| SHA256 | 3329378951655530764aaa1f820b0db86aa0f00834fd7f51a48ad752610d60c8 |
| SHA512 | a0fc55af7f35ad5f8ac24cea6b9688698909a2e1345460d35e7133142a918d9925fc260e08d0015ec6fa7721fbeae90a4457caa97d6ce01b4ff46109f4cd5a46 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b
| MD5 | cfff8fc00d16fc868cf319409948c243 |
| SHA1 | b7e2e2a6656c77a19d9819a7d782a981d9e16d44 |
| SHA256 | 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a |
| SHA512 | 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
| MD5 | 2389054bc92fc6a9b9d21997feabb1cd |
| SHA1 | d46b4bece5021bbb060dceef4273475b879c75de |
| SHA256 | 5c38b4d4f6b902a99e4eb9cd922a2a2a37b549388bb4dda0b756bf6d5887d6da |
| SHA512 | 5525a4228fe65d25f0084fcde29dce0b97b80126e36875d226549f379e56ae52c0b2ae12752b188fb9715812d14d740f1ebf35f3ebb5c1b4e3b564836ed30b0c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
| MD5 | c67ee59476ed03e32d0aeb3abd3b1d95 |
| SHA1 | 8b66a81cd4c7100c925e2b70d29b3fdbd50f8d9b |
| SHA256 | 2d35ec95c10e30f0bddbfb37173697d6f23cd343398c85a9442c8d946d0660e3 |
| SHA512 | 421d50524bd743d746071aaad698616e727271fdf21ee28517763a429dcb6839a7ad77f7575b13c6294dc64d255df9b0a64eb09c9d3b2349fef49b883899d931 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | c130e937317e64edd4335e53b17d55a2 |
| SHA1 | 51bfff9dee11ab5a8c43198c0d6178799ed9433b |
| SHA256 | 46025a134ebdd6c6464ff422818e60938fc41af735f7951f4febe29f57612a49 |
| SHA512 | 68e5fa69101a7347028ad30d7c004dafabcbd8f8009df90d0471b19a36741075d72da56a2b1693c2067902630584bda5536f0702302db5d69f407424d4a964de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | b376c55a7ba31e51dd8e8255789fe89a |
| SHA1 | 439c757d3520f276a8d313f8c337aa90ddbab16b |
| SHA256 | 97eab72e32402a938305438fa0682cbaf45b75af692793bd35bf9134782e3bef |
| SHA512 | 99b31f6378611df26a3dc827aa24709e0854f2a1595097482530087cc26761db5efd6be323005e49b89563de1169d44d86888c98eed8e9ffe880f516281a9c0b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 44eb5c370c82be4f554c0db4d0c27d1a |
| SHA1 | 89ff757e7fa1881e317de882187412f86585bccf |
| SHA256 | 62f9b51a80604c6410bb136b2c283fabf4a61103ac66e1205bfba93d9744c239 |
| SHA512 | 82b3001b1861d6ee7064dd096dea7596268768c6f090b305b72a13451a202893f515be85816b28f75f1c5cd7db87ed280e80b013f484e0bb95a40eeca6788130 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f
| MD5 | 9f35ba270e9ea92ab439941460109ef9 |
| SHA1 | 699dd11d06d2d5925cc91c2df7e4fca4acab56b2 |
| SHA256 | 344f84869c6a5fea3a0ba409a9716b2d5e83b27bd295603d72bdfd6f8af98f24 |
| SHA512 | 8660fcca9cf7ca63ccedd93e9606b5362babb0d2b7525248d2530a1656043aaddfbd71d4e21cefbc1669f97efc2e54f6f5e60a2da51084997dcc56f02ef4e750 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 50e71f8fc5ea940c62b9d38d8ed101e3 |
| SHA1 | fe431c813f6df9188076e77ccddea853a971962b |
| SHA256 | 6c9edd893cc5e00de777aaa19878ccbcdfd192f7cba35d60213545e0ea666ab1 |
| SHA512 | 40ecd48f222e613d47564b4e2331cc2c8b44961c7d443643d3f9d3a721b017065831f36ccd04b82f5c20a98abdaffe4627f71a5d6dcdb97dfcb6b78834bc91c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 47d851b3368078e77cc78a30cdddd446 |
| SHA1 | fb3bf211871918bd31067c0bf61cf88544659023 |
| SHA256 | cf280aafd154abe273551057c549cab189f95726c5456fbd43b0ec8174b63087 |
| SHA512 | cb6c510fa2aafd2620c044bc1b8ff4751fe46cf06d4269c48a4158b258cd00d5cda880125ce72ae6e4a4005c2d70eccdb741f94686467b4001dffd0621f2e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | db59d67fca25cb9899148bfab4e2c2c7 |
| SHA1 | c85d8267164f6895da1b960ebde91eccd867c582 |
| SHA256 | 9b4db46d805cd060836647675738141ede4ad5ef3ba2aed7d162d8f0d7c6cf5a |
| SHA512 | 9732d5f821e6988956dc5779744b8401af0b27f401498036355e15f864be0756c1ce3a1fda42ad11aa467a2606f2d54bb80e88d179544bef366bdd7bbf35d309 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a3be03ed2732979b8349e52d95454341 |
| SHA1 | ac5774ad6c6110c2f55e3560a9d030de93f9ea5a |
| SHA256 | 07c4c097b874056466a025be1a2817d9e2051badf13ed6850ac7240cd1ae673f |
| SHA512 | 3b88d38223ac28f75dd33d5a77b7001759449e23bd39dc40d477dcac38e684901ac3c48ffbe023e44e23f4f4c6a62cdaf4d953b627579176fe7f25e9b68bdb70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | de69ee929b02756e631c44869db1be06 |
| SHA1 | 78bbe203ab4f76084d4c03642cc245087fe50303 |
| SHA256 | 1bfa7b0036e3ca87930ee5ef11771b94c0d3e75dba178a8f51d6025f9c49b97b |
| SHA512 | f9ec32b0a7aaa4ca42fa5adae3d01b8b9cac975c6b370a4f29260aa10e7cd0e4aa2a512d20750101c1a15842a533828eaecf8f8ea481e3893aeea19c9a454dd3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 78ff93ab4cabadda69ee21b4b7317f05 |
| SHA1 | fb73511c38a47d4c8bff4aaf91d86ecbf16b8afe |
| SHA256 | 880601a3f951f156a05b468bc15788165015bc8e2a1e3008072c360f2442bdc5 |
| SHA512 | aeecd187e477d1cc3a3f6d66bc293146a99cfff3c125690020d4951c9b45b18a3517b795716a1d60bf4aa5f378df3bb1801bd8c4c49d926844684c0afbcd9c1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cd5822eb7d3adf16571b266bf74cb252 |
| SHA1 | ffc9b2c75db9de4dfca26fd7089aa900d04b5319 |
| SHA256 | bbca969a3f36132b2bb686b3ea7b67c5f2bef1f9b85aef702baf153733426c94 |
| SHA512 | a1a14d3978aabf2e8094d1b1539f31c2ad9b0633311bb89d8d1535b2c38fa7f4492ed92e9e2ad93dbe6a89895dffa37be3be55b998db8fc1acdc6ab96af6f66e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 14faef09f7c9e4be71913610be37baaf |
| SHA1 | 9b359033741f47af62e58c698d50bdd96acc7c57 |
| SHA256 | 6d44107f88f1832bcbc0790ff8394dac7023a39171b53a77c99227ea622517d9 |
| SHA512 | b5c09ca6a03f3b1731ab8b35c9785460b030aa69fee19a8d7cbb7f61beec8da89dbc7ae3bfd30f02aecc07455e1715dc969e8be4038fa7f6f68208aaadf24431 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 271fcfeea817d0f006678a4bc90dbc43 |
| SHA1 | 57ff1bc0d54e04367bbbe7dff2435cd63d224679 |
| SHA256 | aa6715296b57ff7cff9d2efe123ad5d5d9cc732053b2631974dc166d8621305e |
| SHA512 | 69e6c7d02056df487dde27cbb22a39c80dbb498dc60278c8c249c5d14729b0c4ddc9d897119b119225f8ba5f40ac43f73e813d9fb2ff4eff94810908b611c181 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | cc10dc6ba36bad31b4268762731a6c81 |
| SHA1 | 9694d2aa8b119d674c27a1cfcaaf14ade8704e63 |
| SHA256 | d0d1f405097849f8203095f0d591e113145b1ce99df0545770138d772df4997f |
| SHA512 | 0ed193fdcc3f625221293bfd6af3132a5ce7d87138cd7df5e4b89353c89e237c1ff81920a2b17b7e0047f2cc8b2a976f667c7f12b0dcc273ddc3b4c8323b1b56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 467bc167b06cdf2998f79460b98fa8f6 |
| SHA1 | a66fc2b411b31cb853195013d4677f4a2e5b6d11 |
| SHA256 | 3b19522cb9ce73332fa1c357c6138b97b928545d38d162733eba68c8c5e604bd |
| SHA512 | 0eb63e6cacbec78b434d976fa2fb6fb44b1f9bc31001857c9bcb68c041bb52df30fbc7e1353f81d336b8a716821876fcacf3b32a107b16cec217c3d5d9621286 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b51fb92f8e613eab696034716c45d159 |
| SHA1 | 720236649719210c6d64cbe5babd76f23349566d |
| SHA256 | 7efce69e3e7b1bb21f0e391406c0ff0c9110be04370505ae60a54055caaef9b9 |
| SHA512 | 65e329b03d88faf12dd3c69a65d5e5c967116855925f7d3a093bf3ce05822fa4a606f328e04d041a4c9ae1d19de95be22a63389f9449372a3ae3a2b3b7828687 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 3b964859deef3a6f470b8021df49b34d |
| SHA1 | 62023dacf1e4019c9f204297c6be7e760f71a65d |
| SHA256 | 087debdcfba4666c03a5ea699e9bb31cf22ef4e0fad7c961cb0b500e5d262fb5 |
| SHA512 | c30b7e1b28820a5815b52634b46cb210c241704e33e41304400cb3ed29e82ec547a1068fc819350b368456bcabd27034afade5add3251dc74e4174f51b6c7adf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1c99be715cd0481031196cf040f9d572 |
| SHA1 | ae9eef12aa52407a043e8159041781a9bea66b86 |
| SHA256 | 5716c3b8efc678426a5c22336a3af03ae0e93ff747bb2d5980d7feb11cbdd013 |
| SHA512 | c5cc09c629efbd0f75337e5fcb4310d6df7e0b5a189acf3058255d86cfc3d89e90d367df5f3a25ecc4a7b82ca286283ae1eb43ff7171e78843757a7fd7b281e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9742dffe2ead2f0dcffcf94967e1a6ce |
| SHA1 | b4b6cbfd3e462d056669b623092f1824175c2f92 |
| SHA256 | 2f4b92a4b68243d879b82fd8bccb95b59d2d28753b45df63e3fb1862032ae4ab |
| SHA512 | ecee92ccb0e6df3258059903695f2eeb68cf98cb150d5eeeac0681018c0d047ab6d44119e9c9dbae22b4bc88a413891aa8943265263577140a21c23c9ecb7096 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d354d83de87c92582a2d29b4c87e914b |
| SHA1 | 9d97c2f7194446c17ecf7331dd37bd85652febba |
| SHA256 | 7413c0b979095db905eeb96a73495d508402607c82c7510e0fc1709e0136745e |
| SHA512 | a34bd7db4cd880625c2aacc8a446075fbf011f7037039863064ab93347f8476c0d42f920cb8aafd77638ee8cc7853128c524c10b32858fe96f0cbd0bf314506d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 5c2d5c900312f44e72209416d45723cb |
| SHA1 | 68fb8909308589149399c3fb74605600833fbbc1 |
| SHA256 | 56f7a77549e5fc45bd4b1f7c2db3e8b4bd1dd9234545207613a80342cee8e7d8 |
| SHA512 | 07c2920cff7c1125e3a2fe66bf21d8606a1f2a3d36be2d8e136da0d2a21130242ac8324f18cedfb0040304cf804815861767c969a6923d8db851312bf9b4348b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2eb5351cd0744468fcb1697dbad0860b |
| SHA1 | d9df09b0e0b3b620f7b8c0cf494d648e4ec840b3 |
| SHA256 | 5e0b71977391a44cc218bc43a86362702c4198ef5fdc495f6d3727bf4bcc2ba1 |
| SHA512 | 888e1d6217ed01a0326913e1a2adac6b8fab066c4ba4e353e839408382c24d6f47d382760e4bda3ae063c4204d55cb89b60dae37b5f3e0f21e268b9d75e72883 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cf53f3163b463b790fc76e9f93e8cd14 |
| SHA1 | b8633386018a9320a23cf4be12b28815eee4cf6d |
| SHA256 | e1c5f6ed77b17c9d0ed06b3b50e318ef715c21752d6d69ebeeaf27af5c575353 |
| SHA512 | 081a3c6fa898514632a368ca6a37960b5a9b69051ea7d3495c048ad88d91092f162427edd1ce47d7bd0d15df5d41792078dd119c2ab8cd81e62b9f5d1b76bb15 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | e944bef1c08b5c6c4cf8bd34a11388c4 |
| SHA1 | 9a066e2d1ff1afe2c5dd604aeb13ec91982daaa1 |
| SHA256 | ed4389ebfa44ff5f44ba58d0870573b584e09f0d046010d2f9b2bd79535ae719 |
| SHA512 | bbbc373f42099f76092f8b4bacc1ef34138e4a78092b8dc844712e4e8c9b567b0ca5786e42fb64cbe9e88f8083b2f8d82b482fb0514e81b069af1c06910eb8ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3dcb49e0069764a535344dbed74b7deb |
| SHA1 | 16827314c63003a8c8fe9b55bd69988e8d5c3864 |
| SHA256 | f39cfa4f1bec09f42e19964519fe0f34a0a2e0fc1588a63b37024b5ad0f2fcaf |
| SHA512 | 564d5c228aa28ea41071d4bf066b25fce1893c98883ce79617be8b1707339658fd49c0eeb92d644b10ccc4653b30bf7acc4e44610d4e92d7084b4bd518901917 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 551a1bad55203b07ad484c7a79c0ab08 |
| SHA1 | 28b322d04bafb926505c05640dfba5eb366a87ef |
| SHA256 | 282b18e181a5b4f509347ecd7e880bde6bd186d73df7706afe6063c903c50876 |
| SHA512 | 8044e2385a180a856d8a8c0f19b326a5b131cd876e6f3988e922af5cd7412b16e8a11a3478b3f0f7b5d0407370c65dbd69ec76a4a4a90096e91d1fc925fd87b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036
| MD5 | 75f092e76c317acf59f01dda5564ec3c |
| SHA1 | d2946ed32b3405f30ee3a451be14edbf8ab22df8 |
| SHA256 | 9523ad597b9d8c8a856dd8702f6d0d0767074cd0f6a4f0f5f1664c61bed107a8 |
| SHA512 | 7fd555e73a1563159f9f1ef8e984cd3186b1629e1f750ae092f70dcb9fea40fb6dedfe20328eb653b50cef6088ddd3296ef77504b5926ea28a14bcb690088d67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e020fbd31ea9afd3_0
| MD5 | 304742400e86adf4f312d1e3053a3175 |
| SHA1 | 06e960d3e9a13edabe4f2031a5895a473806e963 |
| SHA256 | 84bdf3d2d719279b05b4c56a298401d546cc8822e3a0aae04bf3066121eb6fca |
| SHA512 | 5a50ecd3675ce399936ab23f86b48b7d02725cbc0322bf0defc9c5a214b99962789fa01bc5995383eda55e6542557ce2ee9e10d2ed1c380b558ce61b3bacb2c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8354aa60f950b036_0
| MD5 | 90e746e54ea2e38b090bab6307afcd3b |
| SHA1 | 8cb204c1eb542451413d09d06f6b5334e28d8de6 |
| SHA256 | c1a2801341a9c208aea0be384e764213ba795686ce3a807f6d1b3e3262c3d875 |
| SHA512 | 79540846c8cf9246ea53f3e4906df3b3b10170bc613b89c54adc13e0c937bb0ed55c62e8dbc44535590b33a4439712ed2e0b8c994b41efb6d3a66d7a34cd4f2d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6d6864ff2ea54d07_0
| MD5 | 204df46cec9722e15d91af4e0a6d2c2b |
| SHA1 | d1b610e067a435ae6fee670cb2557f1736ad17cf |
| SHA256 | c9b19c43a03f2162dd40bfa2aa0726c82ad969d29a420a6ba79e507086b570f1 |
| SHA512 | 0074c4b4218d16521ce25ce576d70742f9a1ce8a33602112a36f4cc1422a24c5b247a58cf95fefe2dba89387b5267e39ff616d84a479dd5cf05c9c32018000c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bd1231e37cd2ecac_0
| MD5 | 4ed147c0ae64d94cd0ed53be33f3ed6d |
| SHA1 | e69269e869f0d3669f700b9f0ea119714c4d3c68 |
| SHA256 | 2ebf72efa54da5ae9a58b9bc7361c5dd2e3cab708a81d4656cc39736a9d36a23 |
| SHA512 | 894ef644f1ff4e18968fa5f71d13020979ab14a82883a76f5817594166c827e716a6a1a1c489d87f1696ecf9ca8ef4740b9199907ffe0a959a3346c65e68f460 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a590d4cad03077cff0ea2de40068359b |
| SHA1 | f2e49ac470c9b26d2178e106677e505f9d9b78b9 |
| SHA256 | bcac0ed727972d9cb4758498c5038c667b823cd90dea2129e7b065eeef4bfd1c |
| SHA512 | 7d38681de770afe9af89078c15622ceb1d9172bffae4afa542a8391d2776826abf2fa910a6bac56a8d13a8a12bcc6163a5b03c5276b197b8e9b63faa7f8c8f11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1f100c55db21275d1a0181158fd3449a |
| SHA1 | 768d8b89d0855ad36aa0c0c2629510250e997d1e |
| SHA256 | e480771f0eb16fcee5aa83359928b36addcd7c9676e0ef9909e92dba335e2a1f |
| SHA512 | 9d2891ff35acfeca622d00abeb7c3d2c8b0a13c3f5a6cbe5166e0cc27908734d1ec62172dc6257b499556e84092bd026e01b425c70013b5a86b32aadd422a22c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cbc07d542f88b756ff62ba6845f1de0d |
| SHA1 | 3dddc62afc6142a0ebbd0c233edeadd7ac911f74 |
| SHA256 | cf8d04ae7aca896204dadd5c40817a4836713e9f8a11dee2a7b1d859612ebd37 |
| SHA512 | a518a2e8644e78626ce3cc0c4ede6cbcd289fc4b036e32422e8556d885942cc1867202bb8aa5607e2cfbdb188851e786b729aac15df7580312ab9f25e38def8d |
C:\Users\Admin\Downloads\avast_one_free_antivirus.exe
| MD5 | 9f9a793c28bde3dee5f854afaece7517 |
| SHA1 | d27ed307512342e1bd71e00ffa3924f1794ce4ee |
| SHA256 | 8179e3e493121325dae76527f929b55fa4e59e32e3b7afbd5cea52fe4803f111 |
| SHA512 | 8d08ba4e0cea7d4be0aa87087b6dc4f22aa0efe27ea41ca6552d91a79d0b836564b627f1bdc163ea8eb74a11e8a0718a8ce749b51d90d04ee8bd5d0688e5c448 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fc4ff0f41857065a8dedd08785d4ab3a |
| SHA1 | a9d954724c58fd7fdacc8528270ac02e53fe02ff |
| SHA256 | 0c888ddd152a76b5b68b08162482a6508c783b2c9289d84d5888aaeae7fcebca |
| SHA512 | 92db77010e1f2a8304b2b33320624c440eebdf673aa226377c791a1983f9ef10ddb1a42d9d73280c6cfce87fbcd0503ff49b70761cb2ea61de6a12a46510649d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3a978ee563996199ff680ac1757f97e1 |
| SHA1 | 041fa3d55a9e74ef748f1cc520f2dea63a2bea7d |
| SHA256 | 3801d578308d82fafb18398b91881758267deea4bf5e8f8b172edf2bfea30efa |
| SHA512 | cd6aaa1b0ab3d843bdd2ed9ff31027259e0487b745e19128dae355fa8d3d9f4323854c41e2ed4ad6a119b2dacce16c2ef1b07d198e94dba499873c511b9ef1c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b5b7c625cf9c2b8616f2fbc8d7d5aa04 |
| SHA1 | 623e07795625c34720f597a4247fec1383fa6a08 |
| SHA256 | 13f498b40cdf554d11ec798dcd0aea5b3d132b98cafe297a4ccf992e79f8ef13 |
| SHA512 | 2dfd428841b5262c3d75171276749651e2cf3ab78b5bc220205717a48cb2898aa2e60ccce59bfd1a5305feec95021916e89356b5ceabf9fb11f6bd01ca2fabb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | df944ea303cb8c23dd570c908e8e4539 |
| SHA1 | c92fecdd848c87094edc467f624e7a6833316590 |
| SHA256 | 991941933db816f0d69def16c739680813d04ab41bb2e8642fa6188849dd9d07 |
| SHA512 | 4f1bc74b07b684e23580587561cb3bac4b881368d976feeef0c5b13dbbd18ac6736a3dc270e48583bc37691efe4541dbc3ddafb4e0b39e70c70208ace5619164 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe656a2f.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 554df51e37e3355519f9f6226ff2f2eb |
| SHA1 | b29edf9e7da39bf3ab7951b132702bce93ffd426 |
| SHA256 | 7411386589656886872599d1735dc86e0daee7da1faadbcc14afde84189c3b0a |
| SHA512 | e148cf534965b8b6e57bcbd752db50aca320eb7e718ed04f2499175de84f2acfbfc19cad09f26c607ef91a1ea0facaffd563d65acf19d40d2651e74539c64b11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 4633992428cb87c1118d7f61138416bd |
| SHA1 | 57b47a2ba94309f716c61a5fdc5e09a1b441c13c |
| SHA256 | da7805996fdff748f8511aaf0472598443882e2a2656bb51bb96ca2fcb11fe5f |
| SHA512 | f8002372d31f1d3b5be5640de5233a0508504508ee5d549d7d1a53c2cebac1ba17cf3af90a4792362cc087ef1dbd4dba51150f5eea3fcb31e29d1808c1ab35a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fa8150ae7974d84f92d49ddd88db0414 |
| SHA1 | 56c113ec45efa26a900507653292463f6a0621aa |
| SHA256 | 5a87f985491dc8d4e2a9c95a4c7e840f3aa682670171b4d9e498ba816e631ec0 |
| SHA512 | e73313101fe7a992bb4d6c2074b341e6e40f16cef35970a59f702c56951fd1d370573138bc78427a4f7840dafb55e443cb78718c9ae7a3a806c4ce579ce388a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8115673f0548aab69ff836fc03910872 |
| SHA1 | 6a00ba5cd5a4e176232f440d48d2e24645d64d1b |
| SHA256 | c83eae78391926986128b804b917334b29e9c696ebbe9a49e72e22403cd76049 |
| SHA512 | 30877c54baa27c9faee5ce1aea642662f6dbdb942263de01b642bd5a37ee25233ba2f3f2cbe49dd95b8247b22d76d37f67abe905694a9996bc3108c51634734f |
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus_rvrt.exe
| MD5 | 97f5d0caaa1988c95bf38385d2cf260e |
| SHA1 | 255099f6e976837a0c3eb43a57599789a6330e85 |
| SHA256 | 73ee549578ded906711189edcef0eedbc9db7ccbd30cf7776bd1f7dd9e034339 |
| SHA512 | ad099c25868c12246ed3d4ee54cef4df49d5276a5696ca72efa64869367e262a57c8ff1fb947ad2f70caef1d618849dbab2ec6161c25758d9f96733a7534b18f |
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus_rvrt.exe.lzma
| MD5 | 84b41b6779cd161aa144fcb14b5db7ae |
| SHA1 | 374a045376685dd0e662c8a52da1b117e719b4f8 |
| SHA256 | 57b66c4f8f7dd6b808eace56846eccea4b8cc09568b7dbabc0e59add50d739c9 |
| SHA512 | 9d501ebb4335ece860f1806edff4c85652962b8b01534c8fad3904e56ab8058135d7835bda170ce2d65c392ef39350ff7c0cbdebc336e3b68136992e634b6b80 |
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe
| MD5 | 8364468375cccff3871f14d90da8d5f9 |
| SHA1 | d3d1bbd34578d22927fa63544cb45e40bab0ef0a |
| SHA256 | 37df00ad30a49c8335f027f4a94d18d3869d171b81dd627b99114c62c0defd9c |
| SHA512 | e046d7a842a5906288bbba97efe5e235ae50948dc4e66badf90ee6790c96f32670b7b23f6eaef0da478fec0e8db083de708a292438be16cd90fb16708789ee21 |
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe
| MD5 | 42f6fc4e0e8707c2d53f56852e4b98b9 |
| SHA1 | 761ae1d2b1d8b0668e23013c701031d0937ead32 |
| SHA256 | 1c4dd2a5e45e3fd417190d60c14c8b43733ba6791ee08b1a0c951049192ebe31 |
| SHA512 | 04b6fddd6508c0c124cd583a839c904ea8a1b6f995dcf504563d4888b6c0c1409a56b063b72a2b1d3a1d8e81476f4d494a306fa5b939e631b72c8f87ca1fd690 |
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe
| MD5 | dc4ab8bad890e5ae125663c7c09ae088 |
| SHA1 | 91472fb2b452fd4337dba82c643ef9c4a858db9a |
| SHA256 | c6b2741bdbeea992944c8ace48055805f895ba07286342aa2b31f12276f957a6 |
| SHA512 | ed1f930b09e16c14c6bd00aa09ccd0a87d0d14b66632f145245931a51710d63f973136f08283e740d6a68f5af668eda088f7d74954ef62ebcaa16ff3aad28168 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 1bee91ac2ca6c90f092094559ff95220 |
| SHA1 | 08022ca163795f5659d4ae691c38929fd3a6f321 |
| SHA256 | a694da325480701f1edb1b8d5304db8d821da6bccd3b7a8ae2ee125e4847d1e7 |
| SHA512 | 713e70ffa2cb06d8a7b764a844f4c5341ea7846904c63a95fb5ceba617208d996b7d8dc3b05294fb296b5aa31aec8cdf9877b25d797bbcfeee40e05836762ed0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\52d2d386-d3a7-4eba-9f53-9e5a5b8e80dc.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c2e62833b5ec96c7c29ccfc5bdcaf4d2 |
| SHA1 | 7d61ae5503942f21dbd681afcaf528d19ccb4a5a |
| SHA256 | 175a2591e8096c350604e9aa86bec50ba3e9b2f8d49a3d5a784ae9add2207e32 |
| SHA512 | 1d2ac6ddaeae05be0e72a0e4d7fc8a47a510974c8fdb790089c4f3c046f50bcde3550df3fa6677a430c653de1116c287aa6bc36323ea9efe9f55c84a7b6f578b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | de8bb5883ac859a30615859f5407ab84 |
| SHA1 | fc55dfd787e86e89cec832957569d9284d54e562 |
| SHA256 | 8837e999291970b35e9acd6498b2f70625de80e04cf99ccf519d0ae62ddbd038 |
| SHA512 | 380713c71a7b7c54bfb2f5c1323d095c14463022851f9d36a2ff360afb4d52af489cb67bdc02ea87ac319d675d10f8130ec2306fe64dbcf8679e8e576391faaa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 134fca35d620f630d5e540e1541d2dee |
| SHA1 | 5ffc41bd47fc9eceddce9f7a0e677cba9fda396b |
| SHA256 | d17bcece726cd37e6aa8f049976bd4ede1ea949d81f08e1e931866137aeef084 |
| SHA512 | 113a372b3234d4a9f2a562f4b38f89e1a2974e5c4468ea8624fdb9cfb6da6f8e9cf2a9e06df608d7093d5b3e7c035934d8b8aa3bc9efb363ca62bc13333c491e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e69af3d812d063eb8534addea3d1066f |
| SHA1 | e2403e3b381433805dcf28a5b7fc345513b78d00 |
| SHA256 | f62d96a0d826099ea2b3e0dc4b8116fe984d4a595852507dae1f16370503c37a |
| SHA512 | 13b2f12f88fff3fb9b0726d7ae78de61c1bccdd439dca07b0fd60087c37e4b42b24c49dacc69e7dd4501bd6d73ce0cb915cb427f994aea621e353a8a047d6c96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | 51ddf60e8bf9ac14d0bd31ab0be7b90a |
| SHA1 | 875e1573f40f64bbd74ec94f839b43ac285335c0 |
| SHA256 | 5ce57601e1638119a60d308d9ef5ed2fd7e8e27e81d0586f070778dde2be4adc |
| SHA512 | f53ab0d340a4adba2e1bdb63e0fabd44f4f8445ea08a1855daa54d712fc264a5d92fe200d21a4f0f39073667d52c04ad726c1de03ce70a0965e8859184902606 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cf13da1caac932c4e09484f8180905af |
| SHA1 | 597e656f6a93dba16bddf52fed3a43470a18b5ef |
| SHA256 | 4f64f3e0c3ca7639f567a81239692ec2c37e5baf48155e2325ce1a97d76e89b0 |
| SHA512 | 12509e5a028cede177a1ba81e1091614366e7ce9b1cd8bf24e5ec637bf879eea3089c1c579f464091372fbea42e237b30f5cba1454f459b2c4c8fecb38a93f6a |
C:\ProgramData\Avast Software\Icarus\avast-av\icarus.ini
| MD5 | ff8dd946d67b06b527e421ae253a3acf |
| SHA1 | b6c499d2657be5c8997ef163b7392d714fe15f1a |
| SHA256 | 6df6ff325076733ab2c240d1b8276016f8beec33a0749b28ee35c97fb3fd0899 |
| SHA512 | bdea446399f2b18ad3bb7d5e24e7e5727aa82f7d526ebfd81caba472bef2f45a71731478e359bc84514af2c6232e1e65bbc512fc8a5d9e4bbc35d3b7ed40d221 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e18870de7fed9eb90d933396a6db8327 |
| SHA1 | 2a0e46a7fc93173979becd39f955449e37ce35ec |
| SHA256 | af7b544c15e9ce1f7d236cdd15f6e40d89199727493194b2605135567986bd72 |
| SHA512 | 0f26436b4d4a1bb089e7b7124e2100652fb1ec95e00da0de50938dfce56744533ceaa47734385cc5e15592ab3f0f3b997aa16f86783ffea55673631e15cc8a8b |
C:\ProgramData\Avast Software\Icarus\Logs\icarus.log
| MD5 | c8776c85f0bbde13eb5f092b99ac4315 |
| SHA1 | 76e34eb4af0cbded16a4a013109ea278161b032d |
| SHA256 | 9efae3b25963c8d470e9473a9248a408276d30747a99926820499ee9324d490d |
| SHA512 | 8527ec777e2e21114dc66c9e6d9f032f6374be6bca9a9a5b83f164e00471c859f1488864d592e44230274fff04073104baa201b25b5b9a8fecf7984034d68e8e |
C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_mod.dll
| MD5 | 09cf0cfbbdd32727d9b610ca41f2f66e |
| SHA1 | 499413f97d9aa8dccfc233aae63c34811cbc3214 |
| SHA256 | 3b97b3825ad9b251600e7081cfb24696e4406cee64c78a03a47c8554aac5c0d1 |
| SHA512 | ee06b6b7098963f3eec8f2c0262259b89717519f1de107cc1439a42c1f3a3bf21c30118631071c6e910ad0379bf40113db0070a0aafe2b556eaa3d6ee130c3e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fd34cb250e4a95db45b08b08ae00ddf3 |
| SHA1 | 6f7f5070a8be0525e36ffacd7799a025ab27ad96 |
| SHA256 | 968512bf8203f5e9b2042353835274464b647dbb3e38d424417a478cfb7221f3 |
| SHA512 | 0e9b87fb9506ab366de9281ff4ee9e4285d38d2d5ad888da7a741d57e5121e801f5e1a63dd12211a6d6dee72a4e242ca115d9fb01aa5f0866f0e3052486214c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 924b2dc6b175f75570e7839ee7bb85b4 |
| SHA1 | 05c18855b28b461507c272c133b340c0ba4ac042 |
| SHA256 | 0528e43caf3b8b206c14bd99682c59885632216fa86ca11eea2075503cf4864d |
| SHA512 | 3db2162d3b23eb707a7183d198f59fd824922fb83419bc3c2e17ea75144012294d21fcfb91b0e3350b2ae50462fdc0aed9e9c6858d75fd7f10d99b98a5558509 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e53e63f50054c2df91e29a2b477ad6f2 |
| SHA1 | 0b199e766ecaa7c773a585a62a928a10103e6b96 |
| SHA256 | 462c5940bbe76e5f3806d326911404342641406657914e5f9c368a522d718c06 |
| SHA512 | 8a222f6789695c1c4f37c86cf61e9f1565fbc91105bab74c9a3a347d71c0b1af02c471c76036833f96045833d100ebbd609ef04e9032bcb70a56da94d9758bdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a2b0ffda37b50a71963eff5854d211ad |
| SHA1 | 7a3522d2f685475c27eabcc885d42466074d39b3 |
| SHA256 | 75b3817354dc78fd60e9186da067b859bdf6a2697a1d92fa4ab0bb824ca1c32a |
| SHA512 | 544a39fb42a9546fd89233607c99a1317e2910eaa2815dd247c21bfc10240ab9000337db129f323eb19968a887f8c38fd5d7f3ee376f5c55e061bd7e623d0109 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 56811e8a61c9bbfa1c31449271d47eb8 |
| SHA1 | b850e381ec516a5c1598bb9bc899b12c57e4aa38 |
| SHA256 | a71fe8a62abde59d88e6a74de7ab246059015835581f0690771b1d1e021ce144 |
| SHA512 | 8c85c43d5f45bcf4c9c8caabb866b2b3a8808c8a183c0a8e7cd10edf9c1d382487d8c5a1bb96eabdc670d782188327c632dbf422a721f18dd6ad561aadece711 |