Malware Analysis Report

2025-01-18 04:12

Sample ID 241031-a5v58swral
Target OptiFine_1.19.4_HD_U_I4.jar
SHA256 2c010bcae341cf1003c194a4b566a0cb0c8dff2443d2f9fbd9e7a2d9abc8af6a
Tags
quasar office04 bootkit discovery persistence spyware trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

2c010bcae341cf1003c194a4b566a0cb0c8dff2443d2f9fbd9e7a2d9abc8af6a

Threat Level: Known bad

The file OptiFine_1.19.4_HD_U_I4.jar was found to be: Known bad.

Malicious Activity Summary

quasar office04 bootkit discovery persistence spyware trojan

Quasar RAT

Suspicious use of NtCreateProcessExOtherParentProcess

Quasar payload

Quasar family

Downloads MZ/PE file

Uses Session Manager for persistence

Checks computer location settings

Loads dropped DLL

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

Adds Run key to start application

Checks for any installed AV software in registry

Writes to the Master Boot Record (MBR)

Drops file in System32 directory

Drops file in Program Files directory

Drops file in Windows directory

Browser Information Discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Modifies Internet Explorer settings

Modifies registry class

Suspicious use of SendNotifyMessage

Checks processor information in registry

Suspicious behavior: GetForegroundWindowSpam

Scheduled Task/Job: Scheduled Task

Uses Volume Shadow Copy service COM API

Gathers network information

Suspicious use of SetWindowsHookEx

Suspicious use of AdjustPrivilegeToken

Uses Task Scheduler COM API

Suspicious behavior: EnumeratesProcesses

Modifies data under HKEY_USERS

Suspicious use of WriteProcessMemory

Checks SCSI registry key(s)

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Uses Volume Shadow Copy WMI provider

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-31 00:48

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-31 00:48

Reported

2024-10-31 01:06

Platform

win10ltsc2021-20241023-en

Max time kernel

994s

Max time network

1020s

Command Line

java -jar C:\Users\Admin\AppData\Local\Temp\OptiFine_1.19.4_HD_U_I4.jar

Signatures

Quasar RAT

trojan spyware quasar

Quasar family

quasar

Quasar payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Downloads MZ/PE file

Uses Session Manager for persistence

persistence
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\Session Manager\BootExecute = 6100750074006f0063006800650063006b0020006100750074006f00630068006b0020002a0000006900630061007200750073005f0072007600720074002e0065007800650000000000 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Desktop\Client-built.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\MEMZ.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\MEMZ.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Java update = "\"C:\\Users\\Admin\\AppData\\Roaming\\SubDir\\Client.exe\"" C:\Users\Admin\Desktop\Client-built.exe N/A

Checks for any installed AV software in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Avast Software\Avast C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\AVAST Software\Avast C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Avast Software\Avast C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\Avast Software\Avast\properties\settings C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\AVAST Software\Avast C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
Key opened \REGISTRY\MACHINE\Software\Avast Software\Avast C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Avast Software\Avast C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\Downloads\avast_one_free_antivirus.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\Downloads\MEMZ.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av-vps\icarus.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe N/A
File opened for modification \??\PhysicalDrive0 C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\system32\icarus_rvrt.exe C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File opened for modification C:\Windows\system32\icarus_rvrt.exe C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File opened for modification C:\Windows\system32\icarus_rvrt.exe C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe N/A
File opened for modification C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\ C:\Users\Admin\Desktop\Client-built.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\Avast Software\Avast\AvastSvc.exe.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-memory-l1-1-0.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\1033\aswClnTg.htm.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\mfc140.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\Inf\x64\aswSnx.sys.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\dll_loader.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\aswAMSI.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\gui_resources\default_one\mainVars_test.json.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\FAF\helsinki.ttf.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\ashShell.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-console-l1-1-0.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-process-l1-1-0.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\dnd_helper.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\SetupInf.exe.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\FAF\Dustismo_Roman.ttf.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\aswRunDll.exe.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\chrome_100_percent.pak.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\gui_resources\default_one\libs.js.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\mfcm140.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\firefox_pass.exe.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\gui_resources\default_one\firewall.js.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\FAF\Sanctuary.ttf.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-interlocked-l1-1-0.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\FAF\garto16.ttf.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\Licenses\rapidjson.txt.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-rtlsupport-l1-1-0.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\su_controller.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\aswCmnOS.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\Licenses\libevent.txt.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\RegSvr.exe.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processenvironment-l1-1-0.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-private-l1-1-0.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\libwaheap.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\Licenses\pugixml.txt.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\Inf\x64\aswStm.sys.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\mfcm140.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-util-l1-1-0.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\FAF\GOODDP__.TTF.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\Inf\x64\aswSP.sys.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\gui_resources\default_one\programDeactivator.js.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\FAF\newscycle-regular.ttf.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\1033\Base.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\Licenses\Detours.txt.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\aswCmnIS.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\sched.exe.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\aswRvrt.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\gui_resources\default_one\mainSprite_dark.css.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\ucrtbase.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\aswProperty.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-rtlsupport-l1-1-0.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\vcruntime140_threads.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\locales\es-419.pak.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\aswCmnIS.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\avast.local_vc142.crt.manifest.ipending.1db16a57 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\libwaapi.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
File created C:\Program Files\Avast Software\Avast\x86\aswBrowser.dll.ipending.1db16a57.lzma C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Logs\Cbs\FilterList.log C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4467_none_7e0f83e07c8c1985\TiWorker.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\Debug\WIA\wiatrace.log C:\Windows\SysWOW64\mspaint.exe N/A
File opened for modification C:\Windows\Logs\CBS\CBS.log C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4467_none_7e0f83e07c8c1985\TiWorker.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\notepad.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\avast_one_free_antivirus.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\mspaint.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\MEMZ.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av-vps\icarus.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_ui.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av-vps\icarus.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\system32\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_ui.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\system32\wermgr.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Windows\system32\wermgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Gathers network information

Description Indicator Process Target
N/A N/A C:\Windows\System32\ipconfig.exe N/A
N/A N/A C:\Windows\system32\ipconfig.exe N/A
N/A N/A C:\Windows\system32\NETSTAT.EXE N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 C:\Windows\explorer.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133748094500472341" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\MRUListEx = 00000000ffffffff C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\MRUListEx = ffffffff C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\1\0\0 C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\7CCD586D-2ABC-42FF-A23B-3731F4F183D9 = "65F115A51CCCDBF623206AEDE3B3D8A4" C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\7CCD586D-2ABC-42FF-A23B-3731F4F183D9 = "65F115A51CCCDBF623206AEDE3B3D8A4" C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0 = 48003100000000005f596b06100073610000360009000400efbe5f5967065f596b062e000000c4510400000029000000000000000000000000000000a560bd0073006100000012000000 C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 03000000010000000200000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616193" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616209" C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202020202020202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\1 C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WFlags = "0" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4152190078-1497776152-96910572-1000\{DEFEF825-1170-4D42-B6E0-83EB750000C8} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\1\0\0\NodeSlot = "5" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0000000001000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\5E1D6A55-0134-486E-A166-38C2E4919BB1 = "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAjLkezrJaX0qG2VQVPWJpVAQAAAACAAAAAAAQZgAAAAEAACAAAAC75O8CF5UUWFSCNnSKqMM+Lb1Jgk27G4/S2n9a8fCo9gAAAAAOgAAAAAIAACAAAABWtYyFnaud2vAOpA/He3295iW1YQAL5Ki3hBsgEGp3hTAAAAB6hE45P/k58mdY0E4r5AfplwJO1rNEfx7bWdTwvPfjbfYEW15xEWZaoLggDFPyJttAAAAAXZUhxtumdLpKqHC8m8yQTUV3tLx9TbT7rFR5QfGBCyoC9R6t/D27iJIjlPio4o8PeKn5+v3mt2g5al5Go14L3g==" C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\56C7A9DA-4B11-406A-8B1A-EFF157C294D6 = "d8ff6bc9-3357-4680-89aa-6123fcaa0277" C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\Shell\SniffedFolderType = "Generic" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\3\NodeSlot = "8" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\C06AEB9D-8774-46E7-8160-8321BCD14D9F\7CCD586D-2ABC-42FF-A23B-3731F4F183D9 = "65F115A51CCCDBF623206AEDE3B3D8A4" C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\MRUListEx = 00000000ffffffff C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Scheduled Task/Job: Scheduled Task

persistence execution
Description Indicator Process Target
N/A N/A C:\Windows\SYSTEM32\schtasks.exe N/A
N/A N/A C:\Windows\SYSTEM32\schtasks.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A
N/A N/A C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Users\Admin\Desktop\Client-built.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe N/A
N/A N/A C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
N/A N/A C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
N/A N/A C:\Windows\System32\CredentialUIBroker.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
N/A N/A C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
N/A N/A C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
N/A N/A C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_ui.exe N/A
N/A N/A C:\Windows\SysWOW64\mspaint.exe N/A
N/A N/A C:\Windows\SysWOW64\mspaint.exe N/A
N/A N/A C:\Windows\SysWOW64\mspaint.exe N/A
N/A N/A C:\Windows\SysWOW64\mspaint.exe N/A
N/A N/A C:\Users\Admin\Downloads\MEMZ.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1664 wrote to memory of 540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 1528 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1664 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe

java -jar C:\Users\Admin\AppData\Local\Temp\OptiFine_1.19.4_HD_U_I4.jar

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x220,0x224,0x228,0x200,0x22c,0x7ffb11fdcc40,0x7ffb11fdcc4c,0x7ffb11fdcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1944,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1932 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2180,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2280,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2296 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3176,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3180 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3188,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3224 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4580,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4572 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4704,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3680 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4552,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4836 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3716,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4988 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3720,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5132 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4092,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4420 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3444,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4908 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4400,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5348 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3180,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5476 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4064,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4480 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\sa\" -an -ai#7zMap8134:90:7zEvent23300

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe

"C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe"

C:\Windows\explorer.exe

"C:\Windows\explorer.exe" /select, "C:\Users\Admin\Desktop\sa\Quasar v1.4.1\quasar.p12"

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" cryptext.dll,CryptExtAddPFX C:\Users\Admin\Desktop\sa\Quasar v1.4.1\quasar.p12

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=508,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4540 /prefetch:8

C:\Windows\System32\ipconfig.exe

"C:\Windows\System32\ipconfig.exe"

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\system32\ipconfig.exe

ipconfig

C:\Users\Admin\Desktop\Client-built.exe

"C:\Users\Admin\Desktop\Client-built.exe"

C:\Windows\SYSTEM32\schtasks.exe

"schtasks" /create /tn "Java update" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\SubDir\Client.exe" /rl HIGHEST /f

C:\Users\Admin\AppData\Local\Temp\4OBdI2c6xa6o.exe

"C:\Users\Admin\AppData\Local\Temp\4OBdI2c6xa6o.exe"

C:\Users\Admin\Desktop\Client-built.exe

"C:\Users\Admin\Desktop\Client-built.exe"

C:\Windows\SYSTEM32\schtasks.exe

"schtasks" /create /tn "Java update" /sc ONLOGON /tr "C:\Users\Admin\AppData\Roaming\SubDir\Client.exe" /rl HIGHEST /f

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4656,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1268 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3424,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4700 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3456,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3572 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5484,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3164 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=3548,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5716 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5476,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3216 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=6016,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6000 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6024,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5988 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\System32\CredentialUIBroker.exe

"C:\Windows\System32\CredentialUIBroker.exe" NonAppContainer -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5252,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6180 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5588,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5724 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5896,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5256 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5912,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5936 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5708,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5704 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=5684,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5848 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5692,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6224 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6528,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6504 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3468,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6652 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6480,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6788 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=4712,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6788 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6660,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6420 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=6836,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3380 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=4088,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1544 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=6932,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5676 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=6484,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6496 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=5952,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5848 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=6904,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6316 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=5676,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5772 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x48c 0x484

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=3440,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5992 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=3216,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6944 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=6288,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7080 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=5024,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6448 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6152,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6900 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=5928,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7280,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7272 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4848,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5920 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5780,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7404 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=6456,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6184 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=7076,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5696 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5956,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5188 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=5380,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=7152,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6332 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=7576,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5592 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=7148,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6900 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7100,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7092 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5096,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6224 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6360,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7328 /prefetch:8

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe"

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog

C:\Users\Admin\Downloads\MEMZ.exe

"C:\Users\Admin\Downloads\MEMZ.exe" /main

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe" \note.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=3732,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ffb01fb46f8,0x7ffb01fb4708,0x7ffb01fb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2556 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2732 /prefetch:1

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\system32\NETSTAT.EXE

netstat

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x144,0x148,0x14c,0x120,0x150,0x7ffb01fb46f8,0x7ffb01fb4708,0x7ffb01fb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=4476,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6972 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6232,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6208 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=6240,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7660 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7240,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7672 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6828,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7832 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=900,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7796 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=7532,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7036 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=6428,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=8044 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=7992,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7556 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=7284,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7188 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=6260,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7548 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=5248,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7268 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=7496,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5184 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7984,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=6316 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7936,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=7872 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8064,i,10583459933076406807,15674176732026254453,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=8012 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+send+a+virus+to+my+friend

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x144,0x148,0x14c,0x120,0x150,0x7ffb01fb46f8,0x7ffb01fb4708,0x7ffb01fb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2080,5942586675815526041,4107650775553003632,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1

C:\Users\Admin\Downloads\avast_one_free_antivirus.exe

"C:\Users\Admin\Downloads\avast_one_free_antivirus.exe"

C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe

"C:\Windows\Temp\asw.eaabedd59a2e992f\avast_one_essential_online_setup.exe" /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /ga_clientid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus.exe /icarus-info-path:C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\icarus-info.xml /install /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_ui.exe

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_ui.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /is-a1

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /er_slave:avast-av_slave_ep_e82cefb5-bb0e-4834-9dce-604b3bcb2824 /slave:avast-av

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av-vps\icarus.exe

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av-vps\icarus.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /er_slave:avast-av-vps_slave_ep_7268b904-8c8e-4773-acd3-583cd4f34a47 /slave:avast-av-vps

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /er_slave:avast-vpn_slave_ep_43d20d8f-2cdf-4c34-8251-89c6246e98ce /slave:avast-vpn

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /er_slave:avast-du_slave_ep_b378ba86-3da8-4918-9a59-0e34090bead6 /slave:avast-du

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe /cookie:mmm_aon_012_999_a8j_m:dlid_AVAST-ONE-FREE-WIN-PPC /edat_dir:C:\Windows\Temp\asw.eaabedd59a2e992f /geo:GB /track-guid:c990861d-de0b-4f3d-b718-7eb8c76d1c76 /sssid:6088 /er_master:master_ep_518630f9-612c-48bf-bc36-7106781a136c /er_ui:ui_ep_5fefb6cf-9e45-422e-86b0-bb6aba796088 /er_slave:avast-tu_slave_ep_96554f53-e673-40f2-b14d-ace05feea332 /slave:avast-tu

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+download+memz

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x144,0x148,0x14c,0x120,0x150,0x7ffb01fb46f8,0x7ffb01fb4708,0x7ffb01fb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2988 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,14012342271163065160,9446178087494359032,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /0

C:\Windows\SysWOW64\cmd.exe

"C:\Windows\System32\cmd.exe"

C:\Windows\SysWOW64\mspaint.exe

"C:\Windows\System32\mspaint.exe"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService

C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4467_none_7e0f83e07c8c1985\TiWorker.exe

C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4467_none_7e0f83e07c8c1985\TiWorker.exe -Embedding

C:\Windows\system32\wermgr.exe

"C:\Windows\system32\wermgr.exe" "-outproc" "0" "3564" "996" "836" "1000" "0" "0" "1004" "1008" "0" "0" "0" "0"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=internet+explorer+is+the+best+browser

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x144,0x148,0x14c,0x120,0x150,0x7ffb01fb46f8,0x7ffb01fb4708,0x7ffb01fb4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2468 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,15365379133800287396,7255189595972594804,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 67.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 fd.api.iris.microsoft.com udp
NL 20.103.156.88:443 fd.api.iris.microsoft.com tcp
US 8.8.8.8:53 200.163.202.172.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 226.108.222.173.in-addr.arpa udp
US 8.8.8.8:53 checkappexec.microsoft.com udp
GB 13.87.96.169:443 checkappexec.microsoft.com tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.169.36:443 www.google.com tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
GB 142.250.178.10:443 ogads-pa.googleapis.com udp
GB 142.250.178.10:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 169.96.87.13.in-addr.arpa udp
US 8.8.8.8:53 36.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 172.217.169.36:443 www.google.com udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 2.213.58.216.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.178.10:443 ogads-pa.googleapis.com tcp
GB 142.250.178.10:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
GB 172.217.16.238:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 142.250.178.14:443 clients2.google.com tcp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.187.206:443 consent.google.com tcp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 camo.githubusercontent.com udp
GB 20.26.156.215:443 github.com tcp
US 185.199.109.133:443 camo.githubusercontent.com tcp
US 185.199.109.133:443 camo.githubusercontent.com tcp
US 185.199.109.133:443 camo.githubusercontent.com tcp
US 185.199.109.133:443 camo.githubusercontent.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.110.133:443 user-images.githubusercontent.com tcp
US 185.199.110.133:443 user-images.githubusercontent.com tcp
US 185.199.110.133:443 user-images.githubusercontent.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 154.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 collector.github.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 140.82.114.21:443 collector.github.com tcp
US 140.82.114.21:443 collector.github.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
GB 20.26.156.210:443 api.github.com tcp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 21.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.109.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 google.com udp
GB 172.217.16.238:443 google.com tcp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 163.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 25.73.42.20.in-addr.arpa udp
US 8.8.8.8:53 ipwho.is udp
DE 195.201.57.90:443 ipwho.is tcp
US 8.8.8.8:53 90.57.201.195.in-addr.arpa udp
N/A 10.127.0.227:4782 tcp
US 8.8.8.8:53 google.com udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
GB 172.217.16.238:443 google.com udp
US 8.8.8.8:53 ipwho.is udp
DE 195.201.57.90:443 ipwho.is tcp
N/A 10.127.0.227:4782 tcp
US 8.8.8.8:53 tria.ge udp
US 172.64.147.112:443 tria.ge tcp
US 172.64.147.112:443 tria.ge tcp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 hatching.io udp
GB 20.26.156.210:443 api.github.com tcp
GB 172.217.169.36:443 www.google.com tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 112.147.64.172.in-addr.arpa udp
US 8.8.8.8:53 12.71.61.154.in-addr.arpa udp
GB 172.217.169.36:443 www.google.com tcp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
GB 172.217.169.36:443 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 74.125.71.84:443 accounts.google.com udp
US 8.8.8.8:53 84.71.125.74.in-addr.arpa udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 142.250.178.14:443 accounts.youtube.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 signaler-pa.googleapis.com udp
GB 142.250.178.14:443 accounts.youtube.com tcp
US 8.8.8.8:53 accounts.google.co.uk udp
BE 64.233.184.94:443 accounts.google.co.uk tcp
US 8.8.8.8:53 accounts.google.com.gt udp
BE 64.233.184.94:443 accounts.google.com.gt tcp
US 8.8.8.8:53 94.184.233.64.in-addr.arpa udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
GB 142.250.187.234:443 signaler-pa.googleapis.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 74.125.71.84:443 accounts.google.com udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
GB 74.125.71.84:443 accounts.google.com tcp
US 172.64.147.112:443 tria.ge tcp
GB 142.250.187.234:443 signaler-pa.googleapis.com udp
US 172.64.147.112:443 tria.ge tcp
US 172.64.147.112:443 tria.ge tcp
US 172.64.147.112:443 tria.ge tcp
US 172.64.147.112:443 tria.ge tcp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
US 172.64.147.112:443 tria.ge tcp
US 8.8.8.8:53 google.com.gt udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
GB 142.250.187.195:443 google.com.gt tcp
GB 172.217.16.227:443 google.co.uk tcp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.16.217.172.in-addr.arpa udp
GB 172.217.169.36:443 www.google.com udp
GB 172.217.169.36:443 www.google.com tcp
US 8.8.8.8:53 lh3.google.com udp
GB 216.58.204.78:443 lh3.google.com tcp
GB 172.217.169.36:443 www.google.com udp
US 8.8.8.8:53 ogads-pa.clients6.google.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 172.217.16.234:443 ogads-pa.clients6.google.com tcp
GB 216.58.213.10:443 ajax.googleapis.com tcp
GB 142.250.200.1:443 lh3.googleusercontent.com tcp
GB 172.217.16.234:443 ogads-pa.clients6.google.com udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 1.200.250.142.in-addr.arpa udp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
GB 142.250.187.206:443 play.google.com udp
GB 216.58.204.78:443 lh3.google.com tcp
GB 142.250.200.1:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 id.google.com udp
GB 142.250.179.227:443 id.google.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.234:443 ogads-pa.clients6.google.com tcp
GB 172.217.16.234:443 ogads-pa.clients6.google.com udp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 66.169.217.172.in-addr.arpa udp
GB 74.125.71.84:443 accounts.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.206:443 play.google.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
GB 142.250.187.234:443 signaler-pa.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 22.112.82.140.in-addr.arpa udp
GB 74.125.71.84:443 accounts.google.com udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
GB 172.217.16.227:443 google.co.uk udp
GB 142.250.187.195:443 google.com.gt udp
US 8.8.8.8:53 google.com udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
GB 172.217.16.238:443 google.com tcp
US 8.8.8.8:53 e2c39.gcp.gvt2.com udp
FI 35.217.17.196:443 e2c39.gcp.gvt2.com tcp
US 8.8.8.8:53 e2c1.gcp.gvt2.com udp
TW 34.80.89.126:443 e2c1.gcp.gvt2.com tcp
TW 34.80.89.126:443 e2c1.gcp.gvt2.com tcp
US 8.8.8.8:53 196.17.217.35.in-addr.arpa udp
N/A 10.127.0.227:4782 tcp
US 8.8.8.8:53 beacons.gvt2.com udp
NL 216.58.208.99:443 beacons.gvt2.com tcp
US 8.8.8.8:53 99.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.recordedfuture.com udp
US 172.64.152.166:443 www.recordedfuture.com tcp
US 172.64.152.166:443 www.recordedfuture.com tcp
US 8.8.8.8:53 cms.recordedfuture.com udp
US 104.18.35.90:443 cms.recordedfuture.com tcp
US 104.18.35.90:443 cms.recordedfuture.com tcp
US 104.18.35.90:443 cms.recordedfuture.com tcp
US 104.18.35.90:443 cms.recordedfuture.com tcp
US 8.8.8.8:53 www.gartner.com udp
US 8.8.8.8:53 js.hsforms.net udp
US 104.18.142.119:443 js.hsforms.net tcp
US 172.64.153.35:443 www.gartner.com tcp
US 8.8.8.8:53 166.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 forms.hsforms.com udp
US 104.18.80.204:443 forms.hsforms.com tcp
US 8.8.8.8:53 90.35.18.104.in-addr.arpa udp
US 8.8.8.8:53 119.142.18.104.in-addr.arpa udp
US 8.8.8.8:53 35.153.64.172.in-addr.arpa udp
US 8.8.8.8:53 204.80.18.104.in-addr.arpa udp
US 172.64.153.35:443 www.gartner.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 172.64.153.35:443 www.gartner.com tcp
US 8.8.8.8:53 forms-na1.hsforms.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.19.175.188:443 forms-na1.hsforms.com tcp
US 104.19.175.188:443 forms-na1.hsforms.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 172.64.153.35:443 www.gartner.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 188.175.19.104.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 forms-na1.hubspot.com udp
US 104.16.118.116:443 forms-na1.hubspot.com tcp
US 104.16.118.116:443 forms-na1.hubspot.com tcp
US 104.16.118.116:443 forms-na1.hubspot.com tcp
US 8.8.8.8:53 dev.visualwebsiteoptimizer.com udp
US 34.96.102.137:443 dev.visualwebsiteoptimizer.com tcp
US 8.8.8.8:53 116.118.16.104.in-addr.arpa udp
US 34.96.102.137:443 dev.visualwebsiteoptimizer.com udp
US 34.96.102.137:443 dev.visualwebsiteoptimizer.com udp
US 8.8.8.8:53 j.6sc.co udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 static.ads-twitter.com udp
US 8.8.8.8:53 snap.licdn.com udp
US 8.8.8.8:53 ssl.google-analytics.com udp
US 8.8.8.8:53 connect.facebook.net udp
US 95.100.195.6:443 j.6sc.co tcp
GB 172.217.169.36:443 www.google.com tcp
US 8.8.8.8:53 js.hs-scripts.com udp
US 8.8.8.8:53 cdn.matomo.cloud udp
GB 151.101.188.157:443 static.ads-twitter.com tcp
GB 2.18.190.140:443 snap.licdn.com tcp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
NL 18.239.94.49:443 cdn.matomo.cloud tcp
NL 18.239.94.49:443 cdn.matomo.cloud tcp
GB 172.217.169.8:443 ssl.google-analytics.com tcp
US 104.16.141.209:443 js.hs-scripts.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 142.250.200.3:443 www.google.co.uk tcp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 t.co udp
GB 74.125.133.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 analytics.twitter.com udp
GB 172.217.169.8:443 ssl.google-analytics.com udp
GB 142.250.180.2:443 googleads.g.doubleclick.net tcp
US 172.64.153.35:443 www.gartner.com udp
GB 163.70.151.21:443 connect.facebook.net udp
US 172.66.0.227:443 t.co tcp
US 8.8.8.8:53 js.hsleadflows.net udp
US 8.8.8.8:53 js.hs-banner.com udp
US 104.244.42.67:443 analytics.twitter.com tcp
US 8.8.8.8:53 js.hubspot.com udp
US 8.8.8.8:53 js.hs-analytics.net udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 c.6sc.co udp
US 8.8.8.8:53 ipv6.6sc.co udp
US 8.8.8.8:53 recordedfuture.matomo.cloud udp
US 13.107.42.14:443 px.ads.linkedin.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
GB 172.217.169.36:443 www.google.com udp
GB 142.250.200.3:443 www.google.co.uk udp
US 104.17.175.201:443 js.hs-analytics.net tcp
US 172.64.147.16:443 js.hs-banner.com tcp
DE 18.195.235.189:443 recordedfuture.matomo.cloud tcp
DE 18.195.235.189:443 recordedfuture.matomo.cloud tcp
US 104.18.138.17:443 js.hsleadflows.net tcp
US 95.100.195.61:443 ipv6.6sc.co tcp
US 8.8.8.8:53 eps.6sc.co udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 75.2.108.141:443 eps.6sc.co tcp
US 8.8.8.8:53 232.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 137.102.96.34.in-addr.arpa udp
US 8.8.8.8:53 157.188.101.151.in-addr.arpa udp
US 8.8.8.8:53 6.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 140.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 8.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 209.141.16.104.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 49.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 155.133.125.74.in-addr.arpa udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 227.0.66.172.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 b.6sc.co udp
US 104.17.175.201:443 js.hs-analytics.net tcp
US 172.64.147.16:443 js.hs-banner.com tcp
DE 18.195.235.189:443 recordedfuture.matomo.cloud tcp
US 104.18.138.17:443 js.hsleadflows.net tcp
US 95.100.195.61:443 b.6sc.co tcp
US 75.2.108.141:443 eps.6sc.co tcp
US 8.8.8.8:53 cta-service-cms2.hubspot.com udp
US 8.8.8.8:53 track.hubspot.com udp
US 104.16.118.116:443 track.hubspot.com tcp
US 104.16.118.116:443 track.hubspot.com tcp
US 8.8.8.8:53 v.eps.6sc.co udp
US 8.8.8.8:53 252628.hs-sites.com udp
US 8.8.8.8:53 perf-na1.hsforms.com udp
NL 18.239.36.33:443 v.eps.6sc.co tcp
US 104.16.192.117:443 252628.hs-sites.com tcp
US 104.18.80.204:443 perf-na1.hsforms.com tcp
US 8.8.8.8:53 forms.hubspot.com udp
DE 37.252.173.215:443 secure.adnxs.com tcp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 16.147.64.172.in-addr.arpa udp
US 8.8.8.8:53 201.175.17.104.in-addr.arpa udp
US 8.8.8.8:53 141.108.2.75.in-addr.arpa udp
US 8.8.8.8:53 189.235.195.18.in-addr.arpa udp
US 8.8.8.8:53 17.138.18.104.in-addr.arpa udp
US 8.8.8.8:53 61.195.100.95.in-addr.arpa udp
US 8.8.8.8:53 33.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 117.192.16.104.in-addr.arpa udp
US 8.8.8.8:53 cdn2.hubspot.net udp
US 104.16.118.116:443 forms.hubspot.com tcp
US 8.8.8.8:53 static.hsappstatic.net udp
US 104.18.88.62:443 cdn2.hubspot.net tcp
US 104.17.172.91:443 static.hsappstatic.net tcp
US 8.8.8.8:53 bf28149orj.bf.dynatrace.com udp
US 52.22.53.165:443 bf28149orj.bf.dynatrace.com tcp
US 104.18.80.204:443 perf-na1.hsforms.com udp
US 8.8.8.8:53 static.hubspot.com udp
US 52.22.53.165:443 bf28149orj.bf.dynatrace.com tcp
US 8.8.8.8:53 215.173.252.37.in-addr.arpa udp
US 8.8.8.8:53 62.88.18.104.in-addr.arpa udp
US 8.8.8.8:53 91.172.17.104.in-addr.arpa udp
GB 172.217.169.36:443 www.google.com udp
US 104.17.172.91:443 static.hsappstatic.net tcp
GB 216.58.204.78:443 lh3.google.com udp
GB 142.250.200.1:443 lh3.googleusercontent.com udp
US 104.16.192.117:443 252628.hs-sites.com udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 142.250.179.227:443 id.google.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
GB 74.125.71.84:443 accounts.google.com udp
GB 142.250.187.206:443 play.google.com udp
US 8.8.8.8:53 ogs.google.com udp
GB 142.250.178.14:443 ogs.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
GB 172.217.16.238:443 encrypted-tbn0.gstatic.com tcp
GB 172.217.16.238:443 encrypted-tbn0.gstatic.com tcp
GB 172.217.16.238:443 encrypted-tbn0.gstatic.com tcp
GB 172.217.16.238:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 www.names.org udp
GB 142.250.187.238:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.187.238:443 encrypted-tbn2.gstatic.com tcp
GB 18.245.143.49:443 www.names.org tcp
GB 18.245.143.49:443 www.names.org tcp
US 8.8.8.8:53 a.pub.network udp
US 8.8.8.8:53 b.pub.network udp
US 8.8.8.8:53 c.pub.network udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 confiant-integrations.global.ssl.fastly.net udp
US 34.160.152.31:443 c.pub.network tcp
US 8.8.8.8:53 api.btloader.com udp
US 104.18.21.206:443 a.pub.network tcp
US 104.18.21.206:443 a.pub.network tcp
US 8.8.8.8:53 btloader.com udp
GB 18.245.143.49:443 www.names.org udp
US 151.101.1.194:443 confiant-integrations.global.ssl.fastly.net tcp
US 130.211.23.194:443 api.btloader.com tcp
US 8.8.8.8:53 cmp.quantcast.com udp
US 8.8.8.8:53 pixel.quantserve.com udp
US 104.22.75.216:443 btloader.com tcp
US 8.8.8.8:53 rules.quantcount.com udp
DE 91.228.74.166:443 pixel.quantserve.com tcp
NL 18.239.83.25:443 cmp.quantcast.com tcp
US 8.8.8.8:53 secure.quantserve.com udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
NL 18.239.50.110:443 rules.quantcount.com tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 98.82.156.207:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 d.pub.network udp
DE 91.228.74.159:443 secure.quantserve.com tcp
US 104.18.21.206:443 a.pub.network udp
GB 142.250.180.2:443 googleads.g.doubleclick.net tcp
US 104.18.21.206:443 a.pub.network udp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 js.datadome.co udp
US 34.160.152.31:443 d.pub.network tcp
NL 18.239.83.17:443 js.datadome.co tcp
US 34.160.152.31:443 d.pub.network tcp
US 8.8.8.8:53 optimise.net udp
US 8.8.8.8:53 api.floors.dev udp
US 8.8.8.8:53 www.aatrk.com udp
US 34.160.128.112:443 api.floors.dev tcp
US 8.8.8.8:53 www.homearea.com udp
US 34.111.152.239:443 optimise.net tcp
GB 13.224.81.55:443 www.aatrk.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 49.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 31.152.160.34.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 206.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 194.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 216.75.22.104.in-addr.arpa udp
US 8.8.8.8:53 25.83.239.18.in-addr.arpa udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 166.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 110.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 203.70.239.18.in-addr.arpa udp
US 8.8.8.8:53 159.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 207.156.82.98.in-addr.arpa udp
US 8.8.8.8:53 17.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 api-js.datadome.co udp
GB 3.162.20.13:443 www.homearea.com tcp
GB 52.56.32.58:443 api-js.datadome.co tcp
GB 142.250.187.226:443 securepubads.g.doubleclick.net tcp
GB 13.224.81.55:443 www.aatrk.com udp
GB 142.250.187.226:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 cdn.privacy-mgmt.com udp
NL 108.156.60.119:443 cdn.privacy-mgmt.com tcp
NL 108.156.60.119:443 cdn.privacy-mgmt.com tcp
US 8.8.8.8:53 112.128.160.34.in-addr.arpa udp
US 8.8.8.8:53 55.81.224.13.in-addr.arpa udp
US 8.8.8.8:53 239.152.111.34.in-addr.arpa udp
US 8.8.8.8:53 13.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 58.32.56.52.in-addr.arpa udp
US 8.8.8.8:53 119.60.156.108.in-addr.arpa udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
GB 172.217.16.226:443 ep1.adtrafficquality.google tcp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
GB 216.58.213.1:443 ep2.adtrafficquality.google tcp
NL 108.156.60.119:443 cdn.privacy-mgmt.com tcp
GB 216.58.213.1:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 1.213.58.216.in-addr.arpa udp
GB 216.58.213.1:443 ep2.adtrafficquality.google udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
GB 172.217.16.226:443 ep1.adtrafficquality.google udp
GB 52.56.32.58:443 api-js.datadome.co tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.178.14:443 ogs.google.com udp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 140.82.114.21:443 collector.github.com tcp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.169.36:443 www.google.com udp
GB 216.58.204.78:443 lh3.google.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
GB 142.250.200.1:443 lh3.googleusercontent.com udp
US 8.8.8.8:53 tria.ge udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.204.78:443 lh3.google.com udp
GB 142.250.200.1:443 lh3.googleusercontent.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.16.246:443 i.ytimg.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
GB 172.217.16.246:443 i.ytimg.com tcp
US 8.8.8.8:53 246.16.217.172.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 74.125.71.84:443 accounts.google.com udp
GB 142.250.187.206:443 play.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
GB 142.250.200.46:443 www.youtube.com udp
GB 172.217.16.246:443 i.ytimg.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 checkappexec.microsoft.com udp
GB 51.140.244.186:443 checkappexec.microsoft.com tcp
US 8.8.8.8:53 186.244.140.51.in-addr.arpa udp
US 8.8.8.8:53 203.197.79.204.in-addr.arpa udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
US 185.199.110.133:443 avatars.githubusercontent.com tcp
US 185.199.110.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 google.com udp
GB 172.217.16.238:443 google.com udp
US 185.199.110.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 google.co.ck udp
GB 142.250.179.228:80 google.co.ck tcp
GB 142.250.179.228:80 google.co.ck tcp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 51.11.108.188:443 nav.smartscreen.microsoft.com tcp
GB 51.11.108.188:443 nav.smartscreen.microsoft.com tcp
US 8.8.8.8:53 228.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 data-edge.smartscreen.microsoft.com udp
GB 51.140.242.104:443 data-edge.smartscreen.microsoft.com tcp
GB 51.140.242.104:443 data-edge.smartscreen.microsoft.com tcp
GB 51.140.242.104:443 data-edge.smartscreen.microsoft.com tcp
GB 172.217.169.36:80 www.google.com tcp
US 8.8.8.8:53 188.108.11.51.in-addr.arpa udp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 1.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com udp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 e2c43.gcp.gvt2.com udp
NL 35.214.142.18:443 e2c43.gcp.gvt2.com tcp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
NL 216.58.208.99:443 beacons.gvt2.com udp
US 8.8.8.8:53 18.142.214.35.in-addr.arpa udp
GB 172.217.169.36:443 www.google.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 172.217.169.36:443 www.google.com udp
US 8.8.8.8:53 lh3.google.com udp
GB 216.58.204.78:443 lh3.google.com udp
US 8.8.8.8:53 ogads-pa.clients6.google.com udp
GB 172.217.169.42:443 ogads-pa.clients6.google.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 142.250.200.1:443 lh3.googleusercontent.com udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
GB 142.250.187.206:443 www.youtube.com udp
GB 216.58.204.78:443 lh3.google.com udp
GB 142.250.200.1:443 lh3.googleusercontent.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.169.42:443 ogads-pa.clients6.google.com udp
GB 74.125.71.84:443 accounts.google.com udp
US 8.8.8.8:53 www.avast.com udp
US 23.192.21.124:443 www.avast.com tcp
US 23.192.21.124:443 www.avast.com tcp
GB 142.250.187.206:443 www.youtube.com udp
US 8.8.8.8:53 124.21.192.23.in-addr.arpa udp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 8.8.8.8:53 static3.avast.com udp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
GB 104.103.251.197:443 static3.avast.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 230.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 42.87.18.104.in-addr.arpa udp
US 8.8.8.8:53 197.251.103.104.in-addr.arpa udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 172.64.155.119:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 s.go-mpulse.net udp
US 8.8.8.8:53 assets.adobedtm.com udp
US 23.192.20.199:443 s.go-mpulse.net tcp
US 23.192.21.87:443 assets.adobedtm.com tcp
GB 104.103.251.197:443 static3.avast.com tcp
US 8.8.8.8:53 www.nortonlifelock.com udp
US 8.8.8.8:53 dpm.demdex.net udp
IE 34.250.133.195:443 dpm.demdex.net tcp
US 23.192.20.183:443 www.nortonlifelock.com tcp
US 8.8.8.8:53 widget.trustpilot.com udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 199.20.192.23.in-addr.arpa udp
US 8.8.8.8:53 8.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 87.21.192.23.in-addr.arpa udp
US 8.8.8.8:53 mhubc.avast.com udp
NL 108.156.60.21:443 widget.trustpilot.com tcp
US 8.8.8.8:53 www.google.com udp
US 13.107.246.65:443 mhubc.avast.com tcp
GB 172.217.169.36:443 www.google.com tcp
US 8.8.8.8:53 symantec.demdex.net udp
US 8.8.8.8:53 cm.everesttech.net udp
US 8.8.8.8:53 c.go-mpulse.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 52.44.201.226:443 symantec.demdex.net tcp
IE 54.154.185.216:443 cm.everesttech.net tcp
US 23.192.20.199:443 c.go-mpulse.net tcp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 mstatic.avast.com udp
US 8.8.8.8:53 oms.avast.com udp
NL 20.50.2.44:443 mstatic.avast.com tcp
IE 66.235.152.156:443 oms.avast.com tcp
US 8.8.8.8:53 znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com udp
US 104.17.209.240:443 znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com tcp
US 8.8.8.8:53 siteintercept.qualtrics.com udp
US 8.8.8.8:53 trial-eum-clientnsv4-s.akamaihd.net udp
US 8.8.8.8:53 trial-eum-clienttons-s.akamaihd.net udp
US 8.8.8.8:53 195.133.250.34.in-addr.arpa udp
US 8.8.8.8:53 183.20.192.23.in-addr.arpa udp
US 8.8.8.8:53 21.60.156.108.in-addr.arpa udp
US 8.8.8.8:53 65.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 216.185.154.54.in-addr.arpa udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 226.201.44.52.in-addr.arpa udp
US 8.8.8.8:53 44.2.50.20.in-addr.arpa udp
US 8.8.8.8:53 156.152.235.66.in-addr.arpa udp
US 8.8.8.8:53 240.209.17.104.in-addr.arpa udp
GB 2.18.190.133:443 trial-eum-clientnsv4-s.akamaihd.net tcp
GB 2.18.190.140:443 trial-eum-clienttons-s.akamaihd.net tcp
US 8.8.8.8:53 684dd312.akstat.io udp
US 8.8.8.8:53 rldr2lacck7ikzzc26kq-pjk3pc-db3164806-clientnsv4-s.akamaihd.net udp
US 8.8.8.8:53 138-199-29-44_s-2-18-190-140_ts-1730336661-clienttons-s.akamaihd.net udp
GB 2.18.190.141:443 rldr2lacck7ikzzc26kq-pjk3pc-db3164806-clientnsv4-s.akamaihd.net tcp
GB 2.18.190.132:443 138-199-29-44_s-2-18-190-140_ts-1730336661-clienttons-s.akamaihd.net tcp
US 8.8.8.8:53 133.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 static.hotjar.com udp
US 8.8.8.8:53 www.upsellit.com udp
US 8.8.8.8:53 privacyportal-de.onetrust.com udp
US 8.8.8.8:53 analytics.ff.avast.com udp
NL 18.239.94.35:443 static.hotjar.com tcp
US 150.171.27.10:443 bat.bing.com tcp
US 34.117.39.58:443 www.upsellit.com tcp
US 8.8.8.8:53 connect.facebook.net udp
US 104.18.32.137:443 privacyportal-de.onetrust.com tcp
US 34.117.223.223:443 analytics.ff.avast.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
GB 74.125.133.155:443 stats.g.doubleclick.net tcp
GB 142.250.200.3:443 www.google.co.uk tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 4711400.fls.doubleclick.net udp
US 8.8.8.8:53 script.hotjar.com udp
US 216.239.34.36:443 region1.analytics.google.com tcp
GB 172.217.16.230:443 4711400.fls.doubleclick.net tcp
NL 13.227.219.71:443 script.hotjar.com tcp
GB 163.70.151.21:443 connect.facebook.net udp
GB 172.217.16.230:443 4711400.fls.doubleclick.net udp
US 8.8.8.8:53 www.facebook.com udp
GB 157.240.214.35:443 www.facebook.com tcp
GB 157.240.214.35:443 www.facebook.com udp
US 8.8.8.8:53 141.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 132.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 35.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 58.39.117.34.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 223.223.117.34.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 230.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 71.219.227.13.in-addr.arpa udp
US 8.8.8.8:53 35.214.240.157.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 34.117.223.223:443 analytics.ff.avast.com udp
US 8.8.8.8:53 bits.avcdn.net udp
DE 23.197.10.165:443 bits.avcdn.net tcp
US 8.8.8.8:53 165.10.197.23.in-addr.arpa udp
US 8.8.8.8:53 v7event.stats.avast.com udp
US 8.8.8.8:53 ip-info.ff.avast.com udp
US 34.117.223.223:80 v7event.stats.avast.com tcp
GB 142.250.180.14:80 www.google-analytics.com tcp
US 34.111.175.102:443 ip-info.ff.avast.com tcp
US 8.8.8.8:53 honzik.avcdn.net udp
GB 184.26.189.84:443 honzik.avcdn.net tcp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 102.175.111.34.in-addr.arpa udp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 84.189.26.184.in-addr.arpa udp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 shepherd.avcdn.net udp
US 34.160.176.28:443 shepherd.avcdn.net tcp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
US 8.8.8.8:53 shepherd.avcdn.net udp
US 8.8.8.8:53 shepherd.avcdn.net udp
US 34.160.176.28:443 shepherd.avcdn.net tcp
US 34.160.176.28:443 shepherd.avcdn.net tcp
US 8.8.8.8:53 28.176.160.34.in-addr.arpa udp
US 8.8.8.8:53 shepherd.avcdn.net udp
US 34.160.176.28:443 shepherd.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
US 8.8.8.8:53 shepherd.avcdn.net udp
US 34.160.176.28:443 shepherd.avcdn.net tcp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
GB 184.26.189.84:443 honzik.avcdn.net tcp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
GB 184.26.189.84:443 honzik.avcdn.net tcp
US 8.8.8.8:53 honzik.avcdn.net udp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
GB 142.250.179.228:80 google.co.ck tcp
GB 142.250.179.228:80 google.co.ck tcp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 51.11.108.188:443 nav.smartscreen.microsoft.com tcp
GB 172.217.169.36:80 www.google.com tcp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 shepherd.avcdn.net udp
US 34.160.176.28:443 shepherd.avcdn.net tcp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
US 8.8.8.8:53 honzik.avcdn.net udp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
GB 184.26.189.84:443 honzik.avcdn.net tcp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 analytics.avcdn.net udp
US 34.117.223.223:443 analytics.avcdn.net tcp
US 8.8.8.8:53 analytics.avcdn.net udp
US 8.8.8.8:53 3.22.192.23.in-addr.arpa udp
US 8.8.8.8:53 56.163.245.4.in-addr.arpa udp
US 8.8.8.8:53 fe2cr.update.microsoft.com udp
US 40.83.50.87:443 fe2cr.update.microsoft.com tcp
US 8.8.8.8:53 87.50.83.40.in-addr.arpa udp
US 8.8.8.8:53 download.windowsupdate.com udp
CH 173.222.108.210:80 download.windowsupdate.com tcp
US 8.8.8.8:53 210.108.222.173.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
GB 142.250.179.228:80 google.co.ck tcp
GB 142.250.179.228:80 google.co.ck tcp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 51.11.108.188:443 nav.smartscreen.microsoft.com tcp
GB 172.217.169.36:80 www.google.com tcp

Files

memory/3500-2-0x0000024C00000000-0x0000024C00270000-memory.dmp

memory/3500-18-0x0000024C73480000-0x0000024C73481000-memory.dmp

memory/3500-24-0x0000024C00270000-0x0000024C00280000-memory.dmp

memory/3500-26-0x0000024C00280000-0x0000024C00290000-memory.dmp

memory/3500-29-0x0000024C00290000-0x0000024C002A0000-memory.dmp

memory/3500-32-0x0000024C002A0000-0x0000024C002B0000-memory.dmp

memory/3500-34-0x0000024C00000000-0x0000024C00270000-memory.dmp

memory/3500-35-0x0000024C002B0000-0x0000024C002C0000-memory.dmp

memory/3500-37-0x0000024C002C0000-0x0000024C002D0000-memory.dmp

memory/3500-39-0x0000024C002D0000-0x0000024C002E0000-memory.dmp

memory/3500-41-0x0000024C002E0000-0x0000024C002F0000-memory.dmp

memory/3500-45-0x0000024C00270000-0x0000024C00280000-memory.dmp

memory/3500-46-0x0000024C002F0000-0x0000024C00300000-memory.dmp

memory/3500-49-0x0000024C00280000-0x0000024C00290000-memory.dmp

memory/3500-50-0x0000024C00300000-0x0000024C00310000-memory.dmp

memory/3500-53-0x0000024C00310000-0x0000024C00320000-memory.dmp

memory/3500-55-0x0000024C00290000-0x0000024C002A0000-memory.dmp

memory/3500-58-0x0000024C00320000-0x0000024C00330000-memory.dmp

memory/3500-57-0x0000024C002A0000-0x0000024C002B0000-memory.dmp

memory/3500-60-0x0000024C002B0000-0x0000024C002C0000-memory.dmp

memory/3500-61-0x0000024C00330000-0x0000024C00340000-memory.dmp

memory/3500-64-0x0000024C002C0000-0x0000024C002D0000-memory.dmp

memory/3500-65-0x0000024C00340000-0x0000024C00350000-memory.dmp

memory/3500-67-0x0000024C002D0000-0x0000024C002E0000-memory.dmp

memory/3500-68-0x0000024C00350000-0x0000024C00360000-memory.dmp

memory/3500-70-0x0000024C002E0000-0x0000024C002F0000-memory.dmp

memory/3500-71-0x0000024C00360000-0x0000024C00370000-memory.dmp

memory/3500-73-0x0000024C002F0000-0x0000024C00300000-memory.dmp

memory/3500-76-0x0000024C00300000-0x0000024C00310000-memory.dmp

memory/3500-78-0x0000024C00370000-0x0000024C00380000-memory.dmp

memory/3500-77-0x0000024C00310000-0x0000024C00320000-memory.dmp

memory/3500-81-0x0000024C00320000-0x0000024C00330000-memory.dmp

memory/3500-82-0x0000024C00380000-0x0000024C00390000-memory.dmp

memory/3500-84-0x0000024C00330000-0x0000024C00340000-memory.dmp

memory/3500-85-0x0000024C00390000-0x0000024C003A0000-memory.dmp

memory/3500-86-0x0000024C73480000-0x0000024C73481000-memory.dmp

memory/3500-88-0x0000024C00340000-0x0000024C00350000-memory.dmp

memory/3500-89-0x0000024C003A0000-0x0000024C003B0000-memory.dmp

memory/3500-91-0x0000024C00350000-0x0000024C00360000-memory.dmp

memory/3500-92-0x0000024C003B0000-0x0000024C003C0000-memory.dmp

memory/3500-94-0x0000024C00360000-0x0000024C00370000-memory.dmp

memory/3500-97-0x0000024C00370000-0x0000024C00380000-memory.dmp

memory/3500-98-0x0000024C003C0000-0x0000024C003D0000-memory.dmp

memory/3500-101-0x0000024C00380000-0x0000024C00390000-memory.dmp

memory/3500-102-0x0000024C003D0000-0x0000024C003E0000-memory.dmp

memory/3500-104-0x0000024C00390000-0x0000024C003A0000-memory.dmp

memory/3500-105-0x0000024C003E0000-0x0000024C003F0000-memory.dmp

memory/3500-107-0x0000024C003A0000-0x0000024C003B0000-memory.dmp

memory/3500-109-0x0000024C003B0000-0x0000024C003C0000-memory.dmp

memory/3500-114-0x0000024C003C0000-0x0000024C003D0000-memory.dmp

memory/3500-115-0x0000024C003D0000-0x0000024C003E0000-memory.dmp

memory/3500-116-0x0000024C003E0000-0x0000024C003F0000-memory.dmp

memory/3500-118-0x0000024C003F0000-0x0000024C00400000-memory.dmp

memory/3500-122-0x0000024C003F0000-0x0000024C00400000-memory.dmp

memory/3500-132-0x0000024C00400000-0x0000024C00410000-memory.dmp

memory/3500-138-0x0000024C73480000-0x0000024C73481000-memory.dmp

memory/3500-142-0x0000024C00290000-0x0000024C002A0000-memory.dmp

memory/3500-141-0x0000024C00280000-0x0000024C00290000-memory.dmp

memory/3500-140-0x0000024C00270000-0x0000024C00280000-memory.dmp

memory/3500-139-0x0000024C00000000-0x0000024C00270000-memory.dmp

memory/3500-146-0x0000024C002D0000-0x0000024C002E0000-memory.dmp

memory/3500-145-0x0000024C002C0000-0x0000024C002D0000-memory.dmp

memory/3500-144-0x0000024C002B0000-0x0000024C002C0000-memory.dmp

memory/3500-143-0x0000024C002A0000-0x0000024C002B0000-memory.dmp

memory/3500-165-0x0000024C00400000-0x0000024C00410000-memory.dmp

memory/3500-164-0x0000024C003F0000-0x0000024C00400000-memory.dmp

memory/3500-163-0x0000024C003E0000-0x0000024C003F0000-memory.dmp

memory/3500-162-0x0000024C003D0000-0x0000024C003E0000-memory.dmp

memory/3500-161-0x0000024C003C0000-0x0000024C003D0000-memory.dmp

memory/3500-160-0x0000024C003B0000-0x0000024C003C0000-memory.dmp

memory/3500-159-0x0000024C003A0000-0x0000024C003B0000-memory.dmp

memory/3500-158-0x0000024C00390000-0x0000024C003A0000-memory.dmp

memory/3500-157-0x0000024C00380000-0x0000024C00390000-memory.dmp

memory/3500-156-0x0000024C00370000-0x0000024C00380000-memory.dmp

memory/3500-155-0x0000024C00360000-0x0000024C00370000-memory.dmp

memory/3500-154-0x0000024C00350000-0x0000024C00360000-memory.dmp

memory/3500-153-0x0000024C00340000-0x0000024C00350000-memory.dmp

memory/3500-152-0x0000024C00330000-0x0000024C00340000-memory.dmp

memory/3500-151-0x0000024C00320000-0x0000024C00330000-memory.dmp

memory/3500-150-0x0000024C00310000-0x0000024C00320000-memory.dmp

memory/3500-149-0x0000024C00300000-0x0000024C00310000-memory.dmp

memory/3500-148-0x0000024C002F0000-0x0000024C00300000-memory.dmp

memory/3500-147-0x0000024C002E0000-0x0000024C002F0000-memory.dmp

\??\pipe\crashpad_1664_EHNWSJDIKOHTFNRE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 9e5f8b4712bfb0d2a69c191267f7a756
SHA1 d13e0f42fc1baa3c30bed208a56f5082578f4553
SHA256 19dc79b0cdb9794f1a586d33713640fed4cc8f378c788b25d6953df8e813c9ce
SHA512 f971b69b6023c4b4b3ba734bed7f1c2fdeeb2ff5bbf4efaa44aa18dbd4ed8e0a99cd54234676767cf30cd68cf22923c86caefcc073445fb6038b7b77f8aafcc1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 762b060ce9247f006d8bc009a4074bf5
SHA1 11c1715e05d18602605e769bb0aeca2a00c35f83
SHA256 8face4f9e7fe996cc0f509b114f02915ea29162834ac62a43686b0496fb9e4c0
SHA512 786e19f4365997530ae9c8fbb67c6712525347e7b315102d208d7a503ce215cf3ddd487bbd35806438c5828ad29ba5cc945c3a6b7b16f0d462d791bb1222dfd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8c954c2f0cd817b683d122a74bea66f3
SHA1 1ee2882ece773cdfedd5391c20358c57d2b7d973
SHA256 337b3a855565ce48681dbc50bbcca59fc8766ea699da70c150310a27ecfec055
SHA512 deb1936dc3fbf8149155a31a27efbb55e2e2d9cfb503251329228832294d489332ca8e1cf792d8d1d9cad56884c9b7b933dbd69703107fbe30fc8720ec1902ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5010f54a03c94c2699d62cf207a3f462
SHA1 45436007b47c57eacc36cb209acefceb9d45916a
SHA256 a98acfaf1b32cbf066aded9da7b9233e51a0032eac91783b28020af5a0178c37
SHA512 b1b9120d6df36a4e6b3b2b70777bd124d6c0b5dd1e1cefc5862b85ba7bee8930d713f76af06c8792beef5b3ebae12b0141f71e75d2e1f19a0b35ee315a7e24e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 f20ce43ead41f0a0338e4b9a160f774a
SHA1 cd94c7018e3a4828e4188207a3b68f6c7b859502
SHA256 0540d93926f998abbdcfa2ec79b29d2030c55ec66e84406fb5c1d0ee8ca69bfd
SHA512 5d3b1b69adad853c841b988410bca031246f45a7b5d2d6c05562f45f0426918dd299ff5d84f4336962ab81baec3ff9eff715bcefa9797a5c07aa98346225d65b

C:\Users\Admin\Downloads\Quasar.v1.4.1.zip.crdownload

MD5 13aa4bf4f5ed1ac503c69470b1ede5c1
SHA1 c0b7dadff8ac37f6d9fd00ae7f375e12812bfc00
SHA256 4cdeb2eae1cec1ab07077142313c524e9cf360cdec63497538c4405c2d8ded62
SHA512 767b03e4e0c2a97cb0282b523bcad734f0c6d226cd1e856f6861e6ae83401d0d30946ad219c8c5de3c90028a0141d3dc0111c85e0a0952156cf09e189709fa7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cff35b3594c9071c8cc90a683e821f6e
SHA1 a6f8dd4a0bad7654f8a8e865e82d9274596b9eb1
SHA256 f937677ac81b41e754211189b989191c90258ef2ebad40245e2df7694b6fb504
SHA512 7a9b692b4bea8bf891cc1b46fdbdc6e6bb10befb14129a663e645d39011517ae1f0f2d9d8e75f3161fc4b37e5beeaa8819b7245e1eae9c4dda9ea44c045acf04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 861f9ec5371182e2215b18d7b359b8d5
SHA1 049ae11e96ca20a462901622d1fd9ab92c93482a
SHA256 5adf9535a489afb6073bddd609311b54c9da58ae4641a13cb7e0596f29de2e86
SHA512 d3aab42b0e3833cce5435dee7a1d25b54a8f19b8c600fd5d4af55f6cc39d60041067fe7edee978c800a96343424a0cc6073b97f4f6d1097b034538030fe7c374

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1cafa8ca2d609314f93c99e8d792c77b
SHA1 0ae7749f8e94ff6c0884eb4137cca376c5d8b534
SHA256 797119eeb31b8b3e405c6bf539bd5482bb7b233659846a6b65fd37e5c0e5a942
SHA512 285f0ca35bffe39d88a1752703cdc02317a6da68fbe29f2f93260c68320f11176f377307baab2afdedf27613dc83fecc7aa74c4065d5142f0a71823512b74f05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db825f9630dbd64f3ec7413031f4f79d
SHA1 e6f3a9b950626d9a02bea35216a241b582c289bc
SHA256 d4c177f4458443dc2af5b211ad3ce7dc8f2423582137e3fbc919c57be4bdf4c4
SHA512 068de7ea0a67bafc6c6435e246702191a97fe29cdc9a941c66a10ecf5a40b3f6aeba07952598cc5e141036b9bb80e10f8c5540e29d4e3f202da8f20b2d8aab0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ea6855f3ea610ea6e292d55442e44fd5
SHA1 96771c9bab29665caa686ac83832cf52b2e50db2
SHA256 d3ee97f16be2adea77ed12bbed14d8dde047eac534317c3780a69cae29fc5f68
SHA512 26047f7304cd778a0b75d848915369688dac008b8f88317dca03186a1782e07f18e0f0cce5ca525ab99b969fcaacbdf59129711d6cb8b365b9ce52302f0424c0

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe

MD5 12ebf922aa80d13f8887e4c8c5e7be83
SHA1 7f87a80513e13efd45175e8f2511c2cd17ff51e8
SHA256 43315abb9c8be9a39782bd8694a7ea9f16a867500dc804454d04b8bf2c15c51e
SHA512 fda5071e15cf077d202b08db741bbfb3dbd815acc41deec7b7d44e055cac408e2f2de7233f8f9c5c618afd00ffc2fc4c6e8352cbdf18f9aab55d980dcb58a275

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.exe.config

MD5 c8cd50e8472b71736e6543f5176a0c12
SHA1 0bd6549820de5a07ac034777b3de60021121405e
SHA256 b44739eeff82db2b575a45b668893e2fe8fdd24a709cbf0554732fd3520b2190
SHA512 6e8f77fcca5968788cc9f73c9543ce9ab7b416372bc681093aa8a3aad43af1f06c56fcbc296c7897a3654b86a6f9d0e8b0fe036677cf290957924377bc177d9f

memory/3084-496-0x000001916EA20000-0x000001916EB58000-memory.dmp

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Quasar.Common.dll

MD5 2185564051ea2e046d9f711ed3cd93ff
SHA1 2f2d7fd470da6d126582ad80df2802aabd6c9cea
SHA256 de930a748e4dc08c851ba0a22afce8dcfd0f15f23b291f9306c8ef6ccd7460a2
SHA512 00af241c1f89b478e66d758db26ed0a413b690d695abf91211b5cbc3985133632327ea0fc41140bd61d02271b6aa278a8e8f539d8ca6ce94972aef50c1a9c868

memory/3084-498-0x0000019170800000-0x0000019170816000-memory.dmp

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\BouncyCastle.Crypto.dll

MD5 0cf454b6ed4d9e46bc40306421e4b800
SHA1 9611aa929d35cbd86b87e40b628f60d5177d2411
SHA256 e51721dc0647f4838b1abc592bd95fd8cb924716e8a64f83d4b947821fa1fa42
SHA512 85262f1bc67a89911640f59a759b476b30ca644bd1a1d9cd3213cc8aae16d7cc6ea689815f19b146db1d26f7a75772ceb48e71e27940e3686a83eb2cf7e46048

memory/3084-500-0x0000019174BE0000-0x0000019174F0E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ef4d54ebadda1f3a7358cba343a97f6
SHA1 481b2189a08f6ad3afe776fe8c5114b98a8e2097
SHA256 ebbb1291f46df30d84dd403eefa3facb7bc7fb9929039a36edf9923a8eeeffd9
SHA512 dbae096f53aacb6c8cae048dc2b056d43568a9fc62aa4b33f81f864fd7472ecab4185804e0815c7bf252daa289655e9744d34bba2aa8c78d1e70022268703e03

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\quasar.p12

MD5 cc4974ff2603107ca21acb7b0891f820
SHA1 29b598b3a9f3202885f2be303b8e8b58bc31ffa8
SHA256 10ce4883df79198210df9d163ef9f0a4ff46677b54be95390e08929ea4790024
SHA512 d0804ebb0e87caaa52afc311578e0bfe35484580b8442ef386e9c1cde050ad51ccb82e0251ede1f2f158f56f426e6a4d6720834ee719d49bf17590774970148b

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Open.Nat.dll

MD5 cc6f6503d29a99f37b73bfd881de8ae0
SHA1 92d3334898dbb718408f1f134fe2914ef666ce46
SHA256 0b1e0d8f87f557b52315d98c1f4727e539f5120d20b4ca9edba548983213fbb5
SHA512 7f4c0a35b612b864ad9bc6a46370801ed7433424791622bf77bf47d6a776cb6a49e4977b34725ead5d0feaa1c9516db2ca75cb8872c77a8f2fab6c37740b681f

memory/3084-534-0x00000191726F0000-0x0000019172740000-memory.dmp

memory/3084-533-0x0000019172680000-0x0000019172698000-memory.dmp

memory/3084-535-0x0000019174970000-0x0000019174A22000-memory.dmp

memory/3084-537-0x0000019174060000-0x00000191740AC000-memory.dmp

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\protobuf-net.dll

MD5 abc82ae4f579a0bbfa2a93db1486eb38
SHA1 faa645b92e3de7037c23e99dd2101ef3da5756e5
SHA256 ca6608346291ec82ee4acf8017c90e72db2ee7598015f695120c328d25319ec6
SHA512 e06ee564fdd3fe2e26b0dec744a969a94e4b63a2e37692a7dcc244cb7949b584d895e9d3766ea52c9fe72b7a31dacf4551f86ea0d7c987b80903ff43be9faed3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 35adff4908425436a55db1703a16ea6f
SHA1 d7528c2fe590f4a832e45a56ac7a4620f9c9ddc0
SHA256 57b33d99d5cfda6fa703aba645a42637d83043731017f104261c608bdf9849e0
SHA512 f24e31b41634027af3f2123bad1488043031290d024ddde8138972e54c0e2b02133259248bf21deb66a967635812b69f422969f504e68580ca0d710e60cd338b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1e8c8f22324cf62f6e5aa4f2b8927a77
SHA1 57edfce7eec2d554b69437ddb95fe44a59ccfb51
SHA256 aab9ad4c6a6812f9ac866eae7d1878b99af583dd319aa319c67bd04f8022beb9
SHA512 28c22593b98b4ef0185c6fe238873d13eaca14ffe74ea4eac985f80ff6587e66f2dedba0b4b83939404453d9983a703d531a6862ab65d3dbb36f43468c3fb17d

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Mono.Cecil.dll

MD5 de69bb29d6a9dfb615a90df3580d63b1
SHA1 74446b4dcc146ce61e5216bf7efac186adf7849b
SHA256 f66f97866433e688acc3e4cd1e6ef14505f81df6b26dd6215e376767f6f954bc
SHA512 6e96a510966a4acbca900773d4409720b0771fede37f24431bf0d8b9c611eaa152ba05ee588bb17f796d7b8caaccc10534e7cc1c907c28ddfa54ac4ce3952015

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ad0e19e4edfdd8109deab11e9494a0f1
SHA1 43ae184817f0b022316670ec9efbfdafee5885ff
SHA256 d82abe8dffa8db4ba55cf30afab3d1a9ddf92bcf2349650872a0cd767f856662
SHA512 0666ca53ea4aa1d133df7795b9eccb45ebb1dfc4d9baca8dee0772841c3064a0bad081ea507ebdf2bdb76f208e1ad05645b067fa1f11ce8c6c541de75f819b2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a248b83a6dcfff82b3f874e95e10621
SHA1 4c7c719cad30ad826abe417fdfea16a282c19106
SHA256 6ab4b998380364f725c4dde883c745f10b0bf13f960f10978e4251f064ed3930
SHA512 99d372e68d900dd09906fffa25db915819b6b892535df9423a6d6978a7df2862bdb2de272dbbda5289afd26f74d2e6b4fc867b58c7467c672f738c64ffb9bb8d

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\settings.xml

MD5 70b71053a65db7533de2fe6168e2ee73
SHA1 925f9cb54d56521adcd4134a164a26b28bac3d7b
SHA256 01decc4425e8a882a12f23443a42d51d10a199a44013c8cacc84d83632f796e6
SHA512 791e363061dc32e112993e3d20e0a9e7acaeab7857a699147e1e9c8804fafc91fcca95be847302235e831e0a280796f641b919d160ca80d64386a8109c3f2d2c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ef9025ee28a6a401de1db78e30fac24
SHA1 4c46a68fdd84744d52c0f8979a0a11be8fcca3e5
SHA256 55776a0fb9dc61620db53f2c42e042a4c4a728691f9e9e39c8769e083cf66918
SHA512 cd63c28d70683bb8c4bb155cc8e5e038a4e8fcb3bff3dd2494da0a07a444a442422214e626b7fcafb167d505b6e26573b654b56f3e6b55bb7139b2c5802b3491

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f8eceb645caa79944d1397c8e18e9b43
SHA1 35a817d32d672eff7717e885b2ef64b7151162d0
SHA256 d03fbfd55e5714abc66d81d6539d22824b9fb4e98c11471041c0bcc934042d83
SHA512 6b7081aab6a615ba0be0593a098ce591b59903f995daf77270949e6c2b23cafb29e4b76e85073434f364cf1214add85508a4135a46bdbfdef91b93eedae2e5f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 94de7a16eb871077c3a6ce8b50537a94
SHA1 067eb20b044d36181e578fa3048fb3cb4c9042e8
SHA256 38d22268de4060efd173c69700bbd8613139e0952f97a4d34fa4d3f82fe16a45
SHA512 848b41fa2b2a251d4eb19175077dffabd9cbae6a5f3cd0743dbddbfeba3e2b76b2ca5b78f3b8e540c4eeccc770143a42e3ba3134b4da9faa9f3520017ec1b3e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 58a471295fa4e8494f2b1f7ff37e84c2
SHA1 7c5595dbc5a4b4861965afbb64870373b040cc04
SHA256 aed41b76eecc98a0a6bb3d8a1953df9af1eb3c81bffffffe1bedf525b249aebe
SHA512 d04c4b0a12d287363bd2514298b10f1d1ae5b167d4505f32f896ceb1d69728651dbe04fdd8a1be536ac47d3fbc9539b4e7e3b1fe9456b0ffd31db50fb7623297

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bd5c78cd9631a5f143266b48495052da
SHA1 0e502b5a2b535652b8819021bbf7d3db3b21e50a
SHA256 b37defe22e24ad859e961db2e91c1c2e351b9f0d423b1d721c62b91aecb0d17a
SHA512 3ee331f3f5ca8a0bbbbd23ea5aebac7b36559b08de0eab526b34cdea52e915eac6f025c89cfc88cd24119b7c0b75baebab8b7ad5b7772a23af6639308c15cd2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 83791c6cf936d925990fbf98034c4160
SHA1 67a1cdad288e2463fdc3efadb2c1ddafb5907208
SHA256 7551ecac007ec03156f1152bf1dd2763b828c835dc2a4738e2c9bed72280fd70
SHA512 7962ce1272a59c013432d7da34afc2d319ffc2bafd06633eaff465a6952658dd4596d0c768fd669182f4858478d3947e36501858acbcf3a181c5ef0563fe0433

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a20a82587bfb199782871564bfaa774
SHA1 9f5a56af3e61d27c894fb64bbc2e4c7c2eae9cfe
SHA256 fc7158df1820deb54375bfa69c571916e06679efb0300ca89c595d8d9eb9960c
SHA512 de88c171017c110ec3248e430f0539a1867238485cee745135dc113c4de4e8a639801ed94390173fb8bf0563bf0af1356a29e65967ffbf2a781f0cf57bfb5c11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c7ad19cc9538f430fca78a4bc4bf50fe
SHA1 c90178cf83d2ac6bbccf02c5334bb38b112bf357
SHA256 2193ae56ca90b01725c1082bec4ded47e872fb06fb7d91b1432a2c9c24540117
SHA512 df8606f7ab2b4d9ac29e402cc967b55d7d92e5a6a0d84fb48c74f7f29404e1ce888a4da63db4583aba069274a9153dde901cf48d8c081d51454f0d6b8c25b5be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3aa4d9783f0667a91e65ba13d9853493
SHA1 42ebc68111490bf4c592eef72d6356e9cca53eab
SHA256 00b7ed263c49f9d47e0b1bbbcfa49662e74b7afc1e3f7411344a36ef565d16d2
SHA512 c4c6d5a096411711d73e8bfcaf312f46143ff7a10f6a861fa2150e4cd9f37390771638fb67a76bdc97110bb149f091f35b498a9424029fd09e6a8baca74e7e0f

memory/3084-694-0x0000019178110000-0x000001917816E000-memory.dmp

memory/3084-696-0x0000019174950000-0x000001917496A000-memory.dmp

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\Vestris.ResourceLib.dll

MD5 944ce5123c94c66a50376e7b37e3a6a6
SHA1 a1936ac79c987a5ba47ca3d023f740401f73529b
SHA256 7da3f0e77c4dddc82df7c16c8c781fade599b7c91e3d32eefbce215b8f06b12a
SHA512 4c034ff51cc01567f3cb0796575528ca44623b864eb606266bcf955a9259ed26b20bec0086d79038158d3a5af2ada0a90f59d7c6aae9e545294fe77825dbe08b

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\client.bin

MD5 f4d16cfe4cad388255e43f258329f805
SHA1 fe7cc6c9eb76b5ad97867b46d053fae601fd4a2d
SHA256 8fb6ae3496d4ac025eab443d3e322b0faa3461d25b54093c9205d35746e3250e
SHA512 867045eac0f7765e6bea51e62bc4ed68b1e81ce6c2843d2e08714eb391a8ac94c2571c09828286252248400ea5c12bffa50a25c8ec5ad9e6d0bb836320ec188f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70230e772586110abc85b843635eedba
SHA1 63a5349665caa3eb6602a5cb9a4aca787d2b50c9
SHA256 bc745a6d2d34fff8543e81ceae243a6c5d53e86cf4bcf2c3a7f4bae00c580953
SHA512 787dd82e3806a4c013fba5a842d6d93aa85e5196826cbe9c26d2edfee7d6c80ff3758a23e516956cddcb8daf68c86cbf834bd2de0dc21b3291413b15da5044a0

C:\Users\Admin\Desktop\Client-built.exe

MD5 fa0417d4b9f177a8cecfd88b345a7b28
SHA1 85770ee9f13a58e5eb95fcfb3868fcf626ad6552
SHA256 9e9ff4b542d31bc8a8a52099758c9cb274727d341881c8df448d8f33ffc20117
SHA512 f7d6ae87130fb63da8c53a26e384d364b2706096f3cce6a74add75ed62c50e6b93748e388eae27132b772a5e017db1166c519a946a067d46157917f2f638b79e

memory/1008-716-0x0000000000D60000-0x0000000001084000-memory.dmp

memory/1008-717-0x000000001D440000-0x000000001D452000-memory.dmp

memory/1008-718-0x000000001D520000-0x000000001D55C000-memory.dmp

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\settings.xml

MD5 b6af1da05c1a00991f04f8b898cea532
SHA1 24c48b062d8d864eefd32f2d84a36e1a7282e911
SHA256 f2ef0d8f29904a65ce6dbe29baf9379fb4659afb6930a5af5d9fb88f73b73f41
SHA512 2ab2de469911c3fee5b9bbfdbb373e5eb15023bf25b9e1835ebbf5890c66cfd7a06d7d5911e2fb630afadf9b30489e589634cefe52ca4c4156ae24b24c00c8aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 13527fc0da66213a5459f42b318eb47b
SHA1 14308a1f18dace28426b8047c5b80dc27c1541c5
SHA256 c659f261c98ba5bb7dde10904aedaafb27eacb96ab5d3bc4b23e20a195b75ca3
SHA512 65be1ba246d075bdb6f54571962564394d4de8e130ac89ecf9e7006222fb3920fb3c0dcb76f9a8a4b0662d7a66a785017650f6870ee3f30b3587f2435c6e5dc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0e5e6fa7e46aa9ec633c94dee20f01dd
SHA1 8fe4c0507d66acbf1032f073ff9622dee834070f
SHA256 a18fc01221ed063ac679f5520fa0d2c2a510057eedf535fe0d6c7bf4dab77068
SHA512 7ff26af3c9fe0ef78c72d28b28fc63ce72fb557a56c38f006ed9cea5b9bdb054648ca315ab14401521b77d4d6c2334d63c9f36dcd7b7f82a8a7a5757189d0a97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 22e21745fa85219f29257455aa7b0ecf
SHA1 5caccf5ea31c73df089150594c668a621c4a12e2
SHA256 a05f37be3e0c05dd3f1efd392199a9966edc728bf9932e2aea60efed14a450d7
SHA512 6a6495addf2f2fb6fc06f38c23b3e198ffc5527aa666b16f9f974d0e31e630f292efc6b83079d8ab8f1f082cd443b55406746a46d7be98d1fb1f35722f6d8c69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d6fd92ad3596db0d40bfecbf2cde8415
SHA1 57d314eea6d5f6f9f67a39e09b7effe947b799ee
SHA256 5ef79104e9aa5483f5e807d30b6b0c8b9587da54a5ad082df6c096b11414b2df
SHA512 c538cc48afeac1d3662c1f4288648df38eed51b9cc6ad71ce0844b3162ac63a85b738a5b48e8a49d8483df1562398362046c7fa69c17cdba5c5f9fe452f77958

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e54cfb044529a0c5bc68c4ccc5258ed9
SHA1 137220c7ca2eb3fec606b27213e83f5d88b359ce
SHA256 f87f265b2581f3e53844d3037cbb2d2ce2d91a00aceccc7c95ae0e5f5ddace7e
SHA512 951096906febb0d6d035ed6b20ac0d4ddbcc4a35732720906af199fb8c212516b284ea353787ae068b8f5d064003622dc791dff60d54fb1b7402912982a7cd99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f4799bd534b653acb1a3a9fb631c6435
SHA1 562b24d7ad4bc903af7be52dfe2c8e39e0a462a8
SHA256 4482aab701821fc5cb587b8aefc7c226c04bf14a063485684788d9f9a3f9403e
SHA512 bbc9f3fde77c3460829c1f91b3b71ad894eb6287c42375efe4b202564dfee75f31aeb306446ac6cdf16dea8323e98ff1b49768f3e28be21ad225417addaf03bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 38697218a70bb223a7b4d42406237ca5
SHA1 f1f3eddf705cf5f829554fd46476bb9582e68fcc
SHA256 3f748a409e9d5bd6ec3ab08f665b10cf85967f36b1600000fe137ff44b613ed6
SHA512 28d84081329c3fbb8620317d9808bbbb339cebccfe5e960ddbcd9fc6e02c562b5e84e8ece91e19f0b128081257fbdae64ab083cc4c7920c26bd8e0087c961cf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 01c7612dd87b67af29b5d5dacb8fa869
SHA1 cd562802ba2433656895a91794b396583a87fa61
SHA256 f3a27b9c219ae5f0372173eb3b240573f3e40a839610f51698c1af1ca53d4459
SHA512 fdfd2243dd3ad863f428a5c17c0c00e94dd31c265cf7df55633d80a6ceccc4ae1ae531352856000d6e91a4c02a364e2dde1d8d8bd702f4b7951b019922edd741

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2da6f4508e7bfa45c24547ca5000914b
SHA1 3ca681876809f39fc7b05676df460e3f473e48e9
SHA256 af13e9c4129ea8e192343105d3bb86cd4b2fc6876dc8279d51bb358857fc8221
SHA512 4cde5a03e0afc10dcf55d5c67dee32e0b5f995f18af11187d31c0d051e3627d8f320ea8a7bbba40bb8946ae436072b55eba0f8b46c1e8bac4b06632f723fcc95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 56762a44a00e56673ff7564539b1ef8b
SHA1 def147b7164b6fa4a16f0383dd92889e840500d9
SHA256 d7346a136f997c951762a4a38e4796f5ec5e6cb218f853f90b5f13bdc59bf608
SHA512 92e91e70a5241ccf051e20fc06aea718dd2fdb9ce513c6b0d9a5840dfe8835dc38f1852ad49443b0626efab72206ca34e71a554eb23a544ddfa92301c30aa232

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c988311d76ce82c257415fb752a110cc
SHA1 957bafcead4535b3cab2d4e183441836620e4a06
SHA256 282d95aca9e7ff8bc544f257e2da80c685f5ea966dface63b993510801e49511
SHA512 bda5d46563b9ca87b14ca00637cce994c12eb0616a492a3a146ef2d1a902f54defb2053b518322b51e4b718fe2fd44b0138ddc97b00c02bf9bdadb588315493d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 07437adbd35b00a22e3b64cf810fe72d
SHA1 94c68aada1ce28ebc2c0d57a244a338f6ef356c3
SHA256 666cb8547dd16150add1bf2d7dfa74eb9e5da830373bb381d0ad812641544882
SHA512 cdc7cfa1309075736b28e82bafb9f6af9a6b70db93a586c1c99681eaac5c0c3469931ebc627edef759924e6a9fd8799cd094435568eb8fcee7dd043b0b8e2173

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0ceceb879babdadd0514135068673618
SHA1 fe632231f945410d13aba54bc6ce48ab50c31b78
SHA256 08ef1993481ae29316e9ab13d38ba7e45bbeab482340eeb163fb331df85c8c63
SHA512 d76a9d7df0e5bfa16870f89be77799ada3f1cbfda614e2bc79366daac2125026ecd58f1df45978bfc698f88867bef27619ddb6bacdcd2bf837fbddbfbd1348e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 125c03a81a837b12b3704d78832c264e
SHA1 8df14093a932e8f4609aa8e7430206b32e9f4788
SHA256 60eef385faf059c9d9059096f7e022298a1cfebe8ebe9d279f8f66094c046578
SHA512 abbef393115f2caf13198386269d5a3dc28683022872823e1249c881b523e9751d54a0aa56bb23e9c51f566392e59a62d8726de63bfb66516d4856812d7f9d24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6d703881964147a26510f6da0edd06e4
SHA1 836cb8d49168e727b3110001a7b23a4a2c743aed
SHA256 89f84ac949a430fdbd53f926d09e239002cb4c1f0613c417f8041880ebdfae35
SHA512 c4c8989fe63da83237e1377a64aa2396dea236e4e943b1bfb1cb4b835a56dba31a68bb816e01edefd7bbcc0e154d6a614ca4c5ea2c61f3ad394135a0ba228625

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a909d08708a87033784635a5fb15768
SHA1 a2f88d56cd9055472d2f9c2f1a247611de399b91
SHA256 c276836c3c84ad94e17dd1a36844baa411c1f53de43fd135a41083f0b49c5274
SHA512 b77dd9ddc0fe531fdbe37597713d60590529c4071d95ab30fac2ac19a6a54942d29c46c1a5d1881451c018cdb842b9dcbe3df739f3bc6138b9bfcccafcd60fb3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 21b73ce5f4568dcdf9bc15d5163405db
SHA1 c034ac026a0177d1249c3767e2c745f37a864f4a
SHA256 2628cc80bd1afa4f70f3dbbb1f0043031bf68a9ff4c501e6a2fefc91bc7c2e70
SHA512 7b7a3ff0e58c98248d0ae741ca0f148306761b051519be4e2e35e79562d68acf72ee824ae018bece80655c05f3dc9dfc4565613fe7b7a53060564e1c9201edb9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 443c76a695bddffc576b3c91ed567a22
SHA1 1d700add80a683735d66fe98810c05bf2921b89a
SHA256 c8cbaf1c193cc98ddf5e04798297c9c05541fb56f20a2cf34749dc3a4ee8906a
SHA512 f551b3ad6f9315983426fcb8692044f4ea1cc0a05256339452798048f5ed661d6ac33c4a0b75835ed45bbfe3f4a870454513de148c4193d57e575b6ba0fded9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a2d90f5a0ebd01964f344747f666eea0
SHA1 86cec9026af39be607dac44e122757c0e0189d2f
SHA256 3da696d8efce1ea6302c57a0d63746fd34a9846bfe96ea51c6b6821a22d3ebd1
SHA512 56377e1506e36c0c3fd890cbab623ff4563f60f75e5a119f43b0395fa6338428e08ed0bce8481f082416361e75326547ef85912be4b4855425eea1e99810aee0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 361f6c7fdcf0cce94ccdd06e8ad9f61b
SHA1 342e02f622c8bb6368f1d67291e1b0852e548a8b
SHA256 d919fccb5d3440dcd50e3c34ebe230057e0f47cc9d1d10f864b49f99739f9be6
SHA512 78162f6bccbf035c0188888d073f8a600d3cb0e1c6232890827e9290eb4e79935ab23b1bb3b0808b136e62d603f018eff0306167541dcc2fd947003871e056bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 25bc2ca8fc61367d7280973a2a821348
SHA1 1887c719ff013393ddcfca62aebed88396cdc8a2
SHA256 441b31e7e6d223c0a96e4de1aa13eacaa5ccb36a3c6ecc1518f746cb21198487
SHA512 7bfefc20fdf3c558677e5e39ae2594c88089961c5ec86c423cc808c677682e71f0ce924f6176dee2c9f290cfe3b3ba617dabfcd426e2ab62764bc03047a8dbdd

C:\Users\Admin\Desktop\sa\Quasar v1.4.1\settings.xml

MD5 53fd65acfd4628c232cb06a9bb786ee4
SHA1 982f941ab7a74c370d9c6e37d76e91532aab08a3
SHA256 9f4abc63d75d25c56c64d4e4aebaca21d30a0e26fd9cf399984098b42e0eca8f
SHA512 a86b30e9ba8432d70a61fb99ca9f1c7b92e67baae3d645428a84c918fd683457e78d57e273f304e49f9dcfe2d792ea8e87a5c2988ead7d3c1fc75e0c47bd1c64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 18c202017dd27438508adff145940a41
SHA1 2c5256120e57d6d1c224a72c473831cc98876623
SHA256 6f9843ef1d13690631871e4cf373be7376f6c9af54e37da38ea94f01f32e6ce2
SHA512 7cd13b51cb02310e892ba38ae925feb832c67d6844fe80fe3d6633d943f3906908f187dc4a62145861354cdef98a202e90350b6dc582ffcd577906d23046c5d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5800600b13fc61c0deb654542130f566
SHA1 af109a869e6e9c245b42a4c0c17189f64dc68cb5
SHA256 46c85b8433a8d73e30adfdddea6363e79e7ebfbd5d86eadbed07f469a5d2eabe
SHA512 0f964fb8a9b2fa86ab1e321c63839e8e183984f15193fff985ff5488d5f6a3cb60e2469df769e19a923aa230cbed0f8396600e6445b0661d68e43599c7373618

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ccc910d78e923d8b746a51951102cf5
SHA1 b847921a8a078a9e55a2b0c661d61bcf0c68a78f
SHA256 15ef65b53cc4af2595dec8b20616753d0f9035a96c02b769f7df621262b659cc
SHA512 c85661f908cfd8600b3c66ede1d077e25dd52e216d5d07177b8e55fcbd9326fc2629eb130d630c7f3c42b3ad19121192442cfd94c34ac1aea451bc38ea8c8013

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f882581ce7618306073180403b24e3d3
SHA1 0b0eab12b08174790d0cb4adac24c53ce4cd8f92
SHA256 8ad0d74a9c9585f81e94e2ac8dc1feb8055b55f47becb3568498977abf281ded
SHA512 a8699dbd436cb6b287973d90af414af6430ad798b900e5d1fc35bc403d34d4d6fd68a5f470de48eef732cec46e6714b83e731b5d0688f39deab68a1f501b8bc5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9e7ead095315aa088ccae36754efda66
SHA1 d32e67b140b13f730d4966130a660372183fe78f
SHA256 7c7db02df75f7bdbd1a95e373333c6a0cb3e4f65d10f3fb9a1ec2c686f06f51c
SHA512 5d22de4b16f98c5f013f087784591bbce290c37c5f2ad83b75e26ec0045d9de6dbc4ba16558d405ad234cfeb690a578aea99a5e5c562d87bfb35c723da1f5ef1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2aaab00a5355fcb7a7746f260dc87dff
SHA1 0410ffa8b339e53f2be0eab9e35007f8a4f3ad90
SHA256 e14c065cd244ea0bbd90574bc30625f213b1978e8d4a16252f6adf0c844ff062
SHA512 65cd6ccbbf64cc7c1e3421351ac2abe65881dfb07583a9c2165f844eb943f3ecdbcd3c00466fe86c2d2b6903ab8a9fd666a13379c058d6c4258881c1062481d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\7afe2a21-1dc6-45ed-a4d4-1f294d5bc6fd.tmp

MD5 3192b28df8636a05ba333108a960bbd7
SHA1 c00c3928c13fe3e89fb671ce8fa61e61f16155e1
SHA256 fe28261c3980c081656ee935aea838913aceedef4985ec7d9572f75a6c425551
SHA512 6c800db1705081dd336ff411b14ac01da766727dcd7465481a7ca0f7c8ef01612c7adc48e0b776ae30576e03cc9f1fc6085cdd22c91671f41d2901ece7dc62b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ad79a4fdd5063d26f574719ac4f29e6d
SHA1 4905a12dec7ce6fb4d9908b53e75fa05d75da90f
SHA256 f34e1841f4bd013052280d5b71c8f2f5770b4966a95a95ba0527cecac144d8c8
SHA512 4bcaab1ee7039279cf3e04a1cbc1069573e0d46c630bdab8b07d0c0fe72ab0cb348aa45a2e8957347b360cf21af0103856a9767d1968a0a1a9af4dceada367f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7f947e7d0a2f4414ca4ecf5aaeb65da8
SHA1 3bd99314655033a8fb93c451cdb550081f5580a8
SHA256 b5f9b66e6378ea9c2f74508fa003bf030ba613da34ee5ff73157eb1d301e91ca
SHA512 870f351d7250467cb1f6deb0a3496c50df2edd022f97c9ba6b208459ff92ef2707d6a4d36bdb03756b951f1e072fa012533a0f7316948bcdcea5f779089126d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4e9b6dcfdd16af995ca4d908533cea8
SHA1 c1f84caf330e21bf65f366fc2fe7fc3fec3c5006
SHA256 3fc580f13de6ac390dba00c52b4f3e1c0b802949e410a3763d820a5faeac6cba
SHA512 ed64ca47716593f597059aba3628a523144eca611432dfc83be983e97b73db69f93efe8d1a51433eae67c7554d8044454b958e12dcc6f3d966df81d39f422df5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\043f1a86-e439-4df9-a21b-4ce16af06d07.tmp

MD5 4cce83add24aa896673d5fd23a0982e6
SHA1 525267373c6f6fa958c2fedcbff911293b594a5a
SHA256 2586747cee8e2d2b27a4117ac930008afa15201ecb9194aa28cadcdd1f576f45
SHA512 00a63aa3fb8411c5da7eff769730423b363e5e6718de3f956b50d1fdb581d4fac5a68a2a52dd2d2d3c5c88b8127acaa5adff583f5ba3eb0ab138f96b6159b80e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c09e91532d2294b0e506187626553571
SHA1 9db03bb282160f2291ce61f3509308624f3446a0
SHA256 c22bdd69f353ac58c1501d83c04793e423c3a885ce126916768511ccf790e9a9
SHA512 c1218a128eb49800dadfa4120bfd20bc7a5460c1c1b48959b04ffcb20c583e993657200acb4b4b28ea54a416762ed051a61d84976cea195afed12611e110e6cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 25b3db05cc0f40d9dabf06fd21e6b3bd
SHA1 495eee0dc168579a1a6250aaa13f6617164afdb9
SHA256 bc17a30ae8604462881c0ac024c4584d9bcc424cd74225e752f8d6ac33fed159
SHA512 fc6a703373bbd4ecd9d722603b325f9abdd8d6300ca3cae49a68bacc24a980546370b8e63be97f86a02fa25ed40884591ddc916507bf138bf15f502b64d9bfa9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0b600feef06b70c1e286300c07298128
SHA1 8204cb164baf78fa0a0b0ee3b39a4de3744f284e
SHA256 951cdecc50f308ed1ae668905126669874de46f6f7537da60505515a197fcf9c
SHA512 697c609bf4cfb4dba240b94504672b0762f2edaa8faa96b57e122c5ee8572150f1642c7baa537464a1d1a7fd8e94d046ec7b3341b2f6b560a5b4c67b4bf89e1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f2af3702841a366ba40750c302e6d0b2
SHA1 2e7e5e9623add9b3eaba44ec78353d9fedbb9f70
SHA256 c0b6992784ad474b184850e286151605071606951294d8f5e70c832d0053a703
SHA512 a9dfb3997d670336436306568be9f2c0dcd8a125f95d734467389657a3782eb1dc5b89feb181614b51258c8fd37cd79ad37b989e6669d79c83b5cf8beab98264

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0c0e8a3f7a0ab183e7fd8ca8657b6b44
SHA1 6f2170dbcff0754f8e63ae1cd9b50cd9536ebb27
SHA256 10110f9c199d24776c329f2eef13859ee8a226f2443442b926379cabda4f1fbe
SHA512 4b2f39ac99c4ceab79517d8430ea7852922101439ca1eb2e70dd4f595346ab53eca606918aee461659c160bbadad415cb6e0d02209331c71fa459ed161eef68a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2999c54edcce48b3e2f6cbc7ff8dc5c6
SHA1 c023f1c7475cb015fc37c516d3dc90ce28914048
SHA256 16902d255b5eac4ee233e70d5a81cebd87aac574c2f6ada7fe14aae6abe52ce7
SHA512 145a92ad0f0afe619a41e271f78fe219cb2dd57f3e0ba5ba3789f348da3d21e93b39a475eb7ad0ff719b297871774e084e2f6774c336b6d0e82741cb04f88779

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5e9f565776e74919484cd366f2fa749f
SHA1 708737c9e72cb1ad14ff60e214b1fb1f2d816ba3
SHA256 c937e29a3bf2ba3a8915e2c508400a888ed0f0602aef99174a2c5d35ff0e89a9
SHA512 3e62ed49b70e0636714d9f80372bc14ea583413276a20d02cf963e828c172571df5714830e25c03c5754791841c3bded42003c729a6d7a37ef9f794cf5ec34cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f91c5873983c7af5037769f71972c4f2
SHA1 32f8318a1eff3a12aa3b35c83e244e5bb4a458d1
SHA256 b154b3346b18bfb5310e4d2e90501e5c2ed939a729e709c2eb9f6e904ba72d13
SHA512 94404f797e335eedc4bbd5f5411cf700769241086e269c909417144bf637bd24d97f2d1c7bfd29f777a09e5c4363d860a2586559fa7e1e2c8347b12a1b09d40f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7922860124c677b773e6b779974335b7
SHA1 a990d80c64f252dbc36d12a70214b2c55a47d8a7
SHA256 380469cd36420edde1cee1f49a9309c477c4f4ad95b93eddfdac869e23ebcbe7
SHA512 20e8d7781abbe103529666dcad4985b2d9dca813dc6385f5c73f9c55865264dd7cc7462fe0c2e72117b046c9cc97780e18aa44a08348645fdb137187418231ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea5488ae3be5e7ac1336ff7461bf2aea
SHA1 d96cd49a53d1ae51abebf1e7a501d72360836972
SHA256 0a2b062d19ef43cb6264db7492748e07569e317e4ed955905c0ff3b09d0e9c47
SHA512 ba42b5b2728262e1a241e42bdde64ae7098e96e82a10d968b817d7909ad267683ff2895579ced984f93836b2c8c693fa912d50d17bef0c8f98e6850ef95ea8ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 09945ce12c88dcd78fb14e489c706135
SHA1 0d2e2c2473ef63518042ba37907db2ee303d4d51
SHA256 95aefec90f833e6e0dbcc4b3cc2cb6d066862e45702d9ecc4545f093e16c5bf4
SHA512 05f0bf0c104eae9149b8d9886c640f3b9a39be20c518bb3767a02761f6d7d2029f2c7380ba93cfd55035ec1bcc14bb6df3540cbc1d4d5d2dc890ce1ca382e520

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5dc56210b634ab2f44a70825a78d7735
SHA1 bec2209fd43190d8e5d3e1940f45a318a2de02c5
SHA256 acfa646e25e13e511c649f68e3aff5b9fda7467af50cba237a28c1f7a9ac16e9
SHA512 30a4eab001e0198b224afdfc853dc6be66a62bf5e335b11e0bd280b6279710c68366aa230301dc6c6d49eef9677922c30a09b7c4aaac2325a3a364a8dc25cca6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c098f103cd0401a1fd16a0e0d5885e08
SHA1 1168726fbebba27c5d0052764d038a5b4a10db09
SHA256 06b7c82b1d667f1e5691e24d567e57602839c09687e49499d114b5676c71cf25
SHA512 e8ba74fadde196f96aa7e1b38e1ca3b7baf11a90c6b0a37d331a9793aef722124f64b2651f979d6267641e10e939d0a70fa45779f2263b140cd4775b137e312c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cdb59955eb00fec05713debbcc2cd44d
SHA1 a178e456eae5771e9eeeb42c3c2bde5f074bd2fb
SHA256 fc5db6981563b1a00fd25b94c55c8647e51f64d29a373e9c04349b78a9462f08
SHA512 cabf1f3e231b8fdde3bba0f428ccc935d4cf63aa5a2fcc5a7b06daeafd22cc382998a0181e414fff080ac5fb14836593be404dcd4ec8a33e93f06e07dfc257cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d978d87c82b7d8706be93415904b138a
SHA1 127ff148e57f000582c6f6ef40b0ab4043df0fa2
SHA256 06574094f3e5e4ce4925cc9032e3e33451d7dc2588bc09d6e3e29ce869fb789d
SHA512 b6c1b2c8087564a52a17bba3bcecc370cf63bcfbbe69e9e6ab10ba3f77eda0902d0c3dc52c0d6133e68f75eab76ed6b489c09eeef8884e7e98aa333444227fd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e286050b1970464c14ad750735fe4e86
SHA1 07a1c7710aea4180ad1cb76ccb2d37edb7241d22
SHA256 2c349580ea83c90c8f53566210af0f7a0f0b7341c2efdf9344d10b00fe13fcab
SHA512 95f738521e2a09a3b7fdaa2bf267f5eb7051d66834797f5cf91b852276ad7c41f6c1161d8d5bb4e17d2b675e6ae151f09b1211f309d3e99d3a30f3f25bcb3ac0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ff01a75d5d4776bac2852b7a5176cd4a
SHA1 ecec1433b0d653988886e9945b0a7dffabe2ded4
SHA256 b5ac0b852e052f694089cbb2d3bd5ced46db1b5eddd09c03e77d0c5990903296
SHA512 54c372479a8ae70c75989f9fd760ff63736b08dac8d0fbc6ac13f02b6b25cc9d7559c2858cc5d46a4a223503510503a9a8d3c69c9b7e40ece8968c2e0c94fbeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e1c0f7db031837bf4961c943bfcb93bf
SHA1 779ec9d70398ee5246f9228d8528c9d15374f108
SHA256 2285be8a137e22ebefd23d38b9d2ba23ffe8e9427dc6532ae582529d3786bbb5
SHA512 82ff36319a2f013dbfd3032717ef0ecfa312c589e2c1d1415048918bb5d69e330519a23114cbd149f1a5a60bd8f19b434a00a41d5d01be83a573f3097c945606

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7c7ca71f627ccbdafb4e99394bd51507
SHA1 c0a3f54d7e48efe316f87f599a339ceff12cf12d
SHA256 5e22f8dd451bf313f00076e3cf2ff30105ee7af1e1f7245208061e89cf7121ca
SHA512 a7bf3c8930bd460462a83d0202bd40d4ab425c0dbd1f9642dae1259ce2b7019ed9ae184458f35c46aeee6ce45651cdc482ce8839fbabddb3db6059bfaa6329df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f04b4de97376b13b1f60f7238b57d733
SHA1 c1cf20cfd320d0aad33a88ce79f162d085292663
SHA256 a16ead0c6da4cd7c7a9cb8c9e09db0547913f485484478f95342e51c48932bda
SHA512 3f0d6063212315a0053ac957a3ef685eff3cecad75567529f92648a265a9c443cb72b9a7da0d1da76bdfefa6221238d14d1c3362e8cfe1a2519825388d64dca6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c

MD5 877686d92d0d426526ef400ffa7c0a92
SHA1 935f07d443c8391020d1144269622240cf498d90
SHA256 e20a1540237999fd8b74a9ea54d99408987c36c79571d16ed86a0eda6b58611a
SHA512 426398e74179b1cf047fcc42c0036e07ed1e2ddb042cc589e515ef88502a8b8532c0851af9cf5c1c6c5650019af237cd4fdb2c6f55fb03112ba5b440637e1e5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c92add1db0139d095e24949c5c19261f
SHA1 39dfa3056cfbb781bfe4c9eea8c46c10c0625409
SHA256 51e768318e869f6cd8e9a8d25bee0df157f706be2ee9217b23773a95297a3aea
SHA512 57a299f3291548f464dce6cfb36394566f31ccf76642cb7335edec4687586ea9659c53e51598fe651a658eb9732a914e7180ddabaf06721663cb5e48b912aba2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b17ccd79bd098b049b9efd60ef5dc28d
SHA1 ba88dd9d94604a40b7fce86895392a462736b16a
SHA256 c1d94a995dd62f8ec1eab24b03fc83fc72add739bd0c0f55197de535e67781d7
SHA512 0073b6dbb3f9e7ce3010caa0d0f09040a18c6666aaed26e888f3e3428c8ecf1e2e7d2057f6cfbdda87d547da6afe95a95e74995ce43218815f4990abf6ca1279

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0f4369926d57b3130bb239b1927707b6
SHA1 c539732790e82f5b48a474f7f380e0e73ff4a027
SHA256 f114180844857c15f0312a8f187807d98e4b2635d44d7d5cc75367c1187e1db9
SHA512 065282ddd907d3d5ad42e6629f7d2c5bd2300a3dcd5325e752df7ef8c2aac36543e1ee87a8d6d6ff15c30c0369ed0fd346045096bef301449b6cb0fd216a9afd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d

MD5 533d24e33f09c7fe16650f8c1ae8044f
SHA1 cce7c586312443ba1b25a70515a81d31b80f1fb9
SHA256 a36b72411e04dbe9bb94c64394aad715072a935ed533d1b8298f60943b267568
SHA512 4df0ca82999523aae12e56a171011e24e2bf45938b95866acc297d05931175df4d10ce6980d936cc4086f4bc227d7abca5ec64e42cf2c897517590964f3db9b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 27fb5583007b704a5c159fa574143f87
SHA1 74262842277b513a9b42e14cd7beb9fc0d646a7f
SHA256 ebaddfac01bd1a50ef19c81ac1e941fa3062cfd2616f46428e101475e68081a2
SHA512 8c94dfcf474e5e159a81f1e2679bcd5fa37304c0cbb19998ab0f6cf477a003c014ccac735020381d91aa3f66be31ba7e68c164746924d9a9e5f18b78241ac4ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7267d192580b7d753600f22aaba20d26
SHA1 557e268a53609a0108429e9ee82c345b5ffa7485
SHA256 0e8a85a69491c6fcf0653d2b1ff46103fd2bd762306f948e7c750b9950fe73c4
SHA512 55f0fe685b436d428745ab9b80abf61cfc935995e550dbf914849667e8d26737e8362b3a26b3b1a71b3ca95b7e559489b0cf80d6f40603e12dcab782b0ecb94f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e23897896d19a1d786103457f152f0d6
SHA1 eabe9abbec52264902ff0c73453aaef59bfd28b0
SHA256 0402f52e4b773307b06134d12807bea75e71af36e330751a85fac794a54d6db2
SHA512 237eb4dc53e4f1e59b726fa3126e9fe625201d8b191302356a2a535c51184287de7d4082882ca6eab87c744a9b3602e2fd5d8e6db6274bed04b0025913d12097

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

MD5 f61f0d4d0f968d5bba39a84c76277e1a
SHA1 aa3693ea140eca418b4b2a30f6a68f6f43b4beb2
SHA256 57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc
SHA512 6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a703433aa5b2fb574785aaebe7abbcbe
SHA1 85ea3cde8d2fd9fd4b885a39fea8347f31fc1ccc
SHA256 b9b38a8498b08170f4244012ee0d80c57ba4e98c1d6dc6337e78a3b43fc70f65
SHA512 6c3ba635a97dbe439f48f79390807def00d24cc28a1c33c18bdd4a6c48969201991a24929b870c44ac454873a4706f093b989455bed57de7d003a18a6805bebd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 83ec1819591ed83f7f67ee6348c76076
SHA1 880f6182fe703368a6c4f9c4cc3805fef822d306
SHA256 ea88c92cf5e8ff18fcd4cd86dc0ca3dbfeaf60abf6e928e29c5878630ea14c9b
SHA512 6c4aa7b0b45e4662bc419ff9ba304ce3ce11cda24fc8f5bcd48dc4ddb836dc1ee11f9b8380ed516b63c9750623e52e7eb5f1bc09e2e7aa59b6b8233294c622f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f09647f67d16d069fef2a6e6e4d6c923
SHA1 a6ad88129d605aeae4ffb0b8525fdf883ea3c729
SHA256 8d1453f50c3470aaa114ff4969b23fa7e7aef9f75ab9b6bc9711569df13a9ac3
SHA512 41d2fd7c568eac697a20b747fb6556f579d2168ce588ce9e3a3438ec718ee2b1e20d3554466092dc1bccbfb578ce15d18f15f9b6d3e924e3d90d97318a80c220

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5a38c5ea965ae8c26f413c16023c8a57
SHA1 ba566ec6d37a8001e8008270a771b9d3e175bec2
SHA256 318918492b1925066c1773ba37daaba3bc3ab02122d9b4cc0c03543a8c2aae44
SHA512 67e21b4f6162f4efa99daeba8a2a8d51a5219bd3291b1db2d15e80c777d28aea92000861c150ce3ba9eb5cc5241cd40e3d7432d8626f369cf458e5746cc4ce5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 25078ead20895b7583f06a0537a2e441
SHA1 4daeac4c9b6576ebd72da1f0d7b99d91f72a470d
SHA256 51bf5ea5812943ea5399448d2e600c44e0b4dfc6fd2e4026e24f749dabbe0293
SHA512 b560e8e652f46d899cd613ce9bae7fe8b4d75e884bcea73d0a2b10436c956d62e215748a044860582c3c944ca9ae8bcad506ba34d208623e314f97f302ef7295

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 1c1441e4c0ffab4ed8d316ee1f772511
SHA1 9d21edc040fc31d521619e49c005b40f8a6d526a
SHA256 db65d7520a3ba1eb104590d3b33162d3142fff76f546192ca5e1ae0775f3d33e
SHA512 cdcbd0400832af06c761ebfa1648a3f3b24cf6efa74964a41f9625dad6f650183941efb6365957e22310592d144773016a70c380437a7c25bb59dc90f14d5377

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 312b350243aedfac822d670b426119ce
SHA1 606fe36b7d8ae094542f2451465d1c37ad44d0ea
SHA256 65c0aad79549d8be4c3ab226e0b1219e439571288d9c29453849a3a74d531588
SHA512 fde59b65405d7496f28937d8ce307283b307c3576084cfc45da2645743abf5c33d5491bb04aed0a009aa444e2d584ab704f287b4d9a8adfb654456e1051e56d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 87737478bd71de50615d94b3e29e3c50
SHA1 0f4882084f0302621c0139893a38b2f8f731b84f
SHA256 38365aa4d49c1d2fe78bdce8e9252e4bcff80ee7465aa7a57cfe292337f9b3b1
SHA512 48e29c74621a7a8be0c1e437064a1c065ed5454808e534f4d0ef744624b89ccce293234ea7f51d50420d98655641b08947dba291582676842dd9d78cf06e05da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 d6aebed852d589c8ff2695ba6c425199
SHA1 cf40e06fc7759de953ce58428603aa39aaff5c81
SHA256 376c01c8335e2b88b71fb27e63c5e11ac595e8932ae3d7423c4c5e2d57e65c11
SHA512 f6925b95b4764534f48cf43294c1d1f241266f93d38e160c01119deb4bf354eeb3a2dbc3139f3032f9cad58524971973fce73cd6d15856a6c673f21115099956

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 cf699a3473c2132452c8096fd46028bd
SHA1 75afc4f148ae4872afc15c75bf0ceef08ac50c66
SHA256 bd79eba3f7f2f88aafe881a2b4c75a86a06653002259767ee4717388827a6371
SHA512 bfda14c2e28e3bc5692bb35b79b7b6eb275c6531447ef374f9855a31ea42725a11e27827af37ca9de6cfc27fa0a8833ebf1bc5fe32c12d9c17af05f18c6e9d44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

MD5 1fb0c230afc70508d2a9d03e5917acd3
SHA1 52c36e5bf03aad574da62945d8ef40fa2cd4ba3d
SHA256 60ad0b7ae50f20ddbeb40f897ec40555041f93bf41c7a759967dc9dff4cc87a6
SHA512 f2e877dc3232c9387de9fffe425bfba3309c0444225595e8a0e2332c6c5774f32596167e17ceeefe7cb3b65e8abd4ca56417756694045710c51bdc60959a6e17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 799e5ba1a48a10aee18b4cc39784ee26
SHA1 6c278af75c9c8deddeb3b761f1cda44380cf75ef
SHA256 8cfc061f09e4b58439b18f96b6b2b599b0fa184506b6e1db26b4ceb6de02a671
SHA512 a64da1de7f0da55eb89f309a0e94df1fd224b2e92e98b83caad37a1539ca9bf9418d169d12ceb8e66fc1f5b7447cb6d97b5766a3a6a6462200cce3aff9d5cb63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 17deb7c1e56c7e156efe4936c0e808fa
SHA1 2d6cb66d3dd43ab1bd0c6e42ac39a6b436e7600f
SHA256 a3d84476eed28b736f0cec0cc8f54563cb5f21e6a36152622187f160b9d38047
SHA512 e08d11777ed6112f9ff792aeae21938fdefbeac7d78154ec669e22689d6ac8a415973e2ec204a74b1bb42dda4f229276967a9c4512c7666e6cdc691491fbf568

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2330f2b601a9991a74c28f508abf12be
SHA1 c1892bb661965dc8b7eceade23f1b468b5b1b5dd
SHA256 44ae19585068e3392874acc3bf007d6c3d1a938a92f2e35ca3e13014793f2a24
SHA512 6f9f2ba5c3acb6165d9c95b4a0ad54ab39fa77048b31ea98efd7a596a24997beb32b37d41c77e40c21bc6971ee3bfb60dc853e8c43a38dd8748f947032302c40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

MD5 63691d9ff03808024ceb37622e1e66e4
SHA1 7c8613bf108a513554849f05f3824cd6d191e70a
SHA256 ad77f294d439f983efa1079a6f7dad23bf3647cccd241ac540a23880f491b5b7
SHA512 525ed5dbd9df03532296b9404cd9ddcc5bff93826b1134106bc1cfad26250efe18baaa2112626c3d6c0cd19ddc464842809724b400eb9d5ca28ee0fee288581f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042

MD5 f9c81aff9c898c9d39547f31d9f40f52
SHA1 023d8f4afafbc961fbe7c88a95b8add576fb15f7
SHA256 da38fa6f3a6a110af4e6afa706782cb78c39d64d190872b2c1810bce75e48980
SHA512 cb00f7e0bcfa877f94fea2ff1307d4db605efa6d30499b0fc4d059fedef4b15d43d6c0d810ae4df289faf235fec76aa4ead6bd687e30e1e5185ab86ccb538f31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043

MD5 f80c0bee705ffc9863e9f1c6c9177f84
SHA1 c4262478f9c6a7c82b8754b5dca4ca3ec989dba7
SHA256 122d44c390b688fa4ba154ad7d4b8a1febafa1718329972638b950d13ddf8d19
SHA512 71e13043e29fee9ce5c6c7d92a499ee7e0766e81fe2628c99b3142db1b8cb7ada32fbd33c35a8a20d64072f41330680e13d7580406915c48bb21eca78177aac9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044

MD5 40027f5913e0ff768e138eeaf4f9be8b
SHA1 004fc2c768fe366484a2f40511543cf218cb2748
SHA256 cbfd9186d5214f400a1a105305c4ba32890a4b44900decf9092fd96d37e359ca
SHA512 25ee89986d0c6339eee485d80385f9c3da8dd1244dab6af7dbe37fd0a602f5dba9d0be8bf356f9d1acbbcb6191e48071b19272d69b50e03fccc285c515c64868

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 2e23d6e099f830cf0b14356b3c3443ce
SHA1 027db4ff48118566db039d6b5f574a8ac73002bc
SHA256 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885
SHA512 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 a65f7f00889531aa44dda3b0bd4f4da2
SHA1 c8be192464c7e60d4d5699f6b3dabf01b3a9d1d3
SHA256 0dcf11ca854f5c350637f7f53cccdaf95492dbbf779b905138e26b1ec1dc91e3
SHA512 6f48f0f7cc1a35a9068c1284579db065e0fd4b2651355d68a8ff5ae9df86090be3f6e5ac4589585166829087c8bd3c37431a7066358eaced0cdb6c5a0d544fae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 2766b860b167839e5722e40659620a47
SHA1 47766dc72bcace431ee8debed7efcf066dcd2b59
SHA256 725a5e52a501bcd107624aafa44a857c00d02286fde07be774afeac2efed68c3
SHA512 a97f77977518ca755e9460cac34e0b5358ba98b3624c53f0e1ef7b947e62a6f3f99caf2852fb3132c822525d88b67b9c1ed778b3e40083d9df36028c85f73ae8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 2940076ef5b451648e126653123622ea
SHA1 46adb402ebad36dc277bc281d15b4b9643c4cb6e
SHA256 2766045315b53c22ce78b0c83624a7f52000765c55061a9deae19ca67897d664
SHA512 f695bdf186be90f1df6d303bf5beb5bec9c71a069978fb6adb23b68c893ef7ca0c5da2cdc32d39cdc9a8f0bbcf0050abeb3cc02c75a2861d9434591ac8680922

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 76d82c7d8c864c474936304e74ce3f4c
SHA1 8447bf273d15b973b48937326a90c60baa2903bf
SHA256 3329378951655530764aaa1f820b0db86aa0f00834fd7f51a48ad752610d60c8
SHA512 a0fc55af7f35ad5f8ac24cea6b9688698909a2e1345460d35e7133142a918d9925fc260e08d0015ec6fa7721fbeae90a4457caa97d6ce01b4ff46109f4cd5a46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 cfff8fc00d16fc868cf319409948c243
SHA1 b7e2e2a6656c77a19d9819a7d782a981d9e16d44
SHA256 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a
SHA512 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 2389054bc92fc6a9b9d21997feabb1cd
SHA1 d46b4bece5021bbb060dceef4273475b879c75de
SHA256 5c38b4d4f6b902a99e4eb9cd922a2a2a37b549388bb4dda0b756bf6d5887d6da
SHA512 5525a4228fe65d25f0084fcde29dce0b97b80126e36875d226549f379e56ae52c0b2ae12752b188fb9715812d14d740f1ebf35f3ebb5c1b4e3b564836ed30b0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 c67ee59476ed03e32d0aeb3abd3b1d95
SHA1 8b66a81cd4c7100c925e2b70d29b3fdbd50f8d9b
SHA256 2d35ec95c10e30f0bddbfb37173697d6f23cd343398c85a9442c8d946d0660e3
SHA512 421d50524bd743d746071aaad698616e727271fdf21ee28517763a429dcb6839a7ad77f7575b13c6294dc64d255df9b0a64eb09c9d3b2349fef49b883899d931

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 c130e937317e64edd4335e53b17d55a2
SHA1 51bfff9dee11ab5a8c43198c0d6178799ed9433b
SHA256 46025a134ebdd6c6464ff422818e60938fc41af735f7951f4febe29f57612a49
SHA512 68e5fa69101a7347028ad30d7c004dafabcbd8f8009df90d0471b19a36741075d72da56a2b1693c2067902630584bda5536f0702302db5d69f407424d4a964de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 b376c55a7ba31e51dd8e8255789fe89a
SHA1 439c757d3520f276a8d313f8c337aa90ddbab16b
SHA256 97eab72e32402a938305438fa0682cbaf45b75af692793bd35bf9134782e3bef
SHA512 99b31f6378611df26a3dc827aa24709e0854f2a1595097482530087cc26761db5efd6be323005e49b89563de1169d44d86888c98eed8e9ffe880f516281a9c0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 44eb5c370c82be4f554c0db4d0c27d1a
SHA1 89ff757e7fa1881e317de882187412f86585bccf
SHA256 62f9b51a80604c6410bb136b2c283fabf4a61103ac66e1205bfba93d9744c239
SHA512 82b3001b1861d6ee7064dd096dea7596268768c6f090b305b72a13451a202893f515be85816b28f75f1c5cd7db87ed280e80b013f484e0bb95a40eeca6788130

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 9f35ba270e9ea92ab439941460109ef9
SHA1 699dd11d06d2d5925cc91c2df7e4fca4acab56b2
SHA256 344f84869c6a5fea3a0ba409a9716b2d5e83b27bd295603d72bdfd6f8af98f24
SHA512 8660fcca9cf7ca63ccedd93e9606b5362babb0d2b7525248d2530a1656043aaddfbd71d4e21cefbc1669f97efc2e54f6f5e60a2da51084997dcc56f02ef4e750

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 50e71f8fc5ea940c62b9d38d8ed101e3
SHA1 fe431c813f6df9188076e77ccddea853a971962b
SHA256 6c9edd893cc5e00de777aaa19878ccbcdfd192f7cba35d60213545e0ea666ab1
SHA512 40ecd48f222e613d47564b4e2331cc2c8b44961c7d443643d3f9d3a721b017065831f36ccd04b82f5c20a98abdaffe4627f71a5d6dcdb97dfcb6b78834bc91c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 47d851b3368078e77cc78a30cdddd446
SHA1 fb3bf211871918bd31067c0bf61cf88544659023
SHA256 cf280aafd154abe273551057c549cab189f95726c5456fbd43b0ec8174b63087
SHA512 cb6c510fa2aafd2620c044bc1b8ff4751fe46cf06d4269c48a4158b258cd00d5cda880125ce72ae6e4a4005c2d70eccdb741f94686467b4001dffd0621f2e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 db59d67fca25cb9899148bfab4e2c2c7
SHA1 c85d8267164f6895da1b960ebde91eccd867c582
SHA256 9b4db46d805cd060836647675738141ede4ad5ef3ba2aed7d162d8f0d7c6cf5a
SHA512 9732d5f821e6988956dc5779744b8401af0b27f401498036355e15f864be0756c1ce3a1fda42ad11aa467a2606f2d54bb80e88d179544bef366bdd7bbf35d309

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a3be03ed2732979b8349e52d95454341
SHA1 ac5774ad6c6110c2f55e3560a9d030de93f9ea5a
SHA256 07c4c097b874056466a025be1a2817d9e2051badf13ed6850ac7240cd1ae673f
SHA512 3b88d38223ac28f75dd33d5a77b7001759449e23bd39dc40d477dcac38e684901ac3c48ffbe023e44e23f4f4c6a62cdaf4d953b627579176fe7f25e9b68bdb70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 de69ee929b02756e631c44869db1be06
SHA1 78bbe203ab4f76084d4c03642cc245087fe50303
SHA256 1bfa7b0036e3ca87930ee5ef11771b94c0d3e75dba178a8f51d6025f9c49b97b
SHA512 f9ec32b0a7aaa4ca42fa5adae3d01b8b9cac975c6b370a4f29260aa10e7cd0e4aa2a512d20750101c1a15842a533828eaecf8f8ea481e3893aeea19c9a454dd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 78ff93ab4cabadda69ee21b4b7317f05
SHA1 fb73511c38a47d4c8bff4aaf91d86ecbf16b8afe
SHA256 880601a3f951f156a05b468bc15788165015bc8e2a1e3008072c360f2442bdc5
SHA512 aeecd187e477d1cc3a3f6d66bc293146a99cfff3c125690020d4951c9b45b18a3517b795716a1d60bf4aa5f378df3bb1801bd8c4c49d926844684c0afbcd9c1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cd5822eb7d3adf16571b266bf74cb252
SHA1 ffc9b2c75db9de4dfca26fd7089aa900d04b5319
SHA256 bbca969a3f36132b2bb686b3ea7b67c5f2bef1f9b85aef702baf153733426c94
SHA512 a1a14d3978aabf2e8094d1b1539f31c2ad9b0633311bb89d8d1535b2c38fa7f4492ed92e9e2ad93dbe6a89895dffa37be3be55b998db8fc1acdc6ab96af6f66e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 14faef09f7c9e4be71913610be37baaf
SHA1 9b359033741f47af62e58c698d50bdd96acc7c57
SHA256 6d44107f88f1832bcbc0790ff8394dac7023a39171b53a77c99227ea622517d9
SHA512 b5c09ca6a03f3b1731ab8b35c9785460b030aa69fee19a8d7cbb7f61beec8da89dbc7ae3bfd30f02aecc07455e1715dc969e8be4038fa7f6f68208aaadf24431

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 271fcfeea817d0f006678a4bc90dbc43
SHA1 57ff1bc0d54e04367bbbe7dff2435cd63d224679
SHA256 aa6715296b57ff7cff9d2efe123ad5d5d9cc732053b2631974dc166d8621305e
SHA512 69e6c7d02056df487dde27cbb22a39c80dbb498dc60278c8c249c5d14729b0c4ddc9d897119b119225f8ba5f40ac43f73e813d9fb2ff4eff94810908b611c181

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 cc10dc6ba36bad31b4268762731a6c81
SHA1 9694d2aa8b119d674c27a1cfcaaf14ade8704e63
SHA256 d0d1f405097849f8203095f0d591e113145b1ce99df0545770138d772df4997f
SHA512 0ed193fdcc3f625221293bfd6af3132a5ce7d87138cd7df5e4b89353c89e237c1ff81920a2b17b7e0047f2cc8b2a976f667c7f12b0dcc273ddc3b4c8323b1b56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

MD5 e5e3377341056643b0494b6842c0b544
SHA1 d53fd8e256ec9d5cef8ef5387872e544a2df9108
SHA256 e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25
SHA512 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 467bc167b06cdf2998f79460b98fa8f6
SHA1 a66fc2b411b31cb853195013d4677f4a2e5b6d11
SHA256 3b19522cb9ce73332fa1c357c6138b97b928545d38d162733eba68c8c5e604bd
SHA512 0eb63e6cacbec78b434d976fa2fb6fb44b1f9bc31001857c9bcb68c041bb52df30fbc7e1353f81d336b8a716821876fcacf3b32a107b16cec217c3d5d9621286

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b51fb92f8e613eab696034716c45d159
SHA1 720236649719210c6d64cbe5babd76f23349566d
SHA256 7efce69e3e7b1bb21f0e391406c0ff0c9110be04370505ae60a54055caaef9b9
SHA512 65e329b03d88faf12dd3c69a65d5e5c967116855925f7d3a093bf3ce05822fa4a606f328e04d041a4c9ae1d19de95be22a63389f9449372a3ae3a2b3b7828687

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 3b964859deef3a6f470b8021df49b34d
SHA1 62023dacf1e4019c9f204297c6be7e760f71a65d
SHA256 087debdcfba4666c03a5ea699e9bb31cf22ef4e0fad7c961cb0b500e5d262fb5
SHA512 c30b7e1b28820a5815b52634b46cb210c241704e33e41304400cb3ed29e82ec547a1068fc819350b368456bcabd27034afade5add3251dc74e4174f51b6c7adf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1c99be715cd0481031196cf040f9d572
SHA1 ae9eef12aa52407a043e8159041781a9bea66b86
SHA256 5716c3b8efc678426a5c22336a3af03ae0e93ff747bb2d5980d7feb11cbdd013
SHA512 c5cc09c629efbd0f75337e5fcb4310d6df7e0b5a189acf3058255d86cfc3d89e90d367df5f3a25ecc4a7b82ca286283ae1eb43ff7171e78843757a7fd7b281e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9742dffe2ead2f0dcffcf94967e1a6ce
SHA1 b4b6cbfd3e462d056669b623092f1824175c2f92
SHA256 2f4b92a4b68243d879b82fd8bccb95b59d2d28753b45df63e3fb1862032ae4ab
SHA512 ecee92ccb0e6df3258059903695f2eeb68cf98cb150d5eeeac0681018c0d047ab6d44119e9c9dbae22b4bc88a413891aa8943265263577140a21c23c9ecb7096

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d354d83de87c92582a2d29b4c87e914b
SHA1 9d97c2f7194446c17ecf7331dd37bd85652febba
SHA256 7413c0b979095db905eeb96a73495d508402607c82c7510e0fc1709e0136745e
SHA512 a34bd7db4cd880625c2aacc8a446075fbf011f7037039863064ab93347f8476c0d42f920cb8aafd77638ee8cc7853128c524c10b32858fe96f0cbd0bf314506d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 5c2d5c900312f44e72209416d45723cb
SHA1 68fb8909308589149399c3fb74605600833fbbc1
SHA256 56f7a77549e5fc45bd4b1f7c2db3e8b4bd1dd9234545207613a80342cee8e7d8
SHA512 07c2920cff7c1125e3a2fe66bf21d8606a1f2a3d36be2d8e136da0d2a21130242ac8324f18cedfb0040304cf804815861767c969a6923d8db851312bf9b4348b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2eb5351cd0744468fcb1697dbad0860b
SHA1 d9df09b0e0b3b620f7b8c0cf494d648e4ec840b3
SHA256 5e0b71977391a44cc218bc43a86362702c4198ef5fdc495f6d3727bf4bcc2ba1
SHA512 888e1d6217ed01a0326913e1a2adac6b8fab066c4ba4e353e839408382c24d6f47d382760e4bda3ae063c4204d55cb89b60dae37b5f3e0f21e268b9d75e72883

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cf53f3163b463b790fc76e9f93e8cd14
SHA1 b8633386018a9320a23cf4be12b28815eee4cf6d
SHA256 e1c5f6ed77b17c9d0ed06b3b50e318ef715c21752d6d69ebeeaf27af5c575353
SHA512 081a3c6fa898514632a368ca6a37960b5a9b69051ea7d3495c048ad88d91092f162427edd1ce47d7bd0d15df5d41792078dd119c2ab8cd81e62b9f5d1b76bb15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e944bef1c08b5c6c4cf8bd34a11388c4
SHA1 9a066e2d1ff1afe2c5dd604aeb13ec91982daaa1
SHA256 ed4389ebfa44ff5f44ba58d0870573b584e09f0d046010d2f9b2bd79535ae719
SHA512 bbbc373f42099f76092f8b4bacc1ef34138e4a78092b8dc844712e4e8c9b567b0ca5786e42fb64cbe9e88f8083b2f8d82b482fb0514e81b069af1c06910eb8ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3dcb49e0069764a535344dbed74b7deb
SHA1 16827314c63003a8c8fe9b55bd69988e8d5c3864
SHA256 f39cfa4f1bec09f42e19964519fe0f34a0a2e0fc1588a63b37024b5ad0f2fcaf
SHA512 564d5c228aa28ea41071d4bf066b25fce1893c98883ce79617be8b1707339658fd49c0eeb92d644b10ccc4653b30bf7acc4e44610d4e92d7084b4bd518901917

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 551a1bad55203b07ad484c7a79c0ab08
SHA1 28b322d04bafb926505c05640dfba5eb366a87ef
SHA256 282b18e181a5b4f509347ecd7e880bde6bd186d73df7706afe6063c903c50876
SHA512 8044e2385a180a856d8a8c0f19b326a5b131cd876e6f3988e922af5cd7412b16e8a11a3478b3f0f7b5d0407370c65dbd69ec76a4a4a90096e91d1fc925fd87b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

MD5 75f092e76c317acf59f01dda5564ec3c
SHA1 d2946ed32b3405f30ee3a451be14edbf8ab22df8
SHA256 9523ad597b9d8c8a856dd8702f6d0d0767074cd0f6a4f0f5f1664c61bed107a8
SHA512 7fd555e73a1563159f9f1ef8e984cd3186b1629e1f750ae092f70dcb9fea40fb6dedfe20328eb653b50cef6088ddd3296ef77504b5926ea28a14bcb690088d67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e020fbd31ea9afd3_0

MD5 304742400e86adf4f312d1e3053a3175
SHA1 06e960d3e9a13edabe4f2031a5895a473806e963
SHA256 84bdf3d2d719279b05b4c56a298401d546cc8822e3a0aae04bf3066121eb6fca
SHA512 5a50ecd3675ce399936ab23f86b48b7d02725cbc0322bf0defc9c5a214b99962789fa01bc5995383eda55e6542557ce2ee9e10d2ed1c380b558ce61b3bacb2c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8354aa60f950b036_0

MD5 90e746e54ea2e38b090bab6307afcd3b
SHA1 8cb204c1eb542451413d09d06f6b5334e28d8de6
SHA256 c1a2801341a9c208aea0be384e764213ba795686ce3a807f6d1b3e3262c3d875
SHA512 79540846c8cf9246ea53f3e4906df3b3b10170bc613b89c54adc13e0c937bb0ed55c62e8dbc44535590b33a4439712ed2e0b8c994b41efb6d3a66d7a34cd4f2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6d6864ff2ea54d07_0

MD5 204df46cec9722e15d91af4e0a6d2c2b
SHA1 d1b610e067a435ae6fee670cb2557f1736ad17cf
SHA256 c9b19c43a03f2162dd40bfa2aa0726c82ad969d29a420a6ba79e507086b570f1
SHA512 0074c4b4218d16521ce25ce576d70742f9a1ce8a33602112a36f4cc1422a24c5b247a58cf95fefe2dba89387b5267e39ff616d84a479dd5cf05c9c32018000c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bd1231e37cd2ecac_0

MD5 4ed147c0ae64d94cd0ed53be33f3ed6d
SHA1 e69269e869f0d3669f700b9f0ea119714c4d3c68
SHA256 2ebf72efa54da5ae9a58b9bc7361c5dd2e3cab708a81d4656cc39736a9d36a23
SHA512 894ef644f1ff4e18968fa5f71d13020979ab14a82883a76f5817594166c827e716a6a1a1c489d87f1696ecf9ca8ef4740b9199907ffe0a959a3346c65e68f460

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a590d4cad03077cff0ea2de40068359b
SHA1 f2e49ac470c9b26d2178e106677e505f9d9b78b9
SHA256 bcac0ed727972d9cb4758498c5038c667b823cd90dea2129e7b065eeef4bfd1c
SHA512 7d38681de770afe9af89078c15622ceb1d9172bffae4afa542a8391d2776826abf2fa910a6bac56a8d13a8a12bcc6163a5b03c5276b197b8e9b63faa7f8c8f11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1f100c55db21275d1a0181158fd3449a
SHA1 768d8b89d0855ad36aa0c0c2629510250e997d1e
SHA256 e480771f0eb16fcee5aa83359928b36addcd7c9676e0ef9909e92dba335e2a1f
SHA512 9d2891ff35acfeca622d00abeb7c3d2c8b0a13c3f5a6cbe5166e0cc27908734d1ec62172dc6257b499556e84092bd026e01b425c70013b5a86b32aadd422a22c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cbc07d542f88b756ff62ba6845f1de0d
SHA1 3dddc62afc6142a0ebbd0c233edeadd7ac911f74
SHA256 cf8d04ae7aca896204dadd5c40817a4836713e9f8a11dee2a7b1d859612ebd37
SHA512 a518a2e8644e78626ce3cc0c4ede6cbcd289fc4b036e32422e8556d885942cc1867202bb8aa5607e2cfbdb188851e786b729aac15df7580312ab9f25e38def8d

C:\Users\Admin\Downloads\avast_one_free_antivirus.exe

MD5 9f9a793c28bde3dee5f854afaece7517
SHA1 d27ed307512342e1bd71e00ffa3924f1794ce4ee
SHA256 8179e3e493121325dae76527f929b55fa4e59e32e3b7afbd5cea52fe4803f111
SHA512 8d08ba4e0cea7d4be0aa87087b6dc4f22aa0efe27ea41ca6552d91a79d0b836564b627f1bdc163ea8eb74a11e8a0718a8ce749b51d90d04ee8bd5d0688e5c448

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 fc4ff0f41857065a8dedd08785d4ab3a
SHA1 a9d954724c58fd7fdacc8528270ac02e53fe02ff
SHA256 0c888ddd152a76b5b68b08162482a6508c783b2c9289d84d5888aaeae7fcebca
SHA512 92db77010e1f2a8304b2b33320624c440eebdf673aa226377c791a1983f9ef10ddb1a42d9d73280c6cfce87fbcd0503ff49b70761cb2ea61de6a12a46510649d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3a978ee563996199ff680ac1757f97e1
SHA1 041fa3d55a9e74ef748f1cc520f2dea63a2bea7d
SHA256 3801d578308d82fafb18398b91881758267deea4bf5e8f8b172edf2bfea30efa
SHA512 cd6aaa1b0ab3d843bdd2ed9ff31027259e0487b745e19128dae355fa8d3d9f4323854c41e2ed4ad6a119b2dacce16c2ef1b07d198e94dba499873c511b9ef1c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b5b7c625cf9c2b8616f2fbc8d7d5aa04
SHA1 623e07795625c34720f597a4247fec1383fa6a08
SHA256 13f498b40cdf554d11ec798dcd0aea5b3d132b98cafe297a4ccf992e79f8ef13
SHA512 2dfd428841b5262c3d75171276749651e2cf3ab78b5bc220205717a48cb2898aa2e60ccce59bfd1a5305feec95021916e89356b5ceabf9fb11f6bd01ca2fabb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 df944ea303cb8c23dd570c908e8e4539
SHA1 c92fecdd848c87094edc467f624e7a6833316590
SHA256 991941933db816f0d69def16c739680813d04ab41bb2e8642fa6188849dd9d07
SHA512 4f1bc74b07b684e23580587561cb3bac4b881368d976feeef0c5b13dbbd18ac6736a3dc270e48583bc37691efe4541dbc3ddafb4e0b39e70c70208ace5619164

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe656a2f.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 554df51e37e3355519f9f6226ff2f2eb
SHA1 b29edf9e7da39bf3ab7951b132702bce93ffd426
SHA256 7411386589656886872599d1735dc86e0daee7da1faadbcc14afde84189c3b0a
SHA512 e148cf534965b8b6e57bcbd752db50aca320eb7e718ed04f2499175de84f2acfbfc19cad09f26c607ef91a1ea0facaffd563d65acf19d40d2651e74539c64b11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 4633992428cb87c1118d7f61138416bd
SHA1 57b47a2ba94309f716c61a5fdc5e09a1b441c13c
SHA256 da7805996fdff748f8511aaf0472598443882e2a2656bb51bb96ca2fcb11fe5f
SHA512 f8002372d31f1d3b5be5640de5233a0508504508ee5d549d7d1a53c2cebac1ba17cf3af90a4792362cc087ef1dbd4dba51150f5eea3fcb31e29d1808c1ab35a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fa8150ae7974d84f92d49ddd88db0414
SHA1 56c113ec45efa26a900507653292463f6a0621aa
SHA256 5a87f985491dc8d4e2a9c95a4c7e840f3aa682670171b4d9e498ba816e631ec0
SHA512 e73313101fe7a992bb4d6c2074b341e6e40f16cef35970a59f702c56951fd1d370573138bc78427a4f7840dafb55e443cb78718c9ae7a3a806c4ce579ce388a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8115673f0548aab69ff836fc03910872
SHA1 6a00ba5cd5a4e176232f440d48d2e24645d64d1b
SHA256 c83eae78391926986128b804b917334b29e9c696ebbe9a49e72e22403cd76049
SHA512 30877c54baa27c9faee5ce1aea642662f6dbdb942263de01b642bd5a37ee25233ba2f3f2cbe49dd95b8247b22d76d37f67abe905694a9996bc3108c51634734f

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus_rvrt.exe

MD5 97f5d0caaa1988c95bf38385d2cf260e
SHA1 255099f6e976837a0c3eb43a57599789a6330e85
SHA256 73ee549578ded906711189edcef0eedbc9db7ccbd30cf7776bd1f7dd9e034339
SHA512 ad099c25868c12246ed3d4ee54cef4df49d5276a5696ca72efa64869367e262a57c8ff1fb947ad2f70caef1d618849dbab2ec6161c25758d9f96733a7534b18f

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-av\icarus_rvrt.exe.lzma

MD5 84b41b6779cd161aa144fcb14b5db7ae
SHA1 374a045376685dd0e662c8a52da1b117e719b4f8
SHA256 57b66c4f8f7dd6b808eace56846eccea4b8cc09568b7dbabc0e59add50d739c9
SHA512 9d501ebb4335ece860f1806edff4c85652962b8b01534c8fad3904e56ab8058135d7835bda170ce2d65c392ef39350ff7c0cbdebc336e3b68136992e634b6b80

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-du\icarus.exe

MD5 8364468375cccff3871f14d90da8d5f9
SHA1 d3d1bbd34578d22927fa63544cb45e40bab0ef0a
SHA256 37df00ad30a49c8335f027f4a94d18d3869d171b81dd627b99114c62c0defd9c
SHA512 e046d7a842a5906288bbba97efe5e235ae50948dc4e66badf90ee6790c96f32670b7b23f6eaef0da478fec0e8db083de708a292438be16cd90fb16708789ee21

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-vpn\icarus.exe

MD5 42f6fc4e0e8707c2d53f56852e4b98b9
SHA1 761ae1d2b1d8b0668e23013c701031d0937ead32
SHA256 1c4dd2a5e45e3fd417190d60c14c8b43733ba6791ee08b1a0c951049192ebe31
SHA512 04b6fddd6508c0c124cd583a839c904ea8a1b6f995dcf504563d4888b6c0c1409a56b063b72a2b1d3a1d8e81476f4d494a306fa5b939e631b72c8f87ca1fd690

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\avast-tu\icarus.exe

MD5 dc4ab8bad890e5ae125663c7c09ae088
SHA1 91472fb2b452fd4337dba82c643ef9c4a858db9a
SHA256 c6b2741bdbeea992944c8ace48055805f895ba07286342aa2b31f12276f957a6
SHA512 ed1f930b09e16c14c6bd00aa09ccd0a87d0d14b66632f145245931a51710d63f973136f08283e740d6a68f5af668eda088f7d74954ef62ebcaa16ff3aad28168

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 1bee91ac2ca6c90f092094559ff95220
SHA1 08022ca163795f5659d4ae691c38929fd3a6f321
SHA256 a694da325480701f1edb1b8d5304db8d821da6bccd3b7a8ae2ee125e4847d1e7
SHA512 713e70ffa2cb06d8a7b764a844f4c5341ea7846904c63a95fb5ceba617208d996b7d8dc3b05294fb296b5aa31aec8cdf9877b25d797bbcfeee40e05836762ed0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\52d2d386-d3a7-4eba-9f53-9e5a5b8e80dc.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 c2e62833b5ec96c7c29ccfc5bdcaf4d2
SHA1 7d61ae5503942f21dbd681afcaf528d19ccb4a5a
SHA256 175a2591e8096c350604e9aa86bec50ba3e9b2f8d49a3d5a784ae9add2207e32
SHA512 1d2ac6ddaeae05be0e72a0e4d7fc8a47a510974c8fdb790089c4f3c046f50bcde3550df3fa6677a430c653de1116c287aa6bc36323ea9efe9f55c84a7b6f578b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 de8bb5883ac859a30615859f5407ab84
SHA1 fc55dfd787e86e89cec832957569d9284d54e562
SHA256 8837e999291970b35e9acd6498b2f70625de80e04cf99ccf519d0ae62ddbd038
SHA512 380713c71a7b7c54bfb2f5c1323d095c14463022851f9d36a2ff360afb4d52af489cb67bdc02ea87ac319d675d10f8130ec2306fe64dbcf8679e8e576391faaa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 134fca35d620f630d5e540e1541d2dee
SHA1 5ffc41bd47fc9eceddce9f7a0e677cba9fda396b
SHA256 d17bcece726cd37e6aa8f049976bd4ede1ea949d81f08e1e931866137aeef084
SHA512 113a372b3234d4a9f2a562f4b38f89e1a2974e5c4468ea8624fdb9cfb6da6f8e9cf2a9e06df608d7093d5b3e7c035934d8b8aa3bc9efb363ca62bc13333c491e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e69af3d812d063eb8534addea3d1066f
SHA1 e2403e3b381433805dcf28a5b7fc345513b78d00
SHA256 f62d96a0d826099ea2b3e0dc4b8116fe984d4a595852507dae1f16370503c37a
SHA512 13b2f12f88fff3fb9b0726d7ae78de61c1bccdd439dca07b0fd60087c37e4b42b24c49dacc69e7dd4501bd6d73ce0cb915cb427f994aea621e353a8a047d6c96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

MD5 51ddf60e8bf9ac14d0bd31ab0be7b90a
SHA1 875e1573f40f64bbd74ec94f839b43ac285335c0
SHA256 5ce57601e1638119a60d308d9ef5ed2fd7e8e27e81d0586f070778dde2be4adc
SHA512 f53ab0d340a4adba2e1bdb63e0fabd44f4f8445ea08a1855daa54d712fc264a5d92fe200d21a4f0f39073667d52c04ad726c1de03ce70a0965e8859184902606

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cf13da1caac932c4e09484f8180905af
SHA1 597e656f6a93dba16bddf52fed3a43470a18b5ef
SHA256 4f64f3e0c3ca7639f567a81239692ec2c37e5baf48155e2325ce1a97d76e89b0
SHA512 12509e5a028cede177a1ba81e1091614366e7ce9b1cd8bf24e5ec637bf879eea3089c1c579f464091372fbea42e237b30f5cba1454f459b2c4c8fecb38a93f6a

C:\ProgramData\Avast Software\Icarus\avast-av\icarus.ini

MD5 ff8dd946d67b06b527e421ae253a3acf
SHA1 b6c499d2657be5c8997ef163b7392d714fe15f1a
SHA256 6df6ff325076733ab2c240d1b8276016f8beec33a0749b28ee35c97fb3fd0899
SHA512 bdea446399f2b18ad3bb7d5e24e7e5727aa82f7d526ebfd81caba472bef2f45a71731478e359bc84514af2c6232e1e65bbc512fc8a5d9e4bbc35d3b7ed40d221

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e18870de7fed9eb90d933396a6db8327
SHA1 2a0e46a7fc93173979becd39f955449e37ce35ec
SHA256 af7b544c15e9ce1f7d236cdd15f6e40d89199727493194b2605135567986bd72
SHA512 0f26436b4d4a1bb089e7b7124e2100652fb1ec95e00da0de50938dfce56744533ceaa47734385cc5e15592ab3f0f3b997aa16f86783ffea55673631e15cc8a8b

C:\ProgramData\Avast Software\Icarus\Logs\icarus.log

MD5 c8776c85f0bbde13eb5f092b99ac4315
SHA1 76e34eb4af0cbded16a4a013109ea278161b032d
SHA256 9efae3b25963c8d470e9473a9248a408276d30747a99926820499ee9324d490d
SHA512 8527ec777e2e21114dc66c9e6d9f032f6374be6bca9a9a5b83f164e00471c859f1488864d592e44230274fff04073104baa201b25b5b9a8fecf7984034d68e8e

C:\Windows\Temp\asw-36ae05c6-5c53-4b30-b378-52f83f8872e9\common\icarus_mod.dll

MD5 09cf0cfbbdd32727d9b610ca41f2f66e
SHA1 499413f97d9aa8dccfc233aae63c34811cbc3214
SHA256 3b97b3825ad9b251600e7081cfb24696e4406cee64c78a03a47c8554aac5c0d1
SHA512 ee06b6b7098963f3eec8f2c0262259b89717519f1de107cc1439a42c1f3a3bf21c30118631071c6e910ad0379bf40113db0070a0aafe2b556eaa3d6ee130c3e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fd34cb250e4a95db45b08b08ae00ddf3
SHA1 6f7f5070a8be0525e36ffacd7799a025ab27ad96
SHA256 968512bf8203f5e9b2042353835274464b647dbb3e38d424417a478cfb7221f3
SHA512 0e9b87fb9506ab366de9281ff4ee9e4285d38d2d5ad888da7a741d57e5121e801f5e1a63dd12211a6d6dee72a4e242ca115d9fb01aa5f0866f0e3052486214c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 924b2dc6b175f75570e7839ee7bb85b4
SHA1 05c18855b28b461507c272c133b340c0ba4ac042
SHA256 0528e43caf3b8b206c14bd99682c59885632216fa86ca11eea2075503cf4864d
SHA512 3db2162d3b23eb707a7183d198f59fd824922fb83419bc3c2e17ea75144012294d21fcfb91b0e3350b2ae50462fdc0aed9e9c6858d75fd7f10d99b98a5558509

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e53e63f50054c2df91e29a2b477ad6f2
SHA1 0b199e766ecaa7c773a585a62a928a10103e6b96
SHA256 462c5940bbe76e5f3806d326911404342641406657914e5f9c368a522d718c06
SHA512 8a222f6789695c1c4f37c86cf61e9f1565fbc91105bab74c9a3a347d71c0b1af02c471c76036833f96045833d100ebbd609ef04e9032bcb70a56da94d9758bdc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a2b0ffda37b50a71963eff5854d211ad
SHA1 7a3522d2f685475c27eabcc885d42466074d39b3
SHA256 75b3817354dc78fd60e9186da067b859bdf6a2697a1d92fa4ab0bb824ca1c32a
SHA512 544a39fb42a9546fd89233607c99a1317e2910eaa2815dd247c21bfc10240ab9000337db129f323eb19968a887f8c38fd5d7f3ee376f5c55e061bd7e623d0109

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 56811e8a61c9bbfa1c31449271d47eb8
SHA1 b850e381ec516a5c1598bb9bc899b12c57e4aa38
SHA256 a71fe8a62abde59d88e6a74de7ab246059015835581f0690771b1d1e021ce144
SHA512 8c85c43d5f45bcf4c9c8caabb866b2b3a8808c8a183c0a8e7cd10edf9c1d382487d8c5a1bb96eabdc670d782188327c632dbf422a721f18dd6ad561aadece711