Analysis Overview
SHA256
96f2d2ed9eee7cd7b44fba27b40a5cae81a90d40577ceda371667f827d8f2672
Threat Level: Shows suspicious behavior
The file https---fitgirl-repacks.site-animal-crossing-new-horizons-.url was found to be: Shows suspicious behavior.
Malicious Activity Summary
Checks whether UAC is enabled
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
Modifies registry class
Modifies Internet Explorer settings
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-31 09:38
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-31 09:38
Reported
2024-10-31 09:38
Platform
win7-20240903-en
Max time kernel
3s
Max time network
3s
Command Line
Signatures
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Windows\System32\rundll32.exe | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{D6E18731-976B-11EF-ADF2-46BBF83CD43C} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4177215427-74451935-3209572229-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2376 wrote to memory of 2096 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2376 wrote to memory of 2096 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2376 wrote to memory of 2096 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
| PID 2376 wrote to memory of 2096 | N/A | C:\Program Files\Internet Explorer\iexplore.exe | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE |
Processes
C:\Windows\System32\rundll32.exe
"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\https---fitgirl-repacks.site-animal-crossing-new-horizons-.url
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2376 CREDAT:275457 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | udp | |
| N/A | 190.115.31.179:443 | tcp | |
| N/A | 190.115.31.179:443 | tcp |
Files
memory/2104-0-0x0000000000350000-0x0000000000360000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-10-31 09:38
Reported
2024-10-31 09:40
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
157s
Command Line
Signatures
Browser Information Discovery
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133748411225656524" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3227495264-2217614367-4027411560-1000\{DFC3BD3F-D435-4BA7-A3E8-BA62DB73E650} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Windows\System32\rundll32.exe
"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\https---fitgirl-repacks.site-animal-crossing-new-horizons-.url
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://fitgirl-repacks.site/animal-crossing-new-horizons/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x40,0x128,0x7ff9e48d46f8,0x7ff9e48d4708,0x7ff9e48d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,14549538072392844655,17487430517625275301,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,14549538072392844655,17487430517625275301,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,14549538072392844655,17487430517625275301,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,14549538072392844655,17487430517625275301,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,14549538072392844655,17487430517625275301,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xfc,0x124,0x7ff9d40fcc40,0x7ff9d40fcc4c,0x7ff9d40fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1940,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1936 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2192,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2200 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,14549538072392844655,17487430517625275301,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2264,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2672 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,14549538072392844655,17487430517625275301,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3156,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3184,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2168,14549538072392844655,17487430517625275301,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5624 /prefetch:8
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4512,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4540 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4616,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4620 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4608,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4880 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4560,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4908 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5160,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4648,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5224 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4444,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3616,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5672 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5796,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5824 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5036,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5024 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3524,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5496 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3528,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4408 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=1156,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4248,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3592 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4424,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5688 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2fc 0x324
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5416,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4900 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3556,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5404 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4748,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6028 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5672,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3500 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=4940,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5868,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3444 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6464,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5496 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5764,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3576 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6616,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5496 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6628,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6196 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6512,i,2472551806342060411,8762281066855819172,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5884 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fitgirl-repacks.site | udp |
| BZ | 190.115.31.179:443 | fitgirl-repacks.site | tcp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.31.115.190.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 8.8.8.8:53 | i114.fastpic.ru | udp |
| US | 8.8.8.8:53 | s01.riotpixels.net | udp |
| US | 8.8.8.8:53 | torrent-stats.info | udp |
| US | 8.8.8.8:53 | i0.wp.com | udp |
| FR | 87.98.254.167:443 | torrent-stats.info | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| FR | 51.77.200.203:443 | i114.fastpic.ru | tcp |
| US | 8.8.8.8:53 | fitgirl-repacks-site.disqus.com | udp |
| US | 199.232.192.134:443 | fitgirl-repacks-site.disqus.com | tcp |
| US | 8.8.8.8:53 | 3.76.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.77.0.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.150.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.254.98.87.in-addr.arpa | udp |
| US | 199.232.192.134:443 | fitgirl-repacks-site.disqus.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | i114.fastpic.org | udp |
| FR | 164.132.225.66:443 | i114.fastpic.org | tcp |
| US | 8.8.8.8:53 | c.disquscdn.com | udp |
| US | 8.8.8.8:53 | disqus.com | udp |
| US | 151.101.128.134:443 | disqus.com | tcp |
| US | 3.165.148.44:443 | c.disquscdn.com | tcp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 8.8.8.8:53 | 134.192.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.200.77.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.225.132.164.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.128.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.148.165.3.in-addr.arpa | udp |
| US | 3.165.148.44:443 | c.disquscdn.com | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.230:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 15.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| BZ | 190.115.31.179:443 | fitgirl-repacks.site | tcp |
| FR | 51.77.200.203:443 | i114.fastpic.org | tcp |
| FR | 87.98.254.167:443 | torrent-stats.info | tcp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| US | 172.67.150.141:443 | s01.riotpixels.net | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| US | 192.0.77.2:443 | i0.wp.com | tcp |
| FR | 164.132.225.66:443 | i114.fastpic.org | tcp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| US | 192.0.77.2:443 | i0.wp.com | udp |
| US | 199.232.192.134:443 | fitgirl-repacks-site.disqus.com | tcp |
| US | 199.232.192.134:443 | fitgirl-repacks-site.disqus.com | tcp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | tcp |
| US | 151.101.128.134:443 | disqus.com | tcp |
| US | 3.165.148.44:443 | c.disquscdn.com | tcp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 151.101.128.134:443 | disqus.com | tcp |
| US | 3.165.148.44:443 | c.disquscdn.com | tcp |
| US | 3.165.148.44:443 | c.disquscdn.com | tcp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.230:443 | static.doubleclick.net | tcp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| US | 151.101.128.134:443 | disqus.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | a.disquscdn.com | udp |
| US | 8.8.8.8:53 | referrer.disqus.com | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 199.232.194.49:443 | a.disquscdn.com | tcp |
| US | 199.232.192.134:443 | referrer.disqus.com | tcp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.194.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.28.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.209.201.84.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | pastefg.hermietkreeft.site | udp |
| US | 192.0.76.3:443 | pixel.wp.com | udp |
| NO | 91.149.227.100:443 | pastefg.hermietkreeft.site | tcp |
| NO | 91.149.227.100:443 | pastefg.hermietkreeft.site | tcp |
| US | 8.8.8.8:53 | fitgirl-repacks.site | udp |
| BZ | 190.115.31.179:443 | fitgirl-repacks.site | tcp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | tcp |
| NO | 91.149.227.100:443 | pastefg.hermietkreeft.site | tcp |
| US | 8.8.8.8:53 | 100.227.149.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1337x.to | udp |
| US | 104.31.16.11:443 | 1337x.to | tcp |
| US | 104.31.16.11:443 | 1337x.to | tcp |
| US | 8.8.8.8:53 | 11.16.31.104.in-addr.arpa | udp |
| US | 104.31.16.11:443 | 1337x.to | udp |
| US | 8.8.8.8:53 | intrustedzone.site | udp |
| US | 172.67.150.129:443 | intrustedzone.site | tcp |
| US | 172.67.150.129:443 | intrustedzone.site | tcp |
| US | 8.8.8.8:53 | acdcdn.com | udp |
| US | 172.67.132.50:443 | acdcdn.com | tcp |
| US | 8.8.8.8:53 | get-trust-zone.info | udp |
| US | 172.67.141.94:443 | get-trust-zone.info | tcp |
| US | 8.8.8.8:53 | 50.132.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.150.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.141.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | isbycgqyhsze.world | udp |
| US | 8.8.8.8:53 | youradexchange.com | udp |
| US | 8.8.8.8:53 | jycrjkuspyv.fun | udp |
| US | 172.67.216.36:443 | isbycgqyhsze.world | tcp |
| US | 8.8.8.8:53 | cdn.1337x.to | udp |
| US | 172.67.177.214:443 | youradexchange.com | tcp |
| US | 172.67.177.214:443 | youradexchange.com | tcp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | pubtrky.com | udp |
| US | 8.8.8.8:53 | crrepo.com | udp |
| US | 172.67.177.214:443 | youradexchange.com | udp |
| US | 172.67.188.110:443 | pubtrky.com | tcp |
| US | 104.21.233.199:443 | crrepo.com | tcp |
| US | 8.8.8.8:53 | 36.216.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.177.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.188.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.233.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | go.xlivrdr.com | udp |
| US | 172.67.188.110:443 | pubtrky.com | udp |
| US | 104.18.40.50:443 | go.xlivrdr.com | tcp |
| US | 104.18.40.50:443 | go.xlivrdr.com | tcp |
| US | 8.8.8.8:53 | creative.rmzsglng.com | udp |
| US | 104.21.73.148:443 | creative.rmzsglng.com | tcp |
| US | 104.21.73.148:443 | creative.rmzsglng.com | udp |
| US | 8.8.8.8:53 | assets.strpst.com | udp |
| US | 104.17.11.106:443 | assets.strpst.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | go.rmzsglng.com | udp |
| US | 8.8.8.8:53 | video.ktkjmp.com | udp |
| US | 172.64.147.206:443 | go.rmzsglng.com | tcp |
| US | 104.18.48.21:443 | video.ktkjmp.com | tcp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | tcp |
| US | 104.17.11.106:443 | assets.strpst.com | tcp |
| US | 172.64.147.206:443 | go.rmzsglng.com | udp |
| US | 172.64.147.206:443 | go.rmzsglng.com | udp |
| US | 8.8.8.8:53 | stripchat.com | udp |
| US | 104.17.11.106:443 | assets.strpst.com | udp |
| US | 8.8.8.8:53 | go.xxxviiijmp.com | udp |
| US | 8.8.8.8:53 | img.strpst.com | udp |
| US | 104.17.117.12:443 | stripchat.com | tcp |
| US | 172.64.147.206:443 | go.xxxviiijmp.com | tcp |
| US | 104.17.10.106:443 | img.strpst.com | tcp |
| US | 104.17.10.106:443 | img.strpst.com | tcp |
| US | 104.17.10.106:443 | img.strpst.com | tcp |
| US | 104.17.10.106:443 | img.strpst.com | tcp |
| US | 104.17.10.106:443 | img.strpst.com | tcp |
| US | 8.8.8.8:53 | 50.40.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.73.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.11.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.147.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.48.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.117.17.104.in-addr.arpa | udp |
| US | 172.67.177.214:443 | youradexchange.com | udp |
| US | 8.8.8.8:53 | edge-hls.doppiocdn.net | udp |
| US | 8.8.8.8:53 | 106.10.17.104.in-addr.arpa | udp |
| NL | 18.239.50.2:443 | edge-hls.doppiocdn.net | tcp |
| US | 8.8.8.8:53 | b-hls-02.doppiocdn.net | udp |
| NL | 18.239.94.110:443 | b-hls-02.doppiocdn.net | tcp |
| NL | 18.239.94.110:443 | b-hls-02.doppiocdn.net | udp |
| US | 8.8.8.8:53 | 2.50.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crackhub.site | udp |
| US | 104.21.32.119:443 | crackhub.site | tcp |
| US | 104.21.32.119:443 | crackhub.site | tcp |
| US | 8.8.8.8:53 | rentry.org | udp |
| FR | 164.132.58.105:443 | rentry.org | tcp |
| FR | 164.132.58.105:443 | rentry.org | tcp |
| US | 8.8.8.8:53 | 119.32.21.104.in-addr.arpa | udp |
| FR | 164.132.58.105:443 | rentry.org | tcp |
| FR | 164.132.58.105:443 | rentry.org | tcp |
| FR | 164.132.58.105:443 | rentry.org | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | pixeldrain.com | udp |
| DE | 203.23.179.12:443 | pixeldrain.com | tcp |
| DE | 203.23.179.12:443 | pixeldrain.com | tcp |
| US | 8.8.8.8:53 | stats.pixeldrain.com | udp |
| DE | 78.47.86.208:443 | stats.pixeldrain.com | tcp |
| DE | 203.23.179.12:443 | pixeldrain.com | tcp |
| DE | 78.47.86.208:443 | stats.pixeldrain.com | tcp |
| US | 8.8.8.8:53 | 12.179.23.203.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.86.47.78.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| DE | 203.23.179.12:443 | pixeldrain.com | tcp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.163:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | tapochek.net | udp |
| CH | 46.19.139.195:443 | tapochek.net | tcp |
| US | 192.0.76.3:443 | pixel.wp.com | udp |
| CH | 46.19.139.195:443 | tapochek.net | tcp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| CH | 46.19.139.195:443 | tapochek.net | tcp |
| CH | 46.19.139.195:443 | tapochek.net | tcp |
| CH | 46.19.139.195:443 | tapochek.net | tcp |
| CH | 46.19.139.195:443 | tapochek.net | tcp |
| US | 8.8.8.8:53 | 195.139.19.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | myroledance.com | udp |
| FR | 51.77.200.203:443 | i114.fastpic.org | tcp |
| FR | 51.77.200.203:443 | i114.fastpic.org | tcp |
| FR | 51.77.200.203:443 | i114.fastpic.org | tcp |
| FR | 51.77.200.203:443 | i114.fastpic.org | tcp |
| FR | 51.77.200.203:443 | i114.fastpic.org | tcp |
| FR | 51.77.200.203:443 | i114.fastpic.org | tcp |
| NL | 193.200.64.24:443 | myroledance.com | tcp |
| US | 8.8.8.8:53 | videoroll.net | udp |
| US | 8.8.8.8:53 | cdn.trafficbass.com | udp |
| RU | 82.202.165.19:443 | videoroll.net | tcp |
| DE | 84.16.240.80:443 | cdn.trafficbass.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| FR | 164.132.225.66:443 | i114.fastpic.org | tcp |
| FR | 164.132.225.66:443 | i114.fastpic.org | tcp |
| FR | 164.132.225.66:443 | i114.fastpic.org | tcp |
| FR | 164.132.225.66:443 | i114.fastpic.org | tcp |
| FR | 164.132.225.66:443 | i114.fastpic.org | tcp |
| FR | 164.132.225.66:443 | i114.fastpic.org | tcp |
| RU | 82.202.165.19:443 | videoroll.net | tcp |
| US | 8.8.8.8:53 | counter.yadro.ru | udp |
| US | 8.8.8.8:53 | steamsignature.com | udp |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 8.8.8.8:53 | xn--80ajiffcp.xn--80aqecn1aa4c.xn--p1ai | udp |
| RU | 88.212.202.52:443 | counter.yadro.ru | tcp |
| US | 104.21.54.165:443 | steamsignature.com | tcp |
| US | 199.232.192.193:443 | i.imgur.com | tcp |
| US | 8.8.8.8:53 | 19.165.202.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.64.200.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.240.16.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cards.ps3t.ru | udp |
| US | 8.8.8.8:53 | z.cdn.trafficbass.com | udp |
| US | 8.8.8.8:53 | content.adriver.ru | udp |
| NL | 213.227.149.183:443 | z.cdn.trafficbass.com | tcp |
| US | 8.8.8.8:53 | klmainprost.com | udp |
| US | 8.8.8.8:53 | www.steamsignature.com | udp |
| RU | 23.111.217.132:443 | content.adriver.ru | tcp |
| NL | 193.200.65.68:443 | klmainprost.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 36988ca14952e1848e81a959880ea217 |
| SHA1 | a0482ef725657760502c2d1a5abe0bb37aebaadb |
| SHA256 | d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6 |
| SHA512 | d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173 |
\??\pipe\LOCAL\crashpad_2228_NWCGBPICLNYLORTV
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fab8d8d865e33fe195732aa7dcb91c30 |
| SHA1 | 2637e832f38acc70af3e511f5eba80fbd7461f2c |
| SHA256 | 1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea |
| SHA512 | 39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d2c6dd0d0cd4117a9300ceda4e540e83 |
| SHA1 | 9ffd9c99d242f6251e3a6fe4a5b480d48109fe93 |
| SHA256 | 6969613f2ae981cd3ad562563603083aaa95be7a53e532eda43d89993157e9a8 |
| SHA512 | 0718ddf49766ec62783b3a6a2cb078dc05b1942058fbe1f01a4d8801ed6f29bccb7f44de3ea7744f441b80287be326af49b5c1f67e9690d986e1e2fa9390679c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
| MD5 | 9233246aeb2f8b1c56c7c7d21ed7bb9f |
| SHA1 | 31d75231e94b7254f954d972b238f3f2002810cf |
| SHA256 | 0e85da88e504bc5c9107051af9a1f9d775c9ab5ca6aef554966c2c22f13fd173 |
| SHA512 | ea87a2d4e3ceb0e0a9b83a3b66691a4b5b76700e6110b719b6c6147951ae434260760f2749d58fc2499cdc926a60e2c045544233dd20d832a749b49a6526ab18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 45a3cee6d2b258d088b5777b2af35805 |
| SHA1 | 67f8ce7800ec15fb7bc1371e349fa32ba0877918 |
| SHA256 | 5f8b5e3be856b898f82d929919d94eaa2ca490a122135e16352fad045e6dcf39 |
| SHA512 | 8a30d6169bdb258e4100b9de38d1ea50e37f705c23a832a1424f6969ce10d458a3abb0531aa63faee64436a30ec30515999b12221634cf03cab088c4160859c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 474e967ca31cf16cb9b5324a8a7ffbad |
| SHA1 | d5778570a6fdbc0ae848ba598f82f921cded1b5a |
| SHA256 | b986cf66524df3315741149e2116eef2e2d226cbff1ab35b545a15a04673d767 |
| SHA512 | c287e3e41661f8a167ac77c1f1e7deabeceaa30fe82ec55c6e294aed774ae07c804f2a6030265e9d29a6881d115baf06fadd62ed29e646370d7f93b0db0379c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f243fabcb9440d735df3d1beb950103c |
| SHA1 | 77fbd9660119c74bf186ed8c054720ef91fb9214 |
| SHA256 | 1e223f977bde5296cc66e8d4b1ea9711b21fe3875a8bdf7c00ccefb60bca03c3 |
| SHA512 | 5d595d4d5d7dcbf23280084c0016502385e806097c7f1ac044b368ce45bcddf66619326938d80db52f12f5ea6e6d6bfd0eb52840a4d6f2cbec7150abfbc8f20c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0777c02c2c6537408ee915518837f515 |
| SHA1 | ed6beeeb93b3e2934282281a34d861f8adb9ee49 |
| SHA256 | c16088839b74dbb631e0e65540322894df20ca0f71ef31b1bb2db8ff70e82be7 |
| SHA512 | 0541a3f6632802e077c5d1e821c6d71d590d8a829fde1d33b575f441eb2c7d6e997965a2c279561273d4db968500eba50a49fa4d48b7296938a20f3a4dfed829 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d02424b75b9ea61ed0a4dbacce95cb24 |
| SHA1 | f1ec55b21b4f7408e78e7b2a018b4222ff80da2d |
| SHA256 | 353059cf3d11af4307e50afeab2dda3c062957370c11cdb72c40761d14be4762 |
| SHA512 | 02a02796993013bbce5e728d1478d017ddb4d9627afd6a415ac84e44643aeb762490882fa99fe670f089aba313ff3672be2ab0484736fb21585857afeebaa6b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
| MD5 | d184fafd758c0c9ff2d264c230fb0f18 |
| SHA1 | 5a28ea145347a6b33550dbf35a851d3e854dcde1 |
| SHA256 | 79ec09835122cf102d1eefa09ad5c467b3231c821f1f1d9fbc4f1b6f00ea823a |
| SHA512 | 1339d4aa69870ab3e05eb9eb27cdd3e9cc2926466ce84bc803768f2203c5687a8271d1fe0f283da2a2d637c2e1904abf7cfb985bed86183e3f29696fad67e011 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt
| MD5 | a821fcb99c66f3cb3d439fcaddeb7fda |
| SHA1 | 44584097272c7f8087ba5d04e566db8fd168821d |
| SHA256 | 98b890bfcca43595cf76b755e94da14a41eb83325f6ee1b8c4e87b4350ebff6a |
| SHA512 | 6c958296cd3cd17129099b7c664bf1bc5efd64c5b5096985a85e7e2e7c09fa1fbed4d956e15e060d98721d00d807784d73d504045dc6021eeedfc88793cab36d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe580182.TMP
| MD5 | f689e20b28d2f6a60d42d0cc61c953cb |
| SHA1 | 863c27324d9a1512c92596919fc58bbf67a46316 |
| SHA256 | 668ada558f894728994c7dc4b789403eb7bc56699feb9ecd3df32c5fb978426d |
| SHA512 | 40aeb99007d5840e10b6dc78ce02b5f8f728f249bbcb3d552b1e10cefcb055f793bce29d1751a4e5e697acbff8ce3ae0cccdf94f063d385416a12319e0e75050 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b
| MD5 | 716080e0e2dcab95a6fe4646e29a9bdb |
| SHA1 | 76d6685845827619c163c23fe1dff8b966c1fa1e |
| SHA256 | d5a053832133f1c82c2131b633071d1ab5f7f38d447cbf14a05e610142a60aef |
| SHA512 | e2ff1a7dc782979ca01e09c10f4a9a61547dbd6bb5a56c477c36f0e898ffcd292d4ba85ae10777796aca52adf7ee86ba73d8f096c32fdfe92143c9a1c89fda9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 37176b32258b10afd5b942bbd0b69974 |
| SHA1 | 7c67daf5dc015f3544256454a822a92a085f25bc |
| SHA256 | 9a08b7955f876f0268736bb7f695f98c7fa9072de1dc5e5c8456166c307a98d6 |
| SHA512 | ff031a1c3fdd69f3a3a85b2c32aa91864f7aadaa910da55ff13bc7e15b650a2c9ada5d1e3aa0eaa69bcfead5f6d03e76bf3d12ff56f2542c5bcc0fdee03b3898 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 508ab4072eaeb80aa846d39f6f8d8309 |
| SHA1 | 62f37b5f265cad38afa3f1133d5362c613f02722 |
| SHA256 | 552bfa85e40f1a08c8501b68ee8732d8212c199f345db2503123fdd0c58e9295 |
| SHA512 | adec307f5a6df2475c78c9eda5f25ab479ee37d5cc731c70345780c34281b2d607aad3d08b5aa2270773b920e2994560bb5bbc8d975f3ab30dca6e04797f4fc7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | ff3fcd357691f89adbe78c73ef73bdb2 |
| SHA1 | 54e3fe22f417a2279e18a57f569636f851cae516 |
| SHA256 | 0082298ba46a4a4e64ad9e31257ef15e2351acce52a652b8dd3bca9b03c21db8 |
| SHA512 | 0392d54a052d6cc7c5041ef6a6450e8342a5d8b57fdf163149ba55c698fbc85b20eb46a423b5c6914d87e9b8ac2436f4d34badc0a2c3c58c4a641a33ae4c5ee0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f331c38c1fe7ae9e10fd736ab9d05460 |
| SHA1 | 26c8d1d3c31d51ec6775e21e482952579c3db7dc |
| SHA256 | d471d16e96d1b7ece8d7b3f87fde9bd53ef1c758cb20f786ee08796907df2825 |
| SHA512 | bc8a67cd0b4e8f5572cd9921377f635d0e289e5953b8adc1ba577dd8cad151baf83be78d59d46ed0fd750a94a1fe0af28cd90d8d1292159063ecff73e41bf687 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 61be61fabb67758f2972710f6d9a9a6d |
| SHA1 | f73f6aab761a5fc3ca45c9b4e461827a9fa0a569 |
| SHA256 | 6ddab96332cfcafb9e6d059b0493eed7cf03654c6b41d9cc4a87f31d2da0c571 |
| SHA512 | 1d389f0960bdb62606bcd5e6884be36ff7658479e46f168200a1908eeddc665555f951f5a6685169ff56a652dcd492648ace16ce808679feac26586e9fd3f7bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 2d1838ecd0cde77c23121a9610ef8fad |
| SHA1 | 172ebdf6fe0a3d609af5af6d137b992fb87d4dc1 |
| SHA256 | 253f8f9d88648d8cba52c8202188b9f6bd0aa1b362ece228538461ba2a52e0cf |
| SHA512 | 519166dc73c24951ad6aeb069cb9b9e4fb28c38ed50151f3e79069ab6ee8d51ce3bb8a143da1038e60fb70f86e855b0c094acbb0a278781a2fb66a6cdfee94c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2a6faa4a4293a74a5d5d5adfaa793fe6 |
| SHA1 | 12dfd82118bf0cc257c6f88f0c7744005fd98bff |
| SHA256 | 2d271f9a3874b1e659e905a8d3b0f8f3c8812146cde2db5cf9d6146ec8b27e42 |
| SHA512 | 5256d80b9d4440faadfe15d67aaff2156e938f67d2429f4f4a6e73986e2a0fe5265778f80795ae53d00cd08e57edd3112d0a8e84540b1e453215a469a8b10d02 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5945b444e1feb4a2e76bcd55f3651f44 |
| SHA1 | 36543deafb850b753567ee419293f6b4ec90f930 |
| SHA256 | c06a8e129557a0110fcb20412f2bbbc4ebd8881990aad4c9ead40084025233f9 |
| SHA512 | 032f36dcc3aaa31e5e44efb0bea46d69eb4d57cd33388ac5db98b61753d2ae6c9ca625a1dcb600e39be45fa6529f83f151054ef41b81780ee05accbb00ce1a0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 014a0520a59b6bec44f7d9ff6ea7eed1 |
| SHA1 | 1802303791ea26d0a6a85b124d307aa48f9ee026 |
| SHA256 | 923ac23841e6cb4f8baafc7906a0db9d9a2a7a6701ffa1e5212fe758786e9797 |
| SHA512 | ea6dba5bfb7a856ace2835ecb65db8ce64c6476f038dbb36ffd6e263c645cd002569c81770e0e7acda4c7e3c4f9fcc69167a3245bb27823cb8fdce533a4c461f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 732b82cfbfafb06664abd1558623333f |
| SHA1 | 0ad0e0257c4efb9f496826939c5cd19624f8fdd4 |
| SHA256 | 3cb57ad0b9535d07781dfc397d8439d70414e7f3f0723c1e80773dbb6d9ca240 |
| SHA512 | 2fc237b3781fa3e7d3e992d278eb9a78948d501895633237bdab613c86b64809b19275a08fbd772a3a1b48d4ab60b03cd29b65430fd357c35ee6db5fcfd3d29f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b3d77b3069ff0360dbabe0e01ba15597 |
| SHA1 | 6b4b86db785f13380b70598850590733c76167b4 |
| SHA256 | 1865f8474bd60401d9acbdb67a78a396c0724135ae7a03f24d7e1d72811064ca |
| SHA512 | d8d3dc1c73c27faebcb81c1d951c293ec6287201901a8ad1a8709c87d192c28aaee1941a46f047739320b9c406ce8634127dbd13ef41bb65f92ef69493c34109 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d064ebea06fa590b5ea661d4251a8b5d |
| SHA1 | cdfa6f1e5496a0ebea58066e467bc20ce784f549 |
| SHA256 | ff58aa607d4d99134ef7a72c84a19e9cfb30ddde6dfba8f2b287dfd9c00d02a9 |
| SHA512 | a5036d4f7fddf885d931e030e584aa4a6cb4f8b37a86ae5dd771f914701121bfe18dc19c23e52e056afe8f49650b3f5de05be3ebafd2316fff6f04bf54ef3de3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0da4b9d80366a96369bde00725507e90 |
| SHA1 | cc7544c0fc3532bfda7fa7dd94a8c60d83f3e20c |
| SHA256 | 1ec2f5906e73674bf6e61b5fb2ab0851ef878c3bbfc25012c0f1bb74349e8120 |
| SHA512 | eded0369b6221a8bb3783e64fd160cde295809504bfbb90464a113c487956270245e8c11759a2d18f4525016c0fcb56b92edb63666d7ba859dd48703b78986c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c4a4eb6f8ee9bfbca86cbefeb71699cd |
| SHA1 | 2f570500aafb57027aeb8f4e677ce6203585442e |
| SHA256 | 222c8d5c7355dc74306f5f073043db5d372a240215f6fce949638a2f9692431b |
| SHA512 | 58eac77b0aacb09463ccc672dcd1bfe2f5cae49bab53afe5eec8649c43d25c6f2f55431774e0672fb70f1c17c336356326dad9a913129ffb87c40acc8cbfba02 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | cd4440a41ec6d734aa7f0cfa6ccd2a6a |
| SHA1 | abf0c94f0fce48e121207ed04446de2f21b6ec77 |
| SHA256 | 21903a98a38bec708691e49ea2c56709463b4381c40c35ab91920913c83481a0 |
| SHA512 | e77fb433efd604aaa9a57f52963989a0bd38d21ce4f76684d33e462d81639f4ac6a3ab59b893b5642ab92ca45fbea553d0fcbeba1ff093e897a58d81f27cc472 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 28e0086218150ca49cf1690dd3babd49 |
| SHA1 | d8ccc27f3011af18d413be270c0f1513629641a5 |
| SHA256 | 349b1ef1c500f194aa25fbfd1fcd15430f5893fda3ab7b6ae00157919d35e85e |
| SHA512 | 1dbad191d592d79b3f19bb8fa524c6a3f637538eb24514619420b321abe875681c84c07a3681636e902dfc58c1c2296086b2a5a8066c69997e97fbb679b72f44 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 6c06fb46d948c55e813ff81e107400d4 |
| SHA1 | d137dd45dbb1468ecf4409d1052477b6123f893f |
| SHA256 | 61887bcdbf73e7c8e13592a796e12ec1b07d71e34037421a0c17ec1c09748246 |
| SHA512 | 8757d0bf9eee4cb297675dc0b7ca2818f7c01f19876d6e7353cfedde49b67464d99e8d578d40a49d75e4facd89993acfbbcb5efb46a18f99af939a1a295eb0ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 773753dde70bb5760102a28633e06356 |
| SHA1 | 9a376948c9fb63d2b78b6ca7262c37083fe7cc99 |
| SHA256 | f727af8705252db51fa7630cad037bfe7d5d3eb764bfe172fbbf96c010a926d8 |
| SHA512 | e6e05bd50c0e878d1292b7c8200b7f056451ff4d87c334d092014ce26011a0f9c9cbd63c4161493ce63735275ce2ac48e6cf7211823848d477574856c3ca5126 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3117cada502a497dad408584af1f35ba |
| SHA1 | 12c9ddb1d9cfbe1b78a99debe513b9702a86bad6 |
| SHA256 | 40ba0ded9621595a4d6f2dc33a721e4f50bc7d69029292ceb6a960193ec230d4 |
| SHA512 | 8fbf63197b56635b52a351607511855be804752d7f1649d0efdeff4b49eb051254a132e94bf7399a80d0acdc883e24d2caf90221db2732bfe8d282662240d71c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | b0b0cdb852c434bec4ae1cfca4f6dd5a |
| SHA1 | 561515f1643a6a43c96e1725fbf2397731a67074 |
| SHA256 | 9fe5630fc498b271d7b1e72f9dcc36922d3b3628e0320c77c1d72f5a8471da4b |
| SHA512 | 4992981f70a605af7a18cc9c885ccf264c52f505e34b55d1e945ce4d0c164f469ec67675374430cbae5e82b81c2c5af306f834ad726f883ded5c448904be4775 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3693c4b25b87b297c1b12c46991c04d1 |
| SHA1 | 2f3b3bad361139769f70f6e932c0f03bd346238b |
| SHA256 | aaf6dfe0309605bb367023c18caadaacbcc7545fa84f123a785ca04b2deaecdd |
| SHA512 | 2b72a99033a33e60dc082fa3c2bdc00c7afb866d53ac571b6bd222aa056ddfd1de84e96c545c476dbc2669df9a5579af95d3c79ac312789b8113f9db3025a8c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b5f727a3b9f1616c93a6dd62e23a7a01 |
| SHA1 | 3a47bab7d61b2ca197d4ee942b95c62cb2737e1a |
| SHA256 | e0e7e3e02c5a37218bd4e7183e1067990dc175826656c6fdb1edaccbdd96014d |
| SHA512 | 9e3d70e1418c9e135e725bddc700299c08ea5c440e89d8f15ef304f9681547c010dad2af1faa5191067791e8ff0db9922940415c59494b51887fe57d20e0ab20 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\LLSQVAAZZCXHRUGZN56Y.temp
| MD5 | 4c5571d3fe6133dd1be25415482af95d |
| SHA1 | 540f2b0397d9d0ecf3d22fca6a149f92f8c4749d |
| SHA256 | 18aaf5b0626b0aba2899c18ffbf152ea7b66db6eea008c5ff4c38e97bc3d8937 |
| SHA512 | 64ab59a2e25302f71db5e444857ce6f44a207b25d12de8365ea50a3d049dae5498a89abc8d1662e19d085ba4515cac14e605f4bebbf584906a126ac76d94166b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 073b5e964115716005e55456df5587bf |
| SHA1 | 9c76e1637639b73973c4224d659bca707e1323c3 |
| SHA256 | f50f1e2dd06369b7de1825fc2c3ed833fa7c076a4a2bd19d656ac3d7e865f6f7 |
| SHA512 | 0a00b6baf7b488ff356d47eb8c0ce7f0e314133bf4c5a44a19dc81dbe45d2be337560d7cbfff5a851281e4d8320e3df0a3e890e8e76997172f7c8d03fe4288cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 02638a6a8117ee1ca50b6a4ba9d5630a |
| SHA1 | f36900cff78dcada78669f08b7f0c0c57015420b |
| SHA256 | 53fa492a8549ff860b74738e71ff9951a96845bfea62ca842760eccf9a39c622 |
| SHA512 | 7f311da693bdc42f8e06c990f012762d3105fa99784a6d82804d487681d84840512cad38f6cccaa4ddf929ef2bc77cfa5171a25fe339795b3679316823d7093c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 55b27ad90db219d770115c27640a6f32 |
| SHA1 | a6678c98409bc83d16d817a57855580d24dcd7bf |
| SHA256 | 5b03afd3fe4a7d78440a204a7e3ab24e6a3414e4b5fbfadc4eaf5cbee7892799 |
| SHA512 | 78228055e6564a58a77d65b94b5f23f97a10db11a35977e3f522d5a507b6af6e7690db9aa9f28b5d50b7bd4659caa3b2ef2d8f2ec441e60fc126d5379ad6bbf5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024
| MD5 | 437ab47426ce4ec3551cb7c9c8a83be5 |
| SHA1 | 1b948ce77776e88b2ef5a8ded58a0853b8a066cd |
| SHA256 | 3d52c3a8042588be38fd55cdf5a0c9fd5846b2e85416a692ca7786b07965bb0c |
| SHA512 | cb913cffa839f7dea81193aec19c9ea1d811f838ff4a14d3de832e83860f03305089e837cf7d73c5d65b27576996d11470a6100f8aeb01b62842ff3a369cf918 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026
| MD5 | 26970c7ed79121ce8e24c8a43520b588 |
| SHA1 | 8da5952239f6353e00a6653fd5db0b1aa54e2ba4 |
| SHA256 | 0d222c15f851a934d992ffb3876dbf83952b92f94f0b1d879ecadee447431f36 |
| SHA512 | 8abe6cdd17f5b28a04d10bb3a3e2ceda3039186c094e9d31725605e987924c7746f0844a090ee537251d68cce03d763caa7d6ac581b1c54732a724662f4ada06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025
| MD5 | 8fa0022482eea2e9d9909e8b1ab67c5e |
| SHA1 | 243ded1c76d82101db2ccffe22fca710568d68d8 |
| SHA256 | a68a34b4513437c04830ff249bf38af23de03aa614503e7a11ae6f0969c5d54d |
| SHA512 | 92d9388d30be90b95178af7e246ab43b340846d9dba152d12ea3a39a8687cb358fb6946d7682eed58ed7148822c83b365c1dbc89d57e0616ff3152dd99ec9b60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023
| MD5 | 870f93e2a0cba1ccdedb822096ba0529 |
| SHA1 | 1dc7366169abfe8200eef86a7dbb066b1c888415 |
| SHA256 | 42e39acc0bc9209b1e11622629e40b627ebfc667614a02fa4aa6341a587af2a0 |
| SHA512 | 40b09e76998f7b3b53c31e1b7c5e404138901934e35c794c8a0d6349f29fe83e75a09d4509609851413b0baa85df9b14edb646d9ef06617c4c28b1f3e98206ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
| MD5 | 0134cd5787761599511f9dbe34965f4f |
| SHA1 | 4f0106515649af35262bdbf206456186951d10e7 |
| SHA256 | 1751f307bfcc650f0d7ca933e0e90b8c7c44208415229ac4fdc163af4279707a |
| SHA512 | 292385adb6c8e2657a4fd34b5709da77a06c19dd34126ae90067f272c94748bd7bf3a45b376d4e0c4d8d1cfe9df869a0e50c103ca070f311229c8fb99687c497 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027
| MD5 | 6616464ddb50efb055457ff92d095015 |
| SHA1 | 599fd213891dc7b699fe00fc2ebf214034fee6cc |
| SHA256 | 8af362b5d32dea798935ed7df48f6f8f94e2a062baa64ebc7c8843d79f61c6ae |
| SHA512 | cfe3cac60a12f6fc2aa0100d915a250670b447422db5f652a2bff156ba53a90e273fe6025ccb4c44afafc797f3d3a319e34a1da3cb0912e7023959f449467bd8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028
| MD5 | 448c34a56d699c29117adc64c43affeb |
| SHA1 | ca35b697d99cae4d1b60f2d60fcd37771987eb07 |
| SHA256 | fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c |
| SHA512 | 3811804f56ec3c82f0bef35de0a9250e546a1e357fb59e2784f610d638fec355a27b480e3f796243c0e3d3743be3eadda8f9064c2b5b49577e16b7e40efcdb83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7b793c5a20f6e9544908626ca0d3631a |
| SHA1 | 79c9935ee7628839a61a2dd2d60208bd039db660 |
| SHA256 | 97751a114b0c255729ede63d3db8a80452cfadce42feeebda2a0d0c653931a89 |
| SHA512 | f7caf41a9a327bb70430e869e6f0609e9ef5c9da3d0aefe2455800c2d5a23edd383ca44a2bbd21d3a14a035b8f88848095dc498cec7429d2a75d19494027b2fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 65d5d8ff16db990050fcde7690631304 |
| SHA1 | 20df1be216cc4cace70cdda469799dcd973f7a6d |
| SHA256 | f152a35249d3133e0e9c7ce0980edccac9cd60d4719f338578011bf09efb02ce |
| SHA512 | 82b96cd6f679951a40250002eede95d546647d0fdd0cfa300e9d26bbb70995089dbed40b97806a96ce49061b6b8fb83897bca7c07cd5e0e2fc5527ca0dd21167 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dcb02bead853151e0a5b57da5d50172a |
| SHA1 | a7dfcb358727eadf6febf35be4de21751f6c1edd |
| SHA256 | 4fa7b39e3e977c9491079efa09b1df2a8138658a49758813571935ef09b4f5a2 |
| SHA512 | 1b2011b2b95f78cfa6d2f505ff908d08507f6fdd5b41c46f8f43c8a01045f40fe2ae531a7ddfe7bbe6ebdd6a505e95cf7bb8aee7a922bc8564170ede76df0e8f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | b66cc9f3207a1667cd09871948efb422 |
| SHA1 | 33d314e257fc18819634cbd58382d436d85ce371 |
| SHA256 | ec61259dc9516d9a88abee0790ce1135026dadc1a0fced2595db3071868c9e4a |
| SHA512 | 96fb72f91a86b515d824c77e8f7ac4ce9444449b98de8a7251df27a912efb19abfeaa5069cc23206c3bbb86f7ca31b1895ed75670eb819019acd86369359d24d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b
| MD5 | 53436aca8627a49f4deaaa44dc9e3c05 |
| SHA1 | 0bc0c675480d94ec7e8609dda6227f88c5d08d2c |
| SHA256 | 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 |
| SHA512 | 6655e0426eb0c78a7cb4d4216a3af7a6edd50aba8c92316608b1f79b8fc15f895cba9314beb7a35400228786e2a78a33e8c03322da04e0da94c2f109241547e8 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 90007faf001a4e910a0120cd219ba545 |
| SHA1 | a8320e506dd422ab17df97c7ce11b99cf82c86d9 |
| SHA256 | 1d22fa2d3dff775fae1d24db0431d8fdbcd3a4bf424a859932ca20dc92fbd656 |
| SHA512 | 16bfe268804b817bf7c04396ec3a46a12a4d59efc0d34a5344429ec37e2ff6d997654202150a8d0957b5752b119bae9d648aecc497ebeb3bc5d9f1dd95fab6aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 121f8bd10752b0b0d7f423a21af61b9f |
| SHA1 | 8e99f980c031a9a4de89325602ca110ff61eddb2 |
| SHA256 | 6dcfd6dbbb066f4638342b265ef02faaf9ac9bfdaafe9bba7c27047939982fdc |
| SHA512 | a66a93053ebde677653454e61b58edb90c90a8cfb9b8df829ed34e798b6fde689dc79c1954e865c826e9aa96301a7fa6eae8e6df540cebfba83e8ea0ddb4ddf4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | eb8eea0ee8a9d0afeb0810ba8f0c067b |
| SHA1 | eb49dcc7c24ff01c36f153d7cf93fc6f20280bfa |
| SHA256 | 28d69f8659fa5996be047a46667af719af1ad56c6872b074435a27f8422d8085 |
| SHA512 | c8a873ba46c6702eb7f2d275959727ded62f8c1b55627a7673e2d8054050aa4cffc77ee62c9c9c795a951c50400be73c2326b85e80ca5843af4b6ada8922a0ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 67a157675886e6608df78a070619ba5e |
| SHA1 | f3ce9ea160decbc4552f2d59f65ced188d34dbe0 |
| SHA256 | 147432f3c5824bfc43c50b11f8c90052a2f81dcaafd8cfdc8626af9bc0623884 |
| SHA512 | 48954471be588a9db40347f9af228e72ec6172d8efb796639fc85d8e876e27d6ce4fc86403f3a7b1a87404033b729db3e4d18644c1a58d36c5a69e1db153a35a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 18ebcf391e9a20ee73166b75f23e7ff4 |
| SHA1 | b31cfda4ad2542812f9ddf02ed580884332737e9 |
| SHA256 | f52bdbff46c2d887a41e2b4ec9cb135e9c2d8250d14da11a679a198739dc26a2 |
| SHA512 | d26e941bcfa8a7a7e5f786d12df850453b1a7a35c68bf734b2526885b15f4e298187cfa75fe224faf84d4401554a3bd7e0dfe0f8f7ae5d2a674cb668b7a8627a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b660251cdfc9e6d3f96c67d3ff189246 |
| SHA1 | c0ea971c55af098dfdbce2f543c83b08f961d0a4 |
| SHA256 | 731457baa7f21f09908b2c710f3b68a54ce263ffc02b07e086a2f7c99185342d |
| SHA512 | 7742de9f6d5bfd57e649f63b90505aad21057751fd9f2dc767a6f5220801ab88772d2d00860b7a53d5468f881815a8f43da55d95da73913cabfcb223881856d6 |