Analysis Overview
SHA256
ed08d239c46a922bb22cc1c27fdbf6699819e48d911766ec37b31b0423a52f71
Threat Level: Likely malicious
The file Noxic.zip was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: [email protected]
Checks computer location settings
Reads user/profile data of web browsers
A potential corporate email address has been identified in the URL: [email protected]
Executes dropped EXE
Loads dropped DLL
A potential corporate email address has been identified in the URL: [email protected]
Enumerates connected drives
Adds Run key to start application
Browser Information Discovery
System Location Discovery: System Language Discovery
Unsigned PE
Enumerates physical storage devices
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies system certificate store
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
NTFS ADS
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-11-08 23:35
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-08 23:34
Reported
2024-11-08 23:38
Platform
win7-20240903-en
Max time kernel
117s
Max time network
120s
Command Line
Signatures
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Noxic.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Noxic.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2872745919-2748461613-2989606286-1000\Software\Microsoft\Windows\CurrentVersion\Run\Noxic = "C:\\Users\\Admin\\AppData\\Roaming\\Noxic\\Noxic App.exe" | C:\Users\Admin\AppData\Local\Temp\Noxic.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Noxic.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 2892 wrote to memory of 2464 | N/A | C:\Users\Admin\AppData\Local\Temp\Noxic.exe | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe |
| PID 2892 wrote to memory of 2464 | N/A | C:\Users\Admin\AppData\Local\Temp\Noxic.exe | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe |
| PID 2892 wrote to memory of 2464 | N/A | C:\Users\Admin\AppData\Local\Temp\Noxic.exe | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe |
| PID 2892 wrote to memory of 2464 | N/A | C:\Users\Admin\AppData\Local\Temp\Noxic.exe | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe |
Processes
C:\Users\Admin\AppData\Local\Temp\Noxic.exe
"C:\Users\Admin\AppData\Local\Temp\Noxic.exe"
C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe
"C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe"
Network
Files
memory/2892-0-0x0000000000240000-0x0000000000241000-memory.dmp
memory/2892-10-0x0000000000240000-0x0000000000241000-memory.dmp
memory/2892-9-0x0000000000400000-0x0000000000708000-memory.dmp
\Users\Admin\AppData\Roaming\Noxic\ffmpeg.dll
| MD5 | d57dd69a4d084427ea5eef777de66f68 |
| SHA1 | cacb8e06a475b2125708ae70153aa1ca525177b0 |
| SHA256 | 858612d51120907bede6782a6f13a5f0b391d11ed9a35af0647126831d9843b4 |
| SHA512 | 517637325aff7416e16e25f33b491025e8791e71ae3df76effc6b2910e9e651604f856d2ad6058ceee13e87a7e0e33c0c572388e76a64f902be88f175a51973a |
memory/2892-201-0x0000000000400000-0x0000000000708000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-08 23:34
Reported
2024-11-08 23:38
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
154s
Command Line
Signatures
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\Noxic.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-940901362-3608833189-1915618603-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Noxic = "C:\\Users\\Admin\\AppData\\Roaming\\Noxic\\Noxic App.exe" | C:\Users\Admin\AppData\Local\Temp\Noxic.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
| File opened (read-only) | \??\D: | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
| File opened (read-only) | \??\D: | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Noxic.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\OperaGXSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411082336381\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411082336381\assistant\assistant_installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411082336381\assistant\assistant_installer.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 326944.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Noxic.exe
"C:\Users\Admin\AppData\Local\Temp\Noxic.exe"
C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe
"C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe"
C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe
"C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1656 --field-trial-handle=1660,i,12747660829818092529,794317098256018348,262144 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe
"C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb" --mojo-platform-channel-handle=2188 --field-trial-handle=1660,i,12747660829818092529,794317098256018348,262144 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe
"C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb" --app-user-model-id=noxic-app-nativefier-00f9eb --app-path="C:\Users\Admin\AppData\Roaming\Noxic\resources\app" --no-sandbox --no-zygote --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2376 --field-trial-handle=1660,i,12747660829818092529,794317098256018348,262144 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe
"C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb" --app-user-model-id=noxic-app-nativefier-00f9eb --app-path="C:\Users\Admin\AppData\Roaming\Noxic\resources\app" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3100 --field-trial-handle=1660,i,12747660829818092529,794317098256018348,262144 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://app.cloudtrks.com/click?pid=2&offer_id=3633&sub2=u134079&sub3=cl588610&sub7=rfhttps%3A%2F%2Faimbotz.pages.dev%2F&sub8=rdaimbotz.pages.dev&sub15=727a81e3f0f8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffff15746f8,0x7ffff1574708,0x7ffff1574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://app.cloudtrks.com/click?pid=2&offer_id=315&sub2=u134079&sub3=cl588610&sub7=rfhttps%3A%2F%2Faimbotz.pages.dev%2F&sub8=rdaimbotz.pages.dev&sub15=727a81e3f0f8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffff15746f8,0x7ffff1574708,0x7ffff1574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7476 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7476 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6656 /prefetch:8
C:\Users\Admin\Downloads\OperaGXSetup.exe
"C:\Users\Admin\Downloads\OperaGXSetup.exe"
C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe --server-tracking-blob=NDE4NDRjZjI2ZWNiZmMzY2ZmY2M0ZWI4ZDg1NWMyYjc4YWY0OWE3ZjIzZTQ4OWE4YjA4Yjk1OTMwYWIzYjhkOTp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9HQl9IVlJfMzczNiZlZGl0aW9uPXN0ZC0yJnV0bV9jb250ZW50PTM3MzZfJnV0bV9pZD1hOGViNzRiYzhlMzI0NTY2YjQ4MDA4NTMxMGZkODE5NCZodHRwX3JlZmVycmVyPW1pc3NpbmcmdXRtX3NpdGU9b3BlcmFfY29tJnV0bV9sYXN0cGFnZT1vcGVyYS5jb20lMkYmdXRtX2lkPWE4ZWI3NGJjOGUzMjQ1NjZiNDgwMDg1MzEwZmQ4MTk0JmRsX3Rva2VuPTM0Nzg3MzQ3IiwidGltZXN0YW1wIjoiMTczMTEwODk4Ny4yMjYwIiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xMzEgU2FmYXJpLzUzNy4zNiBFZGcvOTIuMC45MDIuNjciLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fR0JfSFZSXzM3MzYiLCJjb250ZW50IjoiMzczNl8iLCJpZCI6ImE4ZWI3NGJjOGUzMjQ1NjZiNDgwMDg1MzEwZmQ4MTk0IiwibGFzdHBhZ2UiOiJvcGVyYS5jb20vIiwibWVkaXVtIjoicGEiLCJzaXRlIjoib3BlcmFfY29tIiwic291cmNlIjoiUFdOZ2FtZXMifSwidXVpZCI6IjM0MTVjNzFlLWExM2UtNGZiZS1iNTJjLTJjNTZlODcxMmQ3OSJ9
C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x324,0x328,0x32c,0x320,0x330,0x74218c5c,0x74218c68,0x74218c74
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version
C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe
"C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=1 --general-interests=1 --general-location=1 --personalized-content=1 --personalized-ads=1 --vought_browser=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera GX" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=2492 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20241108233638" --session-guid=b13c11a1-7f7e-4d44-82b1-a40c660367ae --server-tracking-blob="MjhiYTZkOGYzODQ4Njk5ZDIyZmRiYTJjN2Y4YmE3OGFhMDJhNTdlMTNhMDM5MzUxY2RlMTRlMjRjNThlMjk5Mjp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6eyJuYW1lIjoib3BlcmFfZ3gifSwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/ZWRpdGlvbj1zdGQtMiZ1dG1fc291cmNlPVBXTmdhbWVzJnV0bV9tZWRpdW09cGEmdXRtX2NhbXBhaWduPVBXTl9HQl9IVlJfMzczNiZlZGl0aW9uPXN0ZC0yJnV0bV9jb250ZW50PTM3MzZfJnV0bV9pZD1hOGViNzRiYzhlMzI0NTY2YjQ4MDA4NTMxMGZkODE5NCZodHRwX3JlZmVycmVyPW1pc3NpbmcmdXRtX3NpdGU9b3BlcmFfY29tJnV0bV9sYXN0cGFnZT1vcGVyYS5jb20lMkYmdXRtX2lkPWE4ZWI3NGJjOGUzMjQ1NjZiNDgwMDg1MzEwZmQ4MTk0JmRsX3Rva2VuPTM0Nzg3MzQ3Iiwic3lzdGVtIjp7InBsYXRmb3JtIjp7ImFyY2giOiJ4ODZfNjQiLCJvcHN5cyI6IldpbmRvd3MiLCJvcHN5cy12ZXJzaW9uIjoiMTAiLCJwYWNrYWdlIjoiRVhFIn19LCJ0aW1lc3RhbXAiOiIxNzMxMTA4OTg3LjIyNjAiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTIuMC40NTE1LjEzMSBTYWZhcmkvNTM3LjM2IEVkZy85Mi4wLjkwMi42NyIsInV0bSI6eyJjYW1wYWlnbiI6IlBXTl9HQl9IVlJfMzczNiIsImNvbnRlbnQiOiIzNzM2XyIsImlkIjoiYThlYjc0YmM4ZTMyNDU2NmI0ODAwODUzMTBmZDgxOTQiLCJsYXN0cGFnZSI6Im9wZXJhLmNvbS8iLCJtZWRpdW0iOiJwYSIsInNpdGUiOiJvcGVyYV9jb20iLCJzb3VyY2UiOiJQV05nYW1lcyJ9LCJ1dWlkIjoiMzQxNWM3MWUtYTEzZS00ZmJlLWI1MmMtMmM1NmU4NzEyZDc5In0= " --desktopshortcut=1 --wait-for-package --initial-proc-handle=5009000000000000
C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x320,0x330,0x334,0x2fc,0x338,0x71a68c5c,0x71a68c68,0x71a68c74
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411082336381\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411082336381\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411082336381\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411082336381\assistant\assistant_installer.exe" --version
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411082336381\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411082336381\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x288,0x28c,0x290,0x264,0x294,0x434f48,0x434f58,0x434f64
C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe
"C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe"
C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe
"C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1672 --field-trial-handle=1688,i,18163330862819539772,12674870501539788796,262144 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe
"C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb" --mojo-platform-channel-handle=2172 --field-trial-handle=1688,i,18163330862819539772,12674870501539788796,262144 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe
"C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb" --app-user-model-id=noxic-app-nativefier-00f9eb --app-path="C:\Users\Admin\AppData\Roaming\Noxic\resources\app" --no-sandbox --no-zygote --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2420 --field-trial-handle=1688,i,18163330862819539772,12674870501539788796,262144 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe
"C:\Users\Admin\AppData\Roaming\Noxic\Noxic App.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb" --app-user-model-id=noxic-app-nativefier-00f9eb --app-path="C:\Users\Admin\AppData\Roaming\Noxic\resources\app" --enable-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3228 --field-trial-handle=1688,i,18163330862819539772,12674870501539788796,262144 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,9658005531074099488,7345135458686354843,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5576 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aimbotz.pages.dev | udp |
| US | 8.8.8.8:53 | aimbotz.pages.dev | udp |
| US | 172.66.47.176:443 | aimbotz.pages.dev | tcp |
| US | 172.66.47.176:443 | aimbotz.pages.dev | tcp |
| US | 172.66.47.176:443 | aimbotz.pages.dev | udp |
| US | 8.8.8.8:53 | d17iy0164v753e.cloudfront.net | udp |
| US | 8.8.8.8:53 | d17iy0164v753e.cloudfront.net | udp |
| FR | 13.32.158.118:443 | d17iy0164v753e.cloudfront.net | tcp |
| FR | 13.32.158.118:443 | d17iy0164v753e.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 176.47.66.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d1myn4ixnn41tz.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1myn4ixnn41tz.cloudfront.net | udp |
| US | 8.8.8.8:53 | duh0b8nl8uhfn.cloudfront.net | udp |
| US | 8.8.8.8:53 | duh0b8nl8uhfn.cloudfront.net | udp |
| FR | 13.224.58.155:443 | d1myn4ixnn41tz.cloudfront.net | tcp |
| FR | 13.224.58.155:443 | d1myn4ixnn41tz.cloudfront.net | tcp |
| FR | 18.244.38.110:443 | duh0b8nl8uhfn.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 118.158.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.58.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.38.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | d2lmlpk6xgu7kg.cloudfront.net | udp |
| US | 8.8.8.8:53 | d2lmlpk6xgu7kg.cloudfront.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| GB | 172.217.169.42:443 | ajax.googleapis.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| FR | 3.165.135.51:443 | d2lmlpk6xgu7kg.cloudfront.net | tcp |
| FR | 3.165.135.51:443 | d2lmlpk6xgu7kg.cloudfront.net | tcp |
| FR | 3.165.135.51:443 | d2lmlpk6xgu7kg.cloudfront.net | tcp |
| FR | 3.165.135.51:443 | d2lmlpk6xgu7kg.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.135.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | app.cloudtrks.com | udp |
| NL | 34.91.218.141:443 | app.cloudtrks.com | tcp |
| US | 8.8.8.8:53 | t.afftrackr.com | udp |
| US | 44.216.2.254:443 | t.afftrackr.com | tcp |
| US | 8.8.8.8:53 | 141.218.91.34.in-addr.arpa | udp |
| US | 44.216.2.254:443 | t.afftrackr.com | tcp |
| US | 8.8.8.8:53 | nationalconsumerscenter.co.uk | udp |
| US | 104.18.21.83:443 | nationalconsumerscenter.co.uk | tcp |
| US | 8.8.8.8:53 | www.cdn925.com | udp |
| US | 104.16.246.135:443 | www.cdn925.com | tcp |
| US | 104.16.246.135:443 | www.cdn925.com | tcp |
| US | 8.8.8.8:53 | 254.2.216.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.246.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.clicken.us | udp |
| US | 104.16.243.248:443 | www.clicken.us | tcp |
| US | 8.8.8.8:53 | fqtag.com | udp |
| US | 35.190.72.161:443 | fqtag.com | tcp |
| US | 8.8.8.8:53 | cdn.fqtag.com | udp |
| US | 35.190.36.172:443 | cdn.fqtag.com | tcp |
| US | 8.8.8.8:53 | 248.243.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.36.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 35.190.72.161:443 | fqtag.com | udp |
| US | 35.190.72.161:443 | fqtag.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | stun.wwdl.net | udp |
| US | 8.8.8.8:53 | stun.jumblo.com | udp |
| US | 8.8.8.8:53 | stun.botonakis.com | udp |
| US | 8.8.8.8:53 | stun.node4.co.uk | udp |
| US | 8.8.8.8:53 | stun.budgetphone.nl | udp |
| US | 8.8.8.8:53 | stun.counterpath.com | udp |
| US | 8.8.8.8:53 | stun.2talk.com | udp |
| US | 8.8.8.8:53 | stun.gradwell.com | udp |
| US | 8.8.8.8:53 | stun.voipzoom.com | udp |
| US | 8.8.8.8:53 | stun.veoh.com | udp |
| US | 8.8.8.8:53 | stun.nas.net | udp |
| US | 8.8.8.8:53 | stun.voxox.com | udp |
| US | 8.8.8.8:53 | stun.voip.aebc.com | udp |
| US | 216.93.246.18:3478 | stun.counterpath.com | udp |
| US | 70.85.220.74:3478 | stun.wwdl.net | udp |
| DE | 77.72.169.213:3478 | stun.voipzoom.com | udp |
| CA | 66.51.128.11:3478 | stun.voip.aebc.com | udp |
| US | 69.167.127.106:3478 | stun.veoh.com | udp |
| CA | 216.145.109.98:3478 | stun.nas.net | udp |
| DE | 77.72.169.210:3478 | stun.voipzoom.com | udp |
| US | 8.8.8.8:53 | aux.fqtag.com | udp |
| US | 35.190.13.203:443 | aux.fqtag.com | tcp |
| US | 8.8.8.8:53 | 18.246.93.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.220.85.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.169.72.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.128.51.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.127.167.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.109.145.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.13.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.169.72.77.in-addr.arpa | udp |
| US | 35.190.13.203:443 | aux.fqtag.com | udp |
| US | 8.8.8.8:53 | mr.macgsapptrck.com | udp |
| NL | 34.91.234.242:443 | mr.macgsapptrck.com | tcp |
| US | 8.8.8.8:53 | get-gx.com | udp |
| US | 52.203.66.83:443 | get-gx.com | tcp |
| US | 8.8.8.8:53 | 242.234.91.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.66.203.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 35.156.1.158:443 | www.opera.com | tcp |
| DE | 35.156.1.158:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | cdn-production-opera-website.operacdn.com | udp |
| US | 8.8.8.8:53 | www.googleoptimize.com | udp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | 51.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.1.156.35.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | www.googleoptimize.com | tcp |
| GB | 104.82.234.15:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 8.8.8.8:53 | 15.234.82.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| DE | 35.156.1.158:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| NL | 185.26.182.111:443 | net.geo.opera.com | tcp |
| NL | 185.26.182.111:443 | net.geo.opera.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 142.250.179.226:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 111.182.26.185.in-addr.arpa | udp |
| GB | 142.250.179.226:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | autoupdate.opera.com | udp |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| NL | 185.26.182.123:443 | autoupdate.opera.com | tcp |
| NL | 82.145.216.20:443 | autoupdate.geo.opera.com | tcp |
| US | 8.8.8.8:53 | 121.217.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | features.opera-api2.com | udp |
| NL | 185.26.182.94:443 | features.opera-api2.com | tcp |
| US | 8.8.8.8:53 | api.config.opr.gg | udp |
| US | 104.18.25.17:443 | api.config.opr.gg | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.187.227:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | download.opera.com | udp |
| NL | 185.26.182.122:443 | download.opera.com | tcp |
| US | 8.8.8.8:53 | download5.operacdn.com | udp |
| US | 104.18.10.89:443 | download5.operacdn.com | tcp |
| US | 8.8.8.8:53 | 123.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.25.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.10.18.104.in-addr.arpa | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | download3.operacdn.com | udp |
| GB | 2.19.161.48:443 | download3.operacdn.com | tcp |
| US | 8.8.8.8:53 | 48.161.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aimbotz.pages.dev | udp |
| US | 8.8.8.8:53 | aimbotz.pages.dev | udp |
| US | 172.66.47.176:443 | aimbotz.pages.dev | tcp |
| US | 172.66.47.176:443 | aimbotz.pages.dev | udp |
| US | 8.8.8.8:53 | du002iv2rxh4h.cloudfront.net | udp |
| US | 8.8.8.8:53 | du002iv2rxh4h.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1ftkft7iiluq6.cloudfront.net | udp |
| US | 8.8.8.8:53 | d1ftkft7iiluq6.cloudfront.net | udp |
| FR | 18.245.200.188:443 | du002iv2rxh4h.cloudfront.net | tcp |
| FR | 18.245.200.188:443 | du002iv2rxh4h.cloudfront.net | tcp |
| FR | 18.245.200.177:443 | d1ftkft7iiluq6.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 188.200.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.200.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | d2lmlpk6xgu7kg.cloudfront.net | udp |
| US | 8.8.8.8:53 | d2lmlpk6xgu7kg.cloudfront.net | udp |
| FR | 3.165.135.26:443 | d2lmlpk6xgu7kg.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 26.135.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
Files
memory/4052-0-0x0000000000920000-0x0000000000921000-memory.dmp
memory/4052-10-0x0000000000920000-0x0000000000921000-memory.dmp
memory/4052-9-0x0000000000400000-0x0000000000708000-memory.dmp
C:\Users\Admin\AppData\Roaming\Noxic\ffmpeg.dll
| MD5 | d57dd69a4d084427ea5eef777de66f68 |
| SHA1 | cacb8e06a475b2125708ae70153aa1ca525177b0 |
| SHA256 | 858612d51120907bede6782a6f13a5f0b391d11ed9a35af0647126831d9843b4 |
| SHA512 | 517637325aff7416e16e25f33b491025e8791e71ae3df76effc6b2910e9e651604f856d2ad6058ceee13e87a7e0e33c0c572388e76a64f902be88f175a51973a |
C:\Users\Admin\AppData\Roaming\Noxic\icudtl.dat
| MD5 | 2134e5dbc46fb1c46eac0fe1af710ec3 |
| SHA1 | dbecf2d193ae575aba4217194d4136bd9291d4db |
| SHA256 | ee3c8883effd90edfb0ff5b758c560cbca25d1598fcb55b80ef67e990dd19d41 |
| SHA512 | b9b50614d9baebf6378e5164d70be7fe7ef3051cfff38733fe3c7448c5de292754bbbb8da833e26115a185945be419be8dd1030fc230ed69f388479853bc0fcb |
memory/4052-203-0x0000000000400000-0x0000000000708000-memory.dmp
C:\Users\Admin\AppData\Roaming\Noxic\v8_context_snapshot.bin
| MD5 | d414e2c9406a9fe119a25ee53a9fcf49 |
| SHA1 | 71b38aa1a71750c699cb2a55e7524e00dd8af041 |
| SHA256 | 3aacd67dee9d3e7b43799c1d4fed178a247faa087de14b2d13ef67eb512e4297 |
| SHA512 | fa79b61f7d2f3b0d0d32e0d88d48eb4d5b81ea73efbc001a2710fc76fed14c099dc08988b279b874f239e8cb9d47ab11a1533d9b5ac10fb8325da9361c31cb29 |
C:\Users\Admin\AppData\Roaming\Noxic\resources\app\package.json
| MD5 | 76c54d2e7c5010bd9ca18d78c332d840 |
| SHA1 | a7b8c314c48816ee6433cfad09b89a0623317ed7 |
| SHA256 | 598659ffdf7609e491e338b289713371ac00230835fd854141a09ecaa53dccf1 |
| SHA512 | c2a63ad09d617181b9d5777997386d8526337f18e870a40d7275a366d41ce2ace805ad0c326c8197ba2eec6be84e1e1e2711bc0462bf6a5c89f8c87832a3c27d |
C:\Users\Admin\AppData\Roaming\Noxic\resources\app\lib\main.js
| MD5 | c5cc8c567f8cf454a75d1fe52b1b4e10 |
| SHA1 | d468190f6a7fab2d1cf37e271318be2c06f9e08b |
| SHA256 | c1c720603c33896d213b06f7d2c056f6a5dd38874365bd9a816675c9d5fa6654 |
| SHA512 | b6dc23b8d53066d26b217429c6fb8bcab74335ab2a19ada666888523ba34e07093139cf56c28b118ca1f7c58a2c77a56467a71f6938cfcc8ff3cebdd06948f74 |
C:\Users\Admin\AppData\Roaming\Noxic\resources\app\nativefier.json
| MD5 | 649d80ed9be5956a8352a170cd94adf9 |
| SHA1 | d2d1473aab229d282b7adf39384b2ee311e63e57 |
| SHA256 | 5fd5fae6c7cceff2700ab55cc3eef4fcda32766556ab11d9df0bcff724f62c6d |
| SHA512 | 0f4cc4c1d62e1d4973bf9cdd818080d443f5096e5acfb28d7d5044ab9926230fd56ff51acc5b2da50cce6e0739ddfd06ad91b9060cfc0ad2882292559d594d59 |
C:\Users\Admin\AppData\Roaming\Noxic\resources.pak
| MD5 | c02a7646179764432f18e2e3aa30582d |
| SHA1 | d8fe2b0b9f3ecb621b958c7b50bfcd958036fcbe |
| SHA256 | c5dad6ac71492b89c21909966fd24a94ac8205f97ae85c9731d1131d7bc927e4 |
| SHA512 | 95bdb007443756a21cc4ba8dfee90bcec3ab46eaf45d1a6adb7500368e1ac4f4cad9a410be34708672977517c31351cff0395d7159def49215980d1de87835d4 |
C:\Users\Admin\AppData\Roaming\Noxic\locales\en-US.pak
| MD5 | 06d28839ea0b3aab4597ba8646a53a96 |
| SHA1 | 9c6a74aae8c783546d613c6f38cbfc8f5e3736f1 |
| SHA256 | 69c1a2e1b30d83612decf1a8dd7b124a04f58e9f2465876726f02f7f7d5eb54a |
| SHA512 | a432542dc98795ce0ea6fa4a6bbcbae8ba126f1fda025a9ad6ff3fa67eee85dcf7afc6678f5100bb1543c4d00ac75043ea92e64b65c9ef6bd946ce3dc4d5ae71 |
C:\Users\Admin\AppData\Roaming\Noxic\chrome_200_percent.pak
| MD5 | 81b5b74fe16c7c81870f539d5c263397 |
| SHA1 | 27526cc2b68a6d2b539bd75317a20c9c5e43c889 |
| SHA256 | cb4fd141a5c4d188a3ecb203e9d41a3afca648724160e212289adcac666fbff4 |
| SHA512 | b2670e2dfa495ccc7874c21d0413cfbebfd4a2f14fc0217e823ec6a16ac1181f8e06bfe7c2d32543167bc3a2e929c7f0af1a5f90182e95913ba2292fa7cadb80 |
C:\Users\Admin\AppData\Roaming\Noxic\chrome_100_percent.pak
| MD5 | 443c58245eeb233d319abf7150b99c31 |
| SHA1 | f889ce6302bd8cfbb68ee9a6d8252e58b63e492d |
| SHA256 | 99ca6947d97df212e45782bbd5d97bfb42112872e1c42bab4209ceedf66dc760 |
| SHA512 | 081f3ee4a5e40fdc8bb6f16f2cfd47edde2bd8f3b5349775526092a770b090c05308d4289ecdda3d541cf7f0579ac64b529930fd128edad9b0991dfa00b0e9bc |
C:\Users\Admin\AppData\Roaming\Noxic\resources\app\icon.ico
| MD5 | 76736a156daa04efc6298d5d22dd33d4 |
| SHA1 | 8999c831944ab8973db2c9832600df29f44ece5a |
| SHA256 | f520026e6794da6455bdb33ccbe5d855b49d157bd3e2469967f5dae2a419dbeb |
| SHA512 | c5728813f8faa1c4a7a619894f55911679d03d63eab98b6af3a87169ed6b7dcf116a3e09d999353a15e6cb37872de12b6a565b39a66d1d7c53d0d17ba48a6f25 |
C:\Users\Admin\AppData\Roaming\Noxic\vk_swiftshader.dll
| MD5 | 60ff770a0a18ebf2473a25d65bbef2c4 |
| SHA1 | e9dc07d13f8e9a9c679765967a764a95311fcb4a |
| SHA256 | 541b416b14a0fa5d17f3b6e1eec4f4aa06dbf3c5b16654246605cee9ef6afa5a |
| SHA512 | f1c79c2b3c00e3ec57db0db4bf55bf5669e10eca9161d9ff7087f410c691482a3b45bd5f0af89550352747975ce10613cff287fb8945ea6b762bca3bcfe22b30 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Roaming\Noxic\libEGL.dll
| MD5 | 7cd0e7709799aa650cec030526b6606f |
| SHA1 | 03c06228884c3793da997b4a6ad719c518f430ac |
| SHA256 | 20d16cf4c5513a11f8f9c5a9f0fb5a0309f351d3f3d53438b4cfbb68e3466b8a |
| SHA512 | 1f4cc8b74e09354d0b3dde8ecc1e3d577d1b62d9dd25d0902d5264a72e80d09b363ee46abbe4eb7f67cecb02c1f272282825bcc95329eefd3bac48d33b43528d |
C:\Users\Admin\AppData\Roaming\Noxic\libGLESv2.dll
| MD5 | 793f527cf248726bb0111026f80c6467 |
| SHA1 | 2fbda331832bac5801ff0ed3234658bd8af29ec6 |
| SHA256 | acafb1080be066cf10dc3f0f75ef73fb55738fdaac450dee7ee6f672ea9fc23c |
| SHA512 | 5f14782237f49f621a040927ced199f678a64b147a19a8045c8916f95402906f94ce5a8a0aceb7ab29dded96d0284f0264c67286b97faee8e51d44d7de8a4410 |
C:\Users\Admin\AppData\Roaming\Noxic\d3dcompiler_47.dll
| MD5 | 2191e768cc2e19009dad20dc999135a3 |
| SHA1 | f49a46ba0e954e657aaed1c9019a53d194272b6a |
| SHA256 | 7353f25dc5cf84d09894e3e0461cef0e56799adbc617fce37620ca67240b547d |
| SHA512 | 5adcb00162f284c16ec78016d301fc11559dd0a781ffbeff822db22efbed168b11d7e5586ea82388e9503b0c7d3740cf2a08e243877f5319202491c8a641c970 |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\Session Storage\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Roaming\Noxic\resources\app\lib\preload.js
| MD5 | cfd7e6489b0d63738319982f68ff935e |
| SHA1 | d05ab48d9dc3a52946511c2c4cf5de0fcb4f1290 |
| SHA256 | d50ca2fa212df1c1ff69b5d26ba594bd39bfd86a71b068a650cc577e5dc9a94e |
| SHA512 | 9b4c0fb83033163f8e8e35c9da2d33265f7d36eefa22774399abaf867e3d22a3e0cba71f2bb2037fe055e5b9932b25dd98a63b7543c3a15f2667ec40d7bcdf93 |
memory/2252-305-0x00007FF8101E0000-0x00007FF8101E1000-memory.dmp
memory/2252-306-0x00007FF811AB0000-0x00007FF811AB1000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c2d9eeb3fdd75834f0ac3f9767de8d6f |
| SHA1 | 4d16a7e82190f8490a00008bd53d85fb92e379b0 |
| SHA256 | 1e5efb5f1d78a4cc269cb116307e9d767fc5ad8a18e6cf95c81c61d7b1da5c66 |
| SHA512 | d92f995f9e096ecc0a7b8b4aca336aeef0e7b919fe7fe008169f0b87da84d018971ba5728141557d42a0fc562a25191bd85e0d7354c401b09e8b62cdc44b6dcd |
\??\pipe\LOCAL\crashpad_4916_AYRELVZGKHSLUZJA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e55832d7cd7e868a2c087c4c73678018 |
| SHA1 | ed7a2f6d6437e907218ffba9128802eaf414a0eb |
| SHA256 | a4d7777b980ec53de3a70aca8fb25b77e9b53187e7d2f0fa1a729ee9a35da574 |
| SHA512 | 897fdebf1a9269a1bf1e3a791f6ee9ab7c24c9d75eeff65ac9599764e1c8585784e1837ba5321d90af0b004af121b2206081a6fb1b1ad571a0051ee33d3f5c5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d9a48a85ae6925839c2e29f11a4df741 |
| SHA1 | ae3608bb131afa1d85f4a170bc21dbba81ce4632 |
| SHA256 | be92a5f0fb7bc523763f17f2ef5fa38a576b01bf61c07bf0b36dba1fff01f1b1 |
| SHA512 | 2a735c14aaedb2b12e039c564d933254635700cc228ddb50763a5736e5eb081ca741b4df5a78f8df03ca5ad8ebc0d6ca713422e79edf3b710d22d8435017326e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7dbf4d0c281ea4caab7a56a770667a7f |
| SHA1 | 073ea2fd077f11bc5425844d33f6754fcde6e7c4 |
| SHA256 | 92c3c41cd1d9f0e3d9808af7c4096af993c37e27185303f38a50dc1ffa002329 |
| SHA512 | c02a5e4834dbf0b59175c9e6067d3253f85440a3c7a96d7c40d6d5f901343102886a8acf55f9893d90b50757daaf500376a424dfc0e02be648f5d85a6bf9d4c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c5fb75623651363f6b94fa2f8eb73613 |
| SHA1 | cf77f547d53a2ba451159d4d1f24bb55c96bdec2 |
| SHA256 | cc5a70d713962f1fbfb278a855fd6731991900b5f780a8ddaa481541d36db904 |
| SHA512 | 13a90157cbab053532293eb22bb75d8902e796f455e2dc39989688b148074cba3c283ecb30af2278683281765f24df35770dd5283a73ef3abcbb138a9b220b0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\Code Cache\js\index-dir\the-real-index
| MD5 | cc3980a2e3f46e7b4c04bc9ab61ef873 |
| SHA1 | c7d60abe6495eab26ae0ca3578eb83802430408b |
| SHA256 | ad2520697037e2a02f632f37470b1ea05f9faa788855543953b77ad3bad04e70 |
| SHA512 | aaaeb83ee7a7cca943ff97e6e240eccacb253faa16534d074a5cee18cd6e129b3636ec380e2328ce0ff70839a5b3e027338899633135abc9141a84ca3e55a7ba |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\Code Cache\js\index-dir\the-real-index
| MD5 | fd45c8564e63f61b212de544b9d502a9 |
| SHA1 | dc20ba48dbd34ee0b668d8f4aed26ed13be23451 |
| SHA256 | 1121b54234c1749f315c3608f963f4b53f2b5ebecd813fd7ae7e5bcf22302f30 |
| SHA512 | 8cfc72f8d327ae401af575cbeaf897b51a6783f6e9f2928035dc556d6e8605d8c9448cb93a584d6f18673724e56ca3ae2b86281ab51aa49ceef75243f03ce550 |
C:\Users\Admin\Desktop\Noxic.lnk
| MD5 | c842f8353de625b358380071b54a3992 |
| SHA1 | 499b1de626cd62c9d0f571e9e3e44c424d16c0ea |
| SHA256 | 9748b867b02369074a8790f55cac116dfec6a19a0545058f58cd1c027ddeb079 |
| SHA512 | 9666c14679025b36ca848e39d2cadb49a441339e902cf54d50ec1a5ae5208a1e5501df76d11079c7cf0e0fdfe1feaaf6f997cdbab7eef0d30493d0d76525c664 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 03679019f39cab5bfe41dd08d484acfe |
| SHA1 | 76b09a4a5df1569e6d30aee15c66c3ed7cc47b2d |
| SHA256 | 0a5fee8f4dd724d47929d45731d4d84eb26dab5e5f1d01e23c43432f130f081e |
| SHA512 | 4505af21c6b2a3376ef08cb83fd0a50b657a5644549e4493e42ee9c02eecb1baf9670039d341ae2a07a614cf4d629308f44b0abae71ea0d07fe75756e47f4fb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d3d7d4ac6c0a145698dc483ab0976a9a |
| SHA1 | d2bbe01a62c64ff1bd12202c13a25721f3c20546 |
| SHA256 | d57e96672e51f71d1014290e2db38325028b70e85f5859279885cb5a66abfcc9 |
| SHA512 | 1dc65e9711e7880889bb15597e6774101d754c320bc6310679e04f2cf313233d1e64b0e7000565435baf5c2ec620c0133175a27d2863e4f237d8d90bfc4528c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5874cd.TMP
| MD5 | 6a2dce9b2e394daecf512f6ed846cda8 |
| SHA1 | 504ea14b10a9121aaa6cbda80b7b2af6ffcb4132 |
| SHA256 | 2c6663651d252e33c79698ae08201e5c5e1d0554af7c37bbd9ff2edf9ed18fb7 |
| SHA512 | 5ac01912de9eb1a9ff4b206fde0e2ec3027e4d2bec7f3290283a5012b9a2d66a741c230ad7cfc957f464da19454e7694233a949590d677df3495e18512d47530 |
C:\Users\Admin\Downloads\OperaGXSetup.exe
| MD5 | 24b6ddacec58545bcc6321cd8e92e5fe |
| SHA1 | bc7776ff0ce24ff4710846628618eb6e6d1b5317 |
| SHA256 | 5a3b1d4afc5859c6df76f3ba996cbd4db825fedf39a9298276fbe1dc69275965 |
| SHA512 | 44995e76268f589fdf98c6ab12e78a0ebe7a359985ba09b45e8ae16cb0d9f0bc720abc568b9e6020c605013b872bab60759cb8cb11966989adc9ea69b280656e |
C:\Users\Admin\AppData\Local\Temp\7zS4F7C5228\setup.exe
| MD5 | dcc0d15e77a7872758e65deb0bfc6745 |
| SHA1 | 1efb89e143bf5edd34d46ae8370ecc13d4c3339f |
| SHA256 | 87a168a04a254b1cf1adfe732e8b7b08d5c3e76ddca4e8b7fb4e58ebef85fe64 |
| SHA512 | 9cb972bcd99fd03a924bbff79e8989a040d1202a77c9d8f62ea862cc6b1d258778410ad9a4de5f2aab43062f5e9fe17d7ab9baa000de98d22a47f1471d1de778 |
C:\Users\Admin\AppData\Local\Temp\Opera_installer_2411082336358322492.dll
| MD5 | 1b07ce60bc1c77f0cadf13c2e62b1383 |
| SHA1 | ca70d0ef99ae5d1ebf85880ee669ad1145e4d79d |
| SHA256 | e48eb19ca0210f9063f4e77c2f14293ee940eeaef2ecb9efceac7f6336cc203f |
| SHA512 | 94c358b6dfef0fcb0012a3a43235292b18ebf897043baef0c110570e91cc73721b12f1f771df6d000b4097f3c0cc22dcc65330a9153c7a9643787d24da6108f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 217982373aa973785fe80c8193df0379 |
| SHA1 | 77aee3ed6ba32a4c5680a8934f940b8c29c1378c |
| SHA256 | b023c57debc08bf02229f3135d511f8d2cd477553614244fbc5caab71145d8ec |
| SHA512 | f4f33ac3c83f33f70b24f92425ff0a370d6907b6480f656273e27fc496201f97469af83dbd65cd349fb1dadec38b0b538b2e5043d4df17fd11832c47dcaae0bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe589892.TMP
| MD5 | 5dc92abbf899484efa8bf64b8042f7bf |
| SHA1 | 2c31140cccbb7a14bd26ce330808ac3d3419f406 |
| SHA256 | a96b49d24c6219fafca72d4455e0b6f5750d829913078cdc8b78ae26fb49a7e9 |
| SHA512 | b150ee482205e00b2b33a6a127fd016454cd53458bf9c6c18e87a194604b06d04ef018db99837ed9d8b19d78ba97179ddc608f6c22a08cb135548d30c8d39d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a98456e1aa5f119b5a32b50d2d81acb0 |
| SHA1 | b3fe68da40b6035a6dd15ce7b458632d83b64af3 |
| SHA256 | 1a1f35b9d76bc25e7c413a8e9ee52989f730ec1e77422bf4b3fef534a5d93f8c |
| SHA512 | 9acc5f4ca6deab92b629be070866b759cbc9e9a10eca1848da37b4e5e7d4b058e9c80352074e74d14aceec23966e4421d68726ec7971d265811a9d2de4988781 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 202903c7115d9101d707cd04a36d6059 |
| SHA1 | 8d55c7f3b4357353e4ae1275fcb8522f0b5b32a8 |
| SHA256 | 7f81fbd5c46c6a40eb897b4317f88bf0be7ec8432ad3d60f753a5a1e03d90c63 |
| SHA512 | 5867e09770b8999cab3281a3caf034432c64aa239452d8914c1cd7207140ec5edd6aa70d3860ac1bcbccb8e8bed99520b5bee496f064cf5223ed76f068baaab4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 331978e587177669610a8c858947b717 |
| SHA1 | 04b136f8a1661ef17080367d0b497142a86916ed |
| SHA256 | 5e6d96997134e844bc6f96720d7906041f9471e53c083ab2c1162fcebf5eb924 |
| SHA512 | 7b7d632af23f8095e7063751b574a164231aaf89db661aefca06afc54e994988712f883bc5bec50fb7a31c56c79f7186b75983bd720c5469281f0ffb9544365d |
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411082336381\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
| MD5 | e9a2209b61f4be34f25069a6e54affea |
| SHA1 | 6368b0a81608c701b06b97aeff194ce88fd0e3c0 |
| SHA256 | e950f17f4181009eeafa9f5306e8a9dfd26d88ca63b1838f44ff0efc738e7d1f |
| SHA512 | 59e46277ca79a43ed8b0a25b24eff013e251a75f90587e013b9c12851e5dd7283b6172f7d48583982f6a32069457778ee440025c1c754bf7bb6ce8ae1d2c3fc5 |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\Network\Network Persistent State
| MD5 | 74277477f5d189d01707e4a73f80c6f7 |
| SHA1 | 3c36c87846491948d1963627c016c48b0548b82e |
| SHA256 | 7b2c586a8a09990111e02e78e61aab359de59dcb003414175cbd3386fdfe2893 |
| SHA512 | 907438d7b8664825cfb1d05676e60192a1ea04d4f955f66cf41b25e24b514c9e9e9ce106572bbb2d2edf046a63a18b7703900108a46ded9ec61644b645f61b12 |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\Network\Network Persistent State~RFe590b8f.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ed8df51d75e3cadbce37b3c938bb0efd |
| SHA1 | f6dbe8df354d537ab1ca929021d92b6b6c03f0fa |
| SHA256 | ce5b42ec1609ca2dcd040fac8cca756a6b414a2e794014295f7827215d46819e |
| SHA512 | 63f0e47fd66d558e1d7f4e0ae14e17ae65bd78df493d1268f700b7ac4f0db504d14f24ae20879ade10a95401d98cdc76e1cae1a7d62c09d43ceb3624d8e245e2 |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\DawnCache\data_1
| MD5 | 59ce410787ab7d254084547c2ab21f79 |
| SHA1 | e4ac2c5c71621638a3d671630ccdedca20718295 |
| SHA256 | 1a3b3ef03774b3501abcc37858e5a3df5644f11de479315f3da653e031f9d700 |
| SHA512 | 601f3ae77044ab7e0a5a78ebf98a76dca28a0c5100b959b282ff756edd07f2a62b041117f3e5ae08f5cc1bbcdebe7382d43a8132dcf200e7ac98782cf445bb2a |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\DawnCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\DawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\DawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\5b7cda31-24da-4ca4-b96a-e57c6a0954a5.tmp
| MD5 | d11dedf80b85d8d9be3fec6bb292f64b |
| SHA1 | aab8783454819cd66ddf7871e887abdba138aef3 |
| SHA256 | 8029940de92ae596278912bbbd6387d65f4e849d3c136287a1233f525d189c67 |
| SHA512 | 6b7ec1ca5189124e0d136f561ca7f12a4653633e2d9452d290e658dfe545acf6600cc9496794757a43f95c91705e9549ef681d4cc9e035738b03a18bdc2e25f0 |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\Network\TransportSecurity
| MD5 | 3c156dd97145f989a224b540834e0554 |
| SHA1 | 60d6e73dcbad5f5328bc4f40f0580e6ac6c7ae45 |
| SHA256 | cd0d8757f1a22fe42b4550c8c13d89566c9a0c074e3c9c67ebd09da2be2ac26f |
| SHA512 | 060611ae6a104b2c99712e8915aae24014621658261a0f8d15f043b30b0fd22950bf94438519d1e0401f42c47aeeb22b1594a939442107b4aba86910a1827989 |
C:\Users\Admin\AppData\Roaming\noxic-app-nativefier-00f9eb\Code Cache\js\index-dir\the-real-index
| MD5 | 00052289ad9da36624c931ae208a77e6 |
| SHA1 | 2ecfc5fcb7495ba4a3d7229aeb927847c15bd484 |
| SHA256 | ca963b4de6b1d6b404e47b460f3d42c99ec20b81422bdd44ff95407e39366c30 |
| SHA512 | c07989e7af25b49a27e2939ff18efe5d8071c315a894108fe2c00ca0e37d6e6ccb3b9405663e230a0a18d9392facd6b6737008fc600810136f201201a5fdc9fb |