Analysis Overview
SHA256
15c952ff76ab4feea15da576ac14b2c0f15c217ce350ea7155d586dde20b0ee1
Threat Level: Likely malicious
The file YEAH.png was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Loads dropped DLL
Executes dropped EXE
Drops desktop.ini file(s)
Checks installed software on the system
Adds Run key to start application
Detected potential entity reuse from brand STEAM.
Suspicious use of SetThreadContext
Drops file in Program Files directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Windows directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
NTFS ADS
Modifies system certificate store
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Checks processor information in registry
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-08 17:28
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-08 17:28
Reported
2024-11-08 18:14
Platform
win11-20241007-en
Max time kernel
2699s
Max time network
2702s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000\Software\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
Checks installed software on the system
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Videos\Captures\desktop.ini | C:\Windows\system32\svchost.exe | N/A |
Detected potential entity reuse from brand STEAM.
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 9260 set thread context of 3860 | N/A | C:\Program Files (x86)\Steam\steam.exe | C:\Program Files (x86)\Steam\steamapps\common\BadNorth\BadNorth.exe |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\minithrobber06.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_ltrackpad.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_rstick_up_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\xbox_p3_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\appcache\librarycache\250820_logo.png | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_090_media_0100.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller_generic.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sc_lt_soft_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\layout\friendpanel_rightaligned.layout_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\steam_working1.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\friends\trackerui_czech.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\switchpro_rstick_up_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_ltrackpad_click_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7\VkICD_mock_icd.dll_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_ltrackpad_down_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_l5_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_l1.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_090_media_0110.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\xbox_p2_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_color_button_y.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\SteamInputControllerConfigNotification.res_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\offline_turkish.html_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_050_menu_0060.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\images\controller\ghost_035_magic_0345.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\platform_vietnamese.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_r_ring_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Steam\steamapps\appmanifest_688420.acf.3586730505.tmp | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_050_menu_0120.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\hp_l4_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_lstick_right.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7x64\locales\id.pak_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\cloud_icon_down.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\vgui_schinese.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_turkish.txt.gz_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\Receipt_CDKey_Success.res_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\dualshock_4_vietnamese.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_trackpad_r_left_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\switchpro_lstick_down_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\xbox_lt_soft_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_button_logo_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_l2_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\filter_banned_brazilian.txt.gz_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Steam\userdata\1456296740\config\librarycache\2371090.json | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\minithrobber04.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_trackpad_up_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps4_trackpad_l_down_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_dpad_up_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\switchpro_l2.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\steam_updating_posix.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\gridview_placeholder_1.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_r_right.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sd_ltrackpad_ring.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\tabStdLeft.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_rb_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7x64\locales\ru.pak_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_outlined_button_x_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_r2_soft_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_color_outlined_button_a.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\gameproperties_dlc.res_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps4_r2_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_button_create_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_035_magic_0360.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\switch_controller_russian.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9784_234712922\_platform_specific\win_x64\widevinecdm.dll | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9784_234712922\LICENSE | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9784_234712922\manifest.json | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9784_234712922\_metadata\verified_contents.json | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9784_234712922\manifest.fingerprint | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9784_234712922\_platform_specific\win_x64\widevinecdm.dll.sig | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steamapps\common\BadNorth\BadNorth.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\GameOverlayUI.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\gldriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steamerrorreporter.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files (x86)\Steam\steamapps\common\BadNorth\BadNorth.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steamapps\common\BadNorth\BadNorth.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\GameOverlayUI.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\GameOverlayUI.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steamapps\common\BadNorth\BadNorth.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steamapps\common\BadNorth\BadNorth.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam\ = "URL:steam protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink\DefaultIcon | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\Local Settings\MuiCache | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3973800497-2716210218-310192997-1000\{ECDB48ED-A5E4-42C4-9D82-6BBEB954719C} | C:\Windows\system32\svchost.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\steam.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 5c0000000100000004000000001000001900000001000000100000002fe1f70bb05d7c92335bc5e05b984da60f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f63030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e814000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e20000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B1BC968BD4F49D622AA89A81F2150152A41D829C | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B1BC968BD4F49D622AA89A81F2150152A41D829C\Blob = 0400000001000000100000003e455215095192e1b75d379fb187298a0f00000001000000140000005a6d07b6371d966a2fb6ba92828ce5512a49513d090000000100000068000000306606082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050508020206082b0601050507030606082b0601050507030706082b0601050507030906082b0601050507030106082b06010505070308530000000100000040000000303e301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520031000000620000000100000020000000ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c99140000000100000014000000607b661a450d97ca89502f7d04cd34a8fffcfd4b1d00000001000000100000006ee7f3b060d10e90a31ba3471b9992367f000000010000000c000000300a06082b060105050703097a000000010000000c000000300a06082b060105050703097e00000001000000080000000000042beb77d501030000000100000014000000b1bc968bd4f49d622aa89a81f2150152a41d829c190000000100000010000000a823b4a20180beb460cab955c24d7e21200000000100000079030000308203753082025da003020102020b040000000001154b5ac394300d06092a864886f70d01010505003057310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613110300e060355040b1307526f6f74204341311b301906035504031312476c6f62616c5369676e20526f6f74204341301e170d3938303930313132303030305a170d3238303132383132303030305a3057310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613110300e060355040b1307526f6f74204341311b301906035504031312476c6f62616c5369676e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100da0ee6998dcea3e34f8a7efbf18b83256bea481ff12ab0b9951104bdf063d1e26766cf1cddcf1b482bee8d898e9aaf298065abe9c72d12cbab1c4c7007a13d0a30cd158d4ff8ddd48c50151cef50eec42ef7fce952f2917de06dd535308e5e4373f241e9d56ae3b2893a5639386f063c88695b2a4dc5a754b86c89cc9bf93ccae5fd89f5123c927896d6dc746e934461d18dc746b2750e86e8198ad56d6cd5781695a2e9c80a38ebf224134f73549313853a1bbc1e34b58b058cb9778bb1db1f2091ab09536e90ce7b3774b97047912251631679aeb1ae412608c8192bd146aa48d6642ad78334ff2c2ac16c19434a0785e7d37cf62168efeaf2529f7f9390cf0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e04160414607b661a450d97ca89502f7d04cd34a8fffcfd4b300d06092a864886f70d01010505000382010100d673e77c4f76d08dbfecbaa2be34c52832b57cfc6c9c2c2bbd099e53bf6b5eaa1148b6e508a3b3ca3d614dd34609b33ec3a0e363551bf2baefad39e143b938a3e62f8a263befa05056f9c60afd38cdc40b705194979804dfc35f94d515c914419cc45d7564150dff5530ec868fff0def2cb96346f6aafcdfbc69fd2e1248649ae095f0a6ef298f01b115b50c1da5fe692c6924781eb3a71c7162eecac897ac175d8ac2f847866e2ac4563195d06789852bf96ca65d469d0caa82e49951dd70b7db563d61e46ae15cd6f6fe3dde41cc07ae6352bf5353f42be9c7fdb6f7825f85d24118db81b3041cc51fa4806f1520c9de0c880a1dd66655e2fc48c9292669e0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e14000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e80f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f631900000001000000100000002fe1f70bb05d7c92335bc5e05b984da620000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\B1BC968BD4F49D622AA89A81F2150152A41D829C\Blob = 5c000000010000000400000000080000190000000100000010000000a823b4a20180beb460cab955c24d7e21030000000100000014000000b1bc968bd4f49d622aa89a81f2150152a41d829c7e00000001000000080000000000042beb77d5017a000000010000000c000000300a06082b060105050703097f000000010000000c000000300a06082b060105050703091d00000001000000100000006ee7f3b060d10e90a31ba3471b999236140000000100000014000000607b661a450d97ca89502f7d04cd34a8fffcfd4b620000000100000020000000ebd41040e4bb3ec742c9e381d31ef2a41a48b6685c96e7cef3c1df6cd4331c990b000000010000003000000047006c006f00620061006c005300690067006e00200052006f006f00740020004300410020002d002000520031000000530000000100000040000000303e301f06092b06010401a032010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000068000000306606082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050508020206082b0601050507030606082b0601050507030706082b0601050507030906082b0601050507030106082b060105050703080f00000001000000140000005a6d07b6371d966a2fb6ba92828ce5512a49513d0400000001000000100000003e455215095192e1b75d379fb187298a200000000100000079030000308203753082025da003020102020b040000000001154b5ac394300d06092a864886f70d01010505003057310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613110300e060355040b1307526f6f74204341311b301906035504031312476c6f62616c5369676e20526f6f74204341301e170d3938303930313132303030305a170d3238303132383132303030305a3057310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613110300e060355040b1307526f6f74204341311b301906035504031312476c6f62616c5369676e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100da0ee6998dcea3e34f8a7efbf18b83256bea481ff12ab0b9951104bdf063d1e26766cf1cddcf1b482bee8d898e9aaf298065abe9c72d12cbab1c4c7007a13d0a30cd158d4ff8ddd48c50151cef50eec42ef7fce952f2917de06dd535308e5e4373f241e9d56ae3b2893a5639386f063c88695b2a4dc5a754b86c89cc9bf93ccae5fd89f5123c927896d6dc746e934461d18dc746b2750e86e8198ad56d6cd5781695a2e9c80a38ebf224134f73549313853a1bbc1e34b58b058cb9778bb1db1f2091ab09536e90ce7b3774b97047912251631679aeb1ae412608c8192bd146aa48d6642ad78334ff2c2ac16c19434a0785e7d37cf62168efeaf2529f7f9390cf0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e04160414607b661a450d97ca89502f7d04cd34a8fffcfd4b300d06092a864886f70d01010505000382010100d673e77c4f76d08dbfecbaa2be34c52832b57cfc6c9c2c2bbd099e53bf6b5eaa1148b6e508a3b3ca3d614dd34609b33ec3a0e363551bf2baefad39e143b938a3e62f8a263befa05056f9c60afd38cdc40b705194979804dfc35f94d515c914419cc45d7564150dff5530ec868fff0def2cb96346f6aafcdfbc69fd2e1248649ae095f0a6ef298f01b115b50c1da5fe692c6924781eb3a71c7162eecac897ac175d8ac2f847866e2ac4563195d06789852bf96ca65d469d0caa82e49951dd70b7db563d61e46ae15cd6f6fe3dde41cc07ae6352bf5353f42be9c7fdb6f7825f85d24118db81b3041cc51fa4806f1520c9de0c880a1dd66655e2fc48c9292669e0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 0f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6500b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f007200690074007900000053000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c009000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b060105050703016200000001000000200000001465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e71d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a2000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\AD7E1C28B064EF8F6003402014C3D0E3370EB58A\Blob = 190000000100000010000000fd960962ac6938e0d4b0769aa1a64e26030000000100000014000000ad7e1c28b064ef8f6003402014c3d0e3370eb58a1d000000010000001000000090c4f4233b006b7bfaa6adcd8f577d77140000000100000014000000bf5fb7d1cedd1f86f45b55acdcd710c20ea988e76200000001000000200000001465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb65809000000010000002a000000302806082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030153000000010000004800000030463021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c03021060b6086480186fd6e0107170330123010060a2b0601040182373c0101030200c00b000000010000005400000053007400610072006600690065006c006400200043006c00610073007300200032002000430065007200740069006600690063006100740069006f006e00200041007500740068006f00720069007400790000000f00000001000000140000000f6aad4c3fe04619cdc8b2bd655aa1a26042e6502000000001000000130400003082040f308202f7a003020102020100300d06092a864886f70d01010505003068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479301e170d3034303632393137333931365a170d3334303632393137333931365a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f7269747930820120300d06092a864886f70d01010105000382010d00308201080282010100b732c8fee971a60485ad0c1164dfce4defc80318873fa1abfb3ca69ff0c3a1dad4d86e2b5390fb24a43e84f09ee85fece52744f528a63f7bdee02af0c8af532f9eca0501931e8f661c39a74dfa5ab673042566eb777fe759c64a99251454eb26c7f37f19d530708fafb0462affadeb29edd79faa0487a3d4f989a5345fdb43918236d9663cb1b8b982fd9c3a3e10c83bef0665667a9b19183dff71513c302e5fbe3d7773b25d066cc323569a2b8526921ca702b3e43f0daf087982b8363dea9cd335b3bc69caf5cc9de8fd648d1780336e5e4a5d99c91e87b49d1ac0d56e1335235edf9b5f3defd6f776c2ea3ebb780d1c42676b04d8f8d6da6f8bf244a001ab020103a381c53081c2301d0603551d0e04160414bf5fb7d1cedd1f86f45b55acdcd710c20ea988e73081920603551d2304818a3081878014bf5fb7d1cedd1f86f45b55acdcd710c20ea988e7a16ca46a3068310b300906035504061302555331253023060355040a131c537461726669656c6420546563686e6f6c6f676965732c20496e632e31323030060355040b1329537461726669656c6420436c61737320322043657274696669636174696f6e20417574686f72697479820100300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100059d3f889dd1c91a55a1ac69f3f359da9b01871a4f57a9a179092adbf72fb21eccc75e6ad88387a197ef49353e7706415862bf8e58b80a673fecb3dd21661fc954fa72cc3d4c40d881af779e837abba2c7f534178ed91140f4fc2c2a4d157fa7625d2e25d3000b201a1d68f917b8f4bd8bed2859dd4d168b1783c8b265c72d7aa5aabc53866ddd57a4caf820410b68f0f4fb74be565d7a79f5f91d85e32d95bef5719043cc8d1f9a000a8729e95522580023eae31243295b4708dd8c416a6506a8e521aa41b4952195b97dd134ab13d6adbcdce23d39cdbd3e7570a1185903c922b48f9cd55e2ad7a5b6d40a6df8b74011469a1f790e62bf0f97ece02f1f1794 | C:\Program Files (x86)\Steam\steam.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 316939.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steamapps\common\BadNorth\BadNorth.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\GameOverlayUI.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steamapps\common\BadNorth\BadNorth.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\YEAH.png
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff855c23cb8,0x7ff855c23cc8,0x7ff855c23cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1932 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2732 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4068 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3940 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6396 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1780 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1920,16301729574800044299,3470647855640026987,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\SteamSetup.exe
"C:\Users\Admin\Downloads\SteamSetup.exe"
C:\Program Files (x86)\Steam\bin\steamservice.exe
"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=9260" "-buildid=1730853027" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1730853027 --initial-client-data=0x288,0x28c,0x290,0x284,0x294,0x7ff84491af00,0x7ff84491af0c,0x7ff84491af18
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1552,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1556 --mojo-platform-channel-handle=1580 /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=2136,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2140 --mojo-platform-channel-handle=2132 /prefetch:11
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004C8 0x00000000000004DC
C:\Program Files (x86)\Steam\bin\gldriverquery64.exe
.\bin\gldriverquery64.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=2740,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2744 --mojo-platform-channel-handle=2684 /prefetch:13
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3096,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3100 --mojo-platform-channel-handle=3092 /prefetch:1
C:\Program Files (x86)\Steam\bin\gldriverquery.exe
.\bin\gldriverquery.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe
.\bin\vulkandriverquery64.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe
.\bin\vulkandriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3736,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3740 --mojo-platform-channel-handle=3732 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3888,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3892 --mojo-platform-channel-handle=3884 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=3860,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3852 --mojo-platform-channel-handle=3856 /prefetch:14
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3992,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4100 --mojo-platform-channel-handle=4104 /prefetch:10
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Windows\system32\BackgroundTransferHost.exe
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
C:\Program Files (x86)\Steam\steamerrorreporter.exe
C:\Program Files (x86)\Steam\steam
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3512,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3516 --mojo-platform-channel-handle=3572 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3972,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3896 --mojo-platform-channel-handle=3824 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4256,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3836 --mojo-platform-channel-handle=4456 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4608,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4600 --mojo-platform-channel-handle=3896 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4596,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4356 --mojo-platform-channel-handle=4624 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4508,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4292 --mojo-platform-channel-handle=4568 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=1908,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3884 --mojo-platform-channel-handle=4100 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4664,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4668 --mojo-platform-channel-handle=4680 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4476,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4528 --mojo-platform-channel-handle=4656 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=4644,i,16472092108883793641,12628670934248371487,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4524 --mojo-platform-channel-handle=4412 /prefetch:12
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004C8 0x00000000000004DC
C:\Program Files (x86)\Steam\steamapps\common\BadNorth\BadNorth.exe
"C:\Program Files (x86)\Steam\steamapps\common\BadNorth\BadNorth.exe"
C:\Program Files (x86)\Steam\steamapps\common\BadNorth\UnityCrashHandler32.exe
"C:\Program Files (x86)\Steam\steamapps\common\BadNorth\UnityCrashHandler32.exe" --attach 3860 14946304
C:\Program Files (x86)\Steam\GameOverlayUI.exe
"C:\Program Files (x86)\Steam\GameOverlayUI.exe" -pid 3860 -steampid 9260 -manuallyclearframes 0 -gameid 688420
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
Network
| Country | Destination | Domain | Proto |
| GB | 92.123.128.133:443 | www.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 92.123.128.188:443 | r.bing.com | tcp |
| GB | 92.123.128.188:443 | r.bing.com | tcp |
| GB | 92.123.128.170:443 | th.bing.com | tcp |
| GB | 92.123.128.170:443 | th.bing.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| GB | 2.23.210.75:80 | r11.o.lencr.org | tcp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| GB | 2.19.117.21:80 | test.steampowered.com | tcp |
| N/A | 127.0.0.1:62776 | tcp | |
| N/A | 127.0.0.1:62774 | tcp | |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| PE | 155.133.244.50:27029 | ext2-lim1.steamserver.net | tcp |
| PE | 155.133.244.50:27023 | ext2-lim1.steamserver.net | tcp |
| CL | 155.133.249.164:27029 | ext2-scl1.steamserver.net | tcp |
| CL | 155.133.249.180:27031 | ext1-scl1.steamserver.net | tcp |
| PE | 155.133.244.50:443 | ext2-lim1.steamserver.net | tcp |
| AR | 155.133.255.164:27038 | ext2-eze1.steamserver.net | tcp |
| AR | 155.133.255.164:27022 | ext2-eze1.steamserver.net | tcp |
| BR | 155.133.227.34:27019 | ext1-gru1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 180.249.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.249.133.155.in-addr.arpa | udp |
| BR | 155.133.227.34:27022 | ext1-gru1.steamserver.net | tcp |
| CL | 155.133.249.180:443 | ext1-scl1.steamserver.net | tcp |
| US | 162.254.199.184:443 | cmp2-atl3.steamserver.net | tcp |
| US | 205.196.6.132:443 | cmp1-sea1.steamserver.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| GB | 2.23.210.75:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 184.199.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.6.196.205.in-addr.arpa | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 104.19.229.21:443 | tcp | |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 104.19.230.21:443 | udp | |
| GB | 142.250.200.14:443 | tcp | |
| GB | 74.125.105.39:443 | udp | |
| US | 8.8.8.8:443 | dns.google | udp |
| GB | 216.58.201.99:443 | tcp | |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| NL | 155.133.248.43:443 | cmp2-ams1.steamserver.net | tcp |
| NL | 155.133.248.43:27018 | cmp2-ams1.steamserver.net | tcp |
| NL | 155.133.248.42:27018 | cmp1-ams1.steamserver.net | tcp |
| DE | 155.133.250.20:27019 | cmp2-fra1.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e6.o.lencr.org | tcp |
| DE | 155.133.250.4:27019 | cmp1-fra1.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 43.248.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.248.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.250.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.250.133.155.in-addr.arpa | udp |
| GB | 216.58.201.99:443 | udp | |
| US | 151.101.3.52:443 | client-update.steamstatic.com | tcp |
| GB | 2.23.210.75:80 | r10.o.lencr.org | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| PE | 155.133.244.50:27024 | ext2-lim1.steamserver.net | tcp |
| PE | 155.133.244.34:27036 | ext1-lim1.steamserver.net | tcp |
| CL | 155.133.249.180:27021 | ext1-scl1.steamserver.net | tcp |
| CL | 155.133.249.164:27033 | ext2-scl1.steamserver.net | tcp |
| PE | 155.133.244.34:443 | ext1-lim1.steamserver.net | tcp |
| AR | 155.133.255.164:27023 | ext2-eze1.steamserver.net | tcp |
| AR | 155.133.255.100:27036 | ext1-eze1.steamserver.net | tcp |
| BR | 155.133.227.34:27028 | ext1-gru1.steamserver.net | tcp |
| BR | 155.133.227.50:27032 | ext2-gru1.steamserver.net | tcp |
| CL | 155.133.249.164:443 | ext2-scl1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-lhr1.steamserver.net | udp |
| GB | 162.254.196.80:27018 | cmp2-lhr1.steamserver.net | tcp |
| GB | 162.254.196.80:27020 | cmp2-lhr1.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 34.244.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.255.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.227.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.196.254.162.in-addr.arpa | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| HK | 103.28.54.100:27018 | cmp1-hkg1.steamserver.net | tcp |
| HK | 103.28.54.101:27021 | cmp2-hkg1.steamserver.net | tcp |
| HK | 103.28.54.102:443 | cmp3-hkg1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-sgp1.steamserver.net | udp |
| SG | 103.10.124.5:27018 | cmp2-sgp1.steamserver.net | tcp |
| GB | 2.23.210.82:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 101.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.210.23.2.in-addr.arpa | udp |
| SG | 103.10.124.4:27019 | cmp1-sgp1.steamserver.net | tcp |
| JP | 45.121.184.23:27019 | ext4-tyo3.steamserver.net | tcp |
| JP | 45.121.184.23:27031 | ext4-tyo3.steamserver.net | tcp |
| SG | 103.10.124.4:443 | cmp1-sgp1.steamserver.net | tcp |
| JP | 45.121.184.21:443 | ext2-tyo3.steamserver.net | tcp |
| US | 162.254.195.75:443 | cmp2-lax1.steamserver.net | tcp |
| AU | 103.10.125.148:27030 | ext1-syd1.steamserver.net | tcp |
| US | 162.254.192.98:27020 | cmp1-iad1.steamserver.net | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| JP | 45.121.184.20:27032 | ext1-tyo3.steamserver.net | tcp |
| JP | 45.121.184.22:27021 | ext3-tyo3.steamserver.net | tcp |
| JP | 45.121.184.23:443 | ext4-tyo3.steamserver.net | tcp |
| HK | 103.28.54.172:27037 | ext6-hkg1.steamserver.net | tcp |
| HK | 103.28.54.100:27018 | cmp1-hkg1.steamserver.net | tcp |
| HK | 103.28.54.172:443 | ext6-hkg1.steamserver.net | tcp |
| SG | 103.10.124.5:27018 | cmp2-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:27020 | cmp2-sgp1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 20.184.121.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.184.121.45.in-addr.arpa | udp |
| SG | 103.10.124.5:443 | cmp2-sgp1.steamserver.net | tcp |
| US | 162.254.195.69:443 | cmp1-lax1.steamserver.net | tcp |
| US | 155.133.253.52:27018 | cmp2-dfw1.steamserver.net | tcp |
| GB | 162.254.196.80:27020 | cmp2-lhr1.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| HK | 103.28.54.101:27019 | cmp2-hkg1.steamserver.net | tcp |
| HK | 103.28.54.102:27019 | cmp3-hkg1.steamserver.net | tcp |
| JP | 45.121.184.20:27038 | ext1-tyo3.steamserver.net | tcp |
| JP | 45.121.184.22:27033 | ext3-tyo3.steamserver.net | tcp |
| HK | 103.28.54.100:443 | cmp1-hkg1.steamserver.net | tcp |
| JP | 45.121.184.20:443 | ext1-tyo3.steamserver.net | tcp |
| SG | 103.10.124.4:27018 | cmp1-sgp1.steamserver.net | tcp |
| SG | 103.10.124.4:27019 | cmp1-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:443 | cmp2-sgp1.steamserver.net | tcp |
| US | 162.254.195.75:443 | cmp2-lax1.steamserver.net | tcp |
| IN | 155.133.225.21:27038 | ext2-maa2.steamserver.net | tcp |
| AU | 103.10.125.156:27033 | ext2-syd1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 156.125.10.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-lax1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| SE | 162.254.198.104:27033 | ext2-sto1.steamserver.net | tcp |
| SE | 162.254.198.44:27033 | ext1-sto1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-sto2.steamserver.net | udp |
| SE | 155.133.252.68:27019 | cmp1-sto2.steamserver.net | tcp |
| SE | 155.133.252.68:27018 | cmp1-sto2.steamserver.net | tcp |
| SE | 155.133.252.68:443 | cmp1-sto2.steamserver.net | tcp |
| US | 8.8.8.8:53 | ext3-sto1.steamserver.net | udp |
| SE | 162.254.198.46:443 | ext3-sto1.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 44.198.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.198.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.198.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.252.133.155.in-addr.arpa | udp |
| NL | 155.133.248.42:27018 | cmp1-ams1.steamserver.net | tcp |
| NL | 155.133.248.43:443 | cmp2-ams1.steamserver.net | tcp |
| NL | 155.133.248.43:27018 | cmp2-ams1.steamserver.net | tcp |
| US | 155.133.229.20:27023 | cmp2-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| DE | 155.133.250.4:27020 | cmp1-fra1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-fra1.steamserver.net | udp |
| DE | 155.133.250.20:27024 | cmp2-fra1.steamserver.net | tcp |
| US | 155.133.229.20:27020 | cmp2-fra2.steamserver.net | tcp |
| US | 155.133.229.4:27023 | cmp1-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 2.23.210.75:80 | e6.o.lencr.org | tcp |
| US | 155.133.229.4:443 | cmp1-fra2.steamserver.net | tcp |
| SE | 162.254.198.46:27037 | ext3-sto1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 4.229.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| US | 104.19.229.21:443 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | p2p-fra2.discovery.steamserver.net | udp |
| US | 104.19.229.21:443 | api.hcaptcha.com | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 104.19.230.21:443 | api.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 104.19.230.21:443 | api.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 104.19.230.21:443 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | cmp1-mad1.steamserver.net | udp |
| ES | 155.133.246.36:27018 | cmp1-mad1.steamserver.net | tcp |
| ES | 155.133.246.52:27018 | cmp2-mad1.steamserver.net | tcp |
| ES | 155.133.246.36:443 | cmp1-mad1.steamserver.net | tcp |
| FR | 185.25.182.20:27028 | ext1-par1.steamserver.net | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | e6.o.lencr.org | udp |
| GB | 2.23.210.75:80 | e6.o.lencr.org | tcp |
| DE | 155.133.250.4:27024 | cmp1-fra1.steamserver.net | tcp |
| FR | 185.25.182.20:27025 | ext1-par1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 52.246.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.182.25.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-par1.discovery.steamserver.net | udp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| JP | 45.121.184.23:27035 | ext4-tyo3.steamserver.net | tcp |
| JP | 45.121.184.22:27025 | ext3-tyo3.steamserver.net | tcp |
| JP | 45.121.184.22:443 | ext3-tyo3.steamserver.net | tcp |
| HK | 103.28.54.100:27021 | cmp1-hkg1.steamserver.net | tcp |
| HK | 103.28.54.101:27020 | cmp2-hkg1.steamserver.net | tcp |
| HK | 103.28.54.100:443 | cmp1-hkg1.steamserver.net | tcp |
| SG | 103.10.124.5:27020 | cmp2-sgp1.steamserver.net | tcp |
| SG | 103.10.124.4:27018 | cmp1-sgp1.steamserver.net | tcp |
| SG | 103.10.124.4:443 | cmp1-sgp1.steamserver.net | tcp |
| US | 162.254.195.69:443 | cmp1-lax1.steamserver.net | tcp |
| US | 162.254.199.165:443 | cmp1-atl3.steamserver.net | tcp |
| GB | 162.254.196.79:27019 | cmp1-lhr1.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e6.o.lencr.org | tcp |
| GB | 2.23.210.82:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 79.196.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 165.199.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 162.254.192.98:27020 | cmp1-iad1.steamserver.net | tcp |
| US | 162.254.192.99:443 | cmp2-iad1.steamserver.net | tcp |
| US | 162.254.192.99:27020 | cmp2-iad1.steamserver.net | tcp |
| US | 162.254.199.184:443 | cmp2-atl3.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| US | 162.254.199.165:27018 | cmp1-atl3.steamserver.net | tcp |
| US | 162.254.199.184:27018 | cmp2-atl3.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-dfw1.steamserver.net | udp |
| US | 155.133.253.36:443 | cmp1-dfw1.steamserver.net | tcp |
| US | 162.254.195.69:443 | cmp1-lax1.steamserver.net | tcp |
| US | 205.196.6.132:443 | cmp1-sea1.steamserver.net | tcp |
| US | 155.133.253.36:27018 | cmp1-dfw1.steamserver.net | tcp |
| US | 205.196.6.133:443 | cmp2-sea1.steamserver.net | tcp |
| DE | 155.133.250.20:27019 | cmp2-fra1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 36.253.133.155.in-addr.arpa | udp |
| GB | 2.23.210.82:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| GB | 162.254.196.80:27019 | cmp2-lhr1.steamserver.net | tcp |
| GB | 162.254.196.80:27020 | cmp2-lhr1.steamserver.net | tcp |
| GB | 162.254.196.80:443 | cmp2-lhr1.steamserver.net | tcp |
| FR | 185.25.182.52:27023 | ext2-par1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| PE | 155.133.244.34:27025 | ext1-lim1.steamserver.net | tcp |
| PE | 155.133.244.50:27022 | ext2-lim1.steamserver.net | tcp |
| CL | 155.133.249.180:27035 | ext1-scl1.steamserver.net | tcp |
| CL | 155.133.249.164:27028 | ext2-scl1.steamserver.net | tcp |
| PE | 155.133.244.34:443 | ext1-lim1.steamserver.net | tcp |
| AR | 155.133.255.164:27023 | ext2-eze1.steamserver.net | tcp |
| AR | 155.133.255.164:27019 | ext2-eze1.steamserver.net | tcp |
| BR | 155.133.227.50:27023 | ext2-gru1.steamserver.net | tcp |
| BR | 155.133.227.50:27033 | ext2-gru1.steamserver.net | tcp |
| CL | 155.133.249.164:443 | ext2-scl1.steamserver.net | tcp |
| US | 162.254.199.184:443 | cmp2-atl3.steamserver.net | tcp |
| BR | 155.133.227.34:27032 | ext1-gru1.steamserver.net | tcp |
| GB | 88.221.135.34:443 | tcp | |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.149:443 | r.bing.com | tcp |
| GB | 92.123.128.149:443 | r.bing.com | tcp |
| GB | 92.123.128.149:443 | r.bing.com | tcp |
| GB | 92.123.128.149:443 | r.bing.com | tcp |
| GB | 92.123.128.149:443 | r.bing.com | tcp |
| GB | 92.123.128.149:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 149.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | browser.pipe.aria.microsoft.com | udp |
| US | 20.189.173.24:443 | browser.pipe.aria.microsoft.com | tcp |
| GB | 92.123.128.170:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 222.197.79.204.in-addr.arpa | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | crash.steampowered.com | udp |
| US | 208.64.203.140:443 | crash.steampowered.com | tcp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| DE | 155.133.250.4:27020 | cmp1-fra1.steamserver.net | tcp |
| DE | 155.133.250.4:27019 | cmp1-fra1.steamserver.net | tcp |
| US | 155.133.229.20:27022 | cmp2-fra2.steamserver.net | tcp |
| DE | 155.133.250.20:27024 | cmp2-fra1.steamserver.net | tcp |
| US | 155.133.229.20:443 | cmp2-fra2.steamserver.net | tcp |
| NL | 155.133.248.43:443 | cmp2-ams1.steamserver.net | tcp |
| NL | 155.133.248.42:27018 | cmp1-ams1.steamserver.net | tcp |
| SE | 155.133.252.69:27019 | cmp2-sto2.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | p2p-ams1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 155.133.229.20:27019 | cmp2-fra2.steamserver.net | tcp |
| DE | 155.133.250.20:27023 | cmp2-fra1.steamserver.net | tcp |
| US | 155.133.229.4:27023 | cmp1-fra2.steamserver.net | tcp |
| DE | 155.133.250.4:27020 | cmp1-fra1.steamserver.net | tcp |
| US | 155.133.229.20:443 | cmp2-fra2.steamserver.net | tcp |
| SE | 162.254.198.44:27022 | ext1-sto1.steamserver.net | tcp |
| SE | 162.254.198.46:27030 | ext3-sto1.steamserver.net | tcp |
| SE | 155.133.252.68:27019 | cmp1-sto2.steamserver.net | tcp |
| SE | 162.254.198.104:443 | ext2-sto1.steamserver.net | tcp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 162.254.193.103:443 | cmp1-ord1.steamserver.net | tcp |
| US | 162.254.193.75:27018 | cmp2-ord1.steamserver.net | tcp |
| US | 162.254.193.103:27018 | cmp1-ord1.steamserver.net | tcp |
| US | 162.254.192.98:27020 | cmp1-iad1.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.23.210.82:80 | e5.o.lencr.org | tcp |
| US | 205.196.6.132:443 | cmp1-sea1.steamserver.net | tcp |
| US | 162.254.192.99:27020 | cmp2-iad1.steamserver.net | tcp |
| US | 162.254.192.99:443 | cmp2-iad1.steamserver.net | tcp |
| US | 155.133.253.36:443 | cmp1-dfw1.steamserver.net | tcp |
| US | 162.254.195.69:443 | cmp1-lax1.steamserver.net | tcp |
| US | 155.133.253.36:27018 | cmp1-dfw1.steamserver.net | tcp |
| US | 205.196.6.133:443 | cmp2-sea1.steamserver.net | tcp |
| US | 205.196.6.133:27018 | cmp2-sea1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 75.193.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| HK | 103.28.54.172:27031 | ext6-hkg1.steamserver.net | tcp |
| HK | 103.28.54.102:27018 | cmp3-hkg1.steamserver.net | tcp |
| HK | 103.28.54.102:443 | cmp3-hkg1.steamserver.net | tcp |
| JP | 45.121.184.23:27028 | ext4-tyo3.steamserver.net | tcp |
| JP | 45.121.184.22:27023 | ext3-tyo3.steamserver.net | tcp |
| JP | 45.121.184.21:443 | ext2-tyo3.steamserver.net | tcp |
| SG | 103.10.124.4:27020 | cmp1-sgp1.steamserver.net | tcp |
| SG | 103.10.124.4:27019 | cmp1-sgp1.steamserver.net | tcp |
| SG | 103.10.124.4:443 | cmp1-sgp1.steamserver.net | tcp |
| US | 162.254.195.75:443 | cmp2-lax1.steamserver.net | tcp |
| US | 162.254.199.184:443 | cmp2-atl3.steamserver.net | tcp |
| US | 162.254.192.98:27018 | cmp1-iad1.steamserver.net | tcp |
| US | 8.8.8.8:53 | p2p-iad1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-udp.steamserver.net | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 162.254.199.165:27018 | cmp1-atl3.steamserver.net | tcp |
| US | 162.254.199.165:443 | cmp1-atl3.steamserver.net | tcp |
| US | 162.254.199.184:27018 | cmp2-atl3.steamserver.net | tcp |
| US | 162.254.192.98:27019 | cmp1-iad1.steamserver.net | tcp |
| US | 162.254.192.99:27020 | cmp2-iad1.steamserver.net | tcp |
| US | 162.254.192.99:443 | cmp2-iad1.steamserver.net | tcp |
| US | 155.133.253.52:443 | cmp2-dfw1.steamserver.net | tcp |
| US | 155.133.253.52:27018 | cmp2-dfw1.steamserver.net | tcp |
| US | 155.133.253.36:27018 | cmp1-dfw1.steamserver.net | tcp |
| US | 162.254.193.103:443 | cmp1-ord1.steamserver.net | tcp |
| NL | 155.133.248.43:443 | cmp2-ams1.steamserver.net | tcp |
| N/A | 10.127.255.255:27036 | udp | |
| GB | 2.19.117.41:80 | clientconfig.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 41.117.19.2.in-addr.arpa | udp |
| GB | 2.19.117.41:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.117.41:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.117.41:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.117.41:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.117.41:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.117.41:80 | clientconfig.akamai.steamstatic.com | tcp |
| GB | 2.19.117.41:80 | clientconfig.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | steamstore-a.akamaihd.net | udp |
| US | 151.101.3.52:443 | shared.steamstatic.com | tcp |
| GB | 2.19.117.27:443 | steamstore-a.akamaihd.net | tcp |
| US | 151.101.3.52:443 | shared.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| GB | 2.19.117.27:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.19.117.27:443 | steamstore-a.akamaihd.net | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| GB | 2.23.210.75:80 | r11.o.lencr.org | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| GB | 104.82.234.109:443 | steamcommunity.com | tcp |
| GB | 104.82.234.109:443 | steamcommunity.com | tcp |
| GB | 2.19.117.4:443 | tcp | |
| US | 151.101.131.52:80 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:80 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:80 | avatars.steamstatic.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| GB | 104.82.234.109:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | 52.131.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | p2p-ams1.discovery.steamserver.net | udp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.67.52:443 | avatars.steamstatic.com | tcp |
| N/A | 127.0.0.1:27060 | tcp | |
| GB | 2.19.117.4:443 | tcp | |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| GB | 104.82.234.109:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 151.101.131.52:443 | avatars.steamstatic.com | tcp |
| US | 8.8.8.8:53 | shared.steamstatic.com | udp |
| US | 151.101.195.52:443 | shared.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.steamstatic.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| GB | 162.254.196.23:443 | cache13-lhr1.steamcontent.com | tcp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | steamcloudquincy.blob.core.windows.net | udp |
| US | 8.8.8.8:53 | steamcloud-us-east1.storage.googleapis.com | udp |
| US | 8.8.8.8:53 | steamcloud-us-west1.storage.googleapis.com | udp |
| US | 20.157.180.96:443 | steamcloudquincy.blob.core.windows.net | tcp |
| GB | 142.250.179.251:443 | steamcloud-us-west1.storage.googleapis.com | tcp |
| GB | 172.217.169.59:443 | steamcloud-us-west1.storage.googleapis.com | tcp |
| US | 52.217.135.226:443 | steamcloud-us-east.s3.dualstack.us-east-1.amazonaws.com | tcp |
| GB | 142.250.187.227:80 | o.pki.goog | tcp |
| GB | 142.250.187.227:80 | o.pki.goog | tcp |
| GB | 142.250.187.227:80 | o.pki.goog | tcp |
| US | 8.8.8.8:53 | ocsp.r2m01.amazontrust.com | udp |
| GB | 162.254.196.26:443 | cache16-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.26:443 | cache16-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.23:443 | cache13-lhr1.steamcontent.com | tcp |
| FR | 13.249.8.192:80 | ocsp.r2m01.amazontrust.com | tcp |
| GB | 162.254.196.18:443 | cache11-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.18:443 | cache11-lhr1.steamcontent.com | tcp |
| GB | 2.23.210.82:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 59.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.135.217.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.180.157.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.201.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.200.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.196.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.8.249.13.in-addr.arpa | udp |
| GB | 162.254.196.18:443 | cache11-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.18:443 | cache11-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.18:443 | cache11-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.23:443 | cache13-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.23:443 | cache13-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.23:443 | cache13-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.23:443 | cache13-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.18:443 | cache11-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.18:443 | cache11-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.18:443 | cache11-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.26:443 | cache16-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.26:443 | cache16-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.26:443 | cache16-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.23:443 | cache13-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.23:443 | cache13-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.26:443 | cache16-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.26:443 | cache16-lhr1.steamcontent.com | tcp |
| GB | 162.254.196.26:443 | cache16-lhr1.steamcontent.com | tcp |
| GB | 2.19.117.22:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.19.117.22:443 | steamstore-a.akamaihd.net | tcp |
| GB | 2.19.117.22:443 | steamstore-a.akamaihd.net | tcp |
| US | 151.101.3.52:443 | shared.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.steamstatic.com | tcp |
| US | 151.101.3.52:443 | shared.steamstatic.com | tcp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| GB | 142.250.179.251:443 | steamcloud-us-west1.storage.googleapis.com | tcp |
| GB | 2.19.117.157:80 | www.msftncsi.com | tcp |
| US | 8.8.8.8:53 | config.uca.cloud.unity3d.com | udp |
| US | 34.111.113.40:443 | config.uca.cloud.unity3d.com | tcp |
| US | 8.8.8.8:53 | 40.113.111.34.in-addr.arpa | udp |
| US | 34.107.172.168:443 | cdp.cloud.unity3d.com | tcp |
| US | 34.107.172.168:443 | cdp.cloud.unity3d.com | tcp |
| US | 8.8.8.8:53 | p2p-ams1.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | p2p-ams1.discovery.steamserver.net | udp |
| US | 34.107.172.168:443 | cdp.cloud.unity3d.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 151.101.131.52:443 | shared.steamstatic.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| US | 8.8.8.8:53 | cdn.steamstatic.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| US | 151.101.67.52:443 | cdn.steamstatic.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:53 | cdp.cloud.unity3d.com | udp |
| US | 34.107.172.168:443 | cdp.cloud.unity3d.com | tcp |
| US | 8.8.8.8:53 | p2p-ams1.discovery.steamserver.net | udp |
| US | 34.107.172.168:443 | cdp.cloud.unity3d.com | tcp |
| US | 8.8.8.8:53 | p2p-ams1.discovery.steamserver.net | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e11c77d0fa99af6b1b282a22dcb1cf4a |
| SHA1 | 2593a41a6a63143d837700d01aa27b1817d17a4d |
| SHA256 | d96f9bfcc81ba66db49a3385266a631899a919ed802835e6fb6b9f7759476ea0 |
| SHA512 | c8f69f503ab070a758e8e3ae57945c0172ead1894fdbfa2d853e5bb976ed3817ecc8f188eefd5092481effd4ef650788c8ff9a8d9a5ee4526f090952d7c859f3 |
\??\pipe\LOCAL\crashpad_4552_HAVLEAUVRWOBKJYP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c0a1774f8079fe496e694f35dfdcf8bc |
| SHA1 | da3b4b9fca9a3f81b6be5b0cd6dd700603d448d3 |
| SHA256 | c041da0b90a5343ede7364ccf0428852103832c4efa8065a0cd1e8ce1ff181cb |
| SHA512 | 60d9e87f8383fe3afa2c8935f0e5a842624bb24b03b2d8057e0da342b08df18cf70bf55e41fa3ae54f73bc40a274cf6393d79ae01f6a1784273a25fa2761728b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f36e9c0bcc27d2a7fdf24c007f7d71f4 |
| SHA1 | 408e19a6f557077003b07f9c6ef8df653ff3672e |
| SHA256 | 0b7f6a702afb6c4401b7d69f90d74bd438dbcb410013671e248b25da473e9524 |
| SHA512 | 105d8ae35d8975186b52ca1b6cf77a6fef0f56de50ace1613c5045a452c8e4a4e6f0506c19bef305687885327b36bbfab031d35abcc58a3869d537c9d4c889b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f6a9dc8c87041b0c4d378d93a62c2d68 |
| SHA1 | 0e58be6d821ab1882a80f6b605bae6f842f07f0e |
| SHA256 | 603334bf911a5f1a7f11ca8ba94b3a4e773ea4d28bf85ac0815b3165524f125b |
| SHA512 | 633fdf0ee9894a08d8c9542dc2b2d1ac002a8fb8a8ca3fd653f59a2d04c0c4e3e8dd5d98aab19c8fad74f99610b6a1f3e95bd2d8d02b580cd14ff33ac2976fab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 548eda48d4a52ccf1d5ffe1eac5871ee |
| SHA1 | 3b036ab27b9d73fb8eaaf62dadaa0cd8c0ee6b91 |
| SHA256 | 3fbae20c125deb803caa9824e19cca8cdf3120dbac52a064730afaf94e39b5d1 |
| SHA512 | 59ac4fb637aab950d4a7aac1d75591392589d7c2a3ced1ceb99ae6e5990a5fd8e620ca210635e6ef282659cab8abb98952d555256efc9eb5039bf82a95d82535 |
C:\Users\Admin\Downloads\Unconfirmed 316939.crdownload
| MD5 | 1b54b70beef8eb240db31718e8f7eb5d |
| SHA1 | da5995070737ec655824c92622333c489eb6bce4 |
| SHA256 | 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb |
| SHA512 | fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cfc8aeb0ef7c81c6629f15e0dca1c369 |
| SHA1 | a0490888ecef7f587d0b4c6c278a0dc8c02bd86a |
| SHA256 | 1954087fe84253d103c55add930688a43913a55fb05208d14f01de87bffed369 |
| SHA512 | 1879b1426cd4d39e2841043f60c4b25927762d8ee7a44247857d948bb5c014b5cb2bc81b2a920dab03df335149d80cc8e491ed02769f4d63ff06339f730b6a31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 04342552ebb05358400860b578bbbc94 |
| SHA1 | 4b3c478192a1ef9e50cc3ca09eb0854cca7fc2e8 |
| SHA256 | 803c3b49b6884d3907ca6b51c376b8bc43f2eb7a024c93867c458bc38c144278 |
| SHA512 | 719d9ba36a01b4c72f57f2589d03844945c139d4e7ffc11542fb0cbb803e1abf4f012395e12e9594f1ffa62a60c0739a43ddb2e3902be18089a21512cdb43aaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f220.TMP
| MD5 | bfce4853d9c2dde2e4325d7478d0b13d |
| SHA1 | fd74c0a1bddeb847c08312ed374d3c45fce9f2a8 |
| SHA256 | d4d1697382006641e218e79fd272de2331a3d3b3936cefea73a55874e14b1be0 |
| SHA512 | e814aafa9c167a2b1e7a3e18b50845d4a12dca758d462ab702ce8f61465325a4597dcae6f9b9c74b5fa067c7015f15d49e5a936cc333c98a98d44c0992207d0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 47e4770ddea81633c6b432e16cd461e2 |
| SHA1 | 33d61a303d8c61ea30eca89715360ddef9905b3e |
| SHA256 | 2b815f4701318b8fec52c5567526d9d4c2cba0f840829076699b0feac9b65bf8 |
| SHA512 | 7c35fd5a6a4832c3b2cb560b2a34c493b5a43029c7f107d51fe60ea73955037b78b6efba7edbe30caf916cae2fe84eb8dfca56ccaa8ea3c5bcdb6d674de0d665 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f94c5b42a3083a3bd23ec1f33af09d31 |
| SHA1 | 818154ad88b468daed5ad4c6c5e368b005729da6 |
| SHA256 | cec9389c34922520a6febecdf12b1e7ba89220a69972ed7b04c7a88b55177d29 |
| SHA512 | 2cb3f44b773e9f6acf7503b759046d64dbb72cf430f2b014f377d64dd6fd61c8f5088935e1c9546d2d2d7d817f82edcb150ddcfe24dd075dcefa2a70b3ef2c38 |
C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | af4a8488720b6732803eac09e4a6df41 |
| SHA1 | 47831f515646d0d60acaecbaf637284526f1fbdf |
| SHA256 | 5bac523f6d7f235d7c9c92ffe2f6522e35fc24edeb0c194d105f9efef975d479 |
| SHA512 | edcd0f9617c990e0e784088f7114a94bb083f834d57dac6179d0d4fe7499b65f926a1225208bd5dd72d898919ef6e8a2cc5aeb1c06ab0664745bb43c4884853f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1f9356a68979a3c69da30fe375932e7a |
| SHA1 | 442684054fdfef56afa460e9e685b64b73a0c74f |
| SHA256 | 8c3b1ea9fcb3e976f2988733f08d99218a6f60c54fa39cebfd6e560a40f0596e |
| SHA512 | 36e1bbd7f0e9e117860727fe083b68165ad190ebc835458598bd265ec1d59d721018cd0ddf7d766128e3b96ecdf0a5412241c1e0e276c19bdfe58dd5d8031a76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a3c55d5983ff3114e3c1eaaabbb1603d |
| SHA1 | b50ae837b6888698c791b3247e127d6566b4bd0d |
| SHA256 | 090b4e1ab42873ae97e3b71ad5213cc9f680f9d89b028de91c59d8284875be77 |
| SHA512 | 06ca39d39f815f2893abf010cef3c68fc2f107dac1253c2b661c098413a861513c38c41a759d3565ea7d3f91dbb8953fe87aca64812d39841345d2397f13d76c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b84102ee8a9bd9c67d11e55a7a97dfeb |
| SHA1 | 09feb7d54bf18929865fa2f316a9c2c138a257a8 |
| SHA256 | f29e0ffe54d8e0060fbb231e039c67cd6e0bbd9de05874b1b1bc4a49c7eef160 |
| SHA512 | 72ba2871b2d0a46067367bf66cf1e712aee2407cd0c30e698d684819361e157334f7d3f24132ce7a45ff487d75b45763977b5673955e0f63e3701b4226666051 |
C:\Users\Admin\AppData\Local\Temp\nsx304F.tmp\System.dll
| MD5 | a36fbe922ffac9cd85a845d7a813f391 |
| SHA1 | f656a613a723cc1b449034d73551b4fcdf0dcf1a |
| SHA256 | fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0 |
| SHA512 | 1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b |
C:\Users\Admin\AppData\Local\Temp\nsx304F.tmp\nsDialogs.dll
| MD5 | 4e5bc4458afa770636f2806ee0a1e999 |
| SHA1 | 76dcc64af867526f776ab9225e7f4fe076487765 |
| SHA256 | 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0 |
| SHA512 | b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162 |
C:\Users\Admin\AppData\Local\Temp\nsx304F.tmp\nsProcess.dll
| MD5 | 08072dc900ca0626e8c079b2c5bcfcf3 |
| SHA1 | 35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37 |
| SHA256 | bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8 |
| SHA512 | 8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c |
C:\Program Files (x86)\Steam\Steam.exe
| MD5 | 33bcb1c8975a4063a134a72803e0ca16 |
| SHA1 | ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65 |
| SHA256 | 12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1 |
| SHA512 | 13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49 |
C:\Users\Admin\AppData\Local\Temp\nsx304F.tmp\nsExec.dll
| MD5 | 2095af18c696968208315d4328a2b7fe |
| SHA1 | b1b0e70c03724b2941e92c5098cc1fc0f2b51568 |
| SHA256 | 3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226 |
| SHA512 | 60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5 |
C:\Program Files (x86)\Steam\bin\SteamService.exe
| MD5 | ba0ea9249da4ab8f62432617489ae5a6 |
| SHA1 | d8873c5dcb6e128c39cf0c423b502821343659a7 |
| SHA256 | ce177dc8cf42513ff819c7b8597c7be290f9e98632a34ecd868dc76003421f0d |
| SHA512 | 52958d55b03e1ddc69afc2f1a02f7813199e4b3bf114514c438ab4d10d5ca83b865ba6090550951c0a43b666c6728304009572212444a27a3f5184663f4b0b8b |
C:\Program Files (x86)\Steam\public\steambootstrapper_brazilian.txt
| MD5 | 0340d1a0bbdb8f3017d2326f4e351e0a |
| SHA1 | 90d078e9f732794db5b0ffeb781a1f2ed2966139 |
| SHA256 | 0fcd7ae491b467858f2a8745c5ecdd55451399778c2119517ee686d1f264b544 |
| SHA512 | 9d23e020875ed35825169a6542512ec2ffdb349472a12eb1e59ddc635e57c8fd65fa919873821e35c755aa7d027c9a62d3d0fa617340449d7b2c4cf8dd707e93 |
C:\Program Files (x86)\Steam\public\steambootstrapper_vietnamese.txt
| MD5 | f350c8747d77777f456037184af9212c |
| SHA1 | 753d8c260b852a299df76c4f215b0d2215f6a723 |
| SHA256 | 15b6a564e05857a3d2fd6eec85a5a30c491a7553d15ffc025156b3665b919185 |
| SHA512 | efb86809a0b357b4fcd3ba2770c97d225d0f4d9fb7430c515e847c3dd77ee109def4bef11b650b9773c17050e618008fc03377638c1db3393ac780b5b0bc31b2 |
C:\Program Files (x86)\Steam\public\steambootstrapper_ukrainian.txt
| MD5 | cadd7a2f359b22580bdd6281ea23744d |
| SHA1 | e82e790a7561d0908aee8e3b1af97823e147f88b |
| SHA256 | 3dd0edfbe68236e668fb308f92fe7c6493dbb05bfca85a48de93588f479ccc99 |
| SHA512 | 53672dd13e6ccbe96f6d4a61297c595b6d6cba8de92caa51ccf8ab1d8a82eea5a425eab348f295b9ec27de0026ef849d9230f751a46e040be8863923f91b8519 |
C:\Program Files (x86)\Steam\public\steambootstrapper_turkish.txt
| MD5 | 29f9a5ab4adfae371bf980b82de2cb57 |
| SHA1 | 6f7ef52a09b99868dd7230f513630ffe473eddf8 |
| SHA256 | 711675edb20b3cb70acf6cf75f2eea8e0d87c8ace3e11c8df362b4517427a34f |
| SHA512 | 543fe63f791250e05e8fda24fd2ceadebb4c8925e8927de49ae490895c87eed3e61a9ad50237532649f99fe3165836261de215ee3f66ffbfc6d677ddeea7732a |
C:\Program Files (x86)\Steam\public\steambootstrapper_thai.txt
| MD5 | 53f7e8ac1affb04bf132c2ca818eb01e |
| SHA1 | bffc3e111761e4dc514c6398a07ffce8555697f6 |
| SHA256 | 488294b7faff720dc3ab5a72e0607761484c678b96d6bcd6aad9ee2388356a83 |
| SHA512 | c2e79c2505a6fd075df113ffce92ad42c146424ca39087601daa4ed15a2b5528d478a093921d9d8a738c7b6b963275a0693ebe526b6e2135d14ced03639d0e70 |
C:\Program Files (x86)\Steam\public\steambootstrapper_tchinese.txt
| MD5 | 194a73f900a3283da4caa6c09fefcb08 |
| SHA1 | a7a8005ca77b9f5d9791cb66fcdf6579763b2abb |
| SHA256 | 5e4f2de5ee98d5d76f5d76fb925417d6668fba08e89f7240f923f3378e3e66f6 |
| SHA512 | 25842535c165d48f4cf4fa7fd06818ec5585cc3719eff933f5776a842713d7adb5667c3b9b1a122a1152450e797535fc7a8e97ebdd31c14b4d4900a33ede01f3 |
C:\Program Files (x86)\Steam\public\steambootstrapper_swedish.txt
| MD5 | b2248784049e1af0c690be2af13a4ef3 |
| SHA1 | aec7461fa46b7f6d00ff308aa9d19c39b934c595 |
| SHA256 | 4bf6b25bf5b18e13b04db6ed2e5ed635eb844fc52baa892f530194d9471f5690 |
| SHA512 | f5cee6bba20a4d05473971f7f87a36990e88a44b2855c7655b77f48f223219978d91bcd02d320c7e6c2ec368234e1d0201be85b5626ef4909e047e416e1a066c |
C:\Program Files (x86)\Steam\public\steambootstrapper_spanish.txt
| MD5 | 66456d2b1085446a9f2dbd9e4632754b |
| SHA1 | 8da6248b57e5c2970d853b8d21373772a34b1c28 |
| SHA256 | c4f821a4903c4e7faea2931c7fb1cf261eba06a9840c78fdca689f5c784c06c4 |
| SHA512 | 196c2282ba13715709ece706c9219fe70c05dd295840082e7d901b9e5592e74b1bb556782181cdbe35bd1ab0d6197fef67258b09491fabc6f27606dbed667d49 |
C:\Program Files (x86)\Steam\public\steambootstrapper_schinese.txt
| MD5 | 56dcf7b68f70826262a6ffaffe6b1c49 |
| SHA1 | 12e4272ba0e4eabc610670cdc6941f942da1eb6a |
| SHA256 | 948cad1bb27109e008f2457248880c759d3fa98b92c5b4033b94f455cb8ac43f |
| SHA512 | c3fd9caf0bd4c303a7cc300faada9cfe6dd752e82d67625b31f4c0c2c091596508bb477fe19f758fdf79b25b8ac3f5320a8785d2b6705b9bcc28a054a59454e2 |
C:\Program Files (x86)\Steam\public\steambootstrapper_russian.txt
| MD5 | e04ad6c236b6c61fc53e2cb57ced87e8 |
| SHA1 | e9d4846b7e6cc755ee14a5d3fa45ee7d3bf425a4 |
| SHA256 | 08c775efa77c2a92d369f794882e467b6e2526e61bc7aa7724f48e174524502e |
| SHA512 | 0dfb7e6d811d649103499018f3d115c542fcaba420ceb69124a4d837fe162ce514e7be2040860c5ef5f9c01c961fa6eea8730606b73ec107d87597989b6fd331 |
C:\Program Files (x86)\Steam\public\steambootstrapper_romanian.txt
| MD5 | 6367f43ea3780c4ee166454f5936b1a8 |
| SHA1 | 027a2c24c8320458c49cd78053f586cb4d94ee6f |
| SHA256 | f8d1972e75a320344e3c834ba0a3a6a86edb39e20ef706bda9b7965d440d1998 |
| SHA512 | 31aab33e0d272cb43a8c160b3d37256716a683e5052192fd0e4d3cdaf30a10a9afa9d26d5d14ad216ee455627c32892a711d2bc137ee7a7df9a297f001a19e32 |
C:\Program Files (x86)\Steam\public\steambootstrapper_portuguese.txt
| MD5 | eb8926608c5933f05a3f0090e551b15d |
| SHA1 | a1012904d440c0e74dad336eac8793ac110f78f8 |
| SHA256 | 2ed2b0d654d60e0a82b0968a91d568b775144e9d92f2b077b6da75f85ad12d04 |
| SHA512 | 9113c42c38836f71ff0cc7019aff8c873845f47fbf1ab97e981cb038f4d8495b6df784402b1ee9666e8e567ae866b0284c81e6a16efb47131d5ef88569c4843a |
C:\Program Files (x86)\Steam\public\steambootstrapper_polish.txt
| MD5 | 9b0b0e82f753cc115d87c7199885ad1b |
| SHA1 | 5743a4ab58684c1f154f84895d87f000b4e98021 |
| SHA256 | 0bdeee9fa28d54d384e06ea646fbcfe3f06698a31dfdc1a50703ffe83ad78d32 |
| SHA512 | b7780b82fbe705bc8e5a527c011eb685c99ef0b2eb810617b9f82b891341af95ef1c2f46dce9e458c0c4dcc3e7a0d21db6c77f03419cd1c4b521a9b72f9017df |
C:\Program Files (x86)\Steam\public\steambootstrapper_norwegian.txt
| MD5 | 58e0fcbee3cca4ef61b97928cfe89535 |
| SHA1 | 1297e3af3ca9e4fe3cc5db78ebbfa642e8a2c57b |
| SHA256 | c084a68b65d507eb831831aa2ab9afb9536cb99a840d248cc155ff87fad18425 |
| SHA512 | 99aff0c481e34cd0e4fcbb2af471afb56d91aa11be664462b08e17ae169ca03ef77e7063b4ecd0f38ca7b2f6dc0bf2e316c7b31dffbbcfc763cd8fae27dc78d2 |
C:\Program Files (x86)\Steam\public\steambootstrapper_latam.txt
| MD5 | 7913f3f33839e3af9e10455df69866c2 |
| SHA1 | 15fa957d0a6a2717027f5b35f4dbe5e0ab8ece25 |
| SHA256 | 05bc1f4973c6d36002ac1b37ce46b1f941fcb4338282e0ec1ec83fb558d1a88c |
| SHA512 | 534e541757d19ee157a268bf7ea358b48015f400542fcfa49cdb547cd652926160f015fe2cf026d9c4996e56ab90ca3899dfd457997d915bf6bc9d7bb00ba804 |
C:\Program Files (x86)\Steam\public\steambootstrapper_koreana.txt
| MD5 | 202b825d0ef72096b82db255c4e747fa |
| SHA1 | 3a3265e5bbaa1d1b774195a3858f29cea75c9e75 |
| SHA256 | 3d1399f5323a3ece1b1a8b3b31f8fd7f50c3bd319ab3f1c38c6e347452c95314 |
| SHA512 | e8fc7cc09f431301d22a07b238179ee053505090e3c4db30ead061513fe7159f1fe8b80efc93f4597fe00f01087bbe0bb2231e13693d72c8def138657cb91566 |
C:\Program Files (x86)\Steam\public\steambootstrapper_japanese.txt
| MD5 | 7e1d15fc9ba66a868c5c6cb1c2822f83 |
| SHA1 | bfe9a25fdc8721d7b76cecb9527a9ba7823dc3d7 |
| SHA256 | fc74e26a8baabbe4851109512d85173b75dbf7293d41eb3b92a1957a773c8265 |
| SHA512 | 0892be14a858cc860766afb1c996b2c355108a7e50971ea3ec00d15069e919a6eb05a61fa839bea3938492c391e274144c5e248f4c204a602bf36adf27e5b406 |
C:\Program Files (x86)\Steam\public\steambootstrapper_italian.txt
| MD5 | 8958371646901eac40807eeb2f346382 |
| SHA1 | 55fb07b48a3e354f7556d7edb75144635a850903 |
| SHA256 | b01ec64d75fd1fbd00fbeb45a3fb39244911a8b22bb43de4e0c03f205184f585 |
| SHA512 | 14c5dbb017822336f22bf6779ccd4a66604ddc5f2c3caa24271e96f739fef007754d96844efa422d6682cbcd2d3bc902c36f0f6acb3eb87ed8d7b3f885973554 |
C:\Program Files (x86)\Steam\public\steambootstrapper_indonesian.txt
| MD5 | 1514d082b672b372cdfb8dd85c3437f1 |
| SHA1 | 336a01192edb76ae6501d6974b3b6f0c05ea223a |
| SHA256 | 3b3c5c615fd82070cc951ab482d3de8cb12df0b3df59fbd11f9d3271fa2fbca4 |
| SHA512 | 4d41c945ce7c94746875b0dbceb14811d4966de4e97fe047406a304162fde7e1e2a16367fc2e43978e2e5aa66749f036b4444aa2312673c2cc3af296e8b77f55 |
C:\Program Files (x86)\Steam\public\steambootstrapper_hungarian.txt
| MD5 | 18aaaf5ffcdd21b1b34291e812d83063 |
| SHA1 | aa9c7ae8d51e947582db493f0fd1d9941880429f |
| SHA256 | 1f45bb7bdfa01424f9237eec60eba35dc7f0dc4e8c2e193fe768fe96d3ff76d5 |
| SHA512 | 4f3e56d1abe26b56d3f805dc85baaca450c0c7bec57ebcf8a6bb6ebb8588307dad130c83bf792bac76694909a14fd6a4d7d1e9b31e32fba11256343b9fc18154 |
C:\Program Files (x86)\Steam\public\steambootstrapper_german.txt
| MD5 | 5c026fd6072a7c5cf31c75818cddedec |
| SHA1 | 341aa1df1d034e6f0a7dff88d37c9f11a716cae6 |
| SHA256 | 0828572e4fa00c186dbf1d9072a6154d65cb499c6a37e338f3305f77a2fee382 |
| SHA512 | f9d28714b2a05f8d9025f1692e4d7e8baa6daf6176353f65646a38814a242ef2adededa44419edd69f10cf96ffba506dab7cb6e52111457bf69cffef12174b12 |
C:\Program Files (x86)\Steam\public\steambootstrapper_french.txt
| MD5 | 10c429eb58b4274af6b6ef08f376d46c |
| SHA1 | af1e049ddb9f875c609b0f9a38651fc1867b50d3 |
| SHA256 | a1f6ba57ee41e009d904905c0ce5e75a59ee6790e08542561303109e1faafa13 |
| SHA512 | d8760f61760bffd8671b727d386ae220e7e6e68829a01553cfd5eb60ef8bd1d7c1b25e7b17a6db5bd17ba6712ef44999726764459318e784843c73bc4facaf46 |
C:\Program Files (x86)\Steam\public\steambootstrapper_finnish.txt
| MD5 | 9e62fc923c65bfc3f40aaf6ec4fd1010 |
| SHA1 | 8f76faff18bd64696683c2a7a04d16aac1ef7e61 |
| SHA256 | 8ff0f3cbdf28102ff037b9cda90590e4b66e1e654b90f9aea2cd5364494d02b7 |
| SHA512 | c8ff15373b37e848e6239a82424569e77c82a5fc557d17e7d2ed1d0d2b2f7d026cc1e2bc98cb5ee945c02cfefb82803c23fa6a26f48ff0adcf762f94cd5dd035 |
C:\Program Files (x86)\Steam\public\steambootstrapper_english.txt
| MD5 | da6cd2483ad8a21e8356e63d036df55b |
| SHA1 | 0e808a400facec559e6fbab960a7bdfaab4c6b04 |
| SHA256 | ebececd3f691ac20e5b73e5c81861a01531203df3cf2baa9e1b6d004733a42a6 |
| SHA512 | 06145861eb4803c9813a88cd715769a4baa0bab0e87b28f59aa242d4369817789f4c85114e8d0ceb502e080ec3ec03400385924ec7537e7b04f724ba7f17b925 |
C:\Program Files (x86)\Steam\public\steambootstrapper_dutch.txt
| MD5 | 31a29061e51e245f74bb26d103c666ad |
| SHA1 | 271e26240db3ba0dcffc10866ccfcfa1c33cf1cc |
| SHA256 | 56c8a86fa95eab0d8f34f498e079b5516b96d2a2f1ad9c2a888555e50e47f192 |
| SHA512 | f85865c1e9ab45e5586d3dd2b45d15265193e8a3c34b6bb1ac7e415a1ea878cfb044e8e01012e917e4f00bb9e0a422f56253f328df1bac99a145e19433354cf8 |
C:\Program Files (x86)\Steam\public\steambootstrapper_danish.txt
| MD5 | 03b664bd98485425c21cdf83bc358703 |
| SHA1 | 0a31dcfeb1957e0b00b87c2305400d004a9a5bdb |
| SHA256 | fdf7b42b3b027a12e1b79cb10ab9e6e34c668b04eb9e8a907d8611ba46473115 |
| SHA512 | 4a8cdd4b98432ba9d9b36bc64aab9a2eab31a074d1cbdfab3d35a14216c60752b5580c41bbb70104993420043685d3bd47eb6637b8fcbb3f42f76a15e4be041d |
C:\Program Files (x86)\Steam\public\steambootstrapper_czech.txt
| MD5 | 2158881817b9163bf0fd4724d549aed4 |
| SHA1 | c500f2e8f47a11129114ee4f19524aee8fecc502 |
| SHA256 | 650a265dffdc5dc50200bb82d56f416a3a423eecc08c962cfd1ba2d40a1ff3f7 |
| SHA512 | f3594aad9d6c50254f690c903f078a5b7a58c33bd418abdad711ebb74cfbdb5564679593e08fb2d4378faaf4160d45e3d276ba1aa8a174ed77a5791bcac46f28 |
C:\Program Files (x86)\Steam\public\steambootstrapper_bulgarian.txt
| MD5 | 4c81277a127e3d65fb5065f518ffe9c2 |
| SHA1 | 253264b9b56e5bac0714d5be6cade09ae74c2a3a |
| SHA256 | 76a6bd74194efd819d33802decdfddaae893069d7000e44944dda05022cfa6d9 |
| SHA512 | be077b61f3b6d56a1f4d24957deaf18d2dff699bda6569604aac4f1edb57c3cfd0abc5e2a67809f72e31a90b4aed0813536c153886da2099376964c60e56001a |
C:\Program Files (x86)\Steam\public\steambootstrapper_greek.txt
| MD5 | 189ba063d1481528cbd6e0c4afc3abaa |
| SHA1 | 40bdd169fcc59928c69eea74fd7e057096b33092 |
| SHA256 | c0a7a1df442ac080668762df795c72aa322e9d415c41bd0a4c676a4dc0551695 |
| SHA512 | ce59ad9b17bab4de1254e92ce4fe7d8c8242832f62ab382e8f54199a9932cd11b5800cc33895441426373d5210cc74104e0271b721a7e26ed400b716ae4d5903 |
C:\Users\Admin\AppData\Local\Temp\nsx304F.tmp\modern-wizard.bmp
| MD5 | 3614a4be6b610f1daf6c801574f161fe |
| SHA1 | 6edee98c0084a94caa1fe0124b4c19f42b4e7de6 |
| SHA256 | 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b |
| SHA512 | 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281 |
C:\Users\Admin\AppData\Local\Temp\nsx304F.tmp\StdUtils.dll
| MD5 | db11ab4828b429a987e7682e495c1810 |
| SHA1 | 29c2c2069c4975c90789dc6d3677b4b650196561 |
| SHA256 | c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376 |
| SHA512 | 460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88 |
C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_
| MD5 | 577b7286c7b05cecde9bea0a0d39740e |
| SHA1 | 144d97afe83738177a2dbe43994f14ec11e44b53 |
| SHA256 | 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824 |
| SHA512 | 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0 |
C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_
| MD5 | 836dd6b25a8902af48cd52738b675e4b |
| SHA1 | 449347c06a872bedf311046bca8d316bfba3830b |
| SHA256 | 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64 |
| SHA512 | 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80 |
C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_
| MD5 | 00bf35778a90f9dfa68ce0d1a032d9b5 |
| SHA1 | de6a3d102de9a186e1585be14b49390dcb9605d6 |
| SHA256 | cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2 |
| SHA512 | 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041 |
memory/4780-12959-0x0000000000780000-0x0000000000C32000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\ShaderCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
memory/10520-12996-0x00007FF8639C0000-0x00007FF8639C1000-memory.dmp
memory/10520-12995-0x00007FF864260000-0x00007FF864261000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Local Storage\leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Local Storage\leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Program Files (x86)\Steam\config\config.vdf~RFe5a2992.TMP
| MD5 | 3cdebc58a05cdd75f14e64fb0d971370 |
| SHA1 | edf2d4a8a5fc017e29bf9fb218db7dd8b2be84fe |
| SHA256 | 661f122934bbc692266940a1fe2e5e51d4d460efb29d75695b8d5241c6e11da7 |
| SHA512 | 289c40fae5ec1d3dd8b5b00dd93cf9cada2cb5c12bcfefea8c862ddf0a16dced15d6814dad771af9103b3a5d3016d301ee40058edde3fdea30d9767146d11cd6 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 6e6a2b18264504cc084caa3ad0bfc6ae |
| SHA1 | b177d719bd3c1bc547d5c97937a584b8b7d57196 |
| SHA256 | f3847b5e4a40d9cf76df35398bb555117dfe3626c00a91f2babdedb619d6ad53 |
| SHA512 | 74199ff275400b451642cde0a13b56709735676959d65da11ac76dd645ab11dac5de048ff7ede0cb8adb3a3056b3ecbeb3dc7481bac3768d02051e564c74b679 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | a2ec2e91c3ef8c42e22c4887d032b333 |
| SHA1 | e2c738a2e9400535b74e2263c7e7d1ecefe575f2 |
| SHA256 | 8f9f970835f133258a7f740126012439385bbaa5a1d6a9d0d967a390977441c3 |
| SHA512 | b069d241efb19e09ec8b5e60ef6c43e00d5cc0f774b9340127c2180356dd1964ac625c1afdfaee5f99e72b26f56046fc329aadbbc365b403af765a55e9c9aab3 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 3e7c2d80d26b31d010e8e8dba561f5e1 |
| SHA1 | 6fb2f3c092c24950f7a0752352797bd9a101a131 |
| SHA256 | 7b163ddabb049441be82532773e83648450720102dfebb7893bae56b5b79a90f |
| SHA512 | acca5a269aa31e6038f03753cf30a449a887ea8d8d40e5786f68ea184e1424b3741fb80330382b8b06eb72b8c7678d6f48d0154fcf55152c875e4f3826d305c6 |
memory/9784-13101-0x000001F2D59A0000-0x000001F2D59FD000-memory.dmp
memory/9260-13100-0x000000006E400000-0x000000006F741000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000002
| MD5 | 45886a6a9aace3fad669a79bc3191ce5 |
| SHA1 | c24b4a569c0fee533ca9db199feea061ccda03f9 |
| SHA256 | 99d8caa7d664ce601c1e90e2b94cd63c6c5ff70f3d9871223f356f89341a43a5 |
| SHA512 | 2dfc402d0c3f39bac280ea49bcbf9edcf7d849c23ab97422ddc0c46d2a18250e90bc66a6a407e437defa1eff3ea745ea657fc2a21f6211525e35a560a31c59ff |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000003
| MD5 | 9fa060a599b0ee1912f2073ed59df3c8 |
| SHA1 | eaaeef616747d09506c6ed1d96901d2c8d1ad4e0 |
| SHA256 | 7924474a8f327264982347dc932997ed49890ea4114925024ba678fba2d4e90c |
| SHA512 | 93837c0d1bf848ff603073bce6ac252f770a35fad094b294609682e11b04b463292c74c8440891e89741f28fa67a888ed6fdc1575fda99a3c2b6065ccc4e7b47 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000004
| MD5 | 544a6e4b1b34c5132739a0d2ba39b18d |
| SHA1 | 683d474bf1ef4998ae5e37bdd219f34f15a12eb5 |
| SHA256 | 369ca10d1b319a8fb94a6cd6143f4a524833faec18688d733508dd2c4f6db7e1 |
| SHA512 | efa73011d5933b27c23282e0e3caaaec3485d6db3b92212106fa6636b18365704904e7cc444a8b51d0e32d3a29c13e1bc2dc296214c492675b912de85824d4c3 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00000e
| MD5 | af5256dcf1ad35a9c186d180372e992d |
| SHA1 | d3f93c5db0aa41589e9d525624ff518c9343b459 |
| SHA256 | 035328de83fba90fccf87a4c8ba797fd4f841b08a7b5cdd8cda582a396daeb86 |
| SHA512 | 2934d2de8cd9fbe94b0b179d7a460c2e671f726c1f93e3a04cef15c52ee437f6c3810c2402caace0fba2225f1d727dd3178630ddde83c51b55a3fae8b49d3637 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00000f
| MD5 | d285b525b70a051564f76ca71504e368 |
| SHA1 | 333744cde9de37b4936c98e90f5a38b1d90af845 |
| SHA256 | bce39f57831630e2ac08ef2cc9bcb6cf6395149ebe4c487bd136cf8881591637 |
| SHA512 | 5739f18afd9c2f07723e4e1ed9526d90ac2e541284a57efc51b464e0eb3f9ac7ebb58304d453d300e98110efb881ef0d3f8673847f01162bca0b02290c1cdfdb |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000011
| MD5 | daf4bc548bc47e46ac4221c35e57b3e6 |
| SHA1 | 232e6919b20457c5564cfb4d5510582a15073b27 |
| SHA256 | d2efa5f3652a92740b4f9349f4fdcfa550c0564f99c8eec357518b6ae8c9ebae |
| SHA512 | 45125729ef6cc2fe403545f096872b0470be4d932da283aa708ff9323fa0da18157b586efe7243aaa30480c0d7d2bd0606ce78644beae976ca81c350e134ff36 |
memory/10520-13169-0x000001E777B00000-0x000001E777B31000-memory.dmp
memory/12984-13171-0x000002610C850000-0x000002610C881000-memory.dmp
memory/10040-13216-0x000001F95E3B0000-0x000001F95E3B1000-memory.dmp
memory/10040-13218-0x000001F95E3B0000-0x000001F95E3B1000-memory.dmp
memory/10040-13217-0x000001F95E3B0000-0x000001F95E3B1000-memory.dmp
memory/10040-13219-0x000001F95E3B0000-0x000001F95E3B1000-memory.dmp
memory/10040-13222-0x000001F95E3B0000-0x000001F95E3B1000-memory.dmp
memory/10040-13225-0x000001F95E3B0000-0x000001F95E3B1000-memory.dmp
memory/10040-13224-0x000001F95E3B0000-0x000001F95E3B1000-memory.dmp
memory/10040-13221-0x000001F95E3B0000-0x000001F95E3B1000-memory.dmp
memory/10040-13220-0x000001F95E3B0000-0x000001F95E3B1000-memory.dmp
memory/10040-13223-0x000001F95E3B0000-0x000001F95E3B1000-memory.dmp
memory/9260-13228-0x000000006E400000-0x000000006F741000-memory.dmp
memory/7468-13235-0x000001C389800000-0x000001C389831000-memory.dmp
memory/8016-13236-0x000001FD3F4E0000-0x000001FD3F511000-memory.dmp
memory/9260-13237-0x000000006E400000-0x000000006F741000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json
| MD5 | 602c49f9246967bdcff45b4f43cf2fb0 |
| SHA1 | 4c5796e0c724bbd7a9244cc8a0fc9e8f40181f2d |
| SHA256 | a3ad9649c1038078038be1abd591cdba73b4b4f5cf30e11bb6cb7a432b746114 |
| SHA512 | 2f273c0dd0127071f4c768cfe7277c6efff84c1ef4f4271c1326db3658c84261794b106af3198717f349fbaaaf276163700bbb50ae20fe52ed0a88a192d46f77 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json~RFe5a9be3.TMP
| MD5 | 68b20851ccb9834d21fb32615e42bd43 |
| SHA1 | 88fab935f0b9484994097c08f785e9ecb7d68127 |
| SHA256 | a954b528dd65ad6c4c2091fa32f17abdb7a49454ce88e10bb6c377734c70c26f |
| SHA512 | dcb0771120c8fe35213d60e9abf4b242af807324759e3c99e9b2569c00a941d885d53ef6fadfe69e6b740e0b52a6008602605d643801190a2d29175a7d065e15 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 6d6bff8d4dd0a15ada2f67bdb6f04bc9 |
| SHA1 | 3cff423940541f38caeab83f9e0469eb6a8f0528 |
| SHA256 | 329b78d2219c8d2e14c6f060233c8f39580afad0b31cfeb8989cbb4da8138bc7 |
| SHA512 | 151bda9290fc03cf9d292581deae269f88386b5465e92a23ce9963c1973a1cc1944a9af349f5f07836cee12554c0375da758ce84bc0a7ab8ea5e9b51095d9364 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity~RFe5a9c22.TMP
| MD5 | f1779f985affcf833bdc49bedd779aaf |
| SHA1 | 68be26c2cf085e0aaacae4053fc69f42dd4c8aa2 |
| SHA256 | 57791ac0a3cbb5869284b28537180beca0282090a6664773cba3d11bde2debb3 |
| SHA512 | 107fee46a7de4c265ffe0b12a12ffadfb5e7056a5dd4fa59163495a23ac50159ba4b2ea4e5e2217497f62bf7a30a1adcac642a59cabbebab7fb255be63b20611 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index~RFe5aa3a4.TMP
| MD5 | 6b8f39e562de6327b769f139d02e41ca |
| SHA1 | 05cf08712c0ca1891b232399d700bf643c20ac4c |
| SHA256 | 6290e4a64ff27e6e00a9dbdd28643ee80f4e7f6de6aab73ba999b7dc420cf08e |
| SHA512 | 0ec3c0c61968d38e08d5c098d13813a0ef94aa315c8578964bb514e90c73dd6ed795fe8ad4f7a92477c5db4e9dbb6a41c2ab23b39051fbd3279598f8c5cbe777 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | 0db170026e24977562053d63700d36af |
| SHA1 | 5017604336a0d5eeaafc6305d4830893ba5f23d1 |
| SHA256 | f722c78f41438690f6cebce78e680d67152671e21e6afb165e7e9168ada282ec |
| SHA512 | 5016ebf8071d6b605bb41d130178fe828f80afc30a4ac725e904994c5ba5de3e364897c2844d9f698fc74fe4c1864424f82c25b29db28bc4d014ff1c814d436e |
memory/9260-13270-0x000000006E400000-0x000000006F741000-memory.dmp
memory/9260-13276-0x000000006E400000-0x000000006F741000-memory.dmp
memory/9260-13282-0x000000006E400000-0x000000006F741000-memory.dmp
memory/9260-13289-0x000000006E400000-0x000000006F741000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | 6886a32af9462b51b0b38501148b5758 |
| SHA1 | 0e16bf4d8c201e96d37d5a2137ca6c971e051988 |
| SHA256 | 157e30508e45b80922115a7b4a31619b7a2234c5bb0079dfd2b175a97c53a766 |
| SHA512 | 286439d92dfbd40d7f2daaa253513a2ff96a7c5a43d118cdcec0b48468fb59544c1706984d1c85abf9e89fe3de06d850b705cd5e15faac611f141b508a1376df |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json~RFe5b36eb.TMP
| MD5 | 3e74660230b54b98958ca7e776ce6b69 |
| SHA1 | a1ce5e9e4f4fd9f96fbb1f6a3caa5c63aa0dcdea |
| SHA256 | 20a2273ff32561bb95e0262ad54773b71fee2be305d1408c66a5c31d076c8c2e |
| SHA512 | 8645fa0b08e449838a04671004ef6a7aab45c961223a9ab04e32faedd680e5b93f7312237a830b4ff80d7e06a735608a2125a1a9813754af85e6400115aab0e5 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 239fd47d7f255736173ce8daf3a9e207 |
| SHA1 | 68af0da40ede48ad30e6b3c5409566ec00466c95 |
| SHA256 | ee3494eb7addc5fb1bc9e87c71b0062741a3048c7f0c64ee915dc5e825ec09b0 |
| SHA512 | 901bd52b4b025aa012d7e66af04482a46e6ae098f6cda173e665cb1cce88bee0e37e60fd31a2c613266abf300a9ab2270c6fba5d7d5df013893c91cb77903521 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State~RFe5b4a73.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | bb44d505c0bf7692c3e89850edbffc16 |
| SHA1 | 7beb0a1e4782a610c5bc56ee050e8c2bcd303a32 |
| SHA256 | 686c2cfdd7df53cef770c4b1140613dccc439c1ece00774005c066984a3e7df4 |
| SHA512 | a22adedd0cc174c3ed2a693f350c972017a966bc514ffb928a070a56b0839d36678de8ce60d47097d5bb146824ffca16359c2079bd702a345acfe8612949187b |
memory/9260-13334-0x000000006E400000-0x000000006F741000-memory.dmp
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9784_234712922\manifest.json
| MD5 | 2ff237adbc218a4934a8b361bcd3428e |
| SHA1 | efad279269d9372dcf9c65b8527792e2e9e6ca7d |
| SHA256 | 25a702dd5389cc7b077c6b4e06c1fad9bdea74a9c37453388986d093c277d827 |
| SHA512 | bafd91699019ab756adf13633b825d9d9bae374ca146e8c05abc70c931d491d421268a6e6549a8d284782898bc6eb99e3017fbe3a98e09cd3dfecad19f95e542 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping9784_234712922\LICENSE
| MD5 | f6719687bed7403612eaed0b191eb4a9 |
| SHA1 | dd03919750e45507743bd089a659e8efcefa7af1 |
| SHA256 | afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59 |
| SHA512 | dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | 1bb18749210471c6485d4800ef1ff368 |
| SHA1 | d1c8dc76b09221ed94e45d1fd843ebf65e45e919 |
| SHA256 | e5b36badf4a147c916a54a1129269d223adc44e4ee1e033fba91da34cdeadb04 |
| SHA512 | cd89b2c5b9838f7735247cac107e46e93bbdacaeb3151f468f28b44fe9156780c0f5462217e21a1715d37af416a2b2dc79ce745ae14cde52a2de823435b494ab |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 29495df06325258530c9611822b8a8ae |
| SHA1 | 681f94578a1891e882f62d177c7896c073cc8594 |
| SHA256 | f317eeabcfdfcd918beea049d669e8825d0eed7774574a6b9be778767e516fc3 |
| SHA512 | 320850ce0609bad7e82e129e8e44721dd8e20cf7745aa33c039e5aabe2d435778200d503088603c124adb8e238f10ed0dca93d5f013b9d00c027ae0613204ff9 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | fd945a8ad4bc41cb69e634db73f657f3 |
| SHA1 | 85f786df0c1428b4dbabaf79c5cec73c8da937f4 |
| SHA256 | 0032638b62cad65db165b8ef013bb4dbb5122feb37a8ceecf08403a74af8bfb9 |
| SHA512 | 3ccdcb2906bf4d651e4b4bf626f573b2db43cc11dfce64309d601e1d478cc4c79b7808da94b6b02dade6db4d0e693206f0f3c606595b680002351785b1219581 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 569584ad29aea8a3b47f6cba708570bc |
| SHA1 | 93bf2d23a4fa9946e092a4fa6dc70b168385be02 |
| SHA256 | c1fcf2c94320d3fe11e781276d5f05f0a815847b1b20b965d0a85328194ea875 |
| SHA512 | edd5cb52aaa3ee69267934dad8d7f2dbd89b3eb1f778694340d5dae9297881cf914b8444f8123aeb178e1dc7367e7108e5f58e8161108e5a858035fa614bdfad |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | e441f162d64b4fd65eca8f111ea6fd46 |
| SHA1 | fba814351530ae684e70b606bf8c9c8fcd2192db |
| SHA256 | 0a3238021d465a0d2a3d74bdf3e6b9112b89d6beb9024c49197d2d6df1cef1bf |
| SHA512 | dc822f636e1eb300dcca35238283f83936b94930bc17dfa476a2c64208db895634403cbdf8b09be5ed1c44dc05804ada6e9c39fe6b95a72050dea294276d6f4a |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | f1b909ab77b44a4ee246302ff67e8279 |
| SHA1 | 2a16a92547cf0fbf5424d719f15206a5025c04b9 |
| SHA256 | 36b9bb26af0585bec8685c148f405103355e53596914ce5a778eb4b49a4061a6 |
| SHA512 | f25c43e2e2cfa623954b5725fbe4e157e14f66726ea9776dca4ae323de334ef37dc0bad6ad60c4e762d2cfbcc2173af74225635542452389eb907be04b68b2eb |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 37fca5d2fdf9eac109784938e1be115c |
| SHA1 | 150c3430adaa9884db725f518a6c954fb3082647 |
| SHA256 | 9a4ca689ee16173d8f686d9e7c061faf6ae547a43b4d347d07f9fa5c81c642e5 |
| SHA512 | 268e4003f9f4acdefde5e494a453216c29585b73f9399a1feed5c29b62b57eaf1ad803d869a899218465fb2547375fd6851e39d7ba97ce4696260008f57c51a9 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 444596a0e400a128f7b9270c75f81f84 |
| SHA1 | 75290fb3be5f9b00e4ba66d62a71e83312643d95 |
| SHA256 | afa9e1b7db8d3466ad9d0b8d83639bf4489da9583d6a699fcf6ae105d3a33bb8 |
| SHA512 | 2fc54ffe05f235e3dcb589923841bde5e8140b5042cc42c2fc8411b043cffd4de5ccd4ce14421969a76232d8920a7d1798174113137d30703b58d8ac7144436d |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 1bd8f5c76a779249278b70f69b4794c8 |
| SHA1 | bd0fd9a78cc2f19557b8d7e068738a1a59ad35ce |
| SHA256 | 4905d492b59c71896fef2ee7fd8dcf3c5d83981e7331c0b890f023903afe865f |
| SHA512 | 642d986cec868494d3644b36813bbae77ce89962b2036f0d75c87dd446fe37dcfd61755a986a49d49514af35efa92f3ad9728f108b780e4b15ee00b531966c34 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | f2606eb28c4d41e5eca7f3cc881b2ece |
| SHA1 | e9ca85aa1b45e94525f3842aa2e931c2536609eb |
| SHA256 | ec1985abd5408c61f59c5455af3e3c9228befb786c747cc64d32eb4a62d3b59d |
| SHA512 | 34fc5307c0ae71aaecd481ff7aa9b404a35e42e1a3926eb65e3fe6eaedccdb0a7263ad271e96dbeb158f1ade83a4574096e893d68e6a7bdc477a535ec6a270a4 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | e71a2a2fe1f8fe7484a92ba0d61f30c2 |
| SHA1 | aef883d13d98833ef8ab853ec05b4d0fecb3545c |
| SHA256 | a9d5a017498624b05190d557579a148ecc1e0966f0421f22a7f7cc5a9b995462 |
| SHA512 | 3d5d398ad389c11e22bfb53d2cd560bf75bfa2ceb6e3ea6a5d4aad170b040f0f151ef28b362ce5c12622a6c01eb566947372f34032bdf6e4ba9db667c885b9ea |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 3ad1147527a56fe40ecadcb5e5101c9a |
| SHA1 | 7b0b31b94413cff202c17fd4b4a67a40648b35c6 |
| SHA256 | 0ab0a258a10fe716afdc20ead1037a420875e966e4c2e0b10c558062be1b4d06 |
| SHA512 | f3eb52279e9bc3fb9d3e665c0fdab1156dd246a96ecaa23af18cba8178632d7d569c72a24bf63dd105f1ad38b4ad4288f9e68a8fff01e953e5be56b205616cc8 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 748049dd35bdb652d20e237fa065b825 |
| SHA1 | 84606b00a6dc0396a992ab8682cd18e5d760f1eb |
| SHA256 | 6c2f29f58c717d377966d3f421a1e3f74dc5d4cc97db47eec989ba758e7b3729 |
| SHA512 | e851e48a458465d803194e9c7b34b64b7d9a35cb9726517952e8831f282aa452d98b4ea6003e2ef5c069ec80861ea1edb1d1166c32b057a5a95f1c74415827b4 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | d6c0eb0b9a22d4768e38ad7c56a2b59b |
| SHA1 | 4a4f43c7826f0312e9b1a6a86fef08b851094ae8 |
| SHA256 | 029a1d54193b72b43a25a49046b9796faeac2433bb7123f11664628aafcefcb4 |
| SHA512 | 98b2bfa9c5270d1d26cb20d462d3941b58f208b0000d65799a36d9963271588da8b7af646926d19b3b9e7fcc4d55e5027544041844be69bb35c73146b83a8090 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 783c7606a9736043115c940a227fd45d |
| SHA1 | e2e2a716159bb0723706f5af537279a24eb151f1 |
| SHA256 | a7f3e22f240b239d5147daecb27e6f8dcd9032021c10c27b88f153fc5eed009b |
| SHA512 | 14e67a7ba9a7265f17709bac38a09148b087ce6f8e1d82f9d38f840806e2273ae8c857bc42262f165f763d6754b98fc16d394387576c276c780adeb0592c09e5 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 318db031247a915ada93a0ed4e5902fa |
| SHA1 | 0f6c44074fa9239eea712faefd8d96978060e687 |
| SHA256 | 3e5b86b0f061a40a6b71e3739cb30dd6217834c5401dc9f6d71ce83b622c6592 |
| SHA512 | 15fd3d7967efc1b03c2a3e313e91a10ca155522f91c6d51dfa66bcf09e31bcff435ed6de52f4ffa7e38237155669c3a1931030c5d22575c57cb07b829c468f30 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000013
| MD5 | 190eba47c2a18464f7f3287b9807b800 |
| SHA1 | 6897d78a779a16c68c373f1de5370acae23c2483 |
| SHA256 | 75e051e989f7d235bdedefa513d8b3c1f47bcb87dd86ea3c63dfb45f142a2ffb |
| SHA512 | 8c4ee0b9160b48c9555aeab880065b0099d15de959ac30a80bd539eb7fa2b95e3132a16bbe03e576e84d967455d4af25b47aab3b2ae8fb782f8bac34b8d748fe |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 6683f23234cd21b22492f2e6c5cfeaa0 |
| SHA1 | 8ca9ac0bdf8feb58b136a82f3b39e169a046fe73 |
| SHA256 | b42d414d04dd0457a47dc6b54ef22a450fef2b0d0f6a12f57f5bb79330595311 |
| SHA512 | 54b48abe21bff1e180391f8d66c60e640de2ca47bb8458940b66e5efc0d97b851dcc263df35adf5a12961818fd7723e4090900d9f89004de72ccea646e2f5239 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\temp-index
| MD5 | c390d5edcb40d86af824e8e905ad23be |
| SHA1 | 9dab8b95e9a3de0915248f675e8f139646cc997e |
| SHA256 | 74ca1bc01f2c81f875e22c4c546c5d0cd66f0c4569e78c5d5012e99f2dc8d753 |
| SHA512 | 26fc2fdf4a02b8f588c6053835376d1ac8d8340b4c8ce0e798ed396dced9a13bf93cae88fb8a4a7c7b2a6851a3bb3f738c9fc04f282efc0d94d28130f47ccb7d |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | ac1f36a1fa1ff3ebda034f4f62a6f5ad |
| SHA1 | 8b57ae402e0d41e08e2033906ea3db46c4895bb5 |
| SHA256 | 5c72014bc6d94e764ffb365b47af3ce5ee59229829339902dc934796722698a1 |
| SHA512 | 945eba198674dc400d38f8ccb9b6ada1312124e5dd15e2ad1b3e276444c2c36b1f06552cd79a10acccbe33f1fbdcf45c5e7bdfaa5f3d26ac54528fc3792dbcd4 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | cdf76ba35fba1a6e8cee7d00cb6a3c16 |
| SHA1 | abf3ed8c7f4d3061f5e7f601136945a1ab2923cd |
| SHA256 | 0ffa2fb0fb2565590fd5c10ea07b9628b45016796380463a68e7c5eabb07782d |
| SHA512 | 5088cbde7b4fbd9e0ab4b595954989c1feb9958695d8c99726017ec61e8b309b3d0d3577a7c37f0f0abd70fac85d3fcd23c680e958918377b0706a806319f95e |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | f2c0d79c7e575332ff92b99657c0488c |
| SHA1 | 1560e2ad97d61765e6248a2f12984b7a4f69c1c6 |
| SHA256 | e13c783bb5f2449ec9bc3b322dbf40df2ccdb81ab377ae7be06aa1810f987227 |
| SHA512 | 362d8d082da74eedea7317f349b3e3773d5545def70ca75d638848832a73924adced48f5761bd8b6748c1475680d7576e4a10b7a3e9b303fc4bc6cb76278cfb4 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | ca916891082674ff321895448bd8a1e8 |
| SHA1 | 601dd1be8230e6f4640e1d6084037dcb252638da |
| SHA256 | 63b6cc0dd2c494936121e89efae75f090f48bfe37cad4e730939a301350f15b0 |
| SHA512 | bc53b723da2a083b0712dc69571a1e96497fbdaea05d8968e1330eb71ca3ea70b53f4517e45cd1a54ef48bcd15ccc69631900ec982b46f6b57c033c5f4db3b89 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | a741cb5850c2ec3bae2f496c2b3fae3e |
| SHA1 | 16398aa788e638ff49c01686f58b3bfdf486433b |
| SHA256 | 657bfc8118b709451a84bba1885b56c2ce10d08ebc00511279bf378cccb4abec |
| SHA512 | d292859e931b8264c808f700dcdaf6768abb69f60d8618b1cc84ce61fcdb88a65d9a507a410ba07ea29c6d774bbe37857662d1ec20e62bbbbce11063c4e230fb |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | ec1598bedcd7a1c2a3c4f74fda3a75ab |
| SHA1 | c7b7d5d4eb8846d06a2b53ab61cddfab48ac9f62 |
| SHA256 | cfd45487e18d0ac582947fda56c75480e6943c65acb1c0715f05d03ab4aef21a |
| SHA512 | ec82a1bcc39f117c95685751bdfbbddccb10799487726cd89fba49b6bde57cc736a50c1f22c00eb9c8dce52d9474f542296e62cfe0689ed88e1dcba59a567a05 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | d30a693e6cbfc24fd2097be1b0329c79 |
| SHA1 | f8aa25a6d2b03367363fdf0487832b5fd7bf79e0 |
| SHA256 | edd882fe90f7d9281db9bc44b77d721974ed1b20cd150453c71057b45c945859 |
| SHA512 | dc8b030def59a13991f984df1b0ff3cc4e295a0fc80384496e1b9f54427ed1f0a3556df4685419816bf107837692febeb56084306c15424f07cd3ffd9586ff0a |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 80f9696d4357d11b335e6786df05ef43 |
| SHA1 | f22a8a120825a0dd082b04fa1a8c9e5b09778142 |
| SHA256 | 85f5c9f08c2dee641672ba5f678afbacc13f58fcea3c48e5e55240661e69d0b3 |
| SHA512 | eacca78c59df17fe923d1fbe1e4f3b7ff3efbd7d4eebfde6edefdca4b010c6fc5b32f3183cfe1a4ea1170680e4bb4e84851c07de6b8d406c65d8f0e0307d7745 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 34a3d1eb43087310da82d771edba61ec |
| SHA1 | db4b35398605b07d1de671d49b12e00bd1b41713 |
| SHA256 | 9756ee3f4b39816feb661cbfcba20c00a502ff160f5dc7f96e101c04af540a0c |
| SHA512 | b3e23fb56fc5a3edf8da18a06c239b50f9074effd4fdb5414dc256e4b1409d74726ca0e5b3a24cd57d5fed119c8c8845153fc429ce253f918386ce54f66fbeae |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | f9bc647ac78901de1b244d82b475eacb |
| SHA1 | 9c36fff750b8e6c062f7b5e2966ba89f0fdcf382 |
| SHA256 | 278b9186c1fd5d67bd1f189ba92b94c6553bd55eb2cdc2539fbb6a1e375c0282 |
| SHA512 | c96e46f75480067cae4dc4f47f33815f1b408426636c289200f5b654fecf66aa9431fbe092f558b8bc94dc9d88ef4e8f101e532a94d6a4b63b0e808fa8ab5b4b |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\4169c757-90e2-4b8a-acc9-f89953e67154.down_data
| MD5 | 5683c0028832cae4ef93ca39c8ac5029 |
| SHA1 | 248755e4e1db552e0b6f8651b04ca6d1b31a86fb |
| SHA256 | 855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e |
| SHA512 | aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 731d506cd674f4fb8b2f6c2d2bc135cd |
| SHA1 | 49536bc28a3a1423706f7fb069a4eee1d9b010d1 |
| SHA256 | 8b9e6a4f7cb1aad7baf30c879bccc4e6fb29f4013879d46407900a3c695d6f1a |
| SHA512 | 67724cd90e5c441806ef8612a6b7802b2dc35ca02c1bba064b0a3d452077d28ff6e65d8acf8160d98be0cc370b989818f9231f37cb13019e03dd00c433f5b9d4 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 83e4a9e127e4857bbf017ae40fef1c30 |
| SHA1 | 7eb428d626e28e73b3238ab08747fd0b3ef3265c |
| SHA256 | 3ccaea2a1d1dd90cceff02a5a2907344494584181d6d9bf57529ac3ccf47d48b |
| SHA512 | 55e0a2353ec825ca28de6f563010d5315b850c402e00c4abf1b51f3e99c411b03cc4db0f96bd0a2c0d2921a6915cd36a95644a4dcff964ef3669c090cef3342c |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 4f7825508fba40e65b432e3d98593fd5 |
| SHA1 | f231ebccf21a129ae22903c9d0e0ea635dbfe7f0 |
| SHA256 | b1b05194894f46df8929d186e144b9020d4b69574cece388dc01a3457ad3d4d0 |
| SHA512 | cf2ab022717433fb2707a2c595316600bfb7e8b78437608bd48953abe9d87eeb6751142e9c87c1cda868a1dfa796e093575d0e90e0b9196376f7cb5dd2dad566 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 01f5d7ecd9e6767da2a9f0c490f60052 |
| SHA1 | 5d0e93df0ea6fe920346a3f143f624051c6a832f |
| SHA256 | d543a84b38c2e2d0354424aaaa3480e8828bcc17e11f74076b8aa4d76a2e4a77 |
| SHA512 | 5cf4e89078c23b5e49f6be0ecd4a998849c5f261ce7341a87e67f4b971d6bae6464a213a42c2653578a8b7e44f6b7df58b03f1b4d47eabb18d5e68d145993c41 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 15418e6d72265c10c199b3bfaf960bec |
| SHA1 | 76f116d07d44430b035eb147f814d042fe57d5f6 |
| SHA256 | 2312bdd739395a3735637195e056609caa120ffa0f65553bf6a3167ee245956d |
| SHA512 | 7513f95cea08dc75a8d3f9af1480b66d7e94bc9e02e1ee2ce39843f005bfc12bec1ee51c0c2296ffb71e19c38d5b81023cd76bec326c2e6f1df32dd8d9e30cd0 |
C:\Program Files (x86)\Steam\userdata\1456296740\config\localconfig.vdf~RFe6d791d.TMP
| MD5 | d50a8be6485deb9327fa0362c04245df |
| SHA1 | 6a997713254aff5698a375ec03bf31ec1c26a6e3 |
| SHA256 | 9bbc63c8abb60985dfee6c2223d4a15d4e5b5ff53549052ba5a1558ee0877de0 |
| SHA512 | e79119c80fd8500ebf1d1e85dcfe526b270a33785a2be9ddee8fd83cdaebac1675618153d9d9e9b06daed318c11b39acd0378fb493a4a2a387ee0723a31fc427 |
C:\Program Files (x86)\Steam\userdata\1456296740\config\localconfig.vdf
| MD5 | 374a8f191960f84915dc85e3ae231442 |
| SHA1 | 2363737edd59202fe717dff3cb41fe62a838332a |
| SHA256 | 47cd5bc411c6a040f03a6f692fedd6a27dd2c74c0a5089cf365febb9cdd154a0 |
| SHA512 | 44f2a90149c6ea8237fb29eb21ce9a5528c94a1c4af13744fec8a6c9a2f313c8e3eb9aa67c187fb0477e9b31ea6ff56f3536ffc5f99d7be95c73c40ef5c10064 |
C:\Program Files (x86)\Steam\userdata\1456296740\config\localconfig.vdf
| MD5 | 4cf5ddbad5af3fe162321e79c4af975e |
| SHA1 | 131ea23d8ca299f2c95f7f20219c982e6dd77f9e |
| SHA256 | 219f763c9e5f65deccc2eb44d80adf43b9bbe3e78d628f63c12c12c4dad1e6f1 |
| SHA512 | f11723691605e527f9200e0fa526c58a38280fe8ba73db9bc6326cc7f59c9940cd1a9569d73f6759c5b5a23499388d99f411391711f57c64bdca04c0c3aa27db |
C:\Program Files (x86)\Steam\userdata\1456296740\7\remote\sharedconfig.vdf
| MD5 | 0b7765037fff002484ff20c37bcfd619 |
| SHA1 | c818da256b671d222c493c0762feb9a5603d2d37 |
| SHA256 | 87e7e6fc1035395b3d5e788996a775c46c94652da5ba980d836d1d8dbfce3e3f |
| SHA512 | b3b49495ba4322414b0c468e8102994767ca6f0656071021c6c64befc70b5ae46351e9cbf67fc85fbc3fe95b6e03766d388c5c9cdaf806af0b9d785318ce004e |
C:\Program Files (x86)\Steam\userdata\1456296740\config\localconfig.vdf
| MD5 | 740979efe906407f0a2f1800ba3e1642 |
| SHA1 | 047149de2ecb5af6b53f11e23da38913c83b36bd |
| SHA256 | cafb5e6821dd72351b81f104914c598b1b994a5247292848a9a3f3b3d04a3804 |
| SHA512 | cf90f57df4d50ada89f0e4a99dbec1b5c8f02b65e9a406266292f2599ce4dce9ddb5e7377e8ecf239550ddf10dcf8ec00353295fc1616b288a46c12c5ecbf506 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | da69839c6b8271b65bb160f274dabbb6 |
| SHA1 | 0c7bf940c7e490ad4c1547723a6c90962fb9d987 |
| SHA256 | fa7d17d492ca339058f3876daed4c63d347bce64df1ae2a417517bfa5bfc991c |
| SHA512 | 2d5bcd87b75553bcabafc4a86f159f513bd6c3934a2656248de2aca6e8175dbba6d4d726356edf7083b0a4a83b97d2cac6b2329e6ca936795f88c25102f489ab |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 27c10dc29126d6dcc00bba103f072ecc |
| SHA1 | 76b828deebee2ece0891f9bcbdf1db98b4bc30e6 |
| SHA256 | 13422cc02467a8ce5ec4db4cb241d40a2f37f7c552caa9ac2323c6ea808fb042 |
| SHA512 | 5b2408e31fa47e0473a2b9b8e42ed805223ad3d8953cf4914749e10019abe64983d325c28068fc5f232cb56a64beedeb97f272a7b4fc4506b12fae5f593289e8 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 14b6989118d1e1dd46f1c8cfcca465de |
| SHA1 | 7dd930fff45ee424ab4b891877a6b5e30c94092e |
| SHA256 | c92f41360520d2672126e89845b3037f2ca2b285cdacf12ab3d8e819b3b829fb |
| SHA512 | ef4f6c838cec4c549d643a3dc08558739ec45c96b9404a03ab192ad93ca5c02d4e6a804029577420c89366d46071e36a09b3b15d8e22dded917c8dd31855bf9b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000005
| MD5 | e13edde4a25e96e573f37bdd11e020aa |
| SHA1 | 84a0c3cc6cd74b149cc27de2b0fe48bc2acb70d2 |
| SHA256 | 45b526e6aa5356b278aa37e67593a25d09c9653e8a0e71fb8e155111d3b7a515 |
| SHA512 | 9ba4cce47994f949731e594538f56f423ee46a8e602fe922ab6e1d173b87831ae5a80d967d695fc45a08b25aef5c494518b43cde6b4709db690e904b2cc1c053 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000006
| MD5 | ef94e26e09fd6962f86f29c1c30f7447 |
| SHA1 | c574353d60b5973522a96fe726b0d26092167386 |
| SHA256 | 2c3a7f1d3f5524c76c35942871974ee222eb012c65ec7f19d83c392f87b50847 |
| SHA512 | 77abdad3b1f76fdd8eaa4cb3b2dcb9e5e0c00f46f25b52420e24129c4b178b34103329de52c15b130c3dec214c77e25eecbd2294855c1b3ca39936c8c94a5b26 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000007
| MD5 | c9e90bc8ec6a09d8a69f4a4dc6fe8b6a |
| SHA1 | f099ace175891bb8b81eea2595bf8de8027bec6b |
| SHA256 | 8fa6b37e750ce1df8e880691ea6dcd4aa922b55a722aa0b1df8ed6302aaf723e |
| SHA512 | c4bda62806935165c94191234b8782408876f1336279a26d58ab3a75f41c51433ad24516c0354a8a047c1e743c4fbb8989938b6a1ff29ae0585b3fd08230a497 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000008
| MD5 | fb8a686df2e4d5987c9e43e10b480df7 |
| SHA1 | bf85d7c64d6c23fb859989f0229c083aa857197c |
| SHA256 | b6b6c978ff263141e66d878ec683c0092f651fb874a21556d921e62e6c7ad887 |
| SHA512 | e21e7287672434bfdeb7de3cc63bf98ebf923fc709941364f68a8fe4ff19259c7518ebef4aa1ae5218ae845450deff5d10dfcc114f562bceeb24b0244900ee57 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00000b
| MD5 | b507567f09861406425726176430b282 |
| SHA1 | ef31ff9a5a918797c76752018a667e29e415e580 |
| SHA256 | 4390634070a440bead4ea3dc609984097da973983ac140b094149b4bbed1349f |
| SHA512 | 23e8a4e14a2a8608c817b88080fabce226ef7c280f5c87baa27780dc1307d60f75d215a91c3de6651f17e6df71219b3e51f2665ce9553c71f427a38e7c81d65b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_00000c
| MD5 | cc039445c6c92d32fb74a942a2876d71 |
| SHA1 | 71cc9c01cf705b61ba163bceaa62651865ef5ee6 |
| SHA256 | 1a71cffdaadd8f15a6268dfd76f3524409eb5fbad791ce30def403ea13a373a9 |
| SHA512 | 1834c2c6d6529e69746be6ef8b441997a7e05b00303b10cd2dbc16b0d18cf89a6ead9fb943732f56f7f9b74e347b1bb889a71f08baee17b6b69afbc7350311ba |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 5a2300c8efc2f599e20540a756699609 |
| SHA1 | 481787b180ab4fb6533a51ac10d468bf4707d65f |
| SHA256 | fb8cc5a8342064d410cf9c8dc03cccde515c7f02ddcfaac054be3b310c8bb3f2 |
| SHA512 | 5942e740ac1264b14b72ebbca1ddcdbafbaf848a4d991d8f0e2146e3984ea59900f8664ff0d38050d87a4ed32438f36c20cc47cec21a192ae6f764ec6d4c1ff2 |
C:\Program Files (x86)\Steam\userdata\1456296740\config\localconfig.vdf
| MD5 | b54b5b1d5c67cd013d3d3e27f883eb06 |
| SHA1 | f0a85c018c8283d3b5114cacc99033099aac53d5 |
| SHA256 | c1c3d601cd985f87ef738b67eddbe92785a9cfd7364adf1017d4b7ef1a8b9763 |
| SHA512 | 46b06d2d4adc179820790c0e5363f9c9c1d52e624a8df2cfc0b75e66dbc961e953098b83eff045fdd4d4e1acb8e453496e3bda6cf5babe90d4c8412cec57d3e9 |
C:\Program Files (x86)\Steam\userdata\1456296740\config\localconfig.vdf
| MD5 | 54838699cf43150f80b23d715ec80973 |
| SHA1 | 92cfabac710506af0f88d5a675a6b57b37c07de9 |
| SHA256 | dd11c232ceb2912aa319e395d334bae080a3499f9569dd4a058ab0d9d459b7bd |
| SHA512 | c6ffdda7353369b195de6b1f19e50e308808a65e7707b2050f3022901b6e4f5d6fff52abd2a76f1599c2b57ebdf379fca868df132bb153e12dda9ff26eb5ce45 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000012
| MD5 | 57613e143ff3dae10f282e84a066de28 |
| SHA1 | 88756cc8c6db645b5f20aa17b14feefb4411c25f |
| SHA256 | 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14 |
| SHA512 | 94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000010
| MD5 | ce6bda6643b662a41b9fb570bdf72f83 |
| SHA1 | 87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8 |
| SHA256 | 0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6 |
| SHA512 | 8023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86 |
C:\Program Files (x86)\Steam\logs\cef_log.txt
| MD5 | 5beb72283195ee05837c6ea8606b8930 |
| SHA1 | cfd57984f23640e50d42ca231f7e5a88ac0fe1a6 |
| SHA256 | 5880e7b980437e9c8017246a211cd696d8fade8e4e4d062c0d516e527699a74c |
| SHA512 | d9616046208a646cc0a066a918a3c4e6fb4094560806927aa5158dc4f23248e4b2558de36324e57669d4a047e32a3ef3eba4516fd4345ec784080bb0f9a0b0ce |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | ed11b5df926152ef4b23b396b3718ef9 |
| SHA1 | 31a9d64b246357c42649ce41296eeab54b9f9dde |
| SHA256 | 848da1a9c3350dd7272c181fe09d881c6c3351fc5352932762eb49358ad274d2 |
| SHA512 | b3b7ffbab748cf04f3007c2c4abe912673247ac52afde19d3d5fb804c1874e3ff49ea792a8a0d290fa093b14e0f59510bfa87d6e285d647f4225177542f497ad |
C:\Program Files (x86)\Steam\userdata\1456296740\config\librarycache\688420.json
| MD5 | d9473f809641fc70222b2665f45d9e73 |
| SHA1 | db268c895bda2d4c89fdc54b606dfc5ab1684b92 |
| SHA256 | dcce5d06ffad0d920b60cd1cb81f76c9713a3f866121e9093c23cd03a6496637 |
| SHA512 | 947183f211ec0eabaac7db127ebf234dd2aab5745f923ce547e52a278c88918af569df4f9284ec57bd97f6168167de86a06ff481744d98fe94b59f4878d1fde5 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Dictionaries\en-US-10-1.bdic
| MD5 | 4604e676a0a7d18770853919e24ec465 |
| SHA1 | 415ef3b2ca0851e00ebaf0d6c9f6213c561ac98f |
| SHA256 | a075b01d9b015c616511a9e87da77da3d9881621db32f584e4606ddabf1c1100 |
| SHA512 | 3d89c21f20772a8bebdb70b29c42fca2f6bffcda49dff9d5644f3f3910b7c710a5c20154a7af5134c9c7a8624a1251b5e56ced9351d87463f31bed8188eb0774 |
C:\Program Files (x86)\Steam\userdata\1456296740\7\remote\sharedconfig.vdf
| MD5 | aada85cdcd04887e485be841170b7522 |
| SHA1 | 5c310791114ba636768e172a84833a6d4a14eba2 |
| SHA256 | 742d0d11e06ac06886f1930bd70c45fa72131b7a87b37dd709d8f2c6677dd964 |
| SHA512 | 60f55fcdd829d43e57ad3c7a1822d78cf76dc2173770fdf20a1799f04cd1ebe0c5f4667246c0b81eb191f36185959ff486677108b55effec3b8e5ad11f6c6656 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Bad North.url
| MD5 | 1b42847d25b84f129d856eff6393a936 |
| SHA1 | d0de07ed021ed652135f3ef0808a4a62fc0920b3 |
| SHA256 | dac69de2df80f4d7220f75c395144da6142c70d1a6dffc1ee87decc9807fac54 |
| SHA512 | 1bcd116de487ad710929734555dc663fde0a0374eabaf276e23a2496cf21d5874704beaf8173a3fcb13ace281670817d26b0ce42d037b0d5015f88279200608c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | f7313f71be41729924ce6d216a88d198 |
| SHA1 | 8a130d70959bc565fb7919d20900eed1c95c7a73 |
| SHA256 | 59b3ae8d4cb68b5031351967b35a09a03f57910fcfc70b2b7a5277d77bad9fee |
| SHA512 | e908149b7edabedbff7b5ba48625dd83b35af0df271692997a9cc47e4edaf5ed0f0df5644633d38e39d8a09752f22a9fe78182b9f2f3281c87918e449fe56477 |
C:\Program Files (x86)\Steam\steamapps\appmanifest_688420.acf
| MD5 | a4a6ad02fbe2e952c61c9b6d71cbc330 |
| SHA1 | a018d34d27aeb2a65c6aaac2722a8971b3d5bf8e |
| SHA256 | ac9917514ac4a66be10b87f72a719244b79db908d944ca3384935e2feed5624b |
| SHA512 | 19b9b084950492b5b2b0f4a9de93b81883067741594870c0bd41f79a4e3da2f7e4b7f8b0f9d4926864b5280a2d5d4f2be7c706f1da8f10139108b7e4ec9b897e |
C:\Program Files (x86)\Steam\steamapps\appmanifest_688420.acf~RFe6dce13.TMP
| MD5 | 4ee00b92a988689d068a9de027aa940a |
| SHA1 | f335a4ee12b19fbfb1f0eb4bc3bd83f608c0a761 |
| SHA256 | 6a732ab1d000a493d38d0af08d2c94d5e29ba6e233981554716723241f235dc5 |
| SHA512 | c514ea7c6f61bc78f11e5c0c157e4fca74307f54869f5fb9e73822a24f505b9d4c5256abbb350f2206becb7f33fe3c8f19a4a43cf12ec8199bf5be54110fa8ff |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 660f466b11a0e54d3ee5d13e29f90513 |
| SHA1 | 2d6e2d6400f1d806f541c6201f75e69d45d420a9 |
| SHA256 | dc4e1bc21a64c681cd25243287429b0dd0ff4d9b8a4d43c36dd2bb504164ae90 |
| SHA512 | 4854d7748e894e4e84b32ea3c64b7b696ad6c1b138cdd9c96da14630241da0b2a15dca8ecbc6f04ee8a28c29af7b674ba2e930b4e9d1a45bdfa5226dd55579d5 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | fddce3543384a63feeef129d93051a85 |
| SHA1 | 60d5553a81579fd2d1ec9bc747e922082433dd78 |
| SHA256 | fe9d4eed32d1dbf9987d44e8644ccf353d2da61c1dc243f4f0fcbd1abefa2245 |
| SHA512 | e20e24090fd7f26992113528384f251e04d30c9db38272171d4e561866095217cfc63b0cbb9b67dfeb7fe1bd7174146b89eb1813a0337a106c054b7d4d22cc63 |
C:\Program Files (x86)\Steam\appcache\appinfo.vdf~RFe6e01f4.TMP
| MD5 | f824adb32584deed41943ed855963532 |
| SHA1 | efdb3f474ac5017943940ee6452ba39b797831e6 |
| SHA256 | f419764df41b84fbeafbaa150cb08612da5aa53e8130cdf05deff91f6d627f45 |
| SHA512 | afc94432ff598e9e0a2d8719f48dddc1b659af08ad40a595622cf86167ca7bcfc4ee6bdb74689729564bdb275672408d737927cee702e349fc4e662c084ff0df |
C:\Program Files (x86)\Steam\appcache\appinfo.vdf
| MD5 | 9b3e19a712f99026c60ceb972fbc52cc |
| SHA1 | 62d047cd5c487d7f1ed9069e77cbc996956ac84d |
| SHA256 | 2379f965ad863b13d368ee2806005bf31789ebef7b9ae729eabbb353e762517c |
| SHA512 | bc8d5ee86723dcd6c47b50ab6c669ed7475db723151a37a12f146be1f732c897671767063822338989bd23f7920f0a90e6cdd145fcbfd04fd45994fd9b1f73ca |
C:\Program Files (x86)\Steam\appcache\librarycache\1245040_icon.jpg
| MD5 | 7ecdaf8a54ec52b20640a88527512903 |
| SHA1 | 3133a4d748ad3be61fe9db759339cd5de73339b5 |
| SHA256 | 7bd8b75aec0a4d4a377f3ca3a023fd8b7c5fc7dc6a2a66d17f8cdfe5b731ab0c |
| SHA512 | 60ae2031eed0c38264f0d8db22a9b6efeb3f80c791e916e15a1730853162d56e0da014dbd93a5479bae4f3bdd5705ca89be70c90574a524abd1c276ed5c55a2d |
C:\Program Files (x86)\Steam\steamapps\appmanifest_688420.acf
| MD5 | b6cad3c00a62a378db8d658f785c9ecf |
| SHA1 | 58a547165d7a3da05ef6d6fe5ca9db44180a5611 |
| SHA256 | 7a888e1d36b59f09fdaf8e5b0a916c467d80d79b715ac86e5dedbfaf336bb5ce |
| SHA512 | 721b97ec51588f49768dd467626b6c3c7c8fbe137c9e6ce08b9413171fb12ad4d0619260044bd4b14ad4b815e07bc34d8e5c15d42aec2b5f02b4db7977f52b8f |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | c4c2b35b7e1ef48bd586523e9b94a20b |
| SHA1 | 6c7c10578b95c75a3493b4f8dc00e394782f5f26 |
| SHA256 | 218158edaf2ed1e41fc29232fd544bf016b538d121316633f4382304e06a51cf |
| SHA512 | d82b909fdbc8112b73524e43381085eda37cae343876dcd704fa2ce1ee06e04b754050ac8b3988c9e70de7c69e7f90357b0a11e9634b9e4b28c823ce0f229fca |
C:\Program Files (x86)\Steam\steamapps\libraryfolders.vdf
| MD5 | bc19c5922509833f316119facb8541e8 |
| SHA1 | bd9db2500991b78fafc43a815573a9c687a2e34e |
| SHA256 | 3162c53c21bb2a166a6c0b253c2fe3e774cc2c699de1a87e7b834d7d2c046ddd |
| SHA512 | 50ad19c5f38ce581a6edf8940808e74655067d5fb8c6a4d2b9e25f31140f411557c9bd410cd45331a41402136977493e4f0a28c1dd241233d4ea1e5f3efddc4d |
C:\Program Files (x86)\Steam\steamapps\libraryfolders.vdf
| MD5 | b379216b7c28765e41b0a03a27d989b4 |
| SHA1 | 86973d50043fbaebe7db60454747de4f297a618a |
| SHA256 | 5ee47b0b11db11544e188df34f4cb712dac7d1c03bf3740826f55b6790684dda |
| SHA512 | 2c89b86095e512e517bfc09903e9f4da911d91403b0bad98a86fdfa11bd176c78449db1ce98aa5992d0c6a28cbc9f0021d2c6f31f59e5dfba1b723badd8a9794 |
C:\Program Files (x86)\Steam\steamapps\appmanifest_688420.acf
| MD5 | 89b5448809662e2036dace3d40b4c371 |
| SHA1 | 2e098729e3d2acaf52beef8ff664d6df5978f5b3 |
| SHA256 | 26fd6774bd7c80d03641da484619bc6d7bc762ba0148fe09ecbb2c86603a14b7 |
| SHA512 | aed5e535d1ee9f9bf17bf4271e29a78391b870f7a598a39c5ea224338847bd595963268bc2f2af0c488abbe7322efe9adb8e7ee72643cb53f277b21573f87a4a |
C:\Program Files (x86)\Steam\steamapps\common\BadNorth\BadNorth.exe
| MD5 | da66e56b44086d618b1ae2116dba6c31 |
| SHA1 | d33b1ad42606783d520d334240e3fd0dcb48883e |
| SHA256 | 65f364d3851411cf15d158141ec3feb890abd9cb605e4d1bd364be9f5fafc8a7 |
| SHA512 | 7e7e814a07b6183527d893e09b0d40f9fe299ca57dcd80f0ebd43adf95620f69e0cff8afd915d10e35370da904cb685f0f55d3aeef3b7b3019920b923c90e1cb |
C:\Program Files (x86)\Steam\userdata\1456296740\688420\remote\campaign - 0.checkpoint
| MD5 | 6803b1304217c1e5b83b8bc9dc8a070e |
| SHA1 | b840ea4c7e2dcb69642fb9cdf24206d11f2cebb5 |
| SHA256 | 8f9ac88f0c0f20a9e7fe41d8f14e25b9e744bbda8196987b4c388c0d6f0e04bc |
| SHA512 | a850c0cf998822f0e22b15270fdb06606d6fac026ef151efb3e1b696c3ff06c3b0a6fd2e80fa650dbbd5327ba59fdd2d8f43f72f1548542657f42506bb8adda3 |
C:\Program Files (x86)\Steam\userdata\1456296740\688420\remote\user
| MD5 | 15ade915f0a67873d8686c37fc7375cf |
| SHA1 | fb6e7c4478fa7654ba003f926d10886f62c30cac |
| SHA256 | ddaef90e0db7237b07e39e02342669d031f47fc2cae8564c68617129bbac9a38 |
| SHA512 | ff642bd4824441bbd91e07110c69d2ba9c55c0aea76b1dccd65e81f716802f82564ec1d5a7b43bba9a64bf588fa12aad076dc58cbb70bd93e22221ee0ad6a2c1 |
C:\Program Files (x86)\Steam\userdata\1456296740\688420\remote\campaign - 0.meta
| MD5 | 570c115f624673bd0b25e747cdf4a3e3 |
| SHA1 | 3448690b445af130bca4acb0025826f42500ecc9 |
| SHA256 | 2508cce6ddb0f26f31f6499aba8a3a24e1cd2abb0cd653f1fc276a299defb016 |
| SHA512 | dbcf3259399050ca958171bd8ed664c2108e383abd9fe65bc47e99ebb6ed0ae2e277a6da87442c4b1b02e58b4029d917d51fe164db4ab4f79cdc7864df7f2595 |
C:\Program Files (x86)\Steam\userdata\1456296740\688420\remote\campaign - 0
| MD5 | 22fddfe8280a94c17a150a3c07af43bd |
| SHA1 | b23cf0ea6f5d2e7f5fe6781cf2b21ab50dbd2941 |
| SHA256 | c39b8f85c5c03afd7dec66b0aacbc87b20e3baa6a9f3d0f2ea45da6f35b4a72d |
| SHA512 | 53a85be559f720afa2c04fb6e219eadd9cd073ca1951a6324beb85714d906d785e8a392db5ef38841b3daf282c2b0763524d8fca5c9cccac75430a8aaf46116d |
C:\Program Files (x86)\Steam\steamapps\common\BadNorth\UnityCrashHandler32.exe
| MD5 | d62afb263e4ca1f52d54493f383555b8 |
| SHA1 | c7b5ee97ce731431585fa9f57eeb3b4fa9e2b8e9 |
| SHA256 | a5a5cbfeb70c9496df6c5858215a79c2700f4d5abdf07a0be0423683f20ddce2 |
| SHA512 | 45a2bb1eca870034a030254e914e0a7fc73539de9d667c1aae240aea8d09669085740f86a55f62ad0e857259322cb20945b015cb10df2cf99b5aeb8c2e022a0f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | a0db3d6cac093747dab5c341a4dbe4a1 |
| SHA1 | ba45d9cd870445a820376b10337a25d2037eef38 |
| SHA256 | ecadafe76bb565befd07345150d35f9fa7105ac9b7d04f8af0bfd6d0e8193cc8 |
| SHA512 | 4877146d00f0efc11e9b41be14e414570f50a6691a7f6f7f6a16efdaebba2e54e334eb26479699f4089eb9744377a25b9e005b459a138ec456e300784415ed14 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 9c50803f837eb3c13f3909526598dc51 |
| SHA1 | d6fe7e4fbbb305ed5067f22f6116ec05294003d0 |
| SHA256 | 0a07bfddb77a721882636597c7f13bb799397534b9e8a074e5c69dc3f3ed2daa |
| SHA512 | c08f3d612d049f6e7607ff4f6964418a83068556ab3cc736e6bd6a32e795bb2da2622ce840a7dcb62568990cc04eaefcd4f7f61596ee056f9d55609f0dd3b0ce |
C:\Users\Admin\Videos\Captures\desktop.ini
| MD5 | b0d27eaec71f1cd73b015f5ceeb15f9d |
| SHA1 | 62264f8b5c2f5034a1e4143df6e8c787165fbc2f |
| SHA256 | 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2 |
| SHA512 | 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c |
C:\Program Files (x86)\Steam\steamapps\appmanifest_688420.acf
| MD5 | 405ed983ab2a28915739eb58e0a103ef |
| SHA1 | 4fe66b9c662b3fcc62eb529e6f8005684440189c |
| SHA256 | 777d802fb1c58e315e287ef29c94dbc3fcbfd181cf85401cf1bd100e33a567cb |
| SHA512 | 43cdbe6726005303d8dc6f7310b244b51c7e475f1ccb5f7e2fa2c77dd6ffd9c7248e0425b3b5a754f0af1bcc94cc9519286276f40629a48b170425a40c0dd07f |
C:\Program Files (x86)\Steam\steamapps\appmanifest_688420.acf
| MD5 | b61e497f8375a2b5dc63b78aa30b6e38 |
| SHA1 | 338660236f90992c8ae668f185bce2af3d3189f1 |
| SHA256 | fe39e691f6aa5f540b55c15e680bef1b8a1874eb9cbd719d827b5af35571f3cb |
| SHA512 | 5f0f68995a59bbd89afb4d3a3af2848f3682ecdfcf35db0d20d14d191aff706a243c70438f85241cbedffb0158e65d58af69b2d477ef74467bdd97e49886d065 |
C:\Program Files (x86)\Steam\userdata\1456296740\688420\remote\user
| MD5 | 8dc9f6ce66aaa24b2a76bc62b45ab3fc |
| SHA1 | 6430803998780ec30f3f5a8c28a75344962f67ca |
| SHA256 | 3f9d00d4c8d883dfd446e9abea55e346e0305e7ffdcc1420e9409031acc78d07 |
| SHA512 | b18571f908d9ab3e5cebf6cacc8c1e74ab09208dff3751d76696e956addc1bd049fb1f1e16d01f2ea916af1bd7b99c17900d6d080e4d9209d66cbe61dd6f0609 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 58f3e4c726d45580f61d30b0bd6d8c28 |
| SHA1 | e2700a142e093480b6746e8899c9f5f7aff849a5 |
| SHA256 | 4b4bc0d8e8e57b2cde24150a8d2606d1d1f33cc00d70a15530c014865cac0614 |
| SHA512 | 569e251b84348823fefba116c2a5bfd92dea61aaab2d18fc9fe39b53e83cf7316f0d1338303cba3aa2d57149cbd3934a4f25014593649986d834f2437b351e6b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 2150b6d41ec2c4a9fc0a871324bb03c0 |
| SHA1 | e841954cc97c0e236fe97a8f458ec9aebc9a76d0 |
| SHA256 | 372c01151fe1e9220fb327a3082ca8ec5677c4cd654dd9ef0d1da762e235b871 |
| SHA512 | b96b0e3fb0a8f2420a6c17bf227d471ac90c4ff940eadb4520d994c3ebf2bd73156998ca3a067b410db3ea3f64c7736cd0c1d223ec989a3c8eaadba2b64a5189 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 2d526be0f1bd67f96914ec5033ad4c58 |
| SHA1 | f6dce0babe7b79781c5ec279785b78ed2be27d11 |
| SHA256 | 9e3ced8ed3ad261555d68529deff6d1b6460f236a334be4de424fcfae0b4a14d |
| SHA512 | 12eb0acff660bcf45d13b120bb657b94a3398fd17f09db809efcad53b79647f6e16674c1959fea7add98a9f0bcc233caf5723bbdfed94547171a4e53ed82c746 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | c2935df6095a179e6944136870ed41b4 |
| SHA1 | aa4fb853c323d75b41ffc0dfb2d9be32a083dc26 |
| SHA256 | 5ea0ecfd7cc65931f90897b8d7fed4d739c93d9b14845bad7154ae1548fc78e3 |
| SHA512 | 4b3325c5412b4964376773fc93361bcd0f1b90a59a49649c4c0f97a08990b19a19511043c3d99f69b241dfe9388e8958930ac64a5ebfa58b446a47be23ba6406 |
C:\Program Files (x86)\Steam\userdata\1456296740\688420\remote\campaign - 0
| MD5 | c7e1ccecfe2235f70645e797de0eeec7 |
| SHA1 | 756d30f9a765ee4500f0f894015eade09c927a74 |
| SHA256 | 42ec0ef2b6a799366826180dc2b0b1fd7a81b6f3a44eb4e39a0e5c2dd6a86631 |
| SHA512 | 0637ef3638f01d582256b4e4bd221f2fd700baa9bc85ec21036db7d7967ad7f8194f84658773e748bccdd1911b9a39c76c1fee52461e48a7f7b450d5814bfeef |
C:\Program Files (x86)\Steam\userdata\1456296740\688420\remote\campaign - 0.meta
| MD5 | caf3fbbbbfff0cb58e9e9d0c1ce7758b |
| SHA1 | 881b96e08bb53bc13f1c55f94329d863f672da76 |
| SHA256 | 12801a804e6982c18610a6168bba663daa60e0ccc82f9ddab98fb7b68dbab450 |
| SHA512 | cdff4ca113aed6b03f681fca0c8136dc3a9790d46593b7fc95af1e43722fddff38d55863ebd819d194bcc7030a63d9013a5980bcffe814b983b834fa94925750 |
C:\Program Files (x86)\Steam\userdata\1456296740\688420\remote\user
| MD5 | 8658c9f6d2a619679f6e47ac5ffe2ccd |
| SHA1 | 9a8ff5b70a37c0d3c737f4adf6ef71e662440533 |
| SHA256 | 4afa2716f0323f055c536b4697d8d1a21d55d34caf083a7f52d956ccc8654d25 |
| SHA512 | 66729d26fb2772eb80a1b699c43548f4948fbe3f27edbc927fdb036870b3394b14ed5281da60c41bf95fb9175cebbed1de35d36e981cc17da4c1fe5982fc88e3 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 2b5695ea6a959f62a564fa57d697f5d0 |
| SHA1 | 614da8ef46bcc61b39f880733f3e4057b58fb4a5 |
| SHA256 | 28ba977593f11d4ea6b19929278c185c731e58f385aeaa052817bf97012ecdc9 |
| SHA512 | 3e455cf865fe06569d8151fd8f6d38009cd07cb857204a9c5529d76ff0b87c6059058953a23d1107819118dc0609946e6db2e6bddb115df9f6ea1b91f3fc3416 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 4a8d7711579682bcb776b43419b00dcf |
| SHA1 | 9c40b901ec59df024219200abe4cc616576e6c44 |
| SHA256 | 59dea21b2679c2b400dbfe67e5c39feac8163c8099d92ce631e0a24af406c0e4 |
| SHA512 | ea9f72b8fba787d768ad3e779c7e690c88ae4b7d260557efb140defdba1eb778c89336105cd4e8a6ff21eeea48ac87b0ec382359c8faecef3a87e9030cd5583a |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | ca6f039fad40018b46f826c2ebda950b |
| SHA1 | 0f4a8987aee09035760663f52d7a8c540cb8049e |
| SHA256 | 412da29a6d049dcf7817f846b293986f0d9fa160f369aa1e9c0753cd47f211ad |
| SHA512 | 62090ad512ef71f46612480334703d4955944c1a2e96c48ff4a90c207e878771318a30c33dd9913e78b82d6f44941fe018b69661d397e2130ef59914862595d4 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d356105fac5527ef.customDestinations-ms
| MD5 | 126058c12b01c87c99acd11359163476 |
| SHA1 | 8ee6132c4d035028625a099f44a8cdeb6de90a28 |
| SHA256 | 4df4339179ebe711970d85362a4c72db2172fdcbfcb3616b65cd52a084aa1e9f |
| SHA512 | 17e0104627470361b7043e50840c009286b9de360aafe1edb9132ad841a4596cd11fd5b97cd6ca55a0d19fd8689d5006897d49d5aaf770f14692d30276ee832d |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | dc92ee9f799ffbedee2ae177cec256c1 |
| SHA1 | 324ec7fc76013ec99777f0c256a4d3d982242b72 |
| SHA256 | 928589e692dba6b95bba514a2a9f0d54509aad200fef495ab455d4e08e25d539 |
| SHA512 | 0cb872c4a278abf60a505774c7fd5af326c8c669460f884b7599078d8afb8551e95a20062f5bbe216587bda565a730152bfb9564b8ebd6084761d083e880cec7 |
C:\Users\Admin\AppData\LocalLow\Plausible Concept\Bad North\Unity\local.36cf57ce5dd8e0846b0c782a42957d05\Analytics\ArchivedEvents\173108877500003.a768aab9\s
| MD5 | a331f2ce8fb3b655cd9dfdde10c2346d |
| SHA1 | 15fc2e7e234ad6bcb911e8829ce6a9dfef66812b |
| SHA256 | 790d587b4d8308a25676f23aff9a94a4d2940a1533bfa1bf7e2cee00ac0cc093 |
| SHA512 | 50c5861809193b83e9feebce1c8fdb1461043e866b177c5b0cd08eadbbb1800a9c22bafba80cc9773d40e2209469cd4d04674d12b95d4b66ce8046ee8f9180f9 |
C:\Users\Admin\AppData\LocalLow\Plausible Concept\Bad North\Unity\local.36cf57ce5dd8e0846b0c782a42957d05\Analytics\ArchivedEvents\173108877500003.a768aab9\g
| MD5 | c81e728d9d4c2f636f067f89cc14862c |
| SHA1 | da4b9237bacccdf19c0760cab7aec4a8359010b0 |
| SHA256 | d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35 |
| SHA512 | 40b244112641dd78dd4f93b6c9190dd46e0099194d5a44257b7efad6ef9ff4683da1eda0244448cb343aa688f5d3efd7314dafe580ac0bcbf115aeca9e8dc114 |
C:\Users\Admin\AppData\LocalLow\Plausible Concept\Bad North\Unity\local.36cf57ce5dd8e0846b0c782a42957d05\Analytics\ArchivedEvents\173108907500004.a768aab9\c
| MD5 | c4ca4238a0b923820dcc509a6f75849b |
| SHA1 | 356a192b7913b04c54574d18c28d46e6395428ab |
| SHA256 | 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b |
| SHA512 | 4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a |