Analysis Overview
SHA256
666159e57072712f02162cec6e81db7b4788a85b0729254a42429da1bed160b5
Threat Level: Likely benign
The file Kiwi X External.rar was found to be: Likely benign.
Malicious Activity Summary
Command and Scripting Interpreter: JavaScript
Browser Information Discovery
Unsigned PE
System Location Discovery: System Language Discovery
System Time Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 22:00
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral7
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:04
Platform
win10v2004-20241007-en
Max time kernel
142s
Max time network
157s
Command Line
Signatures
Processes
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\Properties\Settings.Designer.vbs"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral8
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
146s
Max time network
154s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\RequirementsManager.js"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral14
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:04
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
157s
Command Line
Signatures
System Time Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\rundll32.exe | N/A |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\runtimes\win-arm64\native\onnxruntime.dll",#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.208.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.65.42.20.in-addr.arpa | udp |
Files
Analysis: behavioral18
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
146s
Max time network
153s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\apphost.exe
"C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\apphost.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.16.208.104.in-addr.arpa | udp |
Files
Analysis: behavioral22
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
141s
Max time network
153s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\apphost.exe
"C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\apphost.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
Files
Analysis: behavioral24
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
155s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756633163051746" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3756129449-3121373848-4276368241-1000\{EFC404BF-7656-43CD-B718-9558ACDEB17D} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\refint\Kiwi X External.exe
"C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\refint\Kiwi X External.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffa4876cc40,0x7ffa4876cc4c,0x7ffa4876cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1840,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1832 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2176,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2320 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2220,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2528 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3148,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3172 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3320,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3716,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4540 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4692,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4676 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4816,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4828 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4980,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4956 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5076,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5048 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5048,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5052 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5176,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5028 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5436,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5164 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5472,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5320 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5152,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5448 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5552,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5492 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4496,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4052 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4056,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3436 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5356,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5464,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5216 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5280,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5392 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3584,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5364 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5428,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5680 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5632,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3368 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5808,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5616 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6092,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6096 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6220,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6232 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=4476,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6432 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=5624,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5636 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6368,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6292,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6284,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5980 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6540,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6496 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6784,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6520 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6528,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6532 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6488,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6696 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=6912,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6936 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7096,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7116 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7436,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7400 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=7704,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7716 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6552,i,5269755378067324999,2022238694932333325,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7076 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 100.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | clients2.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.202:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.212.202:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.redditinc.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 199.60.103.228:443 | www.redditinc.com | tcp |
| US | 8.8.8.8:53 | redditinc.com | udp |
| US | 199.60.103.41:443 | redditinc.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 142.250.187.202:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.redditstatic.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 151.101.65.140:443 | www.redditstatic.com | tcp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.103.60.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.103.60.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.65.101.151.in-addr.arpa | udp |
| US | 151.101.193.140:443 | www.redditstatic.com | tcp |
| US | 151.101.193.140:443 | www.redditstatic.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 140.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 142.250.200.35:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 173.194.78.94:443 | id.google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.78.194.173.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | translate.google.co.uk | udp |
| GB | 142.250.200.3:443 | translate.google.co.uk | tcp |
| GB | 142.250.200.3:443 | translate.google.co.uk | tcp |
| US | 8.8.8.8:53 | consent.google.co.uk | udp |
| GB | 216.58.201.110:443 | consent.google.co.uk | tcp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| GB | 216.58.201.110:443 | consent.google.co.uk | udp |
| GB | 142.250.200.3:443 | translate.google.co.uk | udp |
| GB | 142.250.200.35:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| GB | 142.250.187.202:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.212.202:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | consent.google.co.uk | tcp |
| GB | 216.58.212.202:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.187.195:443 | www.google.co.uk | tcp |
| GB | 142.250.187.195:443 | www.google.co.uk | udp |
| GB | 142.250.200.35:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | reddit-com.translate.goog | udp |
| GB | 172.217.169.65:443 | reddit-com.translate.goog | tcp |
| GB | 172.217.169.65:443 | reddit-com.translate.goog | udp |
| US | 8.8.8.8:53 | www-reddit-com.translate.goog | udp |
| GB | 216.58.201.97:443 | www-reddit-com.translate.goog | tcp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.redditstatic.com | udp |
| US | 151.101.65.140:443 | www.redditstatic.com | tcp |
| US | 8.8.8.8:53 | lens.google.com | udp |
| US | 151.101.65.140:443 | www.redditstatic.com | tcp |
| US | 151.101.65.140:443 | www.redditstatic.com | tcp |
| US | 151.101.65.140:443 | www.redditstatic.com | tcp |
| US | 151.101.65.140:443 | www.redditstatic.com | tcp |
| US | 151.101.65.140:443 | www.redditstatic.com | tcp |
| US | 151.101.65.140:443 | www.redditstatic.com | tcp |
| US | 151.101.65.140:443 | www.redditstatic.com | tcp |
| US | 8.8.8.8:53 | external-preview.redd.it | udp |
| GB | 142.250.178.14:443 | translate.google.com | tcp |
| GB | 142.250.200.14:443 | lens.google.com | tcp |
| US | 151.101.129.140:443 | external-preview.redd.it | tcp |
| US | 8.8.8.8:53 | preview-redd-it.translate.goog | udp |
| GB | 142.250.178.14:443 | translate.google.com | udp |
| GB | 142.250.178.14:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 8.8.8.8:53 | 97.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.129.101.151.in-addr.arpa | udp |
| US | 151.101.1.140:443 | www.reddit.com | tcp |
| US | 151.101.1.140:443 | www.reddit.com | tcp |
| US | 8.8.8.8:53 | w3-reporting.reddit.com | udp |
| US | 8.8.8.8:53 | styles.redditmedia.com | udp |
| US | 8.8.8.8:53 | b.thumbs.redditmedia.com | udp |
| US | 8.8.8.8:53 | a.thumbs.redditmedia.com | udp |
| US | 8.8.8.8:53 | preview.redd.it | udp |
| GB | 216.58.201.97:443 | preview-redd-it.translate.goog | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 151.101.1.140:443 | preview.redd.it | tcp |
| US | 151.101.1.140:443 | preview.redd.it | tcp |
| US | 151.101.129.140:443 | preview.redd.it | tcp |
| US | 151.101.193.140:443 | preview.redd.it | tcp |
| US | 151.101.193.140:443 | preview.redd.it | tcp |
| US | 151.101.193.140:443 | preview.redd.it | tcp |
| US | 151.101.193.140:443 | preview.redd.it | tcp |
| US | 151.101.193.140:443 | preview.redd.it | tcp |
| US | 151.101.193.140:443 | preview.redd.it | tcp |
| US | 151.101.65.140:443 | preview.redd.it | tcp |
| US | 151.101.65.140:443 | preview.redd.it | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | alb.reddit.com | udp |
| US | 8.8.8.8:53 | p.placed.com | udp |
| US | 8.8.8.8:53 | external--preview-redd-it.translate.goog | udp |
| GB | 216.58.213.10:443 | translate.googleapis.com | tcp |
| GB | 142.250.187.202:443 | ogads-pa.googleapis.com | tcp |
| GB | 142.250.179.225:443 | external--preview-redd-it.translate.goog | tcp |
| GB | 142.250.179.225:443 | external--preview-redd-it.translate.goog | tcp |
| GB | 142.250.179.225:443 | external--preview-redd-it.translate.goog | tcp |
| GB | 142.250.179.225:443 | external--preview-redd-it.translate.goog | tcp |
| GB | 142.250.179.225:443 | external--preview-redd-it.translate.goog | tcp |
| GB | 142.250.179.225:443 | external--preview-redd-it.translate.goog | tcp |
| US | 151.101.194.132:443 | p.placed.com | tcp |
| GB | 142.250.187.202:443 | ogads-pa.googleapis.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | error-tracking.reddit.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | tapestry.tapad.com | udp |
| US | 34.111.113.62:443 | tapestry.tapad.com | tcp |
| US | 8.8.8.8:53 | 140.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 84.69.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | lens.google.com | tcp |
| GB | 216.58.213.10:443 | translate-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | lens.google.com | udp |
| US | 173.194.78.94:443 | id.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.178.14:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | emoji.redditmedia.com | udp |
| GB | 142.250.178.14:443 | translate.google.com | udp |
| GB | 142.250.187.202:443 | translate-pa.googleapis.com | tcp |
| GB | 142.250.178.14:443 | translate.google.com | udp |
| GB | 216.58.201.97:443 | preview-redd-it.translate.goog | udp |
| GB | 142.250.200.14:443 | lens.google.com | udp |
| GB | 142.250.178.14:443 | translate.google.com | udp |
| GB | 142.250.200.14:443 | lens.google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.200.14:443 | google.com | tcp |
| US | 8.8.8.8:53 | w3-reporting-nel.reddit.com | udp |
| US | 151.101.193.140:443 | w3-reporting-nel.reddit.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c32.gcp.gvt2.com | udp |
| HK | 35.215.129.230:443 | e2c32.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 230.129.215.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 172.217.169.35:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 35.169.217.172.in-addr.arpa | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www-mediafire-com.translate.goog | udp |
| GB | 142.250.200.1:443 | www-mediafire-com.translate.goog | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| GB | 142.250.178.14:443 | translate.google.com | tcp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| GB | 142.250.178.14:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| GB | 142.250.178.14:443 | translate.google.com | tcp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| NL | 18.239.18.40:443 | cdn.amplitude.com | tcp |
| US | 104.17.150.117:443 | static.mediafire.com | tcp |
| US | 104.17.150.117:443 | static.mediafire.com | tcp |
| US | 104.17.150.117:443 | static.mediafire.com | tcp |
| US | 104.17.150.117:443 | static.mediafire.com | tcp |
| US | 104.17.150.117:443 | static.mediafire.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.17.151.117:443 | static.mediafire.com | tcp |
| US | 104.17.151.117:443 | static.mediafire.com | tcp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.63.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.18.239.18.in-addr.arpa | udp |
| GB | 142.250.200.1:443 | www-mediafire-com.translate.goog | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.19.208.227:443 | cdn.otnolatrnup.com | tcp |
| GB | 216.58.213.10:443 | translate-pa.googleapis.com | tcp |
| GB | 216.58.213.10:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| GB | 142.250.187.202:443 | translate-pa.googleapis.com | tcp |
| US | 104.17.151.117:443 | static.mediafire.com | udp |
| GB | 142.250.187.202:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 52.35.123.92:443 | api.amplitude.com | tcp |
| GB | 142.250.200.42:443 | translate-pa.googleapis.com | tcp |
| GB | 142.250.200.42:443 | translate-pa.googleapis.com | tcp |
| US | 104.17.151.117:443 | static.mediafire.com | udp |
| GB | 142.250.187.202:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| IE | 52.31.95.82:443 | ad.crwdcntrl.net | tcp |
| IE | 52.30.238.153:443 | ad.crwdcntrl.net | tcp |
| NL | 18.239.18.33:443 | tags.crwdcntrl.net | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | 117.150.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.151.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.208.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.187.37.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.123.35.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.95.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.238.30.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.18.239.18.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | google.com | tcp |
| US | 104.17.151.117:443 | static.mediafire.com | tcp |
| US | 104.17.151.117:443 | static.mediafire.com | tcp |
| GB | 216.58.213.10:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.17.151.117:443 | static.mediafire.com | udp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| GB | 142.250.178.14:443 | translate.google.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| NL | 18.239.18.40:443 | cdn.amplitude.com | tcp |
| US | 104.19.208.227:443 | otnolatrnup.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| GB | 142.250.187.202:443 | translate-pa.googleapis.com | tcp |
| US | 104.26.3.173:443 | www.mediafiredls.com | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| GB | 216.58.213.10:443 | translate-pa.googleapis.com | tcp |
| US | 52.35.123.92:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.3.26.104.in-addr.arpa | udp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| US | 172.67.142.121:443 | g.ezodn.com | udp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| NL | 18.239.18.33:443 | tags.crwdcntrl.net | tcp |
| GB | 142.250.200.42:443 | translate-pa.googleapis.com | tcp |
| US | 172.67.142.121:443 | bshr.ezodn.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.202:443 | translate-pa.googleapis.com | udp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 18.165.154.87:443 | cdn.prod.uidapi.com | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| IE | 52.30.238.153:443 | id.crwdcntrl.net | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| DE | 162.19.138.119:443 | id5-sync.com | tcp |
| NL | 79.127.227.46:443 | id.a-mx.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| GB | 87.248.114.12:443 | ups.analytics.yahoo.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| BE | 66.102.1.155:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| GB | 216.58.204.66:443 | ep1.adtrafficquality.google | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | google.co.uk | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.154.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.227.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.1.102.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.138.19.162.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.200.3:443 | google.co.uk | tcp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| GB | 216.58.212.225:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| GB | 216.58.212.225:443 | ep2.adtrafficquality.google | tcp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| IE | 52.209.163.31:443 | ads.yieldmo.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| NL | 18.239.50.87:443 | hb.yellowblue.io | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| FR | 163.5.194.36:443 | prebid.a-mo.net | tcp |
| IE | 3.251.12.140:443 | ap.lijit.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | download2336.mediafire.com | udp |
| US | 199.91.155.77:443 | download2336.mediafire.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 199.91.155.77:443 | download2336.mediafire.com | tcp |
| US | 104.18.159.164:443 | otnolatrnup.com | tcp |
| US | 104.18.159.164:443 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | 50c39e4ff535670b959939af411bba35.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 52.211.160.185:443 | ice.360yield.com | tcp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.135.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.163.209.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.50.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.230.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.12.251.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.159.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| GB | 216.58.213.1:443 | 50c39e4ff535670b959939af411bba35.safeframe.googlesyndication.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 104.18.159.164:443 | otnolatrnup.com | udp |
| GB | 216.58.213.10:443 | translate-pa.googleapis.com | udp |
| GB | 216.58.212.225:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| US | 104.18.159.164:80 | otnolatrnup.com | tcp |
| US | 104.18.159.164:80 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | 185.160.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.210.82:443 | ib.adnxs.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 54.230.10.67:443 | woreppercomming.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | www.chancial.com | udp |
| US | 104.21.79.34:443 | www.chancial.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| IE | 52.210.26.144:443 | rtb.gumgum.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 216.58.204.66:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | check.analytics.rlcdn.com | udp |
| US | 8.8.8.8:53 | 82.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.10.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.79.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.26.210.52.in-addr.arpa | udp |
| NL | 13.227.219.49:443 | check.analytics.rlcdn.com | tcp |
| US | 8.8.8.8:53 | dis.eu.criteo.com | udp |
| NL | 178.250.1.9:443 | dis.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | rtd-tm.everesttech.net | udp |
| US | 151.101.66.49:443 | rtd-tm.everesttech.net | tcp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.66.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
Files
memory/1484-0-0x00000245FDEC0000-0x00000245FDEF8000-memory.dmp
memory/1484-1-0x00007FFA48963000-0x00007FFA48965000-memory.dmp
\??\pipe\crashpad_464_AFHSTAHJJDKMPXBL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Temp\scoped_dir464_1591361703\3d7bbacc-3907-4c07-8b92-6def5aa7011b.tmp
| MD5 | da75bb05d10acc967eecaac040d3d733 |
| SHA1 | 95c08e067df713af8992db113f7e9aec84f17181 |
| SHA256 | 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2 |
| SHA512 | 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef |
C:\Users\Admin\AppData\Local\Temp\scoped_dir464_1591361703\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | a14bfc04c204c46578ad2f0cb4a83471 |
| SHA1 | e2d28c4c82fbbd31f61d190246b841f1f774ff65 |
| SHA256 | 40275348189cf542db4139c06744f7fc27468919388d44b51640731cb48a3a66 |
| SHA512 | 2a0657af8a4325d8fb23f6b86c524ff9caf3fb2b7622a54c9b70587f146c93e51b328b95799ebf52801f4d6cf08d4ea44a0787b39fe8a076118626056e579e04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | fdecf87e2f49d92bce4ef4fcef30bf46 |
| SHA1 | 425e79bf454088e560b931813fb8cc4018a09425 |
| SHA256 | a436ee2ee3dbc3c1881d2a714e2ced90a0b9e5722d79cf8ae6352bd8a8caadad |
| SHA512 | 579f5b44bb171e92ca87a76f3be537d156710c50593c0c90c38bfb759c2b3daa05fb9df53c7a0494564332ae50c01f171ccedb56f9cdacb4eeb31065d49245e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9ec6a0872d375624dadcc67a989f9a87 |
| SHA1 | 95437535bb213e014fa5cc33bde06d48b745c583 |
| SHA256 | ddf72e68f9b2166246c655e58a31bde46a8a873eb8c067c32f51b50078a0f158 |
| SHA512 | 9e0d078f89942f898cecc069856f352614e33be23499e3775bbefcccfed348a34c6b3bfa66e318b9cea6fc7aa36d6c7163bf5603667713dccd1630e2ced87cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 494841222d03443b2128247f91f2b7f8 |
| SHA1 | 9d582b8090dceb7f7534950bca92cc98465eea17 |
| SHA256 | 19076f3c72bff41553e718a68d3ebbc85a1566e5901d268699a45c25c99be9a4 |
| SHA512 | acf57a311f990372fd94117a1e98fd7ec59fd51d8034ddae70d5b669e11d1bf1ae2ff8e3cc508ec8884ae1b352a0ffefb0751d58821270c1f0e9e3310819ea1f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 8ad75666213557003aae85ae573d7212 |
| SHA1 | 51dad67657716f681e044576789df439df2c4a39 |
| SHA256 | e2178e49f5a49ff424ecbfb677c410c6741ae32373438beb2d57065aa8d54d8b |
| SHA512 | 45bc22f0981578a75863b806a52f37cd1ec9719e88edaf4fdb247912cdbe8b54071ec3d0c915cb2bbd424667affd3e308b2dbc73e3a7825cd07302db3437b9b9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5758a1d77c8ef8a6a749ba9b6c118ec6 |
| SHA1 | 34aa37b148c45d2ad2e89ed234a25b80a60d79e0 |
| SHA256 | 7e55ec5cde8b19a185c93ceafcd3227a849218fc5e6402b346e51e26aa78b52e |
| SHA512 | 338c84cb36eda1b0d539f38aed536c13a6c5a5e49d37ff34e5b6cbec0dafc9aef3f6d08e42820345357e67782332f49842595ed9f6320de5fe3d33023505feb8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 33103abc33d1fd838405908d0d3e3610 |
| SHA1 | c50bdf72730257a3588d753cef661aba9ef1cd3d |
| SHA256 | 74d883be7eaf9fb2e555f9bb8ddda43a22b56677e5efd352ec51134ba254de41 |
| SHA512 | 8fb0dbd9f4d26e2f9a8f972cdec502689b937fd9d0e5e2abb6f53c9c3e96f1b999bcef8e87b9f65aa68ca3cc2fba4407bb8b75147db65ab3aa664343a9c54249 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 31d02e7a17b4097f71731a7e8d428851 |
| SHA1 | e10929e907d3f539d676873c0d818b39f6d4d988 |
| SHA256 | 23af368bb67c2ef862b9aa960d03c281cecd0ac60972dd8817a961ba38bbf3cd |
| SHA512 | a5f32b4f7a0ce3c3f0a23fb9e71de212c357289f8c013213aa2c4760bd818de97856f7f14d7f60369343e199012148fd88a3bcd3b2a38983251ea8687b24bff7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
| MD5 | 503766d5e5838b4fcadf8c3f72e43605 |
| SHA1 | 6c8b2fa17150d77929b7dc183d8363f12ff81f59 |
| SHA256 | c53b8a39416067f4d70c21be02ca9c84724b1c525d34e7910482b64d8e301cf9 |
| SHA512 | 5ead599ae1410a5c0e09ee73d0fdf8e8a75864ab6ce12f0777b2938fd54df62993767249f5121af97aa629d8f7c5eae182214b6f67117476e1e2b9a72f34e0b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1ad445363d9ee051484a0ef07dc63203 |
| SHA1 | bf115bddd653ec59d31d023aec166dd8a695195c |
| SHA256 | b9b7b6dee35d5de89eef9106aa471516107154de13c97783e6fe6ec38928efe1 |
| SHA512 | 42223c7850af68b5ab7005d235c6e44beeeffb05dc93c99fe81823e6ed5ed3daca5bfd859f3f286163947612f8e250c2d7f5a299f3b3f0da6ca2892f2c4661fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e62c0d30bacbf3135bcabe3d3af14aba |
| SHA1 | 1cde58a5a55e57d6b37ae51a8b290771c98c2769 |
| SHA256 | aecd5e1fafdc3c9f45eb7529acc2062e3581db53a73a2472bfb6964758f295c5 |
| SHA512 | 00ef1b46bfa7029f863e292780f7a23739940955a22d1e4e6aca8bd5c39c8074f7a04cf46b2afc0f60c6bea20588388b20a749ada60a46e8a1d9f865bef26243 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8a0a9d0aa7e82af4549f4e93186753f7 |
| SHA1 | 002bcf6506947328dc7ccb2482402a37c954b1af |
| SHA256 | e27a2d6404938c6a21abc6499806d62166714f4bdd95c3cf2a3180663b8e6e03 |
| SHA512 | f7c0061ebac0cce92aff541a709fcd4344a618eb17c1ec7346f178a38cf3e5842d4ff29e581ec8a871e4e8f94456c3f4687da15731bca7b83074cd788867a3a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 064b1ae2ea681a52d57be45ae043e3d7 |
| SHA1 | d8ed742859c7aaaa2316b8d5034fdf8822ce1b49 |
| SHA256 | fbb427f15de62a0e0c56bb0a576fe31884eb1236f91348be869c5ec6539a75c5 |
| SHA512 | 5ea2467a4b8c5adb3961a530f46f50251e21c34c56e4596cf1f6fcfa7cba0b17b449ad956119705f76939082647a67ae711e7d608cf43ca48ae651a0c4eb2730 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0ba9ae52d1d2c9584917cc89dbde8639 |
| SHA1 | 1f08b0598e7e942628a6b15ba43c39dbdc67a3a4 |
| SHA256 | a2734853fe020d7b3c3766e0b62c074b803003b0d7b846c84cb1dbe49343cedf |
| SHA512 | bcfbad4ddb732383c94f33d25845033a5d230cfb4045122fd6011ef47302144120352afdc60beb1a1b6f2f6490d31f6eaad96ae59963ce4ec8302e452e5f7e26 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d5cf3482f89c1a82f74df65582de6cfe |
| SHA1 | 7af355e87de4537ebc063d60725496046c28437a |
| SHA256 | 9abf0b7d09fd35e839af769bb71b0ee6341087a367c9711983736b53d728a553 |
| SHA512 | 39bfb6953a60cd1ee1642c5336b171bd5029b0ea547881f69bd207eb5ac10f238372a8f98c8e7b4b233c770eeecf94de6cfba284498cc84c61b37149193dc519 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035
| MD5 | 9a95812cb17f16b3be234454aae14f6d |
| SHA1 | e5786798e510473ab441c232d9e0e413a10333e0 |
| SHA256 | bcafb4b7e44312e55ead0b9804468198f31b2faeb746ee704da79e73b7237ab9 |
| SHA512 | f194cbed627bac70c24ce6af1b53be7bcbdd3b181501a35480711af7a7371512580328e56c2577afe0a558d60053297d008e501eee514c42a1ceff164fc03a2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | daabbc594c9d6b452089f9ccfe0100b7 |
| SHA1 | 617780eee4834c9a4e563a831915b8de83df326a |
| SHA256 | 17c8128e1add8f33df8d355b957d7701f794014a348861ab3a0197738ef12b71 |
| SHA512 | c0022de9e6b389cd7b6ef59cb1ab872df179bd5e72948a4b1e80d6b8178cd6c5696ff72acaf37146d531caa2d8926a1a06d03515054eef65e0b85b38f9e42937 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | d4586933fabd5754ef925c6e940472f4 |
| SHA1 | a77f36a596ef86e1ad10444b2679e1531995b553 |
| SHA256 | 6e1c3edffec71a01e11e30aa359952213ac2f297c5014f36027f308a18df75d2 |
| SHA512 | 6ce33a8da7730035fb6b67ed59f32029c3a94b0a5d7dc5aa58c9583820bb01ef59dd55c1c142f392e02da86c8699b2294aff2d7c0e4c3a59fce5f792c749c5ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d7f848d181e8240c86d158ca1978ac70 |
| SHA1 | fa30f00d43ab56290d043cc106f2ee77be1b842f |
| SHA256 | ffd3c37042c917c072671cdef7e99089ab9883e92d027be2f1f049efc24e3863 |
| SHA512 | 1d5c80a0652dc0682371c1ca05e5934d3e8b413dfd29ad16ee2710a4006975eb340e2e8812b1e37b2fde385fbf9c2509500326a24a9b78b409c3ca29bfa554ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 41f9f27d3929e4d71f3c65c6fd106b0b |
| SHA1 | 0672e20faea7fee9954620f2e0cadf5c206364c0 |
| SHA256 | 301df5935715e009e3834a5b22254de6a941f6751c79e44ba58382b14eb4fe78 |
| SHA512 | 423367b581695772f9fcbd4ac4715798d2d8ea26ba6bb810f8260f5163a4db83f0ca1c1789c98bbd5a6c25db599d950bf191f78d0a1cd77557da8f8d2ad26a88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | 6e16a0e00a70defc9c40ae9ece97c9e5 |
| SHA1 | 9772b4012ee94ed05356c98ba7e27e71283211d7 |
| SHA256 | 82c83658c88de47b8e7da9904ca19299fc174763fcee974dd3c087b80b9bd532 |
| SHA512 | 5e3984a7985a21d5644f5b579f32f408b28bfcb4de59764f403e4e10e08085e7b3f099748fa6e22180b6097edb4d8c20b676de182999155b13fdec4fae93367d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | cfe2f449db78de5b3f84e1bf59781df1 |
| SHA1 | 4bdf0727146c2809007be920a879296691f00e8a |
| SHA256 | 371ab3d7ffc4afff3939342ae8ab017bb997e7cc7400086f05572a7bcd5c92d0 |
| SHA512 | db7fe0cf1f2ec72d64705f39eaa16431d896af249386fa6bf1c03e89e7de103afd0cb0bb6571e71c75bc9809e2a01d0e15fce60bae64f8c4573a0766f5c77dfc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
| MD5 | 1bc16342586543c6af7c4a0a1e79854e |
| SHA1 | 587fccbbd81611d3b0628f54820edbf9941f2be8 |
| SHA256 | 94781f24054f1bbf35a3a581676d8a7cdf0a4cacc1b8d2f2b0fdb37501921efe |
| SHA512 | 3ae3f2fc2a4054ff5b20724214850b8e336704a2ec4e05f62ca0817b3379906a9d17da574b609714244ea0d4ad6176d3ff3d7c0b9003e549e52070d38fffb8a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ed98b37b9597cb5cf519e1645a323b51 |
| SHA1 | ca211f096559631803b35b58e547e2f5699cbce7 |
| SHA256 | f7334cb076c684d23fc1ca6cfa8af276d2c2b542d26804a57518c9f5d4fd0cd8 |
| SHA512 | 232f4eaba60881280304becab9695de2a7ae3f86c838f3583aff32a2ba810258e74ba32382501ca07279ae0bc1eab5de5537061ec22ebba14ed46849a59570fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a9c4924e0a076d8f52011c26621e4843 |
| SHA1 | 880121d4d8e7411e8e0e33e7bd831f2e76ddb6a3 |
| SHA256 | 1535cc22a8548729baeb3a526aac60b07b15b8b3dc2595dda301f28392066ba4 |
| SHA512 | 2a5633c62d258e0b1445fabc8efd51362499505f42858d1b9c6f9720160bc970513a2c8627dc31652249b49deec763509a9d15130635ded2e7ae6c76d95082ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a
| MD5 | 7f2e1b48b71ec58fda4539018a2f56cc |
| SHA1 | 507bf81f52fa8c99bf2c5c8bd59a981899ca9995 |
| SHA256 | 7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35 |
| SHA512 | dd7b52119d1179332147984f6c7d8cdcb3388aeb1e8af708ef9036acdde6e7b3900acc965221f4e4864dad89797072e19e5b308cf065a65dda7656be884cdd77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bde6b85f47f8d7646107d43097a18b13 |
| SHA1 | f80c283023ff0e9e15dd10206a7121b0e17985b5 |
| SHA256 | fd2c05e9185dc8193b783b3d2b8f6e78aca81245996f9d37a2de805f3827fc4d |
| SHA512 | 9e4bdd627ca201ac2053d477b4b759bb7477bb94cd967fef2a9d8e8526c8d4b2a7257a02fc37be67097a2a296ffbc034937c51d0f0207198cf43bf88b376282e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039
| MD5 | eb11bfb369775ff0739dabb3a5f379cc |
| SHA1 | 2eebaea2f7080c0b256fbfc70ab91473243af0f8 |
| SHA256 | 2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0 |
| SHA512 | 59e89752e932aade54d5b2b940e09f3c8b12a836f1c5eb515e82036a97492f42e12a4fb3dc156cb8d969d6cb4e8fd8f18b358715f972e12d4596ad390430cb21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5449d6d1f72dd993458781d8563cded7 |
| SHA1 | ebc9d0e771864709f7c3f9ad3585c4d4d96a520f |
| SHA256 | 18a866a9b46588e58c454daebb124465617d2c53154335136a708b0e2a407c4c |
| SHA512 | 9451aa3e75bf8f0c2739d7cb6a839900e332a1f968e6a4d8d12d0f370c7a387b91399f2bbcd8eb1309b1e3a42e2611672384c93435e0838faf704fb6a49ecda3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034
| MD5 | 36cfde6d45a2373b6085ae72ce8c1c6c |
| SHA1 | 972a5c97852f366e3870bf2fe6eef28fc37eddb7 |
| SHA256 | e976d764b92908fc2baeb88f6c7bac504986d1a7bca1b78bafa86521aee7e9dc |
| SHA512 | 2fc700b3c9f138466efbb959334735cb04bb3461c0a1e5687382a86d426586465b531ba07a4252d1865ed6077dcccd938aa4c17871c2a36b85963672954ae916 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000033
| MD5 | e2400298e9f66d5ba27a57da472e6b09 |
| SHA1 | 0f7974190e84c74da32244373e8922f1542c7eed |
| SHA256 | 42f7a31fb13076dff8167e3d31cea6a29476513021a5d78e4d70acd251813893 |
| SHA512 | ff17dec5191929d1691f1cd3a91244ff0e1bdaa0a0c3db216e59ad686212bb215225015eab30af2fcbc452a27ec91969146c17a112f1d54467b73ea0d6cad3f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | db3c035a8fba57eb184dd71970000c5e |
| SHA1 | 42e1e15416f1b4c090a4a851d539856524137efa |
| SHA256 | 7bd4c44dc1a5ddbcf549adec128caa7c5b84c66ec820d6938c230457d987e29b |
| SHA512 | 12bf9874cc80677155c8bc921fe5589be4902abc0af44b7bbc70f173fce1c2bcd2c42dae02adce6e5ac7eddf66ac7235a22cf9a6d98d4f5694d56750d2f749d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b
| MD5 | 717171071799d90bb1cddd2b091302bd |
| SHA1 | 73163f4bb0c5a76de795e15d4bf61b58893d6613 |
| SHA256 | d6db5873fa9c3f028b47b9e5a6cbfd43b129def98d81d8816e904e25782e39e8 |
| SHA512 | aefe2d2d01276a11e1926725713ad1f5c9e2129fb5ba47e962d5a2a2c620b94d032c5f53d8aef7d7db4811f13643aa2e1a7848b9ad53c505f13949a64ddd25c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b8e977a366d0c0d84882ae5391448ee3 |
| SHA1 | f07c9747015699277f1007d7a0a76cc89d0cd715 |
| SHA256 | f58acba3a3884be196d486d11a725533a8cd4276da1c6c47c9b5d48ff8a9cff8 |
| SHA512 | 807e3fde8ac6281bbed304ace98584f490ca01a892fa6f8340f81c5ba98d4412416f3f2cc1b1d2eb7eb3ff267e0f386bca41bb7367a8f8181ec956fc337f824c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 35b3e543d3f430566c4bcba4b09d20f5 |
| SHA1 | b957f58fd15236ac84a20e8289fb74b7304c6e4c |
| SHA256 | 1d7d283e43018fbb2dfc9c5055ee3d2588576beb7445f1d51065a9ca6327c97f |
| SHA512 | 1d915eeb43429eb6d7313c6565f8fdfa6410f743cd998882657b07a208f91d6d12bf315528566a5a60301fd8b2310ae4a599ff459bc83cd3939e39736b70efc9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c
| MD5 | 46815336591d09e60e08290fc50c5f67 |
| SHA1 | bee0a13fdea0c821766696fa92f184866db35a99 |
| SHA256 | 142323bffefc4d108aff357798aed5ea10437296361e928ee5757b02b7f1c957 |
| SHA512 | 6cf1d46f5812df022766a522a3c34c0df80aed01455806aa30275a76e625db7bcf2f7988022bbd5a027b1795a290b61381e83e50b2be8fa8bb42ca564bafcf0e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042
| MD5 | e7ac76d3239e9c64a3f786b3edc4ea2d |
| SHA1 | e5b995311bdcb224c95877b8e8bc4f8ae9d98a42 |
| SHA256 | be82f9e21c62717e63eec10f7c354a5d64327c212eea4256d538ed76be9189de |
| SHA512 | 70da9fe1344bf34c2743a4649319e131460add58c10c42177827a8e0df0f0bf13b7c63e6f388d105abf2816746d10eebba44c069fe263ad0f6a33ad2eeb2fd64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d
| MD5 | a1f819981ae5a706e58d8d5dc68d85eb |
| SHA1 | f85a53431f08066cb71cb159074cff388fa6cc05 |
| SHA256 | 52a6eecb76f71a0953d3b59238b10e03c0d45a062331c31dfde65fa8dd6ba3f7 |
| SHA512 | 325256cd3a0cf03ea31696da0349ba3aa19a5a2694e8f0d6c7abf1f971599be73839dbef867576a78ea5aa48eba537207087b44c2152cd7fd7617beae44b2297 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005e
| MD5 | 25fb045662bd72ba6984976373094189 |
| SHA1 | 641479ab131fdb9487bb585acc8b29af3dd3aa35 |
| SHA256 | 44a32c8e9cfb6fe188a34036c814dba18d17af253e19d5d801fe5b951cfcdc49 |
| SHA512 | 6b00dd7a0b64acae3817163bae6020d0ed29f004647a54d74565a2a7169cbfda8435c55e5ab5d2e84dddfc7fb897696138ec5a5e261bb9a976d731b04907c6c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cbd5c371d2124d8e8169daa8f35e5f16 |
| SHA1 | ed91b7a524952590f8defc5438ff07af1a99095b |
| SHA256 | 3a4482805536e18a866f1f3fc710ffd36e796f7c84b44e62dc185f9c4a779fac |
| SHA512 | 258906ba6d3df01578472cb357fc35594845371c2d180ca3bd30105a64459e68a09d36672117e6cc39bcd98254f212bd3bdb30dc755aea739736718f9b342751 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2b86ed3f04a240e335c62a6dbbca38cb |
| SHA1 | 16fe7c200be221c15d12c3d7a2b3d9ca9c8c0559 |
| SHA256 | 2208f132a19a186d91bb2aad8f044d2f840d951d8776daa1b06c21837e209e59 |
| SHA512 | 3cef34fe6b6276361f6ebf11ddf29a0919d054af2cc4d301fd74c363fc6f049b01df152baa4859f65c1a963a77d96ed94df1a2c5b226650332d2b75542d758f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | bbf90ed1b8d64c1e3f178a4052fa2335 |
| SHA1 | 9e383f641fa15f3cba8313b21e2a9ec413ea2824 |
| SHA256 | c7b7a1c55f18e93c9c47ef1ba827eab9493686a20d82538eeb0924895d8d3342 |
| SHA512 | 46e1106f0f91696214370f26a1b1cce97d8154593e3bb7b5fe7feea89462eb312043256ff485ec54848cb207c5d862842946ec75f9e3e6c65bfc8af592b194f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | db9149f34c6cfa44d2668a52f26b5b7f |
| SHA1 | f8cd86ce3eed8a75ff72c1e96e815a9031856ae7 |
| SHA256 | 632789cdfa972eec9efe17d8e2981c0298cf6bd5a7e5dad3cbdcf7bb30f2e47f |
| SHA512 | 169b56304747417e0afe6263dd16415d3a64fff1b5318cd4a919005abe49ca213537e85a2f2d2291ea9dc9a48ea31c001e8e09e24f25304ae3c2cfefad715ce9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 47f3696059c5d32a37f046d4ecf68619 |
| SHA1 | 77667834a8beb93e1a3f49ce5f6af2238c680e4b |
| SHA256 | 5210ef321915671661693c185b3d0ccfdf25123840c76639865c64e968ea9002 |
| SHA512 | c5ef6d81c60990f4e67efad45b6082e88f65145c70eb208126d80e2ee235cb68d16ebd271058b084be0f2461d83ccf77d429acd5a589e6e70a4eaa2d89314c1d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8161d3907568d11a95a1472416fb0751 |
| SHA1 | a90272bec78479d68b7261e1afcc06de494adabd |
| SHA256 | a07a38a1242719aec378c9aa20f99b8f6950aa22c0c7daf474e860a111cde8ad |
| SHA512 | c99cd81e8254be4d4ae86c5fb74a9a18bbf0d22256a632c41656a0ab1590812b5d001e601d19193d5697644ef11a8cad8e4b9fbf568b3a67ee59656d89b77661 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | be7015f369d3dbe88eb2b6808883dd66 |
| SHA1 | 032771cea8a363d67d0d6f3b89dfd6d93bd55ae4 |
| SHA256 | 2daa3e90b40d0ec7d16f6e31ea74a29dce1df9d4e5eeba8a48bfeaa003b82162 |
| SHA512 | 0ed9331b66b981d66f1e0d90c0347a21a3b5a3f91a2aa03633dcefeb3fbe84030a2bc10f2950e82dde4063610cdca47ec68f9fbe72d52ffa53303688281a2935 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
148s
Max time network
155s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\Class\AIAimBackup.js"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:04
Platform
win10v2004-20241007-en
Max time kernel
147s
Max time network
159s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\Class\RetrieveGithubFiles.js"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.65.42.20.in-addr.arpa | udp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:04
Platform
win10v2004-20241007-en
Max time kernel
144s
Max time network
156s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\PredictionManager.js"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.239.69.13.in-addr.arpa | udp |
Files
Analysis: behavioral12
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:04
Platform
win10v2004-20241007-en
Max time kernel
148s
Max time network
155s
Command Line
Signatures
System Time Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\rundll32.exe | N/A |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\onnxruntime.dll",#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral15
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
144s
Max time network
156s
Command Line
Signatures
System Time Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\rundll32.exe | N/A |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\runtimes\win-x64\native\onnxruntime.dll",#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.65.42.20.in-addr.arpa | udp |
Files
Analysis: behavioral16
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:04
Platform
win10v2004-20241007-en
Max time kernel
144s
Max time network
157s
Command Line
Signatures
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\rundll32.exe | N/A |
System Time Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\rundll32.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
Suspicious use of WriteProcessMemory
| Description | Indicator | Process | Target |
| PID 4328 wrote to memory of 1512 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 4328 wrote to memory of 1512 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
| PID 4328 wrote to memory of 1512 | N/A | C:\Windows\system32\rundll32.exe | C:\Windows\SysWOW64\rundll32.exe |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\runtimes\win-x86\native\onnxruntime.dll",#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\runtimes\win-x86\native\onnxruntime.dll",#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.16.208.104.in-addr.arpa | udp |
Files
Analysis: behavioral19
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:04
Platform
win10v2004-20241007-en
Max time kernel
146s
Max time network
156s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\ref\Kiwi X External.exe
"C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\ref\Kiwi X External.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
Files
memory/4948-0-0x00007FFA46773000-0x00007FFA46775000-memory.dmp
memory/4948-1-0x000001817BD20000-0x000001817BD58000-memory.dmp
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:04
Platform
win10v2004-20241007-en
Max time kernel
148s
Max time network
156s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\AIModel.js"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
131s
Max time network
154s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\Functions.js"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.65.42.20.in-addr.arpa | udp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
155s
Command Line
Signatures
Command and Scripting Interpreter: JavaScript
Processes
C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\MainWindow.xaml.js"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.239.69.13.in-addr.arpa | udp |
Files
Analysis: behavioral10
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
154s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe
"C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.208.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral13
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:04
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
152s
Command Line
Signatures
System Time Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\rundll32.exe | N/A |
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\runtimes\win-arm\native\onnxruntime.dll",#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.173.189.20.in-addr.arpa | udp |
Files
Analysis: behavioral17
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
156s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\Kiwi X External.exe
"C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\Kiwi X External.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
Files
memory/5068-0-0x00007FF92EDA3000-0x00007FF92EDA5000-memory.dmp
memory/5068-1-0x000001FA05400000-0x000001FA05AD0000-memory.dmp
Analysis: behavioral21
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:04
Platform
win10v2004-20241007-en
Max time kernel
88s
Max time network
156s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\Kiwi X External.exe
"C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\Kiwi X External.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.208.201.84.in-addr.arpa | udp |
Files
memory/4412-0-0x00007FFEF8913000-0x00007FFEF8915000-memory.dmp
memory/4412-1-0x000001C4D1AE0000-0x000001C4D20EE000-memory.dmp
Analysis: behavioral9
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
154s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\DirectML.dll",#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral11
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
148s
Max time network
157s
Command Line
Signatures
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe
"C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.243.111.52.in-addr.arpa | udp |
Files
Analysis: behavioral20
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:03
Platform
win10v2004-20241007-en
Max time kernel
146s
Max time network
153s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\refint\Kiwi X External.exe
"C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\refint\Kiwi X External.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.65.42.20.in-addr.arpa | udp |
Files
memory/4888-0-0x00007FFA23673000-0x00007FFA23675000-memory.dmp
memory/4888-1-0x0000018B7B3E0000-0x0000018B7B418000-memory.dmp
Analysis: behavioral23
Detonation Overview
Submitted
2024-11-09 22:00
Reported
2024-11-09 22:04
Platform
win10v2004-20241007-en
Max time kernel
142s
Max time network
157s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\ref\Kiwi X External.exe
"C:\Users\Admin\AppData\Local\Temp\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\ref\Kiwi X External.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.209.201.84.in-addr.arpa | udp |
Files
memory/1568-0-0x00007FF9FE9A3000-0x00007FF9FE9A5000-memory.dmp
memory/1568-1-0x0000019E5AFB0000-0x0000019E5AFE8000-memory.dmp