Analysis Overview
SHA256
05032de84d0a27a0f7cec6b9d0f063ffea9462ad35b45d1ada2457f792bd5687
Threat Level: Likely malicious
The file httpswww.mediafire.comfiled5afgz2u8.txt was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Drops file in Program Files directory
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Browser Information Discovery
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Opens file in notepad (likely ransom note)
Modifies data under HKEY_USERS
Modifies registry class
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 22:05
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 22:05
Reported
2024-11-09 22:07
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
151s
Command Line
Signatures
Downloads MZ/PE file
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
Checks installed software on the system
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\7-Zip\Lang\en.ttt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hu.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sa.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-cn.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lij.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pl.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\si.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eu.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uz.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ps.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\cy.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\da.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\el.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fa.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ru.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\af.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bg.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ext.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fi.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\descript.ion | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hr.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\io.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-tw.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\lv.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sq.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\et.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gu.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.dll | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fy.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spl.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sk.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\id.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt-br.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tr.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip32.dll | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\readme.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hi.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sw.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tt.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gl.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uk.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\be.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bn.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\yo.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fr.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ku.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ms.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.exe | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ba.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ug.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Uninstall.exe | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\it.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tg.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zG.exe | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.chm | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\cs.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\va.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ky.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mk.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng2.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tk.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\br.txt | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756635342223284" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll" | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip32.dll" | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4050598569-1597076380-177084960-1000\{651FD84B-1D74-4A3D-8F4A-7BD247F15EAD} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000} | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\7z2408-x64.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\httpswww.mediafire.comfiled5afgz2u8.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff8c1a6cc40,0x7ff8c1a6cc4c,0x7ff8c1a6cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1876,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1872 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2224 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2448 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3156,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3220,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3428 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4520,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4556 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4712,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3728 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4732,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4856 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4396,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4988 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5112,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5116 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3408,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4964 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4380,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5192 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4808,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5028 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5316,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5348 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5308,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5464 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4828,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5400 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5512,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5252 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5500,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5272 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5004,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4884 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5284,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5560 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5800,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5256 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5716,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5232 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=240,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5816 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5612,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5864 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5928,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5964 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5932,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5880 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5060,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4800 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4728,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5016 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4064,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3580 /prefetch:8
C:\Users\Admin\Downloads\7z2408-x64.exe
"C:\Users\Admin\Downloads\7z2408-x64.exe"
C:\Users\Admin\Downloads\7z2408-x64.exe
"C:\Users\Admin\Downloads\7z2408-x64.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Kiwi X External\" -ad -an -ai#7zMap32011:92:7zEvent31914
C:\Users\Admin\Downloads\7z2408-x64.exe
"C:\Users\Admin\Downloads\7z2408-x64.exe"
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe
"C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe"
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe
"C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe"
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe
"C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5528,i,15520221678836537954,18332886809091737516,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5832 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.204.74:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| GB | 216.58.204.74:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.17.150.117:443 | www.mediafire.com | tcp |
| US | 104.17.150.117:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | 117.150.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 104.17.150.117:443 | www.mediafire.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 172.67.170.144:443 | www.ezojs.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| GB | 142.250.178.14:443 | translate.google.com | tcp |
| NL | 18.239.18.40:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 104.26.2.173:443 | www.mediafiredls.com | tcp |
| GB | 216.58.204.74:443 | translate.googleapis.com | tcp |
| US | 104.19.208.227:443 | cdn.otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 54.213.32.26:443 | api.amplitude.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| BE | 66.102.1.157:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 172.67.142.121:443 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | g.ezodn.com | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.178.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| GB | 142.250.178.10:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 32.42.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | 144.170.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.208.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.187.37.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.32.213.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.142.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 8.8.8.8:53 | 157.1.102.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| GB | 142.250.178.2:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download2336.mediafire.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 199.91.155.77:443 | download2336.mediafire.com | tcp |
| IE | 54.170.33.189:443 | bcp.crwdcntrl.net | tcp |
| NL | 18.239.18.33:443 | tags.crwdcntrl.net | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| IE | 52.30.238.153:443 | bcp.crwdcntrl.net | tcp |
| US | 104.19.208.227:443 | otnolatrnup.com | tcp |
| US | 199.91.155.77:443 | download2336.mediafire.com | tcp |
| US | 104.19.208.227:443 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 79.87.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.33.170.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.238.30.52.in-addr.arpa | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | udp |
| US | 104.19.208.227:443 | otnolatrnup.com | udp |
| GB | 216.58.204.74:443 | translate-pa.googleapis.com | udp |
| US | 104.19.208.227:80 | otnolatrnup.com | tcp |
| US | 104.19.208.227:80 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| GB | 54.230.10.111:443 | woreppercomming.com | tcp |
| US | 8.8.8.8:53 | www.chancial.com | udp |
| US | 172.67.141.135:443 | www.chancial.com | tcp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 35.156.1.158:443 | www.opera.com | tcp |
| US | 8.8.8.8:53 | 111.10.230.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.141.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.1.156.35.in-addr.arpa | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 142.250.200.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | clients2.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.87.175.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.204.74:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| GB | 216.58.204.74:443 | translate-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.200.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.7-zip.org | udp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| US | 8.8.8.8:53 | 237.202.12.49.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.111.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
Files
\??\pipe\crashpad_5088_FCIADUVMOUQFHSFJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 73d076263128b1602fe145cd548942d0 |
| SHA1 | 69fe6ab6529c2d81d21f8c664da47c16c2e663ae |
| SHA256 | f2dd7199b48e34d54ee1a221f654ad9c04d8b606c02bdbe77b33b82fb2df6b29 |
| SHA512 | e371083407ee6a1e3436a3d1ea4e6a84f211c6ad7c501f7a09916a9ada5b50a39dcb9e8be7a4dee664ea88ec33be8c6197c2f0ac2eabe3c0691bc9d0ed4e415d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 85c29fdfdf90a32964b5f3aa66063e17 |
| SHA1 | 57f6a0f8140768edf5fb50c5da2631a5195c5be2 |
| SHA256 | 9790c951889c2390c4aa20cabe3e6fd92fc9616b2f0653b102bf8eb3183fcf56 |
| SHA512 | e875f4f38bc7144c1e76b2b4e489b761468a5fd62dcf41eff8ded23c28bd46200c2fc13150c938a2068aa498f6078f4e8edc25419af30abdbee1bf1a1ccc1f09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7f9b8a4b45d5d77575b18d76306455d8 |
| SHA1 | 26ba955686047ca3c39c4cdef87c0bda6204cafc |
| SHA256 | 8ea94d8c699eb454219f842b47336cab01b30b9041051327cb9f67ed9931ec35 |
| SHA512 | 446657167834ce6837e049d25197f03237dbaa27a6eaf90f4982aa6a147ed7829e167b173e4cc68a308113a02b6ab456e2e3bfbc96912d405aa35217b5ae1f81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | acabe0e3103498ad10a9b54375e3f914 |
| SHA1 | 69653759a910e6f93d811acaf44ca4041cf6109f |
| SHA256 | 20a685e2318b438bd2bf957736a8a9c49e3ead9f58f38aa1c6135141c1b21c65 |
| SHA512 | 07b861a2e5e917fe85a1f5f0c74d536a831fe93b3dbbd03996c473e67769f0f888626fcc7cc624807c0e3e1316e0f6810b39db103986854f6c3dfac0ba1e73ef |
C:\Users\Admin\AppData\Local\Temp\scoped_dir5088_1054536254\109ac654-bdf1-42de-be46-ed5fa13940bf.tmp
| MD5 | da75bb05d10acc967eecaac040d3d733 |
| SHA1 | 95c08e067df713af8992db113f7e9aec84f17181 |
| SHA256 | 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2 |
| SHA512 | 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef |
C:\Users\Admin\AppData\Local\Temp\scoped_dir5088_1054536254\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 6cbd33e9360a6d0247ad208586341783 |
| SHA1 | 183bbd8c254bd74c2e8978d2d60f82d8e160fb3d |
| SHA256 | 1bf878bc5b15e0521c41244062ed392da8a8e9c8cdb772d5d641e0e0a7781c65 |
| SHA512 | af535e2fbd78d602bf9d8a56bf1ee8cc171427108bc118393f6b9633547d4203c2c5cb96b2e4cbce2b1f95073068911d07b90abd31d71d790ba5111417efc3c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0848b3e445c4e89ad06d0c77adf5330b |
| SHA1 | 5199cde828c78ed0d37fa1dc1e241cae96616f6a |
| SHA256 | bfa25210a49c1a1b86c8be6c2ec94774f06d21970ae89e96a7770d344faa4eb0 |
| SHA512 | dba7d2620659fe31439dc7393341eecf035d75d763dad257b92c4c3b62b8726dbe102fb72ad4160e440ae7d160106fd5f3fde5364eaa8dafbe4772ab6af48f25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7b7f40db1b74c97b81a27de60bb0e0af |
| SHA1 | 3e332fa4a7ecdd50b3f2911748cd2e4057b77e13 |
| SHA256 | 09f592b3e0ae71190329f19adae224c03468613991846ca555ba5a96ce458e37 |
| SHA512 | 32551e9f4eb468d77866618e0d76055e01a4df42f3407f836928fee3b772b156bf89e4265329d8f7da78984a8aac6b5be9a98d6fa441baaab8c14c5ba2c4998b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 0e39f2015298e184882505717fc617ac |
| SHA1 | 2071b71d7d6dd6542b44761cec762ebfc8080c5d |
| SHA256 | 5d2e169b942f429de3a553dd980ba5103aafae80d162ba7c97471edd8c25a061 |
| SHA512 | ee59cb03d65f018b83e1fc5ed4936f27e015dda790767f67fb2a873546cf5ec7a0389588168dfa6f5e37259b56d97da9fa893d8cf37552cc612b00c5f5bc1a1f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3df43f267ec66a3259187cab0a81b0fc |
| SHA1 | 4189007f256ba72a087fa48535cf9a74d33aeb9e |
| SHA256 | 96cc6f76de25ae79e46226b302882e8a67a8e8b8220f164ae1433a94fb91c95c |
| SHA512 | db469c2839ee9f9606af7b6aa545d92856ba7ac14a93d21e5e6e21d09a431f8a420e8b145ce5b1b2239f1f3be2ea1c768b82d9edf14e554c152a6f5597c35ee2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bb6bbdad2099a93cdf71421a53538d08 |
| SHA1 | 37c3637f62be5dc976fa115367f04ddce4d25332 |
| SHA256 | 73b327f33654649dc9ca13528402230b9920bfe93f01e41652532724a8b8121c |
| SHA512 | bf48bcad9956e3cb9013f19f2c382611fe0c673be9f317b0d6f1fd154c372620cd11d57e3c5c25b7cbfcfeef9f9041676b773fd02db758c25c9e267ef4426f9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 5e79aa5671d10e42a070acc3c0aaced0 |
| SHA1 | 10f0f6446f42ba9f0a373796ff9841a5bad544d0 |
| SHA256 | 80937e8e7b55f4e92b4342f8e502aed373e5c263443b4fa97ad1c125890511df |
| SHA512 | be3ec824f68b82707bf43ef5ccc59f541094132dba982908076b446a8e7aed62a5ed55a7d8025b7f5c0ddb25f4429db67a74189bb9f78d27c130a3512493897e |
C:\Users\Admin\Downloads\Unconfirmed 571119.crdownload
| MD5 | 0330d0bd7341a9afe5b6d161b1ff4aa1 |
| SHA1 | 86918e72f2e43c9c664c246e62b41452d662fbf3 |
| SHA256 | 67cb9d3452c9dd974b04f4a5fd842dbcba8184f2344ff72e3662d7cdb68b099b |
| SHA512 | 850382414d9d33eab134f8bd89dc99759f8d0459b7ad48bd9588405a3705aeb2cd727898529e3f71d9776a42e141c717e844e0b5c358818bbeac01d096907ad1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\573932da-c70b-46b6-a1d6-0569ac9abc5b.tmp
| MD5 | fba521dc9a708881d068a8fa677536bc |
| SHA1 | 55025248eda686f0714f6e2df13f2f98fe58127a |
| SHA256 | 59e8350c90f9625c71d7f42bda2fd1079db8d36e905db1e9ab37816820b1413c |
| SHA512 | 44025cc19a99958baa74af3b0b511dcfad3685a91d02f9ed962e284ba6a56fb2cf9f4801838cc2ec2673627e15669b34c31b0e27dd3dc7dbb885552749715419 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eeb73ad3dbdb47b1723dbac34bf79981 |
| SHA1 | 003f6d5eb9c4e98b0db9e8bebf6d7342b176c741 |
| SHA256 | dd7f61413fa5db931cffe1f724e9c47adcc20b829fc720da8212bc6487849f58 |
| SHA512 | 02bd95ac47cd80d6c568a4b3d25127c404013eb6792575abd74335f8f5ff6f40901e7cefa4c44f0ec8a82ea584dbca727b86dd6dd15b3824ef091c8043792a9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 22086a1b15ecfa1e61017377194aea7d |
| SHA1 | 4414ab8e45de9968991b07d0f19ac48a9f6cf3e4 |
| SHA256 | 3aaed1878f6b1176dbcd1f400d3bb5ed1ca30d2ae1bd249256cb317d33fe30b5 |
| SHA512 | 23adbe0df08977aab5c64a7e83b7395b779068f1661e63d14e3e503eaf0fa6068179d6cfd31fd0a1357b1cdc082c27a63de396b809ee6098cf737ff1d1012be2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | efca0c4b78087127f7a885fe5a8cfce1 |
| SHA1 | 2739a4aac389421522397b705a12aa6240d7e556 |
| SHA256 | 90a3129feafd8559af92c4c52d9c4a481b309246da6f1a54e53a8e1a624d009e |
| SHA512 | 53ea2a93a0494199fcf1a24cef0b9096d6de562f6a49b6431da993faddba4a47c5c60385988557dff79f06b70a4bedc624ee1992c3bf8407ca0b4df9e658f3dc |
C:\Program Files\7-Zip\7-zip.dll
| MD5 | d346530e648e15887ae88ea34c82efc9 |
| SHA1 | 5644d95910852e50a4b42375bddfef05f6b3490f |
| SHA256 | f972b164d9a90821be0ea2f46da84dd65f85cd0f29cd1abba0c8e9a7d0140902 |
| SHA512 | 62db21717f79702cbdd805109f30f51a7f7ff5f751dc115f4c95d052c5405eb34d5e8c5a83f426d73875591b7d463f00f686c182ef3850db2e25989ae2d83673 |
C:\Program Files\7-Zip\7zG.exe
| MD5 | 4159ff3f09b72e504e25a5f3c7ed3a5b |
| SHA1 | b79ab2c83803e1d6da1dcd902f41e45d6cd26346 |
| SHA256 | 0163ec83208b4902a2846de998a915de1b9e72aba33d98d5c8a14a8fbf0f6101 |
| SHA512 | 48f54f0ab96be620db392b4c459a49a0fa8fbe95b1c1b7df932de565cf5f77adfaae98ef1e5998f326172b5ae4ffa9896aeac0f7b98568fcde6f7b1480df4e2d |
C:\Program Files\7-Zip\7z.dll
| MD5 | 1143c4905bba16d8cc02c6ba8f37f365 |
| SHA1 | db38ac221275acd087cf87ebad393ef7f6e04656 |
| SHA256 | e79ddfb6319dbf9bac6382035d23597dad979db5e71a605d81a61ee817c1e812 |
| SHA512 | b918ae107c179d0b96c8fb14c2d5f019cad381ba4dcdc760c918dfcd5429d1c9fb6ce23f4648823a0449cb8a842af47f25ede425a4e37a7b67eb291ce8cce894 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bdbef443ea0759ee6b2a8daefccc1010 |
| SHA1 | 53a428888f5ac47489f68bfb00364c45418abe63 |
| SHA256 | 63f165e244d6ba05b7f909e8ae8ca9e273e5eabe98bac596424bff289a0c286c |
| SHA512 | 575ed2f626ba5a9f853540bbce6de56065ce7186ed00d4b5a40d3e936a82a30255cce34e6c9c293120ea07c710878c4b9b6268992542260d6e19c39d2fd8fd82 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_1xakwnni_wpftmp.csproj.nuget.g.props
| MD5 | cff1800e111aa1bf3fc7aafbce88cd75 |
| SHA1 | 196c59da7969f67bca9af0bee669a9901619e716 |
| SHA256 | 3a9c08a156105a3f6d019c9f384e728301398ce73bc273248857be62c962ebf1 |
| SHA512 | c64c27a461d920246ac0d6e6e453ee1a36b86b436e37937110c831f3f94f532b75afd6ae7b9835c1120f92a807723aaeac0baa437aa9eb8d012aae7369e19a73 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_1ao2pfbr_wpftmp.csproj.nuget.g.targets
| MD5 | dae90742c8d0267da0b48e8586d3068c |
| SHA1 | da983548a739c189082b2037b6774643305850a2 |
| SHA256 | 2aed7451a92593dc80b91c560f0e4b9ddb1aa99f8339ad19ed3d878ef30424da |
| SHA512 | 18826347563f37c61b07703eda08b6dacb43489f1dab27fdeabe2a36fd8803dd2f4d61093761690efd23af62bda1e7035e6921d441083eb13eddbeb8f9193418 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_afhmq1oz_wpftmp.csproj.nuget.dgspec.json
| MD5 | ede9d74e366abaf2e53c73728161ea63 |
| SHA1 | ebf66a4cb754e0b985171da29d2c1eb30071cd01 |
| SHA256 | 8ca4f4db8f8c0c440f01b501d8ebaf6620940aed160e963ad69b3d0daff4cbe1 |
| SHA512 | c7461084b391406087c420eb988c8078f06850988bc1082927a94d53df05ffd6fa52e50f8b1d71343204fc1b82575bc474ee6e55d4d17f354a6041088ba288b7 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_g3wd4dah_wpftmp.csproj.nuget.dgspec.json
| MD5 | 6522a98e5a3e976861d72121bc2c075d |
| SHA1 | 92687e83e3fdba80b4c024cdbd946aa7cacd0ddc |
| SHA256 | dee0717681888b388847d906d4b0b316cdb1245468c743b6352218641c5d8f75 |
| SHA512 | 2781ac7109ba321d040a0a4dcc006b97b96cf647829671dc355e3f4917d7d245f323272ceef446501e1aa464ebca2f0c8bb4ec40b5f03ae6103ae5361f2784fb |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_hff5giod_wpftmp.csproj.nuget.g.props
| MD5 | 0698c1512003f327fb76860f2b32f3e7 |
| SHA1 | 458e59648c36f4bb9dc33f8b994311f4f71a1602 |
| SHA256 | dfc6e30528bd0340eb0d5ca52559544118ee9d429334b8712e21296d79792243 |
| SHA512 | 6428a6145ebbbf96a9b6189f4376c5fa64d5d1568466de2b2f3407dbeddd845f342f3fb8fb588a9513cb83f73d5690341c4927dccbf76bf872f21fa8ffcf0b03 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\AimmyWPF_th5mkddj_wpftmp.csproj.nuget.dgspec.json
| MD5 | 99a39c5e9022a1f491a08a6a9f637b8e |
| SHA1 | fd2d5fcb0c44a5e124a2e339a95356138dcac2d7 |
| SHA256 | a4979e8dfc842d630fcd30b24ee47d2068668c13ad443f30a78396decf4c7a28 |
| SHA512 | 5a875ce03410ff27ef3c9b2d41927bda84e80b8cd467010342f9d6c82f6de353a2a1e743163061233428e1f14e159568da46cf2b47a50f8ca74dcc2a69da7d23 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0ajav1nf_wpftmp.AssemblyInfo.cs
| MD5 | d14a1d6e41bd343c1f1b3ac4301cdfa6 |
| SHA1 | 6043ede18e7b13a52fabd8b13cb7a0c598a08acc |
| SHA256 | 5c24a0119792b84b849be5d77baab4297ddde2157b68baf3c6093f8f0b9580c2 |
| SHA512 | 02a5d41de962e0a28bd6c13f01287b875e59c33be3102a99639803f5784c2e0abe9f880dec5003ef8fe92dc8582fc12f9fee8e70ddd30a7654197f0eca00cc6e |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0elk4nfn_wpftmp.AssemblyInfoInputs.cache
| MD5 | f4d2f014817b7287915f69fb98b77f80 |
| SHA1 | 94c8a9a4411daae1359dbf79a06f2b9b90e7cbc8 |
| SHA256 | fd01c59105f12d37621245b7cca02eaf71734e63f5469c214665c632b52a3b16 |
| SHA512 | 14095a7aec08329a90f59acbe6cf0b1440341412d4794d723f843272917ae8993e37634293556ca7f2ca439b39a6dc2096db377b3fce036b84ffc01ebf903f77 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0en33wym_wpftmp.AssemblyInfoInputs.cache
| MD5 | 7ce6531dacb47d1e66a9281910cd1b00 |
| SHA1 | 86c075bd0821ef5e39d519a2a710ce887aae8b95 |
| SHA256 | 41973cc83b064838be9ecc8772c0d2659d32599518b8242ba85f6e5a9189a2e5 |
| SHA512 | 79da4b9941fd431f2c91dcd9051045660607a8982f18467d9858c91f4ed21231f369dbb2a7db5e73391b71556da57c74322ed81726c17a935f6bfa8ea92e12b9 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0hmbhjto_wpftmp.AssemblyInfoInputs.cache
| MD5 | 8cb3432355fb24d3741bc7da47157780 |
| SHA1 | fdacad726a29667e74477e502af49c0578c36585 |
| SHA256 | 212cb58d33f88d2935d5ea8af5fd8568f523151d38fa06a369ff27c3686bfb8e |
| SHA512 | 90b27e104f5194940e1a919caa8fe20c15352b1da729c2a99e523a584bf73df5010765b8bec7a8423b97e249ad014f0abc31c3bc1ef289535456ac3946f335ce |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0hmbhjto_wpftmp.AssemblyInfo.cs
| MD5 | 625871be3f9600a79f42c4829aaa69a2 |
| SHA1 | 6506c4d0d8432fec14fc8fce5bf183668ab0223f |
| SHA256 | 156901117b6cd74cc02ea63c64e7a7b32a82afe38026ca33394b02bb748d0902 |
| SHA512 | 593602a16c1a9c110e64e42bca5c6510bdab83520510bf84fec0c84d75d291300d2a1dd13ee70ac41a927ee9d135c4abb5b037c7d5ec148f8c5cfde25141c2a2 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_0xhohhaf_wpftmp.AssemblyInfoInputs.cache
| MD5 | 97cee9976e4396ee29d24cf06b2f0fee |
| SHA1 | a187d089a3d36d77da7662ac98b5d690718552c0 |
| SHA256 | 47619039cb04e8382a7ba083034fc4c99dfe6655bd4f7cc9241150cdf411ce45 |
| SHA512 | 14b9f1a4919e2dffe59106ab68c5548d7062cff4d2703690128a25f39ad335c3c0de5bfd368f3deec493fbf68ee80ba86ed57a5f7aadb8d6fef26447ee177f80 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_aluw4bul_wpftmp.AssemblyInfoInputs.cache
| MD5 | 7c6ab8f7d9444ada50eb3026c763d524 |
| SHA1 | f9526aa0453fe3e311f5f625c7fe86361432bb97 |
| SHA256 | 9849952fa7828aeff7b18b1c99a2074351d134ef02fe096d9dcb4c41360f122e |
| SHA512 | c375dcc0bfc6fb0439918994964abed089c1651ba98e8710ac542c04212455b6a04bc7c60f5ac677558ad2553adbc705ddcc38e0cdfc36a6ebb6a6313414f027 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_aluw4bul_wpftmp.AssemblyInfo.cs
| MD5 | 67f48e1d1825a122ef3392a3e3f80906 |
| SHA1 | ca95e531fe21f6327d713c67b45ccd8187f291de |
| SHA256 | 52224ea9e82696155766595b9a16cc29b6ae437586e879b9541cf19d1b63e87a |
| SHA512 | 677d56b86a385f6b333e7ea2ec404f2f10f58cad129007adf244612da687e0170129d1ff47974650f95220e7dfec2291bf2db4c10d8e57e98c583da87673e93d |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_dz4t5054_wpftmp.AssemblyInfoInputs.cache
| MD5 | b66d50947cf77c0813fe52a2ed19094b |
| SHA1 | 93bc2202259fe4cb1d27feb35864427ba37185e9 |
| SHA256 | 09a4209375bf97348bc0b644a1868e83748bf077c102af904a9574633a8047a7 |
| SHA512 | 7aab5d9d48b4be1932028439a7a94f3c185a0278c2a5681b33fd9541897b4a5c6d738538b83c98a810837c6599a2d526f15daaabc9b5b22c3a943c528053d16e |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\AimmyWPF_dz4t5054_wpftmp.AssemblyInfo.cs
| MD5 | c438a54fea248f70df3d5ecc14cbb9fb |
| SHA1 | 697322682dc286e15e9a3b227d46f98685efe3ae |
| SHA256 | ee7417aa5b18ca95453600554f911bbeb82e5efdf9141817ee46abd1d18c78d0 |
| SHA512 | 57b2e06ee4e196f97be2fdc2bbc64be922c5a2ec28b2bdfb930ab03efb693e1c7d45502ac72bec88e16a1ce371ef2cd7b7f1be68051b46d2498ffdf9a51cd51a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 28c521761339d11488d7aa58ffcb475b |
| SHA1 | 88da2f2332cad015c6d1fc66689074c8f6d0e008 |
| SHA256 | 9140da78a2deace268c468f7594ee46bc7d5028512970e3a30eed535deadf672 |
| SHA512 | 6d119d47b3ab9e7d2d1e50917c28f154919de9a5669c875a0bfffc44b32029876045fe622a7e0db92baeec64f03deab6a2eac52d91d18d66de0c38a49fa0d42e |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Debug\net7.0-windows\Kiwi X External_Content.g.i.cs
| MD5 | df3a673e620fa0f54ca5eb61081400e7 |
| SHA1 | c9df9f10e53ad6770e036beb59975694b711a261 |
| SHA256 | 57d1057c5b39d96ee9d8278836daf049248c81a96e75957f7481ad6ee571c5fa |
| SHA512 | 763a8d29d541dc527fcd591326b51df566196dc583f94a66d8c6e16d7d2b5ec3d3207b4eb6f38eefcadd10dfe48e11037222e538d64c1c93eb30a411ab31d22c |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\AimmyWPF_5ouxw5kf_wpftmp.AssemblyInfoInputs.cache
| MD5 | ce01fcbcc2514440b384405e449f8add |
| SHA1 | bdd3831fd811d124dad9a84704d13b50b6c3b61f |
| SHA256 | 20212cce49eb7eb5e861fc712c96dc4b158d53fa4f42e8df9e9398a6cd275355 |
| SHA512 | 2c61ceaf1277c68e6a6321d124caceaa1e428edb750530c9ced00b9c80131ba3ccbbc8d4210a0aaa6bf48179071948449e3476ddb5ea7c6a245271556a922c18 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\obj\Release\net7.0-windows\AimmyWPF_5ouxw5kf_wpftmp.AssemblyInfo.cs
| MD5 | 124d868809a908ce2e8518cdfd3db79e |
| SHA1 | bfd5e93a8c91c5c73593fa261bd4450c591399d4 |
| SHA256 | 0c0278a14e4351a4a4fb77d535a48593f98adf75134d60c13c98000cefd08446 |
| SHA512 | a98e967faf82371b89f72cdf0465c5f50486158dacf93ca197ddc884bc3abe53b998c010ee5cad1644097deb5243187b232e4604dea32db372d3e3c796c97fca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ee62deb4627fa359c284fabeea7c0c11 |
| SHA1 | bb8de87d66f1035328aa5aa5d869de00161603c5 |
| SHA256 | 2754b290350b09138be9b968b385749942a28d4baa145e4e32156265bfeff029 |
| SHA512 | 912fcceb99402e92ca6a3d4efe8ee22928838db651a3760c50109f43f7937b76d0f9dba520435fae893fed7d10a98d30363519232ac1b655454af63d11e512e6 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.exe
| MD5 | 9fef2a301edbcd80a74670f54a88e41b |
| SHA1 | eb7a5845b2998217f8ebd4ecec4ba554d3edb757 |
| SHA256 | 02ad64a9b7a3e99337b59f54563082fbc48b26cb796fbe1cd834ce185fd63381 |
| SHA512 | afb5badae34091bf88b5e97a1742385cb7ff4839f514ada697da00ea186ee0a9e35c53edcddcabda2a7f4d0cec4e2e53ec897033ec1856c05238efda07fc05c9 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.runtimeconfig.json
| MD5 | d8ae75ee64991f91ddf5fa2c72adcc7c |
| SHA1 | c8318862e3f8051daed02b9d764e7468cbe4bf86 |
| SHA256 | 6a9ae797b520e700bcb418aa36e945f22d27c86b3aebb393cb7c4462d52e76da |
| SHA512 | 8907e87ce5c582ada4d391009b015ea9878c3f788a15f327dc7bf147e8a4ac80258e0541f1f35f3e00cb29dfbd55839908595a6941920d68bf7cb8bfdffb4998 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.deps.json
| MD5 | aa0cdeb226722173e5fa3ea4cccc78f3 |
| SHA1 | 6a5ad8a3f7a465889ec63bfa8fced4cca5b909a7 |
| SHA256 | b6ebddb855d50861a1ae0b7c5c2981a610328743da28c876f8da1268a711432c |
| SHA512 | 1f49fb6f37eee008d2adadaada2bc854b3f1a0985f8db345b08b9f7e88a2a469b9d09dd8ce31c2098850fad28fa109f7866232564548f0c99a67b8e8b835a97e |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.dll
| MD5 | 2c0cdc4197f9febe9a79dfbbb69339ef |
| SHA1 | be71d6587d6c0328dc257d1533bddd8a89310d41 |
| SHA256 | 954701ed16fa37a48e8cb980d87990145816ee808def676204fd895b98678d0c |
| SHA512 | 397d631bebb58ee8b80ab0953d938bda3100d1eeb7208c1a9e11a472ccaa416ffeb95cad2a4ed1a384b081ba8d2b6fb06861178458cddca256f35ce983e62935 |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\Kiwi X External.dll.config
| MD5 | 768c2ad61947a7be36dd9f70f83ee4d9 |
| SHA1 | f5cdb30b2ba51232a7a903da7cb1c417250556fe |
| SHA256 | cb95bd1fd1e0220ad9a1af79b2f1a6f68d354715c2bd7e8edb78ba65319d0f86 |
| SHA512 | 7f130df4cd0ce7f71e1d9d2a8ca25ed3927b49d8febc6d74f5dfda240423aa2bef853f738d645cf27a9c2fc840c0226f5d2bef5fcfd942b8e2a47574c5b66a4f |
C:\Users\Admin\Downloads\Kiwi X External\Kiwi X External\Kiwi X External\AimmyWPF\bin\Debug\net7.0-windows\bin\configs\Theme.cfg
| MD5 | 9a01c7ad9d3f9fc8b8f0b951c1eb4702 |
| SHA1 | 066ee3f5eb23d3989542fbcf9694ab07c8ce2a8a |
| SHA256 | fb9e0491f4802834614ab0ea04790461abd2725cbb1034992c7ae2580d6725bb |
| SHA512 | 36548ee75116fd6ea5f7f16bfb68f88670ec435ae9058125cb866d6ff476dccc9dae8a8a94aae6f522521337902b89b3bb2d962c410f2947152df5eaee4b7074 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fa89a268a2bbdf23d7ca65e05e1d1d38 |
| SHA1 | cde36d754daf81ed65a912d6d9227504b183527d |
| SHA256 | 55b16e7872e5baa88d5525feabdcfe64cf5df5e050af9a87cf4afe851655c698 |
| SHA512 | cf6d9ad58e88d800236854ddfdb24b0d9d477ded57fd0623a5543ba4bed0eb1288957af9ebff125fc553009e4fbda155f577ba630783a481f62afc682a628b54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\78a0801d-41cc-4e60-9242-74746dbc630e.tmp
| MD5 | 82a7e8d19c354cf173d5872397b58735 |
| SHA1 | 29f14a265c31c0e379bbf88fc56859f049c54ce7 |
| SHA256 | df8570e1504d9ce91606fe48dadb14cfa4ad72148a7e2ffb9893ffc4f6263e55 |
| SHA512 | c08d58b48aefa2a3517825599e292f4a9906610aa5c3b6f9716b161843ea7773dd6f0a933b50b2c17a134efa78d698b52b78d4ce1d25a9a6f4a696451638e7bb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3f1b47582ba8fa55c236b74dc53f28db |
| SHA1 | 0fbf5a8405e6492d96f6cee413f2ec5d78480ebb |
| SHA256 | 0b5a7398b78d2230c641ddb57ccb338ad39d4d29557d8764f21d9a95002a1f12 |
| SHA512 | b6ba24ca9bfeb082a280a7f042e46fcbd85e02e524f901c20f5d31c276d7f2b007269d06187561517e81d86f26b9cf192c0bf5b01a26bb95529fb0cd95766b70 |