Analysis Overview
Threat Level: Shows suspicious behavior
The file https://fluxteam.cc/windows was found to be: Shows suspicious behavior.
Malicious Activity Summary
Legitimate hosting services abused for malware hosting/C2
Looks up external IP address via web service
Browser Information Discovery
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 20:12
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 20:12
Reported
2024-11-09 20:14
Platform
win10v2004-20241007-en
Max time kernel
93s
Max time network
99s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756567866737147" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4050598569-1597076380-177084960-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4050598569-1597076380-177084960-1000\{640B7100-A5EB-46CA-9CA0-2F5723B37771} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://fluxteam.cc/windows
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb504acc40,0x7ffb504acc4c,0x7ffb504acc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1884,i,14397425977611075102,10454811127244361561,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1632 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2140,i,14397425977611075102,10454811127244361561,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2184 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,14397425977611075102,10454811127244361561,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2236 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,14397425977611075102,10454811127244361561,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3156 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,14397425977611075102,10454811127244361561,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3184 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4540,i,14397425977611075102,10454811127244361561,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4704 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4804,i,14397425977611075102,10454811127244361561,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4836 /prefetch:1
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4812,i,14397425977611075102,10454811127244361561,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3760 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Desktop\FluxTeam\FluxTeam.exe
"C:\Users\Admin\Desktop\FluxTeam\FluxTeam.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/fluxus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb3acf46f8,0x7ffb3acf4708,0x7ffb3acf4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2712 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4948 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5564 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://getzorara.online:1000/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb3acf46f8,0x7ffb3acf4708,0x7ffb3acf4718
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5564 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2088,12301459073328029821,8966138140964866936,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3048 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fluxteam.cc | udp |
| DE | 3.75.10.80:443 | fluxteam.cc | tcp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.10.75.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.163.202.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.gg | udp |
| US | 162.159.136.234:443 | discord.gg | tcp |
| US | 8.8.8.8:53 | 234.136.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 233.128.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | 233.134.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | getzorara.online | udp |
| NL | 88.80.135.252:1000 | getzorara.online | tcp |
| NL | 88.80.135.252:1000 | getzorara.online | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 252.135.80.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| NL | 88.80.135.252:1000 | getzorara.online | tcp |
| NL | 88.80.135.252:1000 | getzorara.online | tcp |
| US | 8.8.8.8:53 | link-hub.net | udp |
| US | 172.67.135.50:443 | link-hub.net | tcp |
| US | 8.8.8.8:53 | linkvertise.com | udp |
| US | 104.22.22.72:443 | linkvertise.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.exmarketplace.com | udp |
| IT | 95.110.206.108:443 | cdn.exmarketplace.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 50.135.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.22.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | maxst.icons8.com | udp |
| US | 8.8.8.8:53 | js.chargebee.com | udp |
| GB | 2.19.117.12:443 | use.typekit.net | tcp |
| GB | 2.19.117.43:443 | p.typekit.net | tcp |
| NL | 18.239.18.124:443 | js.chargebee.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| FR | 185.93.2.9:443 | maxst.icons8.com | tcp |
| N/A | 127.0.0.1:6463 | tcp | |
| US | 8.8.8.8:53 | exmarketplace.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 2.23.204.28:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.206.110.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.2.93.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.204.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.246.107.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:6464 | tcp | |
| US | 8.8.8.8:53 | publisher.linkvertise.com | udp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | tcp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | tcp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 172.67.74.152:443 | api.ipify.org | tcp |
| US | 8.8.8.8:53 | euob.bizseasky.com | udp |
| NL | 18.65.39.87:443 | euob.bizseasky.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 186.31.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.74.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| BE | 66.102.1.154:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.1.102.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| IE | 34.251.101.162:443 | obseu.bizseasky.com | tcp |
| US | 8.8.8.8:53 | api.taboola.com | udp |
| US | 151.101.1.44:443 | api.taboola.com | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| GB | 216.58.212.194:443 | ep1.adtrafficquality.google | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 162.101.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.129.153.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | integrate.linkvertise.com | udp |
| GB | 216.58.212.194:443 | ep1.adtrafficquality.google | udp |
| US | 172.67.31.186:443 | integrate.linkvertise.com | tcp |
| N/A | 127.0.0.1:6465 | tcp | |
| N/A | 127.0.0.1:6466 | tcp | |
| US | 8.8.8.8:53 | ad-server.linkvertise.com | udp |
| US | 8.8.8.8:53 | cdn.advertiser.linkvertise.com | udp |
| US | 8.8.8.8:53 | imagedelivery.net | udp |
| US | 104.22.22.72:443 | cdn.advertiser.linkvertise.com | tcp |
| US | 8.8.8.8:53 | img.youtube.com | udp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| GB | 216.58.212.206:443 | img.youtube.com | tcp |
| GB | 216.58.212.206:443 | img.youtube.com | tcp |
| US | 8.8.8.8:53 | 36.3.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.210.23.2.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | am-api.taboola.com | udp |
| US | 8.8.8.8:53 | images.taboola.com | udp |
| N/A | 127.0.0.1:6467 | tcp | |
| N/A | 127.0.0.1:6468 | tcp | |
| N/A | 127.0.0.1:6469 | tcp | |
| N/A | 127.0.0.1:6470 | tcp | |
| N/A | 127.0.0.1:6471 | tcp | |
| N/A | 127.0.0.1:6472 | tcp | |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| GB | 2.19.117.12:443 | use.typekit.net | tcp |
| GB | 216.58.212.194:443 | ep1.adtrafficquality.google | udp |
| GB | 216.58.212.206:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
Files
\??\pipe\crashpad_4356_WLWIUNOPEQTFNCMI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 60175a2a0ef12032251d676f354bcab7 |
| SHA1 | bc67bee90b427b5c075ea0b53bfc1f672512e012 |
| SHA256 | f86f10caad2094fbc29346322f53683a56f513cf5602a553cccc6f9e13e1a17d |
| SHA512 | 02aa7cef6a30bccd650c04564e852502c892dbcda6ee5a425cf02f7bb773fc286e0613a07280c20d943c50277b0f23f03d75e1df6cb11c363ad635acad859efe |
C:\Users\Admin\Downloads\FluxTeam.zip.crdownload
| MD5 | c0f8b2f13f5c46ef2b4f07eb2b3442f1 |
| SHA1 | 54dd49f7b53d0be5e02970bccf1553b6eea912d6 |
| SHA256 | f04cb2156cb1f4bf8fd65c7206542cfc2a049395c93e6b2d7afbad763ed35e47 |
| SHA512 | c0549e771e6dde2ba0d367b9ef5eb1257dd5cbd11ab583de410644d27c117c3813080d0db18a1151f5cce9c23782fd70b144a0d12c9f7ab714874def6914a240 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d7cd45124f1eb3352c5f1817e54e9c50 |
| SHA1 | 39fe674d7defe6e52eb7084e7b965249ffb9aec0 |
| SHA256 | fe165e1a09464b6b384a3c7d2d70cba4c26c9af3fc676e0aed69c1ffce48c6da |
| SHA512 | 4b64a2d4f91e864cca9d513a656b36b671fc490223f3e180a05e2f548ad7bbd3b333c08b8d24e8981e5150726e157183fb72d2f979f07878a113f6a0b2739ede |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5b8b5961ef53358281e91805e04ae14c |
| SHA1 | 460d39902426e7b2a5795fae3bc71e3693f1e83c |
| SHA256 | 5efb8cac842771469a2b8ad158366447f28ad3648a42b947b8d52094b8eb0004 |
| SHA512 | 957e523a65ee9c7826137e3101d9ab536fd9b04fd1be70753a2413653afcc9d561087bffd0cc694af59093652b68ed0252630c1f17132a3b918a5889eba54971 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bdae2df2026e574a007c1b6048bb7a64 |
| SHA1 | 8524e25f85ad11ae6799d719ec3d0073635ef17f |
| SHA256 | fd6dd06ee3184555d3eeafee0cf974c9ea67a9656c97363a3a865c76b0be6540 |
| SHA512 | 280157fe3687cc16744b96bb87b08d3288da8c334cca14133c24030e94300df0e1fc2de36f9a2c19b11614ba717e3bb13e60e64847ffd63d01d65e3fa16ddc46 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a9a2c0a6210a9a75bfea9b8b782c1970 |
| SHA1 | 862e1950b30f022745b0cf9b5978a3ff655e9b6c |
| SHA256 | 2c648ef9e86bcd966f145b7081ac95904b687f5f8fe68c43829377a7f5b337e6 |
| SHA512 | 8966cf8ef065aa2dc5ddf700dfb6e26981dd4b68289566f2f88d2ca93fde09acad8f3c8897faa48691f987ad2a388eee0ec48b46a8804a220703001789ebac95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e443ee4336fcf13c698b8ab5f3c173d0 |
| SHA1 | 9bf70b16f03820cbe3158e1f1396b07b8ac9d75a |
| SHA256 | 79e277da2074f9467e0518f0f26ca2ba74914bee82553f935a0ccf64a0119e8b |
| SHA512 | cbf6f6aa0ea69b47f51592296da2b7be1180e7b483c61b4d17ba9ee1a2d3345cbe0987b96f4e25de1438b553db358f330aad8a26e8522601f055c3d5a8313cdd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 56a4f78e21616a6e19da57228569489b |
| SHA1 | 21bfabbfc294d5f2aa1da825c5590d760483bc76 |
| SHA256 | d036661e765ee8fd18978a2b5501e8df6b220e4bca531d9860407555294c96fb |
| SHA512 | c2c3cd1152bb486028fe75ab3ce0d0bc9d64c4ca7eb8860ddd934b2f6e0140d2c913af4fa082b88e92a6a6d20fd483a1cb9813209f371a0f56374bc97d7f863b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c4867882ee32496a03f8beb1ba080559 |
| SHA1 | 5e1737ee22d9887220b079ac9ff8b6543d4a213d |
| SHA256 | 8f25a6a6ec78b232f523128c2bdb3df57acc0f0c03e131ce3d889c7bbc58ef7f |
| SHA512 | 01399c06cc48b3672448605babefcb8cd938fff6ff437dfb7cd448d15f1f7803537b85fbe91bd6025ae87ab24e1cf847b74c922666001fb119ef30eff2ecd651 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 888038147a187384d2c26c4c68288825 |
| SHA1 | ee7137bb8a541eb0a9ee68bc9709dac309b4a7fe |
| SHA256 | 2a5a1e8836ae92063990960f075a6ae59f0790e7794d623895fe02d08bd025bc |
| SHA512 | b6fb91260c7b91d8157abb417551a9f766e5779c7d05d7a1a7e0b92f96be5edbd1220b1fd1f6583fe134b6f86902fed1997b3124ad9a0f8295b00882e794f743 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5a4ddaf3bdcf3d665f2081d587058fdb |
| SHA1 | 48a22ada8f5499493a3e317028828b3959a9b300 |
| SHA256 | 936c98dd496d28c82ba2f80b8a9b567fa286ad6714034ba6136af6611f850936 |
| SHA512 | 6811c3dd8c193fb130151b5239cba3e3dfe5d22a0b5a2c35125ab86b73f21054b8a5556e16dcd4d555c04edfea1bede0f95fc484f0f60e642237f0a15cd7eb33 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a16d472f6bec235ded0834ffab9d5428 |
| SHA1 | 4c3fa71812b7a2109b48151aef1ca7ee23aa22ea |
| SHA256 | 0446c645f4634e68fc907d6bb1bde97525ee68d6b28553c5aee2c49799935045 |
| SHA512 | b7dee75d67812aa5f9c6e452a01c275f3adbb0efee0d0ca4e3b6023b84db0a690e8cbb4784c78fc8d07fb4194d4ec0a5f24a10a1bc522891d2e572439a8bda06 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 27bf61157dff5baf416debf34385a26e |
| SHA1 | 2d2c11716cd14a9efe453e2c9862827b2bb9c1b6 |
| SHA256 | 97d9adfe3c12632e54245e114aa421e4da834329f13c6448cdd3bd20d2d9ef83 |
| SHA512 | fc60c3aaf038eb51951862b63f7bb2eb994e5bb21a7d2133e26bff994aba6f61a86d300f1101ea7b6bd121d2c019dd11338e5d84ba365e97a45fcb11d245e386 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 02d680ff8b08a8e4217d12170315da9a |
| SHA1 | f2970217ba922e24ffb4afb7db5a26c161e16a7a |
| SHA256 | c48499cbb89b3bbfdae15db544e1e6ce1f8e69e9bfa09db302406b3d334fcbce |
| SHA512 | 20fefd28e60af1abe3900ac9bc78e843d7147a11f3f2ea3f44eec281ca45eb4bb9daa84c33d8014aa86f7936045440d4cd2c83a1b01cc80002dbba2bd00c897b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 722ec4032d7b0c12d6b13d4dda10aa12 |
| SHA1 | c04480949f83d015e5d81971ac7728ac5a7c17c2 |
| SHA256 | da9a10efe75d8718d0c07637a91a1a6ac1e2cd8ab10dc16367a857eadb705e77 |
| SHA512 | 413104dd35203baef708a6d9e59ad6799f602b7960a1caf443cf810659b911a691c27dcd49949d51f43f9c2489fc0ddb567e47a72dccbee3d1c04ae2292c4574 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58c407.TMP
| MD5 | 725e47917894af0057238a182a1b7681 |
| SHA1 | ea7d2031932ae94c1f6c965c095aba41d1542215 |
| SHA256 | 79f9cbe104eeed4fca729e28e9ef2230faafcc1092a224a4399a3d55164ee92d |
| SHA512 | 5a1e12d3e1f88056ac7f432fcbc53b4350ff29da877f73f23b3bbd248fc5ae69ea43d8e9f5d0ac60ebd3f9aa6d15c5df8ca676ceb0713445f925ebd09b156fec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 21906066b4d86016583b34eb57b16879 |
| SHA1 | 09afa54f3ea949f99cc7329d249729a9918a55ac |
| SHA256 | 27a964413afc2adb72958c7a1e5de55cd21845fa99c74dc3a21d3f039fd29037 |
| SHA512 | 84a44a122b8324c48d2e29858e7452d150aaf5296e83bdb45129247594d8722766fd604dcff20d42cb7f7ae24dcd53ddf9fdc158fe3cc9b17a375b099693a39c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 58fefeda72680774329238d6c47c2ba6 |
| SHA1 | 042f30e477ce5e648d730a294a80dd3b5e5fecba |
| SHA256 | d3d530408606ade00e49cb35b24a90a8395e729f969098cb08ef42bc33f08d75 |
| SHA512 | 36c296d29f33acefd197e6dc92222a3260e9d0377d0999d967b6d107dc6c22b490d14389a5b4bcd59f8b8de5c82981285fea9cd8fb8b6085e78faffabc802021 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f6cf54655732545ae1d8bb00255c2b5f |
| SHA1 | 451fd97d49ff062bb57d10eeb4695906127c3a66 |
| SHA256 | 9fc481f5c1d64292e1d1a94742a9bfd67c02fa3f63067d5d5145bf0ed5d52ddc |
| SHA512 | 6ac68242ad1ae27205d8275ba1b9ac6eaf4dfa8e1326cdd40328e6e669f6363970f9e7598363e1ca315b640da62c4daf52d2d680813be826fbef9b837ce74e7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1b190b3611231270d8fbf6606b1ff2a7 |
| SHA1 | 0c60e4c7f584b5802262295a7302216e60becf0e |
| SHA256 | 6d0c4a5b5b11f3ff46ada7050ba4055bed76776dce4a37e14f8e1332181c819b |
| SHA512 | a3bf16ae5ec2593df4080f0167a5694b463c7ace6c6359d7ccd237988c41992807115e0c9c3761759f4bbda5a2acb8786a02bbafb15085ddac0532b4fb69ea1c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 665448774506181873ada6faff6b5b30 |
| SHA1 | 896f3aa10a7fcf156a7cdaa17f1dd89cd9338394 |
| SHA256 | a14356980c853e93d7727bf528d34a285e0eee5d33ae219eaf6e014c1daf87ac |
| SHA512 | 19384f9490698a4b0919f4355bf5d49b15f0a07c53510aa5a7f445816037bca35d537bc17a0f7dea4eba27000bcde695883cbf2b487873acdd3cc2d697ace88b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a79b0e72a035c2c4801165ed86a475c9 |
| SHA1 | 0f643de55f268f55e3e90cc4e7eb08597c0383f0 |
| SHA256 | eb32d3b3a38d1ece92a46263a458d48335a223ddea047e9177eb9d927b2f58d3 |
| SHA512 | b349b6968d924c42e71ff44f319f4ca2ec233d7ce93c2f6e50c135e7ab983b01bdcc22730c155e4f45b07bccccfa507fe4a7e1af884bf50687c4e3c48534a73e |