Malware Analysis Report

2025-05-28 18:04

Sample ID 241109-zntzaasckk
Target https://nezur.io/Nezur_Executor.zip
Tags
discovery phishing spyware stealer themida
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://nezur.io/Nezur_Executor.zip was found to be: Likely malicious.

Malicious Activity Summary

discovery phishing spyware stealer themida

Downloads MZ/PE file

A potential corporate email address has been identified in the URL: [email protected]

Themida packer

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: detect-gpu@latest

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: lottie-player@latest

Reads user/profile data of web browsers

Executes dropped EXE

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

Checks installed software on the system

Enumerates connected drives

Suspicious use of NtSetInformationThreadHideFromDebugger

System Location Discovery: System Language Discovery

Browser Information Discovery

NTFS ADS

Modifies registry class

Suspicious use of SetWindowsHookEx

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies system certificate store

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-09 20:52

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-09 20:52

Reported

2024-11-09 21:00

Platform

win10v2004-20241007-en

Max time kernel

453s

Max time network

454s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://nezur.io/Nezur_Executor.zip

Signatures

Downloads MZ/PE file

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: detect-gpu@latest

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: lottie-player@latest

phishing

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\assistant_installer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\assistant_installer.exe N/A
N/A N/A C:\Users\Admin\Downloads\OperaGXSetup (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\OperaGXSetup (1).exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\.opera\Opera GX Installer Temp\setup.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\.opera\Opera GX Installer Temp\setup.exe N/A

Reads user/profile data of web browsers

spyware stealer

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A

Checks installed software on the system

discovery

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\setup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\.opera\Opera GX Installer Temp\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaGXSetup (1).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\.opera\Opera GX Installer Temp\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaGXSetup (1).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\.opera\Opera GX Installer Temp\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\assistant_installer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\OperaGXSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\assistant_installer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\.opera\Opera GX Installer Temp\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2878641211-696417878-3864914810-1000\{5EAF29E3-9125-4727-8F57-FED711D0F0CB} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 0f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f53000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b060105050703080b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df01d0000000100000010000000918ad43a9475f78bb5243de886d8103c7f000000010000000c000000300a06082b060105050703097e000000010000000800000000c001b39667d601030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 19000000010000001000000068cb42b035ea773e52ef50ecf50ec529030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae4747e000000010000000800000000c001b39667d6017f000000010000000c000000300a06082b060105050703091d0000000100000010000000918ad43a9475f78bb5243de886d8103c140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb0b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b0601050507030853000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f20000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 577203.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 312481.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
N/A N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3316 wrote to memory of 1712 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 1712 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2400 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 2400 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3316 wrote to memory of 4392 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://nezur.io/Nezur_Executor.zip

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe06a046f8,0x7ffe06a04708,0x7ffe06a04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2664 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5800 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5800 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4032 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe

"C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://execkey.nezur.io/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffe06a046f8,0x7ffe06a04708,0x7ffe06a04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/nezur

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffe06a046f8,0x7ffe06a04708,0x7ffe06a04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://1cheats.com/store/category/69-nezur-executor/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe06a046f8,0x7ffe06a04708,0x7ffe06a04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://execkey.nezur.io/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe06a046f8,0x7ffe06a04708,0x7ffe06a04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7068 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=7164 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7280 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8232 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9000 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=12716 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11844 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11756 /prefetch:8

C:\Users\Admin\Downloads\OperaGXSetup.exe

"C:\Users\Admin\Downloads\OperaGXSetup.exe"

C:\Users\Admin\Downloads\OperaGXSetup.exe

"C:\Users\Admin\Downloads\OperaGXSetup.exe"

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe --server-tracking-blob=NTQ1NDhiYzUwNTBlZGFmZGQ2ZGY3ZjFjNWJhMzgyMjMyY2I2NzBmODFmYTQ1YjliMGVkZWMxMDE2OGFkY2YxNzp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInRpbWVzdGFtcCI6IjE3MzExODU3MDUuOTcyOCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFfR1giLCJtZWRpdW0iOiJwYiIsInNvdXJjZSI6IndyayJ9LCJ1dWlkIjoiYmEzNWMzOGItZTcxMS00Y2I1LWJkODMtN2U2OGIzZTZiNWZmIn0=

C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe --server-tracking-blob=NTQ1NDhiYzUwNTBlZGFmZGQ2ZGY3ZjFjNWJhMzgyMjMyY2I2NzBmODFmYTQ1YjliMGVkZWMxMDE2OGFkY2YxNzp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInRpbWVzdGFtcCI6IjE3MzExODU3MDUuOTcyOCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFfR1giLCJtZWRpdW0iOiJwYiIsInNvdXJjZSI6IndyayJ9LCJ1dWlkIjoiYmEzNWMzOGItZTcxMS00Y2I1LWJkODMtN2U2OGIzZTZiNWZmIn0=

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x324,0x328,0x32c,0x320,0x330,0x74e88c5c,0x74e88c68,0x74e88c74

C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS05C345DA\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x320,0x324,0x328,0x2fc,0x32c,0x73f18c5c,0x73f18c68,0x73f18c74

C:\Users\Admin\Downloads\OperaGXSetup.exe

"C:\Users\Admin\Downloads\OperaGXSetup.exe"

C:\Users\Admin\Downloads\OperaGXSetup.exe

"C:\Users\Admin\Downloads\OperaGXSetup.exe"

C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\setup.exe" --version

C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe --server-tracking-blob=NTQ1NDhiYzUwNTBlZGFmZGQ2ZGY3ZjFjNWJhMzgyMjMyY2I2NzBmODFmYTQ1YjliMGVkZWMxMDE2OGFkY2YxNzp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInRpbWVzdGFtcCI6IjE3MzExODU3MDUuOTcyOCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFfR1giLCJtZWRpdW0iOiJwYiIsInNvdXJjZSI6IndyayJ9LCJ1dWlkIjoiYmEzNWMzOGItZTcxMS00Y2I1LWJkODMtN2U2OGIzZTZiNWZmIn0=

C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe --server-tracking-blob=NTQ1NDhiYzUwNTBlZGFmZGQ2ZGY3ZjFjNWJhMzgyMjMyY2I2NzBmODFmYTQ1YjliMGVkZWMxMDE2OGFkY2YxNzp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInRpbWVzdGFtcCI6IjE3MzExODU3MDUuOTcyOCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFfR1giLCJtZWRpdW0iOiJwYiIsInNvdXJjZSI6IndyayJ9LCJ1dWlkIjoiYmEzNWMzOGItZTcxMS00Y2I1LWJkODMtN2U2OGIzZTZiNWZmIn0=

C:\Users\Admin\Downloads\OperaGXSetup.exe

"C:\Users\Admin\Downloads\OperaGXSetup.exe"

C:\Users\Admin\Downloads\OperaGXSetup.exe

"C:\Users\Admin\Downloads\OperaGXSetup.exe"

C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x320,0x324,0x328,0x2fc,0x32c,0x721d8c5c,0x721d8c68,0x721d8c74

C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zSCCDEF7AA\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x31c,0x320,0x324,0x2f8,0x328,0x71ad8c5c,0x71ad8c68,0x71ad8c74

C:\Users\Admin\Downloads\OperaGXSetup.exe

"C:\Users\Admin\Downloads\OperaGXSetup.exe"

C:\Users\Admin\Downloads\OperaGXSetup.exe

"C:\Users\Admin\Downloads\OperaGXSetup.exe"

C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version

C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe --server-tracking-blob=NTQ1NDhiYzUwNTBlZGFmZGQ2ZGY3ZjFjNWJhMzgyMjMyY2I2NzBmODFmYTQ1YjliMGVkZWMxMDE2OGFkY2YxNzp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInRpbWVzdGFtcCI6IjE3MzExODU3MDUuOTcyOCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFfR1giLCJtZWRpdW0iOiJwYiIsInNvdXJjZSI6IndyayJ9LCJ1dWlkIjoiYmEzNWMzOGItZTcxMS00Y2I1LWJkODMtN2U2OGIzZTZiNWZmIn0=

C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe --server-tracking-blob=NTQ1NDhiYzUwNTBlZGFmZGQ2ZGY3ZjFjNWJhMzgyMjMyY2I2NzBmODFmYTQ1YjliMGVkZWMxMDE2OGFkY2YxNzp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInRpbWVzdGFtcCI6IjE3MzExODU3MDUuOTcyOCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFfR1giLCJtZWRpdW0iOiJwYiIsInNvdXJjZSI6IndyayJ9LCJ1dWlkIjoiYmEzNWMzOGItZTcxMS00Y2I1LWJkODMtN2U2OGIzZTZiNWZmIn0=

C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\.opera\Opera GX Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\7zS84383C9A\.opera\Opera GX Installer Temp\setup.exe" --version

C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe --server-tracking-blob=NTQ1NDhiYzUwNTBlZGFmZGQ2ZGY3ZjFjNWJhMzgyMjMyY2I2NzBmODFmYTQ1YjliMGVkZWMxMDE2OGFkY2YxNzp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInRpbWVzdGFtcCI6IjE3MzExODU3MDUuOTcyOCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFfR1giLCJtZWRpdW0iOiJwYiIsInNvdXJjZSI6IndyayJ9LCJ1dWlkIjoiYmEzNWMzOGItZTcxMS00Y2I1LWJkODMtN2U2OGIzZTZiNWZmIn0=

C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\setup.exe --server-tracking-blob=NTQ1NDhiYzUwNTBlZGFmZGQ2ZGY3ZjFjNWJhMzgyMjMyY2I2NzBmODFmYTQ1YjliMGVkZWMxMDE2OGFkY2YxNzp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInRpbWVzdGFtcCI6IjE3MzExODU3MDUuOTcyOCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFfR1giLCJtZWRpdW0iOiJwYiIsInNvdXJjZSI6IndyayJ9LCJ1dWlkIjoiYmEzNWMzOGItZTcxMS00Y2I1LWJkODMtN2U2OGIzZTZiNWZmIn0=

C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zSCF7158BA\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x31c,0x320,0x324,0x2f8,0x328,0x70728c5c,0x70728c68,0x70728c74

C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x31c,0x320,0x324,0x2cc,0x328,0x70d48c5c,0x70d48c68,0x70d48c74

C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x31c,0x320,0x324,0x2f8,0x328,0x70108c5c,0x70108c68,0x70108c74

C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version

C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\.opera\Opera GX Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\7zS4B16988A\.opera\Opera GX Installer Temp\setup.exe" --version

C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS01FC367B\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x31c,0x320,0x324,0x2f8,0x328,0x6eea8c5c,0x6eea8c68,0x6eea8c74

C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\.opera\Opera GX Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\7zS00F0A57B\.opera\Opera GX Installer Temp\setup.exe" --version

C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe

"C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=1 --general-interests=1 --general-location=1 --personalized-content=1 --personalized-ads=1 --vought_browser=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera GX" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=4528 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_20241109205547" --session-guid=1746bab7-0f41-46ed-91f9-e2a3debe280a --server-tracking-blob=ZjMzYTMzNDcwNzMwZjgzYWIxMzRhNDg3ZTdkODE2YmM4NjZlN2I2NGYwNDJjZWRlYWQwN2VmZjhhMDljYTAzNjp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInN5c3RlbSI6eyJwbGF0Zm9ybSI6eyJhcmNoIjoieDg2XzY0Iiwib3BzeXMiOiJXaW5kb3dzIiwib3BzeXMtdmVyc2lvbiI6IjEwIiwicGFja2FnZSI6IkVYRSJ9fSwidGltZXN0YW1wIjoiMTczMTE4NTcwNS45NzI4IiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkyLjAuNDUxNS4xMzEgU2FmYXJpLzUzNy4zNiBFZGcvOTIuMC45MDIuNjciLCJ1dG0iOnsiY2FtcGFpZ24iOiJPcGVyYV9HWCIsIm1lZGl1bSI6InBiIiwic291cmNlIjoid3JrIn0sInV1aWQiOiJiYTM1YzM4Yi1lNzExLTRjYjUtYmQ4My03ZTY4YjNlNmI1ZmYifQ== --desktopshortcut=1 --wait-for-package --initial-proc-handle=4008000000000000

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x31c,0x320,0x330,0x2f8,0x334,0x721d8c5c,0x721d8c68,0x721d8c74

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe

"C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\assistant_installer.exe

"C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\assistant_installer.exe" --version

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\assistant_installer.exe

"C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x26c,0x270,0x274,0x250,0x278,0x1024f48,0x1024f58,0x1024f64

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13456 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9632 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=13396 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=13088 /prefetch:8

C:\Users\Admin\Downloads\OperaGXSetup (1).exe

"C:\Users\Admin\Downloads\OperaGXSetup (1).exe"

C:\Users\Admin\Downloads\OperaGXSetup (1).exe

"C:\Users\Admin\Downloads\OperaGXSetup (1).exe"

C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe --server-tracking-blob=ZDAyNmMyYjIxOGExMWMwNjczYjBjNGU4NDk1YzMyYTlhNzdlZGM0ZjVhYjU4NDJmMzdjNmNmODIxNjM5ODJjMDp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInRpbWVzdGFtcCI6IjE3MzExODU4NTkuNjcwNiIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFfR1giLCJtZWRpdW0iOiJwYiIsInNvdXJjZSI6IndyayJ9LCJ1dWlkIjoiZDJjNmQ2NDAtOTc3YS00OGQwLTgzZDEtOGQyNzFlNmEwNGJmIn0=

C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe --server-tracking-blob=ZDAyNmMyYjIxOGExMWMwNjczYjBjNGU4NDk1YzMyYTlhNzdlZGM0ZjVhYjU4NDJmMzdjNmNmODIxNjM5ODJjMDp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInRpbWVzdGFtcCI6IjE3MzExODU4NTkuNjcwNiIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTMxIFNhZmFyaS81MzcuMzYgRWRnLzkyLjAuOTAyLjY3IiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFfR1giLCJtZWRpdW0iOiJwYiIsInNvdXJjZSI6IndyayJ9LCJ1dWlkIjoiZDJjNmQ2NDAtOTc3YS00OGQwLTgzZDEtOGQyNzFlNmEwNGJmIn0=

C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS8F8FA28C\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x31c,0x320,0x324,0x2f8,0x328,0x70d28c5c,0x70d28c68,0x70d28c74

C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x320,0x324,0x328,0x2fc,0x32c,0x70708c5c,0x70708c68,0x70708c74

C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version

C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\.opera\Opera GX Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\7zS84ABFBBC\.opera\Opera GX Installer Temp\setup.exe" --version

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12080 /prefetch:1

C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe

"C:\Users\Admin\Downloads\Nezur_Executor\Nezur_Interface.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://execkey.nezur.io/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe06a046f8,0x7ffe06a04708,0x7ffe06a04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/nezur

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xe0,0x104,0x7ffe06a046f8,0x7ffe06a04708,0x7ffe06a04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://1cheats.com/store/category/69-nezur-executor/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe06a046f8,0x7ffe06a04708,0x7ffe06a04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,3216771080156232067,5672743009484881108,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10664 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 nezur.io udp
US 172.67.74.136:443 nezur.io tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 136.74.67.172.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 41.95.18.104.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 execkey.nezur.io udp
US 8.8.8.8:53 discord.gg udp
US 162.159.130.234:443 discord.gg tcp
US 8.8.8.8:53 1cheats.com udp
US 162.159.130.234:443 discord.gg tcp
US 172.67.72.13:443 1cheats.com tcp
US 172.67.72.13:443 1cheats.com tcp
US 8.8.8.8:53 keyauth.win udp
US 8.8.8.8:53 discord.com udp
US 104.26.0.5:443 keyauth.win tcp
US 162.159.135.232:443 discord.com tcp
US 8.8.8.8:53 assets-global.website-files.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 142.250.179.234:443 ajax.googleapis.com tcp
US 104.18.34.201:443 assets-global.website-files.com tcp
US 8.8.8.8:53 d2w9cdu84xc4eq.cloudfront.net udp
NL 13.227.211.92:443 d2w9cdu84xc4eq.cloudfront.net tcp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
NL 108.156.61.158:443 d3e54v103j8qbb.cloudfront.net tcp
US 8.8.8.8:53 js.stripe.com udp
US 8.8.8.8:53 kit-pro.fontawesome.com udp
US 8.8.8.8:53 use.fontawesome.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 172.67.142.245:443 use.fontawesome.com tcp
US 172.67.142.245:443 use.fontawesome.com tcp
US 104.18.40.68:443 kit-pro.fontawesome.com tcp
US 151.101.0.176:443 js.stripe.com tcp
US 8.8.8.8:53 56.163.245.4.in-addr.arpa udp
US 8.8.8.8:53 234.130.159.162.in-addr.arpa udp
US 8.8.8.8:53 13.72.67.172.in-addr.arpa udp
US 8.8.8.8:53 5.0.26.104.in-addr.arpa udp
US 8.8.8.8:53 232.135.159.162.in-addr.arpa udp
US 8.8.8.8:53 35.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 200.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 201.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 92.211.227.13.in-addr.arpa udp
US 8.8.8.8:53 158.61.156.108.in-addr.arpa udp
US 8.8.8.8:53 113.39.65.18.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 104.26.0.5:443 keyauth.win tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 245.142.67.172.in-addr.arpa udp
US 8.8.8.8:53 176.0.101.151.in-addr.arpa udp
US 8.8.8.8:53 68.40.18.104.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 68.208.201.84.in-addr.arpa udp
US 8.8.8.8:53 103.208.201.84.in-addr.arpa udp
US 8.8.8.8:53 getrunkhomuto.info udp
US 8.8.8.8:53 ghabovethec.info udp
US 8.8.8.8:53 veinourdreams.com udp
US 8.8.8.8:53 ukankingwithea.com udp
US 104.21.3.66:443 veinourdreams.com tcp
GB 18.244.140.79:443 ghabovethec.info tcp
GB 143.204.176.70:443 getrunkhomuto.info tcp
US 104.21.68.94:443 ukankingwithea.com tcp
US 104.21.68.94:443 ukankingwithea.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.18.40.68:443 kit-pro.fontawesome.com tcp
US 172.67.142.245:443 use.fontawesome.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 www.skycheats.com udp
US 8.8.8.8:53 66.3.21.104.in-addr.arpa udp
US 8.8.8.8:53 79.140.244.18.in-addr.arpa udp
US 8.8.8.8:53 70.176.204.143.in-addr.arpa udp
US 8.8.8.8:53 94.68.21.104.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 172.66.43.108:443 www.skycheats.com tcp
US 8.8.8.8:53 tcloaksandtheirclean.com udp
GB 216.137.44.96:443 tcloaksandtheirclean.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
NL 173.194.69.84:443 accounts.google.com tcp
NL 173.194.69.84:443 accounts.google.com tcp
NL 18.239.83.86:80 crt.rootg2.amazontrust.com tcp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 108.43.66.172.in-addr.arpa udp
US 8.8.8.8:53 96.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 84.69.194.173.in-addr.arpa udp
US 8.8.8.8:53 86.83.239.18.in-addr.arpa udp
NL 173.194.69.84:443 accounts.google.com udp
US 172.67.72.13:443 1cheats.com tcp
GB 143.204.176.70:443 getrunkhomuto.info tcp
US 8.8.8.8:53 birthjeans.icu udp
US 104.21.42.119:443 birthjeans.icu tcp
N/A 127.0.0.1:6463 tcp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.129.233:443 cdn.discordapp.com tcp
US 162.159.129.233:443 cdn.discordapp.com tcp
GB 142.250.179.234:443 ajax.googleapis.com udp
US 8.8.8.8:53 119.42.21.104.in-addr.arpa udp
US 8.8.8.8:53 233.129.159.162.in-addr.arpa udp
US 8.8.8.8:53 nostop.go2cloud.org udp
IE 18.202.12.61:443 nostop.go2cloud.org tcp
US 151.101.0.176:443 js.stripe.com udp
US 8.8.8.8:53 m.stripe.network udp
US 8.8.8.8:53 61.12.202.18.in-addr.arpa udp
US 8.8.8.8:53 m.stripe.com udp
US 44.240.119.18:443 m.stripe.com tcp
US 8.8.8.8:53 18.119.240.44.in-addr.arpa udp
N/A 127.0.0.1:6464 tcp
N/A 127.0.0.1:6465 tcp
N/A 127.0.0.1:6466 tcp
N/A 127.0.0.1:6467 tcp
US 8.8.8.8:53 lootdest.org udp
US 172.67.135.229:443 lootdest.org tcp
US 172.67.135.229:443 lootdest.org tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 unpkg.com udp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 104.17.249.203:443 unpkg.com tcp
N/A 127.0.0.1:6468 tcp
US 8.8.8.8:53 d1f9x963ud6u7a.cloudfront.net udp
NL 18.239.38.41:443 d1f9x963ud6u7a.cloudfront.net tcp
US 8.8.8.8:53 229.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 229.135.67.172.in-addr.arpa udp
US 8.8.8.8:53 133.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 203.249.17.104.in-addr.arpa udp
US 8.8.8.8:53 api.taboola.com udp
US 151.101.129.44:443 api.taboola.com tcp
US 104.17.249.203:443 unpkg.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 nerventualken.com udp
US 104.21.21.90:443 nerventualken.com tcp
US 104.21.21.90:443 nerventualken.com tcp
US 8.8.8.8:53 41.38.239.18.in-addr.arpa udp
US 8.8.8.8:53 44.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 d1wzdj81h1hubn.cloudfront.net udp
NL 18.239.47.157:443 d1wzdj81h1hubn.cloudfront.net tcp
NL 18.239.47.157:443 d1wzdj81h1hubn.cloudfront.net tcp
N/A 127.0.0.1:6469 tcp
US 151.101.193.229:443 cdn.jsdelivr.net udp
US 8.8.8.8:53 157.47.239.18.in-addr.arpa udp
US 8.8.8.8:53 90.21.21.104.in-addr.arpa udp
N/A 127.0.0.1:6470 tcp
N/A 127.0.0.1:6471 tcp
N/A 127.0.0.1:6472 tcp
GB 92.123.128.170:443 www.bing.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 170.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 74.208.201.84.in-addr.arpa udp
US 8.8.8.8:53 bypass.city udp
US 172.67.132.19:80 bypass.city tcp
US 172.67.132.19:80 bypass.city tcp
US 172.67.132.19:443 bypass.city tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 api2.bypass.city udp
US 172.67.132.19:443 api2.bypass.city tcp
US 172.67.132.19:443 api2.bypass.city tcp
US 172.67.132.19:443 api2.bypass.city tcp
US 162.159.135.232:443 discord.com tcp
US 8.8.8.8:53 cloudflareinsights.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 13.107.246.65:443 www.clarity.ms tcp
US 8.8.8.8:53 c.clarity.ms udp
US 8.8.8.8:53 19.132.67.172.in-addr.arpa udp
US 8.8.8.8:53 65.246.107.13.in-addr.arpa udp
IE 13.74.129.1:443 c.clarity.ms tcp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 c.bing.com udp
US 4.153.129.168:443 b.clarity.ms tcp
US 13.107.21.237:443 c.bing.com tcp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 168.129.153.4.in-addr.arpa udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 favicone.com udp
US 104.21.9.151:443 favicone.com tcp
US 8.8.8.8:53 151.9.21.104.in-addr.arpa udp
US 8.8.8.8:53 a.bypass.city udp
US 172.67.132.19:443 a.bypass.city tcp
US 172.67.132.19:443 a.bypass.city tcp
US 8.8.8.8:53 buzzonclick.com udp
US 104.21.81.209:443 buzzonclick.com tcp
US 104.21.81.209:443 buzzonclick.com tcp
US 8.8.8.8:53 unocally.co.in udp
FR 13.39.191.134:443 unocally.co.in tcp
US 8.8.8.8:53 209.81.21.104.in-addr.arpa udp
US 8.8.8.8:53 134.191.39.13.in-addr.arpa udp
FR 13.39.191.134:443 unocally.co.in tcp
FR 13.39.191.134:443 unocally.co.in tcp
FR 13.39.191.134:443 unocally.co.in tcp
FR 13.39.191.134:443 unocally.co.in tcp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 tracking.pretrackings.com udp
NL 34.147.21.42:443 tracking.pretrackings.com tcp
US 8.8.8.8:53 crt.sectigo.com udp
US 104.18.38.233:80 crt.sectigo.com tcp
US 8.8.8.8:53 42.21.147.34.in-addr.arpa udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 ver.tubroaffs.net udp
US 104.21.62.26:443 ver.tubroaffs.net tcp
US 8.8.8.8:53 theirtooads.azurewebsites.net udp
US 20.119.16.4:443 theirtooads.azurewebsites.net tcp
US 20.119.16.4:443 theirtooads.azurewebsites.net tcp
US 8.8.8.8:53 26.62.21.104.in-addr.arpa udp
US 8.8.8.8:53 4.16.119.20.in-addr.arpa udp
US 8.8.8.8:53 yahoo.com udp
US 98.137.11.164:443 yahoo.com tcp
US 98.137.11.164:443 yahoo.com tcp
US 8.8.8.8:53 www.yahoo.com udp
GB 87.248.114.11:443 www.yahoo.com tcp
US 8.8.8.8:53 164.11.137.98.in-addr.arpa udp
US 8.8.8.8:53 11.114.248.87.in-addr.arpa udp
GB 142.250.179.234:443 ajax.googleapis.com udp
US 8.8.8.8:53 workink.net udp
US 172.67.135.182:443 workink.net tcp
US 172.67.135.182:443 workink.net tcp
US 8.8.8.8:53 work.ink udp
US 104.26.10.119:443 work.ink tcp
US 104.26.10.119:443 work.ink tcp
US 8.8.8.8:53 182.135.67.172.in-addr.arpa udp
US 8.8.8.8:53 119.10.26.104.in-addr.arpa udp
US 8.8.8.8:53 cdn.adligature.com udp
US 104.21.92.230:443 cdn.adligature.com tcp
US 8.8.8.8:53 230.92.21.104.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 widgets.outbrain.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 23.219.197.58:443 widgets.outbrain.com tcp
US 104.26.10.119:443 work.ink tcp
US 8.8.8.8:53 tcheck.outbrainimg.com udp
GB 2.23.222.8:443 tcheck.outbrainimg.com tcp
US 8.8.8.8:53 cmp.quantcast.com udp
DE 91.228.74.166:443 secure.quantserve.com tcp
NL 18.239.83.25:443 cmp.quantcast.com tcp
US 8.8.8.8:53 pro.ip-api.com udp
US 208.95.112.2:443 pro.ip-api.com tcp
US 8.8.8.8:53 widget-pixels.outbrain.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 rock.defybrick.com udp
US 8.8.8.8:53 rules.quantcount.com udp
US 8.8.8.8:53 58.197.219.23.in-addr.arpa udp
US 8.8.8.8:53 8.222.23.2.in-addr.arpa udp
US 8.8.8.8:53 166.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 25.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 2.112.95.208.in-addr.arpa udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
NL 18.239.50.73:443 rules.quantcount.com tcp
NL 18.239.50.73:443 rules.quantcount.com tcp
US 8.8.8.8:53 log.outbrainimg.com udp
US 50.31.142.127:443 log.outbrainimg.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 flint.defybrick.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 52.45.196.192:443 flint.defybrick.com tcp
NL 18.239.36.97:443 cmp.inmobi.com tcp
US 8.8.8.8:53 mv.outbrain.com udp
GB 142.250.178.14:443 fundingchoicesmessages.google.com tcp
US 151.101.130.132:443 mv.outbrain.com tcp
GB 142.250.178.14:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 73.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 127.142.31.50.in-addr.arpa udp
US 8.8.8.8:53 97.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 132.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 192.196.45.52.in-addr.arpa udp
US 151.101.193.229:443 cdn.jsdelivr.net udp
US 8.8.8.8:53 cdn.vuukle.com udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 sentry.work.ink udp
US 104.22.61.168:443 cdn.vuukle.com tcp
US 104.26.11.119:443 sentry.work.ink tcp
US 8.8.8.8:53 us-central1-wrapper-analytics-prod.cloudfunctions.net udp
US 8.8.8.8:53 tagan.adlightning.com udp
US 8.8.8.8:53 live.primis.tech udp
NL 18.65.39.47:443 tagan.adlightning.com tcp
US 216.239.36.54:443 us-central1-wrapper-analytics-prod.cloudfunctions.net tcp
GB 18.172.89.123:443 live.primis.tech tcp
US 104.26.11.119:443 sentry.work.ink tcp
GB 18.172.89.123:443 live.primis.tech tcp
US 216.239.36.54:443 us-central1-wrapper-analytics-prod.cloudfunctions.net udp
US 8.8.8.8:53 168.61.22.104.in-addr.arpa udp
US 8.8.8.8:53 54.36.239.216.in-addr.arpa udp
US 8.8.8.8:53 119.11.26.104.in-addr.arpa udp
US 8.8.8.8:53 47.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 123.89.172.18.in-addr.arpa udp
US 104.22.61.168:443 cdn.vuukle.com tcp
US 8.8.8.8:53 api.cmp.inmobi.com udp
DE 3.124.147.49:443 api.cmp.inmobi.com tcp
US 8.8.8.8:53 i.imgur.com udp
US 8.8.8.8:53 mcdp-chidc2.outbrain.com udp
US 199.232.192.193:443 i.imgur.com tcp
US 8.8.8.8:53 images.outbrainimg.com udp
US 64.74.236.31:443 mcdp-chidc2.outbrain.com tcp
US 64.74.236.31:443 mcdp-chidc2.outbrain.com tcp
US 64.74.236.31:443 mcdp-chidc2.outbrain.com tcp
US 64.74.236.31:443 mcdp-chidc2.outbrain.com tcp
GB 2.23.222.8:443 images.outbrainimg.com tcp
GB 2.23.222.8:443 images.outbrainimg.com tcp
GB 2.23.222.8:443 images.outbrainimg.com tcp
US 8.8.8.8:53 49.147.124.3.in-addr.arpa udp
US 8.8.8.8:53 193.192.232.199.in-addr.arpa udp
US 8.8.8.8:53 31.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 vuukle.com udp
US 8.8.8.8:53 api.vuukle.com udp
US 8.8.8.8:53 publish.vuukle.com udp
US 8.8.8.8:53 wrappers.geoedge.be udp
US 8.8.8.8:53 rumcdn.geoedge.be udp
NL 13.227.219.57:443 rumcdn.geoedge.be tcp
NL 18.239.83.83:443 wrappers.geoedge.be tcp
US 8.8.8.8:53 57.219.227.13.in-addr.arpa udp
US 8.8.8.8:53 83.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 id.a-mx.com udp
NL 79.127.227.46:443 id.a-mx.com tcp
US 8.8.8.8:53 46.227.127.79.in-addr.arpa udp
US 8.8.8.8:53 wildbearads.go2affise.com udp
NL 34.147.37.248:443 wildbearads.go2affise.com tcp
US 8.8.8.8:53 zw2a.lindychat.com udp
US 104.21.94.134:443 zw2a.lindychat.com tcp
US 8.8.8.8:53 js-de.sentry-cdn.com udp
US 8.8.8.8:53 metatrckpixel.com udp
US 151.101.2.217:443 js-de.sentry-cdn.com tcp
US 104.21.70.246:443 metatrckpixel.com tcp
US 8.8.8.8:53 www2-eu.lindychat.com udp
US 8.8.8.8:53 browser.sentry-cdn.com udp
US 8.8.8.8:53 248.37.147.34.in-addr.arpa udp
US 8.8.8.8:53 134.94.21.104.in-addr.arpa udp
US 8.8.8.8:53 246.70.21.104.in-addr.arpa udp
US 8.8.8.8:53 217.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 datingero.com udp
US 172.67.158.171:443 datingero.com tcp
US 8.8.8.8:53 171.158.67.172.in-addr.arpa udp
US 8.8.8.8:53 ib.adnxs-simple.com udp
US 8.8.8.8:53 prebid.smilewanted.com udp
US 8.8.8.8:53 cpm.vuukle.net udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 104.22.31.209:443 prebid.smilewanted.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
DE 37.252.172.123:443 ib.adnxs-simple.com tcp
NL 103.67.200.72:443 cpm.vuukle.net tcp
FR 163.5.194.32:443 prebid.a-mo.net tcp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 209.31.22.104.in-addr.arpa udp
US 8.8.8.8:53 123.172.252.37.in-addr.arpa udp
US 8.8.8.8:53 32.194.5.163.in-addr.arpa udp
US 8.8.8.8:53 72.200.67.103.in-addr.arpa udp
US 8.8.8.8:53 csync.smilewanted.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
GB 23.219.196.188:443 ads.pubmatic.com tcp
US 8.8.8.8:53 px.ads.linkedin.com udp
US 13.107.42.14:443 px.ads.linkedin.com tcp
NL 79.127.227.46:443 id.a-mx.com tcp
US 8.8.8.8:53 static.smilewanted.com udp
US 8.8.8.8:53 55eddbe3ce21e1ec76721de8b910f83c.safeframe.googlesyndication.com udp
US 8.8.8.8:53 idrs.adtelligent.com udp
GB 216.58.213.1:443 55eddbe3ce21e1ec76721de8b910f83c.safeframe.googlesyndication.com tcp
UA 62.149.0.74:443 idrs.adtelligent.com tcp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 exchange.cootlogix.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 ads.servenobid.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 pixel.quantserve.com udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 8.8.8.8:53 c3.a-mo.net udp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 sync.smartadserver.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
IE 54.229.5.123:443 ap.lijit.com tcp
DE 162.19.138.82:443 id5-sync.com tcp
US 216.128.149.60:443 exchange.cootlogix.com tcp
US 216.128.149.60:443 exchange.cootlogix.com tcp
US 216.128.149.60:443 exchange.cootlogix.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
NL 143.244.197.139:443 ads.servenobid.com tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
DE 3.78.93.150:443 btlr.sharethrough.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 172.64.153.78:443 mp.4dex.io tcp
US 172.67.75.241:443 script.4dex.io tcp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
DE 79.127.216.47:443 c3.a-mo.net tcp
NL 18.239.18.118:443 tags.crwdcntrl.net tcp
FR 5.196.111.72:443 sync.smartadserver.com tcp
UA 62.149.0.74:443 idrs.adtelligent.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 oajs.openx.net udp
GB 216.58.204.65:443 tpc.googlesyndication.com tcp
US 172.67.75.241:443 script.4dex.io tcp
US 8.8.8.8:53 cadmus.script.ac udp
US 34.120.135.53:443 oajs.openx.net tcp
US 8.8.8.8:53 ssp-sync.criteo.com udp
US 104.18.23.145:443 cadmus.script.ac tcp
NL 178.250.1.57:443 ssp-sync.criteo.com tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 188.196.219.23.in-addr.arpa udp
US 8.8.8.8:53 1.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 78.153.64.172.in-addr.arpa udp
US 8.8.8.8:53 139.197.244.143.in-addr.arpa udp
US 8.8.8.8:53 241.75.67.172.in-addr.arpa udp
US 8.8.8.8:53 82.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 86.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 89.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 150.93.78.3.in-addr.arpa udp
US 8.8.8.8:53 118.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 123.5.229.54.in-addr.arpa udp
US 8.8.8.8:53 47.216.127.79.in-addr.arpa udp
US 8.8.8.8:53 72.111.196.5.in-addr.arpa udp
US 8.8.8.8:53 60.149.128.216.in-addr.arpa udp
US 8.8.8.8:53 65.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 53.135.120.34.in-addr.arpa udp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 57.1.250.178.in-addr.arpa udp
IE 54.74.74.210:443 bcp.crwdcntrl.net tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
NL 185.89.210.90:443 secure.adnxs.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 u.openx.net udp
US 34.98.64.218:443 u.openx.net tcp
US 34.120.135.53:443 oajs.openx.net udp
US 34.98.64.218:443 u.openx.net udp
GB 216.58.204.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 ads.eu.criteo.com udp
US 8.8.8.8:53 rtb.nl3.eu.criteo.com udp
NL 178.250.1.10:443 rtb.nl3.eu.criteo.com tcp
NL 178.250.1.17:443 ads.eu.criteo.com tcp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ads.us.e-planning.net udp
NL 178.250.1.11:443 dnacdn.net tcp
NL 193.3.178.3:443 ads.us.e-planning.net tcp
US 8.8.8.8:53 assets.revcontent.com udp
GB 18.172.89.46:443 assets.revcontent.com tcp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 210.74.74.54.in-addr.arpa udp
US 8.8.8.8:53 90.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 149.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 10.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 17.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 3.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 match.sharethrough.com udp
DE 18.184.206.66:443 match.sharethrough.com tcp
US 8.8.8.8:53 onetag-sys.com udp
DE 51.89.9.251:443 onetag-sys.com tcp
US 8.8.8.8:53 ice.360yield.com udp
IE 34.253.47.134:443 ice.360yield.com tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 csm.eu.criteo.net udp
US 8.8.8.8:53 cat.nl3.eu.criteo.com udp
NL 178.250.1.25:443 csm.eu.criteo.net tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
NL 178.250.1.6:443 cat.nl3.eu.criteo.com tcp
US 8.8.8.8:53 cdn.ampproject.org udp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
US 8.8.8.8:53 imageproxy.eu.criteo.net udp
NL 178.250.1.15:443 imageproxy.eu.criteo.net tcp
US 8.8.8.8:53 46.89.172.18.in-addr.arpa udp
US 8.8.8.8:53 66.206.184.18.in-addr.arpa udp
US 8.8.8.8:53 251.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 134.47.253.34.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 6.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 116.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
FR 185.235.86.165:443 ag.gbc.criteo.com tcp
FR 185.235.86.82:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 s0.2mdn.net udp
GB 172.217.16.230:443 s0.2mdn.net tcp
GB 172.217.16.230:443 s0.2mdn.net tcp
US 8.8.8.8:53 trends.revcontent.com udp
IE 52.48.162.29:443 trends.revcontent.com tcp
GB 142.250.180.1:443 cdn.ampproject.org udp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 15.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 82.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 165.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 29.162.48.52.in-addr.arpa udp
US 8.8.8.8:53 230.16.217.172.in-addr.arpa udp
DE 51.89.9.251:443 onetag-sys.com udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
NL 69.173.156.149:443 pixel-eu.rubiconproject.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
DE 37.252.171.149:443 ib.adnxs.com tcp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 149.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 sync.cootlogix.com udp
US 134.122.125.16:443 sync.cootlogix.com tcp
NL 154.57.158.115:443 ads.stickyadstv.com tcp
US 8.8.8.8:53 public.servenobid.com udp
GB 3.162.20.119:443 public.servenobid.com tcp
US 8.8.8.8:53 advally-d.openx.net udp
US 8.8.8.8:53 s.ad.smaato.net udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 assets.a-mo.net udp
US 50.31.142.127:443 b1sync.zemanta.com tcp
NL 18.239.94.105:443 s.ad.smaato.net tcp
US 104.19.158.19:443 assets.a-mo.net tcp
DE 18.184.206.66:443 match.sharethrough.com tcp
US 8.8.8.8:53 g2.gumgum.com udp
US 8.8.8.8:53 pixel.33across.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 67.202.105.22:443 pixel.33across.com tcp
IE 63.35.70.55:443 g2.gumgum.com tcp
US 80.77.87.163:443 cs.admanmedia.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
FR 164.132.25.180:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 172.64.151.101:443 ssum-sec.casalemedia.com tcp
GB 23.214.129.249:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 3.94.49.35:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 ce.lijit.com udp
NL 82.145.213.8:443 t.adx.opera.com tcp
IE 54.170.1.160:443 ce.lijit.com tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 stx-match.dotomi.com udp
NL 79.127.227.46:443 c3.a-mo.net tcp
US 35.71.131.137:443 match.adsrvr.org tcp
GB 2.23.205.70:443 eus.rubiconproject.com tcp
NL 89.207.16.204:443 stx-match.dotomi.com tcp
US 8.8.8.8:53 creativecdn.com udp
NL 185.184.8.90:443 creativecdn.com tcp
US 8.8.8.8:53 c1.adform.net udp
DK 37.157.2.230:443 c1.adform.net tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
GB 216.58.212.194:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 tg.socdm.com udp
JP 124.146.153.166:443 tg.socdm.com tcp
US 8.8.8.8:53 16.125.122.134.in-addr.arpa udp
US 8.8.8.8:53 115.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 119.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 105.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 19.158.19.104.in-addr.arpa udp
US 8.8.8.8:53 55.70.35.63.in-addr.arpa udp
US 8.8.8.8:53 180.25.132.164.in-addr.arpa udp
US 8.8.8.8:53 163.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 22.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 249.129.214.23.in-addr.arpa udp
US 8.8.8.8:53 35.49.94.3.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 70.205.23.2.in-addr.arpa udp
US 8.8.8.8:53 160.1.170.54.in-addr.arpa udp
US 8.8.8.8:53 204.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 137.131.71.35.in-addr.arpa udp
US 8.8.8.8:53 230.2.157.37.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
GB 216.58.212.194:443 cm.g.doubleclick.net udp
JP 124.146.153.166:443 tg.socdm.com tcp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 sync.a-mo.net udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 usersync.gumgum.com udp
FR 163.5.194.37:443 sync.a-mo.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
US 8.8.8.8:53 cms.quantserve.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
FR 163.5.194.37:443 sync.a-mo.net tcp
US 8.8.8.8:53 p.rfihub.com udp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 35.214.189.182:443 csync.loopme.me tcp
NL 193.0.160.130:443 p.rfihub.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 35.214.136.108:443 x.bidswitch.net udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 id.rtb.mx udp
US 8.8.8.8:53 prebid.adnxs.com udp
US 8.8.8.8:53 ow.pubmatic.com udp
US 8.8.8.8:53 u.ipw.metadsp.co.uk udp
US 8.8.8.8:53 sync.go.sonobi.com udp
NL 185.89.208.11:443 prebid.adnxs.com tcp
GB 185.64.190.84:443 ow.pubmatic.com tcp
DE 79.127.216.47:443 id.rtb.mx tcp
NL 35.214.132.90:443 u.ipw.metadsp.co.uk tcp
US 69.166.1.34:443 sync.go.sonobi.com tcp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
NL 89.149.192.76:443 ssbsync-global.smartadserver.com tcp
US 3.217.190.136:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 ssp.disqus.com udp
US 35.171.247.210:443 ssp.disqus.com tcp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 194.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 166.153.146.124.in-addr.arpa udp
US 8.8.8.8:53 37.194.5.163.in-addr.arpa udp
US 8.8.8.8:53 108.136.214.35.in-addr.arpa udp
US 8.8.8.8:53 198.233.247.34.in-addr.arpa udp
US 8.8.8.8:53 130.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 182.189.214.35.in-addr.arpa udp
US 8.8.8.8:53 84.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 11.208.89.185.in-addr.arpa udp
US 8.8.8.8:53 90.132.214.35.in-addr.arpa udp
US 8.8.8.8:53 34.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 76.192.149.89.in-addr.arpa udp
IE 52.208.48.52:443 pr-bh.ybp.yahoo.com tcp
US 8.8.8.8:53 sync.ipredictive.com udp
US 18.205.69.232:443 sync.ipredictive.com tcp
US 8.8.8.8:53 eexsync.com udp
US 80.77.87.108:443 eexsync.com tcp
US 8.8.8.8:53 match.deepintent.com udp
US 169.197.150.8:443 match.deepintent.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 98.82.157.137:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 hbx.media.net udp
US 8.8.8.8:53 bh.contextweb.com udp
GB 2.23.220.28:443 hbx.media.net tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 136.190.217.3.in-addr.arpa udp
US 8.8.8.8:53 210.247.171.35.in-addr.arpa udp
US 8.8.8.8:53 52.48.208.52.in-addr.arpa udp
US 8.8.8.8:53 232.69.205.18.in-addr.arpa udp
US 8.8.8.8:53 108.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 137.157.82.98.in-addr.arpa udp
US 8.8.8.8:53 28.220.23.2.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 cm.adform.net udp
DK 37.157.3.26:443 cm.adform.net tcp
US 8.8.8.8:53 rtb.gumgum.com udp
IE 99.80.45.173:443 rtb.gumgum.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
US 8.8.8.8:53 u.4dex.io udp
US 34.149.40.38:443 u.4dex.io tcp
NL 35.214.174.141:443 a.sportradarserving.com tcp
US 8.8.8.8:53 b-eu1.marketperf.com udp
DE 18.185.165.203:443 b-eu1.marketperf.com tcp
US 8.8.8.8:53 26.3.157.37.in-addr.arpa udp
US 8.8.8.8:53 173.45.80.99.in-addr.arpa udp
US 8.8.8.8:53 38.40.149.34.in-addr.arpa udp
US 8.8.8.8:53 141.174.214.35.in-addr.arpa udp
NL 35.214.174.141:443 a.sportradarserving.com udp
US 8.8.8.8:53 203.165.185.18.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 216.58.204.65:443 tpc.googlesyndication.com udp
GB 172.217.16.230:443 s0.2mdn.net udp
US 8.8.8.8:53 yeet.revcontent.com udp
US 8.8.8.8:53 images.revcontent.com udp
GB 142.250.180.4:443 www.google.com udp
US 3.165.148.70:443 images.revcontent.com tcp
US 8.8.8.8:53 70.148.165.3.in-addr.arpa udp
US 8.8.8.8:53 net.geo.opera.com udp
NL 185.26.182.111:443 net.geo.opera.com tcp
NL 185.26.182.111:443 net.geo.opera.com tcp
US 8.8.8.8:53 111.182.26.185.in-addr.arpa udp
NL 103.67.200.72:443 cpm.vuukle.net tcp
DE 37.252.171.149:443 ib.adnxs.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 exchange.cootlogix.com udp
IE 52.16.106.28:443 ap.lijit.com tcp
US 8.8.8.8:53 rtb.openx.net udp
US 35.227.252.103:443 rtb.openx.net udp
US 45.55.121.146:443 exchange.cootlogix.com tcp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 45.55.121.146:443 exchange.cootlogix.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
NL 185.89.210.212:443 ib.adnxs.com tcp
NL 103.67.200.72:443 cpm.vuukle.net tcp
DE 52.59.238.109:443 btlr.sharethrough.com tcp
DE 52.59.238.109:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
NL 89.149.193.101:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 28.106.16.52.in-addr.arpa udp
US 8.8.8.8:53 103.252.227.35.in-addr.arpa udp
US 8.8.8.8:53 146.121.55.45.in-addr.arpa udp
US 8.8.8.8:53 212.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 109.238.59.52.in-addr.arpa udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 34.149.40.38:443 u.4dex.io udp
US 35.71.131.137:443 match.adsrvr.org tcp
US 8.8.8.8:53 secure.adnxs.com udp
US 80.77.87.163:443 cs.admanmedia.com tcp
DE 37.252.171.52:443 secure.adnxs.com tcp
US 8.8.8.8:53 101.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 52.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.8.8.8:53 desktop-netinstaller-sub.osp.opera.software udp
NL 82.145.217.121:443 desktop-netinstaller-sub.osp.opera.software tcp
FR 5.135.209.104:443 rtb-csync.smartadserver.com tcp
FR 5.135.209.104:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 121.217.145.82.in-addr.arpa udp
US 8.8.8.8:53 104.209.135.5.in-addr.arpa udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 autoupdate.geo.opera.com udp
NL 185.26.182.124:443 autoupdate.geo.opera.com tcp
NL 82.145.216.47:443 autoupdate.opera.com tcp
US 8.8.8.8:53 features.opera-api2.com udp
NL 185.26.182.118:443 features.opera-api2.com tcp
NL 185.89.210.212:443 ib.adnxs.com tcp
NL 103.67.200.72:443 cpm.vuukle.net tcp
US 8.8.8.8:53 124.182.26.185.in-addr.arpa udp
US 8.8.8.8:53 47.216.145.82.in-addr.arpa udp
US 8.8.8.8:53 api.config.opr.gg udp
US 104.18.25.17:443 api.config.opr.gg tcp
US 8.8.8.8:53 b.clarity.ms udp
US 8.8.8.8:53 118.182.26.185.in-addr.arpa udp
US 8.8.8.8:53 17.25.18.104.in-addr.arpa udp
US 4.153.129.168:443 b.clarity.ms tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 c.pki.goog udp
GB 142.250.187.195:80 c.pki.goog tcp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
NL 82.145.217.121:443 desktop-netinstaller-sub.osp.opera.software tcp
US 8.8.8.8:53 download.opera.com udp
NL 82.145.216.49:443 download.opera.com tcp
US 8.8.8.8:53 download5.operacdn.com udp
US 104.18.11.89:443 download5.operacdn.com tcp
US 8.8.8.8:53 49.216.145.82.in-addr.arpa udp
US 8.8.8.8:53 89.11.18.104.in-addr.arpa udp
NL 82.145.217.121:443 desktop-netinstaller-sub.osp.opera.software tcp
NL 82.145.217.121:443 desktop-netinstaller-sub.osp.opera.software tcp
US 216.239.32.36:443 region1.google-analytics.com udp
NL 103.67.200.72:443 cpm.vuukle.net tcp
NL 185.89.210.212:443 ib.adnxs.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 ap.lijit.com udp
US 35.227.252.103:443 rtb.openx.net udp
US 45.55.121.146:443 exchange.cootlogix.com tcp
US 8.8.8.8:53 ads.servenobid.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
IE 52.48.16.10:443 ap.lijit.com tcp
NL 143.244.197.139:443 ads.servenobid.com tcp
DE 3.72.78.234:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 eb2.3lift.com udp
US 76.223.111.18:443 eb2.3lift.com tcp
US 8.8.8.8:53 10.16.48.52.in-addr.arpa udp
US 8.8.8.8:53 234.78.72.3.in-addr.arpa udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
NL 18.239.83.12:443 advally-mcm-tagan.adlightning.com tcp
NL 18.239.83.12:443 advally-mcm-tagan.adlightning.com tcp
NL 18.239.83.12:443 advally-mcm-tagan.adlightning.com tcp
NL 18.239.83.12:443 advally-mcm-tagan.adlightning.com tcp
NL 18.239.83.12:443 advally-mcm-tagan.adlightning.com tcp
NL 18.239.83.12:443 advally-mcm-tagan.adlightning.com tcp
US 8.8.8.8:53 u.openx.net udp
US 35.244.159.8:443 u.openx.net udp
US 34.149.40.38:443 u.4dex.io udp
US 8.8.8.8:53 12.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 ce.lijit.com udp
IE 52.48.206.11:443 ce.lijit.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 11.206.48.52.in-addr.arpa udp
DE 3.72.78.234:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
GB 23.219.196.188:443 ads.pubmatic.com tcp
US 8.8.8.8:53 sync.richaudience.com udp
DE 148.251.40.117:443 sync.richaudience.com tcp
US 8.8.8.8:53 117.40.251.148.in-addr.arpa udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 d2w9cdu84xc4eq.cloudfront.net udp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
GB 216.58.201.106:443 ajax.googleapis.com udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 widgets.outbrain.com udp
GB 23.219.197.58:443 widgets.outbrain.com tcp
US 104.26.10.119:443 sentry.work.ink tcp
US 8.8.8.8:53 www.google.com udp
GB 216.58.201.100:443 www.google.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 100.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
GB 142.250.178.14:443 fundingchoicesmessages.google.com udp
UA 62.149.0.74:443 idrs.adtelligent.com tcp
US 216.239.36.54:443 us-central1-wrapper-analytics-prod.cloudfunctions.net udp
NL 79.127.227.46:443 id.rtb.mx tcp
US 50.31.142.127:443 b1sync.zemanta.com tcp
US 50.31.142.127:443 b1sync.zemanta.com tcp
US 45.55.121.146:443 exchange.cootlogix.com tcp
DE 3.72.78.234:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 c3.a-mo.net udp
US 8.8.8.8:53 pixel.quantserve.com udp
UA 62.149.0.74:443 idrs.adtelligent.com tcp
NL 79.127.227.46:443 c3.a-mo.net tcp
DE 91.228.74.159:443 pixel.quantserve.com tcp
US 45.55.121.146:443 exchange.cootlogix.com tcp
US 8.8.8.8:53 159.74.228.91.in-addr.arpa udp
US 64.74.236.31:443 mcdp-chidc2.outbrain.com tcp
US 64.74.236.31:443 mcdp-chidc2.outbrain.com tcp
US 64.74.236.31:443 mcdp-chidc2.outbrain.com tcp
US 8.8.8.8:53 6b197aa1972941ea152d94108dc2f9b2.safeframe.googlesyndication.com udp
NL 103.67.200.72:443 cpm.vuukle.net tcp
NL 185.89.210.212:443 ib.adnxs.com tcp
US 8.8.8.8:53 match.sharethrough.com udp
DE 18.184.206.66:443 match.sharethrough.com tcp
NL 103.67.200.72:443 cpm.vuukle.net tcp
US 8.8.8.8:53 cdn.mediago.io udp
NL 18.239.83.38:443 cdn.mediago.io tcp
US 8.8.8.8:53 images.mediago.io udp
US 8.8.8.8:53 trace-eu.mediago.io udp
US 34.111.60.239:443 images.mediago.io tcp
NL 35.214.168.80:443 trace-eu.mediago.io tcp
NL 18.239.83.38:443 cdn.mediago.io tcp
NL 35.214.168.80:443 trace-eu.mediago.io tcp
NL 35.214.168.80:443 trace-eu.mediago.io tcp
GB 23.219.197.58:443 widgets.outbrain.com tcp
US 64.74.236.31:443 mcdp-chidc2.outbrain.com tcp
GB 23.219.197.58:443 widgets.outbrain.com tcp
GB 2.18.66.81:443 www.bing.com tcp
US 8.8.8.8:53 38.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 239.60.111.34.in-addr.arpa udp
US 8.8.8.8:53 80.168.214.35.in-addr.arpa udp
US 8.8.8.8:53 amplify-imp.outbrain.com udp
US 64.74.236.127:443 amplify-imp.outbrain.com tcp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
GB 2.19.117.98:443 acdn.adnxs.com tcp
US 8.8.8.8:53 widgetmonitor.outbrain.com udp
US 8.8.8.8:53 gtrace.mediago.io udp
US 50.31.142.127:443 widgetmonitor.outbrain.com tcp
US 50.31.142.127:443 widgetmonitor.outbrain.com tcp
US 8.8.8.8:53 sync.smartadserver.com udp
NL 89.149.193.121:443 sync.smartadserver.com tcp
NL 178.250.1.57:443 ssp-sync.criteo.com tcp
US 8.8.8.8:53 81.66.18.2.in-addr.arpa udp
US 8.8.8.8:53 127.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 98.117.19.2.in-addr.arpa udp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 sync.cootlogix.com udp
US 8.8.8.8:53 public.servenobid.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 67.205.144.27:443 sync.cootlogix.com tcp
GB 216.58.212.194:443 cm.g.doubleclick.net udp
US 80.77.87.163:443 cs.admanmedia.com tcp
US 35.71.131.137:443 match.adsrvr.org tcp
US 8.8.8.8:53 ice.360yield.com udp
DE 51.89.9.251:443 onetag-sys.com tcp
US 8.8.8.8:53 s.ad.smaato.net udp
US 8.8.8.8:53 b1sync.zemanta.com udp
IE 52.210.235.160:443 ice.360yield.com tcp
DK 37.157.3.26:443 cm.adform.net tcp
US 64.202.112.223:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 121.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 27.144.205.67.in-addr.arpa udp
US 8.8.8.8:53 223.112.202.64.in-addr.arpa udp
US 8.8.8.8:53 160.235.210.52.in-addr.arpa udp
US 8.8.8.8:53 pixel.33across.com udp
US 8.8.8.8:53 g2.gumgum.com udp
IE 63.35.70.55:443 g2.gumgum.com tcp
US 67.202.105.22:443 pixel.33across.com tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 67.202.105.22:443 pixel.33across.com tcp
FR 91.134.110.132:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 3.214.207.9:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 132.110.134.91.in-addr.arpa udp
US 69.166.1.34:443 sync.go.sonobi.com tcp
US 8.8.8.8:53 hbx.media.net udp
GB 2.23.220.28:443 hbx.media.net tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 cms.quantserve.com udp
US 8.8.8.8:53 tg.socdm.com udp
JP 124.146.153.152:443 tg.socdm.com tcp
US 8.8.8.8:53 creativecdn.com udp
DE 37.252.171.52:443 secure.adnxs.com tcp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 sync.ipredictive.com udp
US 169.197.150.8:443 match.deepintent.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 equativ-match.dotomi.com udp
JP 124.146.153.152:443 tg.socdm.com tcp
US 54.167.186.48:443 sync.ipredictive.com tcp
US 3.210.72.87:443 sync.srv.stackadapt.com tcp
IE 52.208.48.52:443 pr-bh.ybp.yahoo.com tcp
US 8.8.8.8:53 odr.mookie1.com udp
US 8.8.8.8:53 usersync.gumgum.com udp
US 8.8.8.8:53 eexsync.com udp
NL 64.158.223.140:443 equativ-match.dotomi.com tcp
US 34.160.236.64:443 odr.mookie1.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
IE 34.247.205.196:443 usersync.gumgum.com tcp
US 80.77.87.108:443 eexsync.com tcp
US 8.8.8.8:53 rtb.gumgum.com udp
IE 34.247.205.196:443 usersync.gumgum.com tcp
US 8.8.8.8:53 9.207.214.3.in-addr.arpa udp
US 8.8.8.8:53 152.153.146.124.in-addr.arpa udp
US 8.8.8.8:53 140.223.158.64.in-addr.arpa udp
US 8.8.8.8:53 64.236.160.34.in-addr.arpa udp
US 8.8.8.8:53 196.205.247.34.in-addr.arpa udp
US 8.8.8.8:53 87.72.210.3.in-addr.arpa udp
US 8.8.8.8:53 48.186.167.54.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.169.33:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 33.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 net.geo.opera.com udp
NL 185.26.182.111:443 net.geo.opera.com tcp
NL 103.67.200.72:443 cpm.vuukle.net tcp
US 8.8.8.8:53 ib.adnxs.com udp
NL 185.89.210.122:443 ib.adnxs.com tcp
US 8.8.8.8:53 122.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 109.116.69.13.in-addr.arpa udp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 cpm.vuukle.net udp
NL 185.89.210.122:443 ib.adnxs.com tcp
NL 103.67.200.72:443 cpm.vuukle.net tcp
US 8.8.8.8:53 ap.lijit.com udp
US 35.227.252.103:443 rtb.openx.net udp
US 8.8.8.8:53 exchange.cootlogix.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 174.138.127.193:443 exchange.cootlogix.com tcp
DE 3.120.207.148:443 btlr.sharethrough.com tcp
IE 54.195.212.149:443 ap.lijit.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 148.207.120.3.in-addr.arpa udp
US 8.8.8.8:53 149.212.195.54.in-addr.arpa udp
US 8.8.8.8:53 193.127.138.174.in-addr.arpa udp
NL 103.67.200.72:443 cpm.vuukle.net tcp
NL 185.89.210.122:443 ib.adnxs.com tcp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
NL 185.89.210.122:443 ib.adnxs.com tcp
NL 103.67.200.72:443 cpm.vuukle.net tcp
US 174.138.127.193:443 exchange.cootlogix.com tcp
US 35.227.252.103:443 rtb.openx.net udp
DE 3.120.207.148:443 btlr.sharethrough.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 work.ink udp
US 8.8.8.8:53 execkey.nezur.io udp
US 8.8.8.8:53 d2w9cdu84xc4eq.cloudfront.net udp
GB 216.58.201.106:443 ajax.googleapis.com udp
US 8.8.8.8:53 assets-global.website-files.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 151.101.193.229:443 cdn.jsdelivr.net udp
US 8.8.8.8:53 keyauth.win udp
US 172.67.72.57:443 keyauth.win tcp
US 8.8.8.8:53 57.72.67.172.in-addr.arpa udp
NL 103.67.200.72:443 cpm.vuukle.net tcp
NL 185.89.210.122:443 ib.adnxs.com tcp
NL 185.89.210.122:443 ib.adnxs.com tcp
NL 103.67.200.72:443 cpm.vuukle.net tcp
NL 185.89.210.122:443 ib.adnxs.com tcp
US 151.101.193.229:443 cdn.jsdelivr.net udp
GB 216.58.201.106:443 ajax.googleapis.com udp
US 172.64.153.55:443 assets-global.website-files.com tcp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
US 8.8.8.8:53 discord.gg udp
NL 108.156.61.211:443 d3e54v103j8qbb.cloudfront.net tcp
US 172.67.72.57:443 keyauth.win tcp
US 8.8.8.8:53 1cheats.com udp
US 162.159.133.234:443 discord.gg tcp
US 8.8.8.8:53 use.fontawesome.com udp
US 8.8.8.8:53 kit-pro.fontawesome.com udp
US 8.8.8.8:53 discord.com udp
US 104.26.5.38:443 1cheats.com tcp
US 8.8.8.8:53 js.stripe.com udp
US 172.67.142.245:443 use.fontawesome.com tcp
US 104.18.40.68:443 kit-pro.fontawesome.com tcp
NL 13.227.211.228:443 d2w9cdu84xc4eq.cloudfront.net tcp
US 8.8.8.8:53 55.153.64.172.in-addr.arpa udp
US 8.8.8.8:53 211.61.156.108.in-addr.arpa udp
US 8.8.8.8:53 234.133.159.162.in-addr.arpa udp
US 104.26.5.38:443 1cheats.com tcp
US 8.8.8.8:53 getrunkhomuto.info udp
GB 143.204.176.42:443 getrunkhomuto.info tcp
US 8.8.8.8:53 veinourdreams.com udp
US 8.8.8.8:53 ghabovethec.info udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 www.facebook.com udp
GB 18.244.140.110:443 ghabovethec.info tcp
US 216.239.34.36:443 region1.google-analytics.com udp
GB 157.240.221.35:443 www.facebook.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 tcloaksandtheirclean.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 216.137.44.128:443 tcloaksandtheirclean.com tcp
NL 173.194.69.84:443 accounts.google.com udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 228.211.227.13.in-addr.arpa udp
US 8.8.8.8:53 42.176.204.143.in-addr.arpa udp
US 8.8.8.8:53 38.5.26.104.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 110.140.244.18.in-addr.arpa udp
US 8.8.8.8:53 128.44.137.216.in-addr.arpa udp
US 172.67.72.57:443 keyauth.win tcp
US 162.159.136.232:443 discord.com tcp
US 162.159.136.232:443 discord.com tcp
US 8.8.8.8:53 232.136.159.162.in-addr.arpa udp
N/A 127.0.0.1:6463 tcp
US 172.67.72.57:443 keyauth.win tcp
N/A 127.0.0.1:6464 tcp
N/A 127.0.0.1:6465 tcp
N/A 127.0.0.1:6466 tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 34d2c4f40f47672ecdf6f66fea242f4a
SHA1 4bcad62542aeb44cae38a907d8b5a8604115ada2
SHA256 b214e3affb02a2ea4469a8bbdfa8a179e7cc57cababd83b4bafae9cdbe23fa33
SHA512 50fba54ec95d694211a005d0e3e6cf5b5677efa16989cbf854207a1a67e3a139f32b757c6f2ce824a48f621440b93fde60ad1dc790fcec4b76edddd0d92a75d6

\??\pipe\LOCAL\crashpad_3316_HFWMFMVYNXELERZL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8749e21d9d0a17dac32d5aa2027f7a75
SHA1 a5d555f8b035c7938a4a864e89218c0402ab7cde
SHA256 915193bd331ee9ea7c750398a37fbb552b8c5a1d90edec6293688296bda6f304
SHA512 c645a41180ed01e854f197868283f9b40620dbbc813a1c122f6870db574ebc1c4917da4d320bdfd1cc67f23303a2c6d74e4f36dd9d3ffcfa92d3dfca3b7ca31a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 19c0737a8f0a25123ec2e5f638bb5dfd
SHA1 9731d1877f57031b58240738f2d74a135aeb62ce
SHA256 3bb461f1658b3a095b3a5e1d3a6c44ca8d672d6de6edb0a3dd0833c7e4815d30
SHA512 663b2f33a9c71ffda915cb4fbb4840c7d2524a79f3bf163c6465107860a47572cc56ab6e8ff33282108a874f33f6be2a83105829203ebce660c7d6246a2b872f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7ba447f7aab4e97c3500d0421fc5bfa3
SHA1 012158ea3db39f2f64b885b30f1247e9dd2145b7
SHA256 6efb1c6e06d6f0e79374ead9553c7066c02fc6a9b9fd9b91a013d23adba0f3ad
SHA512 ace146ba93fa2c7faea045a9260ddd6e35c566cece7cb5cb37bf879c50f9e22bab2bff900c19b686e57043cc9a559120e229fcaa4994b887b035cce00b41d5e9

C:\Users\Admin\Downloads\Unconfirmed 829834.crdownload

MD5 b464744ab9c9ebd75169f1c8639e432a
SHA1 ce83cff14a367c1fc88fdf1b9aa3df2e64549d85
SHA256 08975e2665243e02ad55dd53892d907554b297bc19ba2e4d11334eb67b45f3a6
SHA512 37f4cd8560b480126ca38135cdac10d28e56f36ba42583b8cfbdaf6555bc656a2448c67fc715b2337e1db07d4d87ec9336e7f7ab5418bf2bb4f9a0206817beaf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ce8a0bfe594db601c927acc104bbb128
SHA1 6312c5fab0b643e83f7b82c25ca47260dff59e32
SHA256 9aeff7a5c72ab2c290092ec67038e09d1542d43098cc5196492b8214427e8931
SHA512 466d9a22c8513e223e82fb83089aca24e030e4e0a248293a41bb590ad81656b70f6e061e3cb643a37db43ab780716ee43eb665e01a99dd2f4f608c014885f20a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f9740a3be7d3a97bf82c97c0cca7a45a
SHA1 37b2931c232f9cf36fa1bd3c315a2a9b5bcda9de
SHA256 a7407bd2aed7954be00ccc8dfe4ded4f3a3b76715452290a962190f5ae9c09c4
SHA512 2f7eaf96e2ecbe11a38f86b01e1810499eb7f63fa100a80a9902f0b8f285a78faf826706a1b281bd51193827420e01f826bbae38518e7a1e5ade4882c0133ee9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d4d5d8e853b8db28fde471e05c0e23ec
SHA1 f58959a0626de6f58953c651b9ae3820e0e86f8b
SHA256 230729702eb2935d56d3be245e6ca9834cc83300e045429b4864a75210dcb146
SHA512 9e430422a8b94b83599ab348da11491071a462ced52adc2f157024b828223dc96dc07cef091339723405061cb885096fd822fe0f95569e098974154b8486a0b7

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

MD5 dd8f8535ed5debb5aea44be15492589e
SHA1 6c5382bd31a889cf326560de168260d4df9125df
SHA256 db8575010625f4332116ae8e9b1b47701b2d24b1fb3f1940a49348b4a9c0f29b
SHA512 5e9e430a25f8fb6f40c2ae744b47d730dc258244d9fc41d356e77d9929a43910408b5ff551ba4553ab93bb2ee4ce5c91b5985d05f52732f6eceb81746fe15945

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\de63ff4275d236d5c1b83225b76d1c14d40b38a6\index.txt

MD5 0558fcce36e78fbff6c0d27cf5bbd18a
SHA1 0860de3c8f573ef51ff51f5e076d056632255ca5
SHA256 7e108b2ed83e97ecd36c71d55fb5d886ae826e34717c495ed12324e4c58f51f0
SHA512 9cfaf67e078413a1fcccd7f1f55d7ba2520a60475fa5bc140d58fad95a23914319c96807c2c70a1520452d59768a60a6708651e1e414323d4ab1524232b23250

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1e6e6dc0a2b387132f140781a12c76a0
SHA1 bb09e5ad4ae3517a74329236ab8dabc18a0a8b73
SHA256 dca27a211cfb33c8d9d7206caf87e6335928701bd7a0f1017303b6c9a5db3b0e
SHA512 d14295979268d2c8f74626e93ae8167d62336b652398c7b6811d24f9da6df42f6870d0ed4f7f0610a7afc971e5de9323ee4a783fb15b3b3546f533c04767137b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58a6e9.TMP

MD5 741b3261b4b053642d32da01b9baaabb
SHA1 3122521e28213d13a1cbe18474b9716a51d9f3c9
SHA256 6ba9d8dee9e657be2304e13d34ec80e3ba9f3868a2bd146fcc77d4eb69b2f25f
SHA512 502d5d6bff3deac93646469e035074b5d425525a617197ea48b590ec488a1ca2ce46eeab9ed9e5d727de24bbf6e871a1521f19a616082bb8c5c74c08e19b57cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 0dbd22cba4f65a223f43a161019ae8c2
SHA1 18a82bbf722a82e891c5203726b58f5621fef40a
SHA256 1011ef8ab9cf3f44c7cd706927d942db0b1a7328af4821788c5273df11056919
SHA512 05a42829bec09caf3e211f34fe8722c8f3387735f791a2e5980d630f65c320dc7e9c0701932b0d450a92db99758a6842b0542c3524f26f3fd127ab953ef6634b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\de63ff4275d236d5c1b83225b76d1c14d40b38a6\14b90021-b322-47cd-94ea-219af76cdaed\index-dir\the-real-index

MD5 e30e2738c7997122128e083dc60ee91b
SHA1 3c0fabe4f3592e3def2d131f03a551fd2bd616bd
SHA256 5b6e3031caa8ca65b0e02c99854f1b26504c6b8ded886cb35d39aa2cf3d5cbb6
SHA512 41f4862d77a90c1f5a314a55c0090da4ea7d4bc6d2f906e944b3b4ae1f90e539ce9a9c7901559918ccabdb146403c31fd3dddd39157f7b50e343fb2848ca2b92

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\de63ff4275d236d5c1b83225b76d1c14d40b38a6\14b90021-b322-47cd-94ea-219af76cdaed\index-dir\the-real-index~RFe58b040.TMP

MD5 777b61e0172e7b2bb86bef8e063ad66d
SHA1 d8ba484e5fad879f2b0121aa5f2f4922f465f5ab
SHA256 12df845878e594a3877c07a9dd1b1235f2585aa1e614da639174cf1279d5aae1
SHA512 77066237bf037b8a138ecb85a484624596aca0a923fc864c83289f4d800cdf5cd561f8f82db18b182d94caa0deb676871dace351c2b69c8ab2310de5d9555b1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\de63ff4275d236d5c1b83225b76d1c14d40b38a6\index.txt

MD5 73566caca5550ad7e0ee62f45d69a39a
SHA1 c9a3ef811a097ac666b86fe46c54804160f7697e
SHA256 b9b44a0b21467e62b8ee3c830ca3495b72c5ec9eabe1051e88ed1b7aa677a4df
SHA512 b06e3e954a9cd5f36933514425c1ddc0a2aa80dcaf268008d2edf65152b193e143cc28e45bf6a8ffbb7af71c241f1f6fd5e6425d3e24942d78056c1057875982

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 22edca36a930456801537af1eda85aa6
SHA1 56fed462a3afcc2fbc2806f6525c624208d7fea3
SHA256 b1de09f459984591ea0197e3afa7a990a7e0a2dbd81a4591793cdd5bad83bc59
SHA512 537f40d14e2e30bf1ea85127c1498c6ef7ad6c25c8df698c9062d427c17f4ae9f3189c0ca9d9ca8f6862311cead46df55461c995c3681303ae6e0a7782218555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58ba91.TMP

MD5 ff8d375923cbed3182e7ecde7c469d55
SHA1 4a07f9e53d6f8694117eb2a8d4d506d3c63f66ff
SHA256 6ebae0b653ae3585e2256722c1b2c051db6f9e327ef76e0afeaf705fadd831ec
SHA512 789e43c1e82ca60d63e4e856d7b788243028bf9dc83212f2159fc318be2647c26cf70a8983a5b36ae7214591c77c86ffccc5429810605dc66fcca5a65d4f3ab7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_bypass.city_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

MD5 a6d0361079c7f359d4b3b0c887d926e4
SHA1 188292299981e369e4192b302c5de31ff956c2e7
SHA256 15ce4bc7ceadec98428ee9ed68e86b3fd11fac84782de7d5217831af12431817
SHA512 b24cb3ed810ed0042ab02bdd83281b582dfda6e528a8209f95c304102c8ee59eb435d4bcb6607f8dbfc358ec9f1f6ffe8624ef96271ce8c2adbc536a73a8b79e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

MD5 3533667387c0ac33e23ae2c752cae035
SHA1 0db03fa41c802172ca8871d1468ed6cb737654c4
SHA256 3946a5da07d8c9c3674a90598078593b0e5a3fb25bd8181e75b3a7a0b92ae035
SHA512 b2fa3484246483b91925d22da3a80e5d7daeec27e3cefa01f8bdb678cd88d2e7265cdab4cfe922598cb3b25a38837c28087b47006b02363e6209cd1e8b9c9606

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 df7279dc69da827399386da0b1d944be
SHA1 cdae96b7152b2c61ba7ef921f05cf357c140f76d
SHA256 573a3f0d87ea0524fc0feaffed62c6c19e157be9bb69f0241ff3745d57356fd1
SHA512 0b443876fc04c43b8dd58f206de63878bbb8c743cc4b90f8899b11fcaf2026b65303ac5a306b846433f4da3b104c21aead9bae36d0cd3b2396a1fddcbbcefb10

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

MD5 6f6711e20b9478a07891e68bc7502637
SHA1 b80363b53efd2a89ec17e7579496dc2601e6453b
SHA256 284b47fba3c65c0f87c327fecae885da0b719ab72e1dc4943691011391d250da
SHA512 4405934a8f1bc22eb0ceacf38df6d132228771f7b72ea7d2044306cae2ba2446590244c3242d29292f8cb0244eb492bc0a01f20860b49c50a8f29460f8e38e3c

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.exc

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 71c7a5031e225dcd090455b38c2dd4ad
SHA1 3d12e3627dea943a85bbfb3fbcc673ce052e48bb
SHA256 668397d4e250acda911d8865f0900fd142019393ab5439e4628cefde802eee4d
SHA512 ab8065d0b9ecc644d8249670c648fb2f2e4e88f2a73c77cfeff938a133102e76354605553169a21ce5fca93e0368a139fee46b8bdd281ad8941ee9961486c40c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077

MD5 8e433c0592f77beb6dc527d7b90be120
SHA1 d7402416753ae1bb4cbd4b10d33a0c10517838bd
SHA256 f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
SHA512 5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 69adfd04cf646e5483dc45f986e5c927
SHA1 2fd379c5ad2b002f39078ba78e2c36b34c6929b9
SHA256 62aeaba006c58de7a62eb147db20f89318ee6d3b85a1414aedbf0339ccf939a1
SHA512 5e019360525a2db62e828d19b4b558978523872c9a56fa88d0fc2a33eee1a26329f7dbac4c5037d1d00067b1d344b1213bec93f58d6dbabc4b42c0caa1627a22

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 e8daf75ee5c79b4a4ec2fcd7f11382e9
SHA1 6fded4d682dc9ea6758ffce50e488c220ac646ac
SHA256 4e2a5a9a423203a73942c544fa10d7ce064056b1dcc913f059868983ad4f88de
SHA512 2f960c808dd94cd7004137ffd29e362b94f22f1b96cf8fe9d5e16f4e90a88b6d7ac1546653fe86fb88ba27d00449a8e899f4bb3745bc64e8b7c64b86d5f317d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

MD5 7eb432dc7763f3aea24d0651a3014917
SHA1 69c8d58b1957f81d27e1807d7fe5e18548a779a3
SHA256 b96b3c2e3d967d480a9f601c7cb73f3541bb6b4da00b0d12ef6b907773662be1
SHA512 0e31dfe6593ffffee7b395953143861213b1d1806fc249403645b8e33ea133818c5c4dc8fee1c7f85dac556042cc5281965c43012f2d65bbd0d53cc0dcec5520

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\fa11499a-c27a-4cc1-8a19-83ef1076ccb2\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\61703499-3b92-4ccb-b6c1-5cfc88a11c6a\925a02cd30dd2ad1_0

MD5 dec9c7fcdb06c1c93d8557606897e2c1
SHA1 b8f503f2f211747c76d96abc4eee12ede8e287fb
SHA256 13fdcc21f833484b2b8b7fe8d89b1cfd892a6b093ac115a6fb26c9fa8a1b3622
SHA512 e76ecbcc477380ea15fe1d16fab08e8a8fe58b6f0f7056e61cf27b89c0f69daf6aaf1dc36ae0ec3e23c1fcdc02495eaf9eafe22f91197f6b1b215b7a91a54bad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 e9d4de00c2511c743eb0cf544859afaa
SHA1 633a87fec15d537c9b0714460d3e6ef681534a20
SHA256 4fd735255397212f0466f2a61e7397d22bd99e0dec158c98c3ce7b89d4cf3dd1
SHA512 f4efbad76d4c65269c730fb913422d65d59f112655d3ca6abdacaa0f97642dda42013543db9c705e1feacc7a6abbb82fc283a6a076095e6ad5f7f2589449414c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 1682bfa731083c2173526cd01dfa659e
SHA1 457d65329d9866ac1dc3d3ca441ecbd2ce6019e6
SHA256 607dc601ecf72dd0f619449e8c07c3ed9cbd51feda031c5618ff44ca1cc69e02
SHA512 6e4701bc05b868957c11371ffd1938b6a897d4b80b39db8c1ccf3a54bc67842aa12a997e03b2b1d9a4c44ec1e2e5208bb88bfcef62c6f7382d17c58bad08a2e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 c7947f7c50de3d5f0e7b3bf4b9a230cf
SHA1 c74114c4c0b47ca32952704baa84e05609c305a8
SHA256 45da04fed13c3518e36a43e8b9a692be13913d4c58ba21546740c463d2653d48
SHA512 b5560a2f3213980174615e755a10543e5a0c21c893ea7d5da5d46cde779922efbc9ea25d26eacb6cf54b7f2e7277301d677d8dce0ddbe0497197bfc1b57f2bda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 2c8770159b5e28590f900c9d0d0a197b
SHA1 cc2b62a6e17dcb8b96b70f70ecdc6a0cc4657b06
SHA256 20f45db47d8f5bb4b5db3bf98dc9db7839757c7285504c78f7b8692f46f054df
SHA512 2a7bf2882d725fd057f514ce92e572a86e14c928ae2d9f241ea2ea396fd5d43b777523dbdc9efd5bce369a254ab8c33e0ca1321e4204ff1c27290ae268b6c4a1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 aff17b0e3769effaf0119f7863913a95
SHA1 7f4f608b4c3bfc0118168fc995a22582a2ab165b
SHA256 9313d9010db5b54168fb41ab11fa0c147bd8b0cf60bc5b61b7cfdd4bc28e12ed
SHA512 f09a5362cd3732162dec76286910b36efe451fa8602cd23bc0cf90ee970c19a419ddbeb0b472e48cafdc61cd3a762616416a19453a1958fa9a51c7cd124d6a73

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 9b267616bbe3a514e405b1b493490681
SHA1 f42e1e78fae27c59531470a58d602fdb8146330c
SHA256 e8b0278afa95b9ea6192106555f46b1df5f12d084b230c5c27a9c0e1594ed7e2
SHA512 4cedb3df3293ea028df753b747a932dee4734db2ab4826621bc6d15833bb15ca7e018ecb149b33abc51fb6ca66269db7a468d80d2f8d0ff1925b613b0e25f42e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 19251f46a93f8775cd781f8fbf95f70e
SHA1 9c42d4659b9d4a5a431f5258dffd100b0643c0e1
SHA256 52b6eeb5f29323eecd2685bd0078ea16b94c17f686220eb30796cc2175650149
SHA512 42834c5bb2dc5565ffc00d546ae34e099981d8ef27c7c99ff1d69e72f534372326a183fd29fec64d03c66bb6c519b24394b49ce910908d0d46bfc5a2ca36c2df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a5

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c0bfb18b42bf2e79ea9ef0c054bc3c44
SHA1 723b90bc7037dae0865fcae7e48f914aedeb9137
SHA256 55503a93b84baf9d3b17772fd6c52633acdbb32f3576e1397a6de495c19d9829
SHA512 0d02a361ed5f4d5577cb12eee20b21e7b67233819bec2e01a3c3fb462f1fd782b8e43482b0c97f47cc6ab73d98cdab2d3e10598e5b7c275495ecd31d683b6b0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\0161795a-a5eb-40a4-a630-dfecb54d4a2d\index-dir\the-real-index~RFe595ac8.TMP

MD5 16c701ec4ca4ad2255e85755e5bb1eea
SHA1 abbebc4f2250f10b017f91674d5d892297ccac54
SHA256 9c4d3dc364a8944e9aced0bafa410b15dd6cafa608c0599d30f9c4fefa434c9a
SHA512 d0d0b12e56ba7abd9dc6be5cd7f3a5cb5e5ff240bb5faf7fb16151d9901a177d442db375c7b76d2b09a7a3b5b5c02b02761527aab0d19a0965e237afdb243ce6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\0161795a-a5eb-40a4-a630-dfecb54d4a2d\index-dir\the-real-index

MD5 f2416f31e0e66215a00c3d60e5a080be
SHA1 e1ecf5d4a16a8391b78cfb382f90a5a4b9fff999
SHA256 2a1c63f8f776d51064199509762af0e2b4fe2c1102daa769165bfa9474a680f7
SHA512 ae984144509154110ca701fb0135678ff387027f18babae768e4b06838b109956e48c9846a24d6036d925846b798220ac6b6a8edae335e5647ea49ea4c07d029

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6dfcbed07853ff0b_0

MD5 22a9cb63c81bdce4a886d805243c74d0
SHA1 7ed2370c3a77093bc2e41f87569291f0ce3c3ed5
SHA256 2cdf63c54d146aac4213d411d635659955cf5dd343163bb3c5f402cacfd288b0
SHA512 44854d6c2ad51f8ecbed3f00b98e58e2d555d032bbec0a9e53a8b6452f9ab5e65f2223a9df2cd2c7ae56db62bc474b1cfe319451d965d78243f31e9694e90f36

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 979add79966300605e2a0d7ed37b2d2c
SHA1 d593b0611745b0f77ec841aaf7d5f2e80c2e3efc
SHA256 aab7779e9ec9d16e792b5c4408be66634803cf39c1ecab9abad57f9bc7735ce6
SHA512 0cc942a2e1a4d0b47191799953d88d0d4c8877982a25cd475017b21500f6ca03d846e35db6669c95cc4da54cbdb68697bbe15301702e11bea0577e08cae022b3

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 6f0f6e8e64777367a2f856a861ad4a52
SHA1 caaaeeb97c3efa49a22845bf71256f9000f61c6a
SHA256 d603ac46ff60b6d792129ae4ba8973a0414d2d46abd98b98d179ed9deef064af
SHA512 e4e1eb918647e230c26d33cb639dc8d66750228b8f094a9c2d29222d9fb5153ad553818d72c360546380d68af9a9c203c401d928b71fef10cca2c5b6d8f4de76

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000aa

MD5 a5cfa1f37fd341deec50cda252bbafdd
SHA1 c3fd06a7245d7d3a6d051ad3917bd797b6fbc2e9
SHA256 bc2365c048866fb075769c0a262ac64f6dd7b5d984d3cf5fb054469fb776c7ca
SHA512 0cf23c998f514a4f49b583cb267aeb2052eb3a763f54dd9c07d2fb1c38cf325920784a7bffea4a1c16cd6d6280b0804fab86cc01fb0cc821837a23b57623f49f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7826be370fd3fc0d05e23bf64483762b
SHA1 73497af12da0990fc1bc9a0564d5f6753eb7ec81
SHA256 8d95af587f5e0d3b94ff53bf3978a6c0d2e4842cea2a964a795cd4f2e77623be
SHA512 0945f8c59f08817ffc7963cf6e6c0e662940fd8e5e35220227702f6820150d60ee0a1fe275db464f33233e3eee9326be98982025792f1b8fabf2e6a440e4c6d8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1e3cbacc9ef6993656cb9af84eba29ef
SHA1 f703d31233ee952e962f3de7ddfc8a83a65db591
SHA256 ae83eceeecd3a380b496df703d45eeda429031b904f7fdbc3e71d22eb3fc59b7
SHA512 895c4a5ca03bc0bfcf1757e14b49b3afc937239d5d0960d44eb5b63332d86aa4b3504a0e54bf8c5d3e6b74720432c74dfcfac68fbb58ca1b9fbf9951c4b381ff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2eee86d1c383127b3d6110e4f7f4f955
SHA1 a70fdae7caf2837e5396a419b870aa57bf63cef0
SHA256 879763f7ffa9ec03969f7a6a4ddc375ee4d483ea007c3d72232fa5165d6e900e
SHA512 476a0e9daaf2c5c371ed0af31765f09650f8b2509670a3fdd73d2e772ff3842332fa5f18104c77ff5c038734d5e3f3ef4e92c3baa4025c0e8b4f92feae9b8aae

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 fcedd740c2a38e69d633835a31bc206b
SHA1 3f0830431593e0d49ef4d96f76fd8ba38c204327
SHA256 aff6dfc649a6a89865230e32d2351a35e1099a37ca09c18bdfe0644b777d4ddc
SHA512 af1734231da80b4e704a9cde30eea7cdb393b224324b9dcbc47b77b6d3c3c9c290d10439ce34c15abed149ad5ce957a7d79f2fd807e5a462b9a7b5f4725ce850

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 98ef9dbbb899ba69666010896f93af40
SHA1 2ff9abc64e78da642dff778b8e8214d115c2bfa7
SHA256 777320d7cfe4e1b9b26852116e281fc8bf7e4fd01c629233a16d098fb1593e7f
SHA512 c8796ba23d315b350c46d9b3c122bc96fb661913859f787faa3abe034dd5ce33a863675b51ebb1e8fe2aab1d716090a4faa6e421ef6d01df06db0b97737be56b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\61703499-3b92-4ccb-b6c1-5cfc88a11c6a\index-dir\the-real-index~RFe59ec5a.TMP

MD5 bed4c963410b5ec0d9abacfac5c6d3d1
SHA1 5d172485cab4ea2fda0dae05b210923d0307ef72
SHA256 87e6c6c09ef3bc29a8cda31a93dedfd88524b07b81f6f964f1e744ce747cc787
SHA512 1c0a136d116534b038b68c3ed5c2c0f7bf8dd4dd4fc81e162be249253dd0209493b5a3913dfcc19bcdbd4209a6ad0521d94e8999267d30433eeb5f52e43f920d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\61703499-3b92-4ccb-b6c1-5cfc88a11c6a\index-dir\the-real-index

MD5 8bf67a071119463b7f0f63a8ea56cca8
SHA1 07436407f4b01b4785551e8cc95b69c266b0dfd5
SHA256 a24c0b62349eb44f5c68ec91a056714287075d007cedb413491f98430bf55ea6
SHA512 2ac33fe03e2cfed82481564797d5191a13580bedc7b10793d5af678d4acef7ac08e85c9e97889a89fe1ae895e331562b83c710f8a637768ad95dae061a6ab630

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\016523c449929e1ba4b2689b8bfce5aae7410194\index.txt

MD5 9eab333932b7065aa1dc2882b0a48557
SHA1 bdc9181da6a0e63e2d63101a3d7270aad6ab3097
SHA256 943952da6b18dfad3fab29e474b2e9b3a893e44a30bd90c89e8b4fd306addd04
SHA512 25e8364f8ea6a059610037d7978fac52f449cb3a648e9c26e25d9886ac785e8e2192998917b7656126a0f2ac9e00a975f7337eda566bccc658ae9fc50f8adc8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cdbc193a388a85228f71f8b8e670ca75
SHA1 bb1d68a04120b668ce71247086334f5a3b03a84e
SHA256 f98a0dd48ceb886bd2f6422c944ccf63e33c4fc11839a658228c01be9524c80f
SHA512 fc600948caca19c6054971e5b57b541b43491f6386d3c4db8e8488c51a09ae99c51fac80ef21d38d0874c1adad2d16f83d63e34516544f2e6048dae58deeed43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f02d09cf2a398958a6c8f50acb33ac35
SHA1 97e4e72bcd773f9fee4204a8dd7a27afbf42d1f2
SHA256 b80062e1f524bb5d9fed8efd0d032d318337184a21b9e87199191cc7772b4da8
SHA512 f4df6c56a7a3702e7aa5e445c7703d091c36c0478bce17a2b5ed6c23464c9c8eec3cf9ae787dbb48da1559ebd386c4ffd82607c834f00446aa68371d3906addd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c86f16f541425fd31055d884f4c88c32
SHA1 2b185b4db06b5287ad7e1d18a6c1918ca48f02d5
SHA256 43123bcfe69a1244ea37cd2367d8490be3c0c4b3d61576c13aeb46f410f0410d
SHA512 3c81e9208e002a1dbd160e9464344671f021a50643f6a8cc4ab4908dbbd799fe9a5ca9affc2d6402412b283e2a42849851862d54b6c713e1abbcc54887d028de

C:\Users\Admin\Downloads\OperaGXSetup.exe

MD5 826544c9d1a161814833fe24e9bb7975
SHA1 b94aa7b148e09d45600f4aaf06300ee79657cdcb
SHA256 cc6709a5617c090987d5baaf157c68793b3dde44f90c7c5308df45a57e86d764
SHA512 dd9b267edd5a2269ff167f2bef41fc41a662237b9fdc99df039b095f60837227ff6a5b68279a7376cdf18441a7eec39f9c1a44fa875d558b2f28afa08e1d7de6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a59a2a94795c2a94b98a0b0a57adc979
SHA1 6d0c40d53e47f0d7621f1a6fb3aa5e21e59d1d79
SHA256 e7040e2025fc5a475d6e3ae5d93a3bbbb6ca2451b85eab6a92ada971ac220ddf
SHA512 2ff2606d9b388c7e856ff9d6d9cd866976de2359f3d1e98d2db8184084998a2da356c6cb611dc517eccdf520b32de77dc30ef97e52f93ad3c3b9c6ff28b32d2a

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\setup.exe

MD5 dcc0d15e77a7872758e65deb0bfc6745
SHA1 1efb89e143bf5edd34d46ae8370ecc13d4c3339f
SHA256 87a168a04a254b1cf1adfe732e8b7b08d5c3e76ddca4e8b7fb4e58ebef85fe64
SHA512 9cb972bcd99fd03a924bbff79e8989a040d1202a77c9d8f62ea862cc6b1d258778410ad9a4de5f2aab43062f5e9fe17d7ab9baa000de98d22a47f1471d1de778

C:\Users\Admin\AppData\Local\Temp\Opera_installer_2411092055402472296.dll

MD5 1b07ce60bc1c77f0cadf13c2e62b1383
SHA1 ca70d0ef99ae5d1ebf85880ee669ad1145e4d79d
SHA256 e48eb19ca0210f9063f4e77c2f14293ee940eeaef2ecb9efceac7f6336cc203f
SHA512 94c358b6dfef0fcb0012a3a43235292b18ebf897043baef0c110570e91cc73721b12f1f771df6d000b4097f3c0cc22dcc65330a9153c7a9643787d24da6108f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 22f2aeb8df1c1426a7ae20d3c5441b4f
SHA1 358f9414a2d0956035ae1a210d90bf323e8dbeb3
SHA256 d3bdbcbbe185c511c4073d9735b5a7f6df47f7badebe8eb75136cd98860c83a0
SHA512 cf3fbd15de932bed51b4fb4b5ff57faf3cdc5fba78b91cdb23744e744ee9a8c69c5f969ec77ce36f1efa9d79c08f01cebb76c972d57ade3bc2f91ae007aa0646

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b3112e9f09c693ee3426107b69fd3b8a
SHA1 6bea3c737423b867c686ccb569bb76c89f635e24
SHA256 90c20eb6fae0f1e310493103487c60d396aef482144d796137c4fb2524b4daa7
SHA512 48223c6ea55ed5e5eeb0bd64efc28017e13f18933c20b2775f205ac1c9f54d5a3cc24be264df6ccfd5f799a57cab88285eaec4b40deea95ae81bebd0166fc204

C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat

MD5 30650c90b06a4d4c4a78e27928459d62
SHA1 c4e208b93d988d64962e9054da29d97e1056c9e8
SHA256 58081749ea9d30e6da096eee68758b17b659b34bb6e9485256986ef03d7bfa15
SHA512 e933089f7dcb072f64283ff22aecedae3c8d162943c0228505fb83e88c48828e41becd1a5882f62c04a83c5a256c3debb29c501ffc9bdaa1e7eb727833c10737

C:\Users\Admin\AppData\Local\Temp\7zS4BC29AFA\.opera\Opera GX Installer Temp\opera_package_202411092055471\additional_file0.tmp

MD5 e9a2209b61f4be34f25069a6e54affea
SHA1 6368b0a81608c701b06b97aeff194ce88fd0e3c0
SHA256 e950f17f4181009eeafa9f5306e8a9dfd26d88ca63b1838f44ff0efc738e7d1f
SHA512 59e46277ca79a43ed8b0a25b24eff013e251a75f90587e013b9c12851e5dd7283b6172f7d48583982f6a32069457778ee440025c1c754bf7bb6ce8ae1d2c3fc5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 adacae360dac6d1ae95918ddf4f49132
SHA1 7e0b1a7feb21312617af8fa28ffc364f4bf8bb17
SHA256 767cd0aa4140297ab78bcc1a3051c1810f17cc5e27d3ec38b2f2bd7fdb58d689
SHA512 4eade74c5299d0ea22400e04e4f7a0b84d575f47ed1809039d7ad3c057ba4e5fc0daff6fab694bf35105662c2acc97dbe3c46c8d9111a36d364555f703940165

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000099

MD5 756dd1ca8b8554297f942524e8770b30
SHA1 6292fb04f768d3878e046d7d5d9c116249944448
SHA256 0abb8eab350eab11d656ff7122d9ccf629b4e36c752dd7a75e24667054285b1c
SHA512 54893b0a8b515b89935cd30104e7ee76860d698f3a57e638893fc6495ff1ea93364764cece7518d8eb0aefdffac5bba8e1f9adaa2787d498a9467b5ae598e440

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ac

MD5 edaec93d4b13b23be4847fb3f3e6aab9
SHA1 025dccf971bf5db3acf4bbdd0c79260ef0c2506d
SHA256 4a350c9910de73a9dc6f618098070699224ad93a851b989f684924193e56a0c3
SHA512 263ac36f412778be9cc7af0d08b0172a0773359bc5c5357c8c7970e7804b93dd45c2c4452706e5a3405eab23f6cfc13aa5f0be47b857e7aea91a06e721a766b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000bc

MD5 dee46781c0389eada0ac9faa177539b6
SHA1 d7641e3d25ac7ac66c2ea72ac7df77b242c909d3
SHA256 35f13cf2aef17a352007ab69222724397e0ec093871ff4bd162645f466425642
SHA512 049b3d8dcfb64510745c2d5f9e8046747337b1c19d4b2714835cc200dc4ba61acaa994fec7c3cd122ba99d688be6e08f97eb642745561d75b410a5589c304d7d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 97964b37ac2dab22c071de36cc21f8f0
SHA1 272bdb5d9fd7ae3589988e72679a6f0e47b1545f
SHA256 d576ea9c110fc4a886633dfc999600183cea8edbc21640a7968131aaed75cf17
SHA512 0bdcc2563db2bc34ce9070cbb6e555b7362c72b31d4305129b6d84c71e18ff93e0acf9d75532710ee1d607b809908ee3065009540b2965d3d18e5b478961e4b0

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 3eae28e014a5fb290789cd993039d171
SHA1 f718bebb3225db006df06bd4da80fe878befb130
SHA256 bf0785e134c29f78999b25a552bc734641ce56b69aa6669ffde531a9a0b6f5d9
SHA512 478f9ced73a28fb70536cecc5bcc92de539c2afc90187fb95ea3b1de5e236eeaf7a61d0160ca63d1cb8ac7a58cc60ed1e6abe8bc1f5ca4622941c899a4b7674a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 4baea55914ac27edb663eacfd38a6070
SHA1 324494a7ffff70ed21a5a7f4d4d226993a2ecbb9
SHA256 3a2b55a4a4b7a275b64822e3902c798257b1c91239c62dd2c22fc6e61abafbaa
SHA512 e1de46d692e518dc95f3bfc32b7bae2c3223f7a01a6c1d65018b148fb0be1837928331ae4b66b2321570e8d8b73dadef2d78c77a2ae83a0921b0229af5c946bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 93f0426b35e7841dccb0f54dbdac7b5e
SHA1 3a0c759d97de30a0086745518c38f9373e31b964
SHA256 335663014216b861a9c77afe6021019626b33227bf3254f5c1e4abf2937aa862
SHA512 fe8bf81d740ca897435e9d195d84572c8e2b556b1c2f948678487b93114f81c6cac7dd9a5b0f3768c75b2ec6192aab302ebdb534ee6269416fdd7a93a4c4e086

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0c6612caf0081fc4e356403e06c5d03d
SHA1 5062da1239526ac22d888706e02647aec3bf75fd
SHA256 0961e335fcd2383b8a3975a9d8e2275b68f99a92cfa8d557bd51de3e93bbeb6d
SHA512 9acd78e21984345b7519cc18eefeacfae152c0b60d4a2a47d0dbe728376e88660f1bc551590b7e119034127a892121cb40692d0d80ced24cf13024106902d4e4

C:\Users\Admin\Downloads\OperaGXSetup (1).exe

MD5 9c747dc0b9b6d0abc09b7e35d531d020
SHA1 7393781987d34c12fee2126e5314f4809fefdbe6
SHA256 c41e70cecf5ac7e4e7f55db2a1b2cd426fbadaa141376bfcc1f8c9727791259e
SHA512 8d57aefe0b29f21f4ea6874e64c6eb9e08ccd83222baa4338591b54cbeebc7fb4bb0ca56bc359ad211c4e33e2b83c22f7fc6c72d621596fcbcab2f7518eac276

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9cd8e6b14e145b13e0d6464111b5114a
SHA1 97040d6ae59ff00d3b5fd7a3fdc0036aacb85d22
SHA256 ff3b0dc482d7b09e718faf3f7c00e67a5f628fff49e651b8f995624c3d12a1e3
SHA512 5d0147930e7393e2664ebcef2fd080ef5ab90a2ee7d56f32d6fc147328fe9cd06126db340fc9d2ecd1cfcaba0205d9d6222e83f857c29595bac35a3f3b2df9cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

MD5 9a53d73b157a0ecbff02844cf19799b6
SHA1 a236d7a52965d4869a0591cddaf8de5c2630b87f
SHA256 e9b47c3f8087674cf16c87db0b25c379200cf052ae5dea82c74e0c59706f5428
SHA512 3da69ea09b00a73e2456e4a4f43cc083b3d6e11108137cd98a28da766fb1f8c3931ae5b05f76951a1811ee20c1bee71074dadc07f30b0ee0bb9fbb80ccbb6bbb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

MD5 5eb0cb289e248f6c48d258dca52ce1b3
SHA1 fe44fb7c5821f136497c3a7170ab4f06d26ad568
SHA256 7fdd8fed9643f216a9f4256b8687d3ad0c619d84dd41798bd1383906b3a99b37
SHA512 77b193715ffed5054566d753a750529d5fd742afcdd4491439e9b5caedcabed83a4cd3930d8efd65e9fd5204c7790b5965bdc77d039cf8530b234aa893fbeacd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

MD5 960662fea21b91f73b70da845919d3ae
SHA1 dc7016a417137f711da49c2cdfc2e2df14b0c859
SHA256 1a99e017dde5b00acf6aced9a3c883a7f3336101e619d18e425e656465f8c2cc
SHA512 1b008605f6e0c3095f5b37a2b427dc4d92e00d47b4c4a68856e26e7afa50854c51e2a0007e04585cc81724ecf365dc68357d8b35856d942f87c88cd24b4435e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2aced2c823a70b29032fd6d4fdc825b7
SHA1 a0691eaa94a015de0b1fd58ac0a6d798f94595ae
SHA256 bb0b8f2d1d4c0e7482a23927afb4c6f6b85e155ab034dfe8b9892bfd617887ba
SHA512 566b341f85ec0de9113722017d328855c43bf4f8a039898df0173d1e3b2cdf0a7717d916e34ecc7433a91ee9ecbc4cf1fe46a18ec87c79682e7767f8ae4ea307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b347fd8f7e43fd13f2fac5261d9075e4
SHA1 3dedb7380965c045dffba1dce26d56ed7e948034
SHA256 8b041691df043f088cb85ca273f48ddba315e35e373f06700ef1bfe2c94fa9a1
SHA512 72419a75058b81262730fb2a0b7b527d4470c336051e54f38c72b736b5e91fbf15bea13456b95ca97b6d89f987143943ba857129042aeb09a382acb81012cd6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 46c034ec3a1848ef12e9e28e8507d7d5
SHA1 3626b5ed462e07456c31485ef041e9afaae15242
SHA256 5e0e393ec49d2c9de8d8f4f3b2696e59d7495c5db49f5ff00cdd8f1894d82f41
SHA512 d5a24cf14766da3f55bd07046119d65143a55da368279d705e8d4b622e25775a4f309c6b75f669e8babee438fe8f65ec4b3da8b9655213c7f948f9c651b0a49a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1

MD5 2481e289b8af5339456200f899b29710
SHA1 621fc1ab22ef69a13f84c07a034775c9b42ec15e
SHA256 d10dc9e1e48e025cc0bf5007339d31342b11a7096b6a218aa5dee671609680ad
SHA512 d8836ad56342ebf997f9edc269449b7e64719f870a584dbe1dd2244ce83c901f3d3ef5ccb06e8f7dccf13e34f5f7d74904a83f165ec4be81af0732b91334f029

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_1

MD5 f3a69febb495feec310e1b0c4cf5e842
SHA1 44a813b3ac1bc9abb5b71486a402604011e6ca61
SHA256 69363f14186b6dfeddd94e8dbe3ced20e139ed5ba4912dd393bfc5c8824ff826
SHA512 72c8f8c276c99ee83eebfe9f2da14008c9f4210a5c6947036576abaaa5204b86609333c10040cf3ea70774e70e417391f0c4c6eb3611b95e7f6c45b0b78fd594

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

MD5 aa794e11b1db9e78a4d49d22a6ffc336
SHA1 037e436b189f1e98e941074999ecca622f133fe6
SHA256 dbd70b238540fe4015ab2b478b77c0cd051a5d63d728d632d83faa267c721957
SHA512 810690e70a3fa71db6257d24245e3665a947a3e6d48182abc10bfcba86f5d75af90682b5d7e88aab73c9c5f69f4867829d8bf3e9dd37ff6474d341d9cc0678bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c4

MD5 b2015083e6a8e22deecda244105fee58
SHA1 2c70346ec41d3be8b06cff71f03c551081f451a1
SHA256 514b43f079b0faac2664c5a07c5da28afcf1dd27cdaaeca689aab661a7ef45bb
SHA512 73c5583b9f1bf0e07ffea184780b29d6e007ff2a78c7d217bb88159e1be2aa742e10d86d71cf877d1d0c93ab8b9c4bbb24c260eeac5225d950e9e87556e7c7c9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 318175ba7c019793c8b39fba362a1cbd
SHA1 1a05807302c242ddc9989596011031acccf52460
SHA256 7e80924fe19b03afd54e8bdda9f67c75a25aedcad3194dbda100b0db0d104f5d
SHA512 4224f6bf3e834aeabc8bc7d1f1154c892b84ba61045ee49b55bb879748b71275b65121db463798089726d59f638ba1b26aa00beee3967a8f5421a4619731b8ab

memory/1416-2765-0x00007FFE155B0000-0x00007FFE155B2000-memory.dmp

memory/1416-2766-0x00007FFE155C0000-0x00007FFE155C2000-memory.dmp

memory/1416-2768-0x00007FFDE3A50000-0x00007FFDE5400000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e56a537c67be39b9332d35b16670111d
SHA1 f4aad96a870c1cc9b29a462b2fd7ef9fc3f0c708
SHA256 34a75dc410387f37414e211854ab386a81c2eb8c81c9dfed0fafc01f82715290
SHA512 c14e38fbef156e7018f2012e11f6909405101909c7914eedc8db3cd950975821a42b89cdeec020b907522236e4cdaa59841c319edf74759ed0b9b2ca2365dc4b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fa8e056332ff5e1567c7eee35609df92
SHA1 f30004f88d6ab29873a54f944542ebe91272f263
SHA256 358610d11b38cd3273c0b700d9a62afc57322c4cda1a9714dc0b284978ce88d6
SHA512 edf8058a849750422d69ef1ef938a03e82d261698647d18d8bfcecc24d34023f3a04dc4c61725a249accdd33a88f6c801c73497504791cfa24a84b5f9b8a5a88

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0410d4771899d3ef0d18c6ad583a44ad
SHA1 8eec1860a6e025ca8cf7d508d9117d4a1ec02e32
SHA256 09953356bf100dfae11194f12749e9b74a957382a878cdbbc1f2d72cbd4d7127
SHA512 28779ecd2667981f036322d2eba12bc3568acf483b90a3f80e660b3137a29bd16beb9acd94ec0ff8ab6a326fa46485ae1d64b2941c3d59fc4acc7f70b6562e8e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\39b97dfca74bbf0c_0

MD5 25370e83ae5ebe901ecc900da0ffed1c
SHA1 48e68768a96d08a65c170037a8d9ca7e8ac20deb
SHA256 527956a1f852f07432e0ce99c34507e5123dffb7a7c69a698cf97378962ead7a
SHA512 7efabb1578fdeead12b1b608786fde831436795b52ff36be1d252379c3ea709fd60cfd48c00f4ad864c4b7eae6fa652b28ee14e54b0764962a168a051fa13de3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 b96a6c8f0bc8cf6289f1c4417bc06c8d
SHA1 1f68f49dcee61670f71aead40c7f9431aa4cb90f
SHA256 d2fdb9439b8ded05afda8878af4c2ca2f41266f1a0d1e9cca201fc28251a8c0f
SHA512 23150ced68e09a9d90a0d4f7b201f90d9c6cc6438d4f82ad32f43dd57e8a506f94e56b92741b5a1ead33a35b07fb56d0f99211ba1f4b539118b084e0215c4799

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f21d88ed7c9d0fa5_0

MD5 e25afbac40f0909d0a27a0d0006ad865
SHA1 4ed244dda18a35dc7e613f934a4b0daa8156330d
SHA256 a932e1cf3f9230333feb91e27240270aad279e9913884231cb4fb0ca351ea599
SHA512 76b0f16782134629068daa0a1972c3beebca19ae4a99fe20cc20f23b0fe3ad426a4d11cd19c40079b444a84b7f5df5a48df185b9decbfa75d2c0633e13560783

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dd2dfdf247e59d85_0

MD5 b4c7a3f2a610c6ad77d9d38888d871a2
SHA1 9e0887473c1f14e8dd1cec06709f34a73b5857a7
SHA256 826f01d26ea153d160c2a0a990b17199b72239b38fa219b69f8440390c48bc63
SHA512 90ac2262f3db444f4d37213c9acc502eac56a181a587f9f0d8fdc826b247e2726f0bd34b5096d8b4ee31ea32991511626f26998ca067415b02bf7293b875cce3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\82991977a8a9dfbc_0

MD5 2ce73662e2b7a917023dd0110683e3c5
SHA1 494075e8b93732149ba071e04851b14da06eae63
SHA256 7f8dc99c609c443677ef14ae8264e63171f0be034aaca584769583a4e944964b
SHA512 3e26bdb2f62309a7c992410a16500597c5ab2c8d18065982f601a89e7c4b7e79eebdf006f5ad57484a01ee06cd381369186913f14f9c32533f040dbf26b16d34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b60cc3008ad9d943_0

MD5 00f957f2ec303f0bc91b4b46ad980479
SHA1 ca58ffe930a88817014362a6c32fb36d7136dd96
SHA256 4ec3cf2453d8eb52a873b34c8bcefb11246c17dd54a82198fc0d2c475d769713
SHA512 543b5f716341fb98a6732b033f1320b6ccd7f3f6fceda0de9f37cf656f70fd01878b1828d6f654bbfd54dbb3485dd03a495c3aff5e6abd8af1f48021c822a024

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1d1d46a73b4736097cdf0e14a3a0a57b
SHA1 3a273bb5c9abded249ccae478ad3acf471cbd571
SHA256 a8cab7ad42aea10ac3c18a3c56c6312889a3d043a65aeb890b650047176f9b43
SHA512 da9abab2ac29d0219cbf2977f5227a37e61f905cf174b4343ee99a4db47b58a46c86d17eef4111c70fb6074f1be72c4eda2ef3caa3d375ecc3c8c6a65377485d