Malware Analysis Report

2025-05-28 18:10

Sample ID 241109-zt8pmasdjd
Target planetvpn.exe
SHA256 575ad04aad19034af4862fcaa8991fdc3a87d07d2d136787e1c84c2f8bcb4532
Tags
discovery persistence privilege_escalation
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

575ad04aad19034af4862fcaa8991fdc3a87d07d2d136787e1c84c2f8bcb4532

Threat Level: Likely malicious

The file planetvpn.exe was found to be: Likely malicious.

Malicious Activity Summary

discovery persistence privilege_escalation

Manipulates Digital Signatures

Drops file in Drivers directory

Adds Run key to start application

Looks up external IP address via web service

Drops Chrome extension

Drops file in System32 directory

Drops file in Windows directory

Drops file in Program Files directory

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Enumerates physical storage devices

Event Triggered Execution: Netsh Helper DLL

System Location Discovery: System Language Discovery

Browser Information Discovery

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

Modifies system certificate store

Suspicious behavior: LoadsDriver

Suspicious use of SetWindowsHookEx

Suspicious behavior: AddClipboardFormatListener

Suspicious use of SendNotifyMessage

Kills process with taskkill

Modifies registry key

Modifies data under HKEY_USERS

Suspicious use of AdjustPrivilegeToken

Modifies registry class

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Checks SCSI registry key(s)

Gathers network information

Suspicious behavior: GetForegroundWindowSpam

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-09 21:01

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-09 21:01

Reported

2024-11-09 21:05

Platform

win11-20241007-en

Max time kernel

211s

Max time network

224s

Command Line

"C:\Users\Admin\AppData\Local\Temp\planetvpn.exe"

Signatures

Drops file in Drivers directory

Description Indicator Process Target
File opened for modification C:\Windows\System32\drivers\tap0901.sys C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\drivers\wintun.sys C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\drivers\SET81ED.tmp C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\drivers\SET81ED.tmp C:\Windows\system32\DrvInst.exe N/A

Manipulates Digital Signatures

Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\5E66E0CA2367757E800E65B770629026E131A7DC\Blob = 0300000001000000140000005e66e0ca2367757e800e65b770629026e131a7dc040000000100000010000000c759d588bceb1c8a8c8a4d2c00103ba10f00000001000000140000001b4e387db74a69a0470cb08f598beb3b511617531400000001000000140000009afe50cc7c723e76b49c036a97a88c8135cb6651190000000100000010000000ea06916833e9ecb6dac092d5c3482ff15c000000010000000400000000080000180000000100000010000000c7c2cda336016dcb1d1c518e4c192b4b4b0000000100000044000000320036004100440030003100460039004300300030003200460041004400330037003400320037004500370033003400330030003200330038003300440038005f0000002000000001000000ba060000308206b63082059ea003020102021004d54dc0a2016b263eeeb255d321056e300d06092a864886f70d0101050500306f310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312e302c060355040313254469676943657274204173737572656420494420436f6465205369676e696e672043412d31301e170d3133303831333030303030305a170d3136303930323132303030305a308181310b3009060355040613025553311330110603550408130a43616c69666f726e6961311330110603550407130a506c656173616e746f6e31233021060355040a131a4f70656e56504e20546563686e6f6c6f676965732c20496e632e312330210603550403131a4f70656e56504e20546563686e6f6c6f676965732c20496e632e30820122300d06092a864886f70d01010105000382010f003082010a0282010100a10462099150b2575bc037614701c292ba96e98270fdb06e1d1f40343e720e259d6f9fdf59bcb9365f8cea69689aed7a4354591db75509826ad71ab3f00cb18ed11157effc5eb3bf5730b33b5ba76fd73f3fd7f1b2256410223a7f8f5f52b6fb8b31a979cc50f831880fc837c81168e74dd4f57368ef55a1dbe480a815128e0d944d4d70be02ed65efe486a020f50dfdfe6d2a0dfab3ff9885fdb1bc39b79bb0a38183e42d557a60da66883c3307c208655da1a43eeb2393ea10b200f55ddfd66da47eae911eebe43113c7aafdf8e13d2fef2604eac2e3739021816b323dc9ef0f8411a1a7921023ff3cd7f1f4d4307f6ad13816d47b93823c9683069315088d0203010001a382033930820335301f0603551d230418301680147b68ce29aac017be497ae1e53fd6a7f7458f3532301d0603551d0e041604149afe50cc7c723e76b49c036a97a88c8135cb6651300e0603551d0f0101ff04040302078030130603551d25040c300a06082b0601050507030330730603551d1f046c306a3033a031a02f862d687474703a2f2f63726c332e64696769636572742e636f6d2f617373757265642d63732d32303131612e63726c3033a031a02f862d687474703a2f2f63726c342e64696769636572742e636f6d2f617373757265642d63732d32303131612e63726c308201c40603551d20048201bb308201b7308201b306096086480186fd6c0301308201a4303a06082b06010505070201162e687474703a2f2f7777772e64696769636572742e636f6d2f73736c2d6370732d7265706f7369746f72792e68746d3082016406082b06010505070202308201561e8201520041006e007900200075007300650020006f00660020007400680069007300200043006500720074006900660069006300610074006500200063006f006e0073007400690074007500740065007300200061006300630065007000740061006e006300650020006f00660020007400680065002000440069006700690043006500720074002000430050002f00430050005300200061006e00640020007400680065002000520065006c00790069006e0067002000500061007200740079002000410067007200650065006d0065006e00740020007700680069006300680020006c0069006d006900740020006c0069006100620069006c00690074007900200061006e0064002000610072006500200069006e0063006f00720070006f00720061007400650064002000680065007200650069006e0020006200790020007200650066006500720065006e00630065002e30818206082b0601050507010104763074302406082b060105050730018618687474703a2f2f6f6373702e64696769636572742e636f6d304c06082b060105050730028640687474703a2f2f636163657274732e64696769636572742e636f6d2f4469676943657274417373757265644944436f64655369676e696e6743412d312e637274300c0603551d130101ff04023000300d06092a864886f70d0101050500038201010035d3e402ab7e93e4c84f74475c2403fbaf99335beb29aef76c0cbadf9eed476e26ae26aa5e87bb55e851926d2db986d674efd71abe7ecdc4b57c98d65b862725bd09e466949c3cf68cb40631d734ee948e4a7e5c849edf9757530a17e85c91e3dbc61e31a5d30b7250e83316c23728cc3fc0c721f61780a9f8542b575131652426be91885d9756313eff308755b60ccf6ade5f7bd7e32690a51c0b470a3bfe9dbedad74b535349ff469baa3e4d741d7db011501f80afdc4138a345c36e78710681be9d5b2bd45620bfaddf8e4ebd58e0820296f5c40c06fc48db187ff49fcaf489866fdae7c4d7224e3548bac384a5e7b59175c8fd6a667fa6ee3838802ce9be C:\Windows\system32\DrvInst.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-2253712635-4068079004-3870069674-1000\Software\Microsoft\Windows\CurrentVersion\Run\PlanetVPN = "C:\\Program Files (x86)\\PlanetVPN\\PlanetVPN.exe" C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A

Drops Chrome extension

Description Indicator Process Target
File created C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadaohckdkghfaclhjmkmplebcdcnfnp\2.0.0_0\manifest.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A whatismyipaddress.com N/A N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\System32\DriverStore\Temp\{191f804c-fe6c-0b41-8f56-147d3a8f5121}\SETC376.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\FileRepository\wintun.inf_amd64_8ed20477a29aa8f7\wintun.sys C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{191f804c-fe6c-0b41-8f56-147d3a8f5121} C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926}\SET6FBC.tmp C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926}\SET6FBC.tmp C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926}\SET6FCD.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926}\tap0901.cat C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926}\SET6FCE.tmp C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\DriverStore\Temp\{191f804c-fe6c-0b41-8f56-147d3a8f5121}\SETC308.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\CatRoot2\dberr.txt C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{191f804c-fe6c-0b41-8f56-147d3a8f5121}\wintun.inf C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{191f804c-fe6c-0b41-8f56-147d3a8f5121}\SETC377.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\FileRepository\wintun.inf_amd64_8ed20477a29aa8f7\wintun.inf C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926}\oemvista.inf C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\DriverStore\drvstore.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\CatRoot2\dberr.txt C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\wintun.inf_amd64_8ed20477a29aa8f7\wintun.PNF C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926}\SET6FCD.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926}\SET6FCE.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\FileRepository\oemvista.inf_amd64_a572b7f20c402d28\tap0901.cat C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\FileRepository\wintun.inf_amd64_8ed20477a29aa8f7\wintun.cat C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\FileRepository\oemvista.inf_amd64_a572b7f20c402d28\oemvista.inf C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{191f804c-fe6c-0b41-8f56-147d3a8f5121}\SETC308.tmp C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\DriverStore\Temp\{191f804c-fe6c-0b41-8f56-147d3a8f5121}\SETC376.tmp C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\DriverStore\drvstore.tmp C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926}\tap0901.sys C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\FileRepository\oemvista.inf_amd64_a572b7f20c402d28\tap0901.sys C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{191f804c-fe6c-0b41-8f56-147d3a8f5121}\wintun.cat C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{191f804c-fe6c-0b41-8f56-147d3a8f5121}\wintun.sys C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\FileRepository\wintun.inf_amd64_8ed20477a29aa8f7\wintun.sys C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926} C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\oemvista.inf_amd64_a572b7f20c402d28\oemvista.PNF C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
File created C:\Windows\System32\DriverStore\Temp\{191f804c-fe6c-0b41-8f56-147d3a8f5121}\SETC377.tmp C:\Windows\system32\DrvInst.exe N/A

Checks installed software on the system

discovery

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\is-GFH5M.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Private\is-THVVG.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Private\is-4P00J.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File opened for modification C:\Program Files (x86)\PlanetVPN\imageformats\qwebp.dll C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\imageformats\is-NN39H.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\is-UM65C.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Private\is-PR8J9.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Fusion\is-S89LU.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File opened for modification C:\Program Files (x86)\PlanetVPN\Qt5QuickControls2.dll C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\is-GQ5P5.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\is-OIIDO.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Private\is-30HD5.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\is-R29LM.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Styles\Base\is-2E8F1.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Material\is-VB7VA.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Universal\is-NQEA0.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Extras\Private\is-OUVRC.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File opened for modification C:\Program Files (x86)\PlanetVPN\Qt5Network.dll C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\bearer\is-HECOP.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Material\is-S8T08.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Material\is-ND0PE.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\is-ORQ2B.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Styles\Base\is-K74UP.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Fusion\is-H0MNV.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Imagine\is-QAVFQ.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Material\is-UILML.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtGraphicalEffects\private\is-J86QP.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\is-J5154.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Private\is-U7TNP.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Fusion\is-OFAUE.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Private\is-D8FHO.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Styles\Base\is-95MES.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Material\is-OF7OG.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Material\is-14N8T.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Styles\Desktop\is-M78VS.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Material\is-KF2L6.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\Qt\labs\platform\is-AOJAV.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\is-62L8L.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Dialogs\is-6HBES.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQml\WorkerScript.2\is-EFITU.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Imagine\is-4SCV7.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Material\is-TPMLO.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Window.2\is-0UM3P.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Universal\is-59ENP.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtGraphicalEffects\is-C09E9.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\is-TI763.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Fusion\is-7NU38.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Imagine\is-O5M4K.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\is-L3PN9.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Dialogs\images\is-2JF1F.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\is-1CS97.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\is-9G1GR.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Styles\Base\images\is-L84K7.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\is-V0M86.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File opened for modification C:\Program Files (x86)\PlanetVPN\Qt5QuickShapes.dll C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File opened for modification C:\Program Files (x86)\PlanetVPN\bin\Wireguard\wireguard.dll C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Styles\Desktop\is-MRNPG.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Private\is-20B5V.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Styles\Base\is-5NF07.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Private\is-F2FMM.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Controls\Styles\Base\is-D5HKJ.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Dialogs\qml\is-IHKCB.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File created C:\Program Files (x86)\PlanetVPN\QtQuick\Extras\is-2EAMK.tmp C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
File opened for modification C:\Program Files (x86)\PlanetVPN\QtQuick\Extras\qtquickextrasplugin.dll C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\inf\oem4.inf C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\rundll32.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\inf\oem3.inf C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\DrvInst.exe N/A
File created C:\Windows\inf\oem4.inf C:\Windows\system32\DrvInst.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
File opened for modification C:\Windows\INF\setupapi.dev.log C:\Windows\system32\svchost.exe N/A
File created C:\Windows\inf\oem3.inf C:\Windows\system32\DrvInst.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

Event Triggered Execution: Netsh Helper DLL

persistence privilege_escalation
Description Indicator Process Target
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key queried \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A
Key value enumerated \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh C:\Windows\SysWOW64\netsh.exe N/A

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\taskkill.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\planetvpn.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\ipconfig.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-C83SG.tmp\planetvpn.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\reg.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\PlanetVPN\bin\Xray\xray.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\planetvpn.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\netsh.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\sslocal.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\ipconfig.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\LowerFilters C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Filters C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\CompatibleIDs C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Service C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Filters C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Filters C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\UpperFilters C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\CompatibleIDs C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Filters C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Service C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Windows\system32\rundll32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\CompatibleIDs C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\LowerFilters C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\rundll32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\LowerFilters C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Filters C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Windows\system32\rundll32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Service C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\UpperFilters C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Service C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\LowerFilters C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\CompatibleIDs C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Filters C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\UpperFilters C:\Windows\system32\DrvInst.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Service C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\LowerFilters C:\Windows\system32\DrvInst.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Gathers network information

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\ipconfig.exe N/A
N/A N/A C:\Windows\SysWOW64\ipconfig.exe N/A

Kills process with taskkill

evasion
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\taskkill.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\My C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Windows\system32\DrvInst.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756599117141449" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Windows\system32\DrvInst.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Windows\system32\DrvInst.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\PlanetVPN C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\PlanetVPN\ = "URL:PlanetVPN" C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\PlanetVPN\URL Protocol C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\PlanetVPN\shell\open\command C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\PlanetVPN\shell C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\PlanetVPN\shell\open C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\PlanetVPN\shell\open\command\ = "\"C:\\Program Files (x86)\\PlanetVPN\\PlanetVPN.exe\" \"%1\"" C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A

Modifies registry key

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\reg.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 C:\Windows\system32\rundll32.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a C:\Windows\system32\rundll32.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a C:\Windows\system32\rundll32.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Windows\SysWOW64\taskkill.exe N/A
Token: SeAuditPrivilege N/A C:\Windows\system32\svchost.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\svchost.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\DrvInst.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\system32\DrvInst.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\system32\DrvInst.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\system32\DrvInst.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\system32\DrvInst.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\DrvInst.exe N/A
Token: SeBackupPrivilege N/A C:\Windows\system32\DrvInst.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\system32\DrvInst.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\system32\DrvInst.exe N/A
Token: SeLoadDriverPrivilege N/A C:\Windows\system32\DrvInst.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A
N/A N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1056 wrote to memory of 8 N/A C:\Users\Admin\AppData\Local\Temp\planetvpn.exe C:\Users\Admin\AppData\Local\Temp\is-C83SG.tmp\planetvpn.tmp
PID 1056 wrote to memory of 8 N/A C:\Users\Admin\AppData\Local\Temp\planetvpn.exe C:\Users\Admin\AppData\Local\Temp\is-C83SG.tmp\planetvpn.tmp
PID 1056 wrote to memory of 8 N/A C:\Users\Admin\AppData\Local\Temp\planetvpn.exe C:\Users\Admin\AppData\Local\Temp\is-C83SG.tmp\planetvpn.tmp
PID 8 wrote to memory of 3692 N/A C:\Users\Admin\AppData\Local\Temp\is-C83SG.tmp\planetvpn.tmp C:\Users\Admin\AppData\Local\Temp\planetvpn.exe
PID 8 wrote to memory of 3692 N/A C:\Users\Admin\AppData\Local\Temp\is-C83SG.tmp\planetvpn.tmp C:\Users\Admin\AppData\Local\Temp\planetvpn.exe
PID 8 wrote to memory of 3692 N/A C:\Users\Admin\AppData\Local\Temp\is-C83SG.tmp\planetvpn.tmp C:\Users\Admin\AppData\Local\Temp\planetvpn.exe
PID 3692 wrote to memory of 4560 N/A C:\Users\Admin\AppData\Local\Temp\planetvpn.exe C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp
PID 3692 wrote to memory of 4560 N/A C:\Users\Admin\AppData\Local\Temp\planetvpn.exe C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp
PID 3692 wrote to memory of 4560 N/A C:\Users\Admin\AppData\Local\Temp\planetvpn.exe C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp
PID 4560 wrote to memory of 132 N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp C:\Windows\SysWOW64\taskkill.exe
PID 4560 wrote to memory of 132 N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp C:\Windows\SysWOW64\taskkill.exe
PID 4560 wrote to memory of 132 N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp C:\Windows\SysWOW64\taskkill.exe
PID 4560 wrote to memory of 3240 N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe
PID 4560 wrote to memory of 3240 N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe
PID 2124 wrote to memory of 3000 N/A C:\Windows\system32\svchost.exe C:\Windows\system32\DrvInst.exe
PID 2124 wrote to memory of 3000 N/A C:\Windows\system32\svchost.exe C:\Windows\system32\DrvInst.exe
PID 3000 wrote to memory of 1540 N/A C:\Windows\system32\DrvInst.exe C:\Windows\system32\rundll32.exe
PID 3000 wrote to memory of 1540 N/A C:\Windows\system32\DrvInst.exe C:\Windows\system32\rundll32.exe
PID 2124 wrote to memory of 1900 N/A C:\Windows\system32\svchost.exe C:\Windows\system32\DrvInst.exe
PID 2124 wrote to memory of 1900 N/A C:\Windows\system32\svchost.exe C:\Windows\system32\DrvInst.exe
PID 4560 wrote to memory of 1992 N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp C:\Windows\SysWOW64\reg.exe
PID 4560 wrote to memory of 1992 N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp C:\Windows\SysWOW64\reg.exe
PID 4560 wrote to memory of 1992 N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp C:\Windows\SysWOW64\reg.exe
PID 4560 wrote to memory of 3960 N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe
PID 4560 wrote to memory of 3960 N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe
PID 4560 wrote to memory of 3960 N/A C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe
PID 3960 wrote to memory of 1348 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3960 wrote to memory of 1348 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3960 wrote to memory of 1348 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3960 wrote to memory of 3692 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3960 wrote to memory of 3692 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3960 wrote to memory of 3692 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3960 wrote to memory of 3784 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3960 wrote to memory of 3784 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3960 wrote to memory of 3784 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3784 wrote to memory of 2800 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 2800 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 2800 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 484 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 484 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 484 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 3496 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 3496 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 3496 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 1532 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 1532 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 1532 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 1236 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 1236 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 1236 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 3112 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 3112 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3784 wrote to memory of 3112 N/A C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe C:\Windows\SysWOW64\netsh.exe
PID 3960 wrote to memory of 2568 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3960 wrote to memory of 2568 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3960 wrote to memory of 2568 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe
PID 3960 wrote to memory of 2368 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\sslocal.exe
PID 3960 wrote to memory of 2368 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\sslocal.exe
PID 3960 wrote to memory of 2368 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\sslocal.exe
PID 3960 wrote to memory of 2392 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe
PID 3960 wrote to memory of 2392 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe
PID 3960 wrote to memory of 2392 N/A C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe
PID 2124 wrote to memory of 4332 N/A C:\Windows\system32\svchost.exe C:\Windows\system32\DrvInst.exe
PID 2124 wrote to memory of 4332 N/A C:\Windows\system32\svchost.exe C:\Windows\system32\DrvInst.exe

Processes

C:\Users\Admin\AppData\Local\Temp\planetvpn.exe

"C:\Users\Admin\AppData\Local\Temp\planetvpn.exe"

C:\Users\Admin\AppData\Local\Temp\is-C83SG.tmp\planetvpn.tmp

"C:\Users\Admin\AppData\Local\Temp\is-C83SG.tmp\planetvpn.tmp" /SL5="$80204,55471658,1100288,C:\Users\Admin\AppData\Local\Temp\planetvpn.exe"

C:\Users\Admin\AppData\Local\Temp\planetvpn.exe

"C:\Users\Admin\AppData\Local\Temp\planetvpn.exe" /LANG=es

C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp

"C:\Users\Admin\AppData\Local\Temp\is-NFDJE.tmp\planetvpn.tmp" /SL5="$90204,55471658,1100288,C:\Users\Admin\AppData\Local\Temp\planetvpn.exe" /LANG=es

C:\Windows\SysWOW64\taskkill.exe

"taskkill.exe" /f /im "PlanetVPN.exe"

C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe

"C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe" install OemVista.inf tap0901

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall

C:\Windows\system32\DrvInst.exe

DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{28ed88a5-a4c3-184b-b7d6-ad0880a3386d}\oemvista.inf" "9" "4d14a44ff" "000000000000014C" "WinSta0\Default" "0000000000000168" "208" "c:\program files (x86)\planetvpn\drivers_x64"

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Windows\system32\pnpui.dll,InstallSecurityPromptRunDllW 20 Global\{4A350026-522E-4AD2-B6BC-B466777C47FB} Global\{E1C0C59C-882E-40F2-B9A8-F42ED5EA8981} C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926}\oemvista.inf C:\Windows\System32\DriverStore\Temp\{7e17fe96-932d-c542-9a59-b707d42ac926}\tap0901.cat

C:\Windows\system32\DrvInst.exe

DrvInst.exe "2" "211" "ROOT\NET\0000" "C:\Windows\INF\oem3.inf" "oem3.inf:3beb73aff103cc24:tap0901.ndi:9.0.0.21:tap0901," "4d14a44ff" "000000000000014C" "f22a"

C:\Windows\SysWOW64\reg.exe

"reg" add HKLM\Software\Wow6432Node\Google\Chrome\Extensions\kadaohckdkghfaclhjmkmplebcdcnfnp /v update_url /t REG_SZ /d "https://clients2.google.com/service/update2/crx" /f

C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe

"C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe"

C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe

"C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe" --show-adapters

C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe

"C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe" --show-adapters

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s Netman

C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe

"C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe" --config C:/Users/Admin/AppData/Local/Temp/PlanetVPN.AZqZxp

C:\Windows\SysWOW64\netsh.exe

C:\Windows\system32\netsh.exe interface ipv6 set address 10 2001:db8:0:121::102b/128 store=active

C:\Windows\SysWOW64\netsh.exe

C:\Windows\system32\netsh.exe interface ipv6 add route 2001:db8:0:121::/64 10 fe80::8 store=active

C:\Windows\SysWOW64\netsh.exe

C:\Windows\system32\netsh.exe interface ipv6 delete dns 10 all

C:\Windows\SysWOW64\netsh.exe

C:\Windows\system32\netsh.exe interface ipv6 add route 2001:db8:0:abc::/64 10 fe80::8 store=active

C:\Windows\SysWOW64\netsh.exe

C:\Windows\system32\netsh.exe interface ipv6 add route 2000::/3 10 fe80::8 store=active

C:\Windows\SysWOW64\netsh.exe

C:\Windows\system32\netsh.exe interface ipv6 add route 2001:db8:0:abc::/64 10 fe80::8 store=active

C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe

"C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe" --config C:/Users/Admin/AppData/Local/Temp/PlanetVPN.vskzMO

C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\sslocal.exe

"C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\sslocal.exe" -s 15.204.97.213:8443 -m chacha20-ietf-poly1305 -b 127.0.0.1:3128 -k freeuser1 -U --dns 10.255.255.1,10.255.255.2 --tcp-no-delay --tcp-multipath --worker-threads 8

C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe

"C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe" -device wintun -proxy socks5://127.0.0.1:3128

C:\Windows\system32\DrvInst.exe

DrvInst.exe "4" "0" "C:\Users\Admin\AppData\Local\Temp\{3f9c36e1-c0c5-0b4f-90e8-f210bf677266}\wintun.inf" "9" "438a20ca7" "000000000000016C" "WinSta0\Default" "000000000000017C" "208" "C:\Windows\Temp\3e3d4d3676d37ea4eaf0d5fa4a32ce88404b10fc2224a1db397659c0ec5332a6"

C:\Windows\system32\DrvInst.exe

DrvInst.exe "1" "0" "SWD\Wintun\{B83B1017-0985-46DF-AFEA-B88C628C508A}" "" "" "478780757" "0000000000000000" "f22a"

C:\Windows\SysWOW64\ipconfig.exe

ipconfig /flushdns

C:\Program Files (x86)\PlanetVPN\bin\Xray\xray.exe

"C:\Program Files (x86)\PlanetVPN\bin\Xray\xray" run -c C:\Users\Admin\AppData\Local\Temp\xray_config.json

C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe

"C:\Program Files (x86)\PlanetVPN\bin\Shadowsocks\tun2sock.exe" -device wintun -proxy socks5://127.0.0.1:10801

C:\Windows\system32\rundll32.exe

rundll32 "C:\Windows\Temp\8acc7d0f5d3e09a44154c7ec9195f706091dce65fd97b9d9d10ef688d0cbc3a1\setupapihost.dll",RemoveInstance "SWD\WINTUN\{B83B1017-0985-46DF-AFEA-B88C628C508A}"

C:\Windows\SysWOW64\ipconfig.exe

ipconfig /flushdns

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff881b4cc40,0x7ff881b4cc4c,0x7ff881b4cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1808,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1728 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2056,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2124 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2196,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2204 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3124 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3164 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4472,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4328 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4288,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4636 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4268,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4732 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4864,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4620 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4444,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3096 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4848,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4724 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4252,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4896 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5096,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4236 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4612,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4448 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5388,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4724 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5324,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5312 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5308,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5484 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5496,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5288 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5240,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5192 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5220,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5488 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=3412,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3384 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=4328,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4548 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=3252,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5272 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=3280,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5544,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5560 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5688,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5700 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=5828,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5844 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5860,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5988 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6008,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6132 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6372,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6384 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6512,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6536 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6524,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6640 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6320,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6948,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6956 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7068,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7260,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7276 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=7228,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7252 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7564,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7256 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7772,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7788 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8028,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8512 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8048,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8060,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9232 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=8068,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9376 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=8072,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9564 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=8080,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9780 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=8088,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9912 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=8152,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10040 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8164,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=8172,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10308 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=8160,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10340 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=8236,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10572 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=8220,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10712 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=8256,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10720 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=8692,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8684 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=8696,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11076 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=8704,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11200 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=8648,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11452 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=8748,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11572 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=8764,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11704 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=8780,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11836 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=8796,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11968 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=8808,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12096 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=8816,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12232 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=8832,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12368 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=9424,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8044 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=9404,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12616 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=9432,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12852 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=9420,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12980 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=9556,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=13012 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=9572,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=13248 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=9628,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=13380 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=9636,i,1784755508734540267,15564351714458327064,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=13516 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
NL 149.154.164.13:443 api.telegra.ph tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
DE 49.12.122.118:443 aj2660.bid tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 8.8.8.8:53 118.122.12.49.in-addr.arpa udp
DE 169.150.255.183:443 cdn77.aj2660.bid tcp
DE 49.12.122.118:443 aj2660.bid tcp
US 52.217.122.128:443 s3.amazonaws.com tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 8.8.8.8:53 113.39.65.18.in-addr.arpa udp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 52.217.122.128:443 s3.amazonaws.com tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 172.67.164.62:443 ozq2tf6pl.com tcp
US 15.204.97.240:443 tcp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 0.21.8.10.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 255.21.8.10.in-addr.arpa udp
US 8.8.8.8:53 45.21.8.10.in-addr.arpa udp
US 8.8.8.8:53 6.c.9.f.b.0.c.e.0.d.b.7.d.3.1.d.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa udp
N/A 255.255.255.255:67 udp
N/A 224.0.0.251:5353 udp
US 15.204.97.198:443 udp
US 8.8.8.8:53 198.97.204.15.in-addr.arpa udp
US 8.8.8.8:53 3.9.b.1.0.f.f.c.f.e.7.6.2.2.c.8.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa udp
US 8.8.8.8:53 2.c.7.f.7.3.4.1.0.3.c.f.2.f.8.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.e.f.ip6.arpa udp
US 8.8.8.8:53 ozq2tf6pl.com udp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 255.0.255.10.in-addr.arpa udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 213.97.204.15.in-addr.arpa udp
US 8.8.8.8:53 1.255.255.10.in-addr.arpa udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 224.0.0.251:5353 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
US 172.67.164.62:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 16.16.190.129:80 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 www.google.com udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 142.251.211.227:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 142.250.69.202:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.250.217.78:443 tcp
N/A 142.251.211.228:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.251.211.228:443 tcp
N/A 142.251.211.228:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.251.33.67:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.251.33.67:443 tcp
N/A 127.0.0.1:10801 tcp
US 8.8.8.8:53 clients2.googleusercontent.com udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 238.211.251.142.in-addr.arpa udp
US 8.8.8.8:53 234.215.251.142.in-addr.arpa udp
US 8.8.8.8:53 193.69.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.215.251.142.in-addr.arpa udp
N/A 142.251.211.238:443 tcp
N/A 142.251.215.234:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.250.69.193:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.251.215.238:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.250.69.193:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 142.251.215.234:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 142.251.211.228:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 142.251.215.227:443 tcp
N/A 142.251.215.227:443 tcp
N/A 142.251.215.227:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 id.google.com udp
N/A 142.250.217.98:443 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 227.206.250.142.in-addr.arpa udp
US 15.204.97.213:23576 tcp
N/A 142.250.206.227:443 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 142.251.33.67:443 tcp
N/A 142.251.33.67:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 216.239.34.157:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 104.19.222.79:443 tcp
N/A 104.19.222.79:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 a.pub.network udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 142.251.215.234:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.251.215.227:443 udp
N/A 127.0.0.1:10801 tcp
N/A 142.251.215.227:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 104.19.222.79:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 142.251.215.238:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.251.211.234:443 tcp
N/A 142.251.211.234:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 142.251.215.227:443 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 145.160.16.104.in-addr.arpa udp
US 8.8.8.8:53 54.191.246.204.in-addr.arpa udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 104.26.13.133:443 tcp
N/A 169.150.221.147:443 tcp
N/A 104.16.160.145:443 tcp
N/A 204.246.191.54:443 tcp
US 15.204.97.213:23576 tcp
N/A 104.18.20.206:443 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 172.67.69.80:443 tcp
N/A 172.67.69.80:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 172.67.69.80:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 172.67.69.80:443 tcp
N/A 142.251.215.227:443 tcp
N/A 142.251.215.227:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 142.251.215.227:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 142.250.217.72:443 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 34.160.152.31:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 34.111.152.239:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.251.211.234:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 104.26.13.133:443 udp
N/A 104.26.13.133:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 34.160.128.112:443 tcp
N/A 142.251.215.227:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.251.211.234:443 tcp
N/A 172.66.42.248:443 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 104.16.160.145:443 udp
N/A 142.250.217.72:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 104.18.20.206:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 172.217.14.226:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 204.246.191.54:443 tcp
N/A 3.163.158.117:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 104.17.111.223:443 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 172.217.14.226:443 udp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
N/A 34.111.152.239:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 74.125.142.155:443 tcp
N/A 142.250.69.206:443 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 104.17.111.223:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 34.111.152.239:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 fid.agkn.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
US 8.8.8.8:53 209.176.209.34.in-addr.arpa udp
US 8.8.8.8:53 65.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 68.191.246.204.in-addr.arpa udp
US 8.8.8.8:53 42.190.226.44.in-addr.arpa udp
US 8.8.8.8:53 43.40.52.13.in-addr.arpa udp
US 8.8.8.8:53 93.118.119.74.in-addr.arpa udp
N/A 10.255.255.1:53 udp
US 8.8.8.8:53 188.20.57.13.in-addr.arpa udp
US 8.8.8.8:53 204.99.148.54.in-addr.arpa udp
US 8.8.8.8:53 116.133.237.204.in-addr.arpa udp
US 8.8.8.8:53 47.185.230.44.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 5.154.173.69.in-addr.arpa udp
US 8.8.8.8:53 62.6.161.18.in-addr.arpa udp
US 8.8.8.8:53 46.81.216.23.in-addr.arpa udp
US 8.8.8.8:53 105.107.77.45.in-addr.arpa udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 172.67.74.207:443 tcp
N/A 104.18.43.90:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 104.22.53.173:443 tcp
N/A 18.161.8.42:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 192.184.67.40:443 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 34.107.140.113:443 tcp
N/A 34.107.140.113:443 tcp
N/A 34.107.140.113:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 104.18.36.155:443 tcp
N/A 104.18.36.155:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 54.188.94.8:443 tcp
N/A 172.67.23.234:443 tcp
N/A 172.67.23.234:443 tcp
N/A 69.147.80.15:443 tcp
N/A 52.223.40.198:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 35.244.193.51:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 34.209.176.209:443 tcp
N/A 74.119.118.149:443 tcp
N/A 74.119.118.149:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 141.95.98.65:443 tcp
N/A 141.95.98.65:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 204.246.191.68:443 tcp
N/A 44.226.190.42:443 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 13.52.40.43:443 tcp
N/A 127.0.0.1:10801 udp
N/A 13.52.40.43:443 tcp
N/A 127.0.0.1:10801 udp
N/A 34.160.152.31:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 74.119.118.93:443 tcp
N/A 74.119.118.93:443 tcp
N/A 54.148.99.204:443 tcp
N/A 54.148.99.204:443 tcp
N/A 44.230.185.47:443 tcp
N/A 44.230.185.47:443 tcp
N/A 44.230.185.47:443 tcp
N/A 34.120.63.153:443 tcp
N/A 34.120.63.153:443 tcp
N/A 13.57.20.188:443 tcp
N/A 13.57.20.188:443 tcp
N/A 13.57.20.188:443 tcp
N/A 13.57.20.188:443 tcp
N/A 35.186.253.211:443 tcp
N/A 35.186.253.211:443 tcp
N/A 204.237.133.116:443 tcp
N/A 204.237.133.116:443 tcp
N/A 69.173.154.5:443 tcp
N/A 69.173.154.5:443 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 23.216.81.46:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 18.161.6.62:443 tcp
N/A 18.161.6.62:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 45.77.107.105:443 tcp
N/A 45.77.107.105:443 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 34.111.152.239:443 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 172.67.23.234:443 tcp
N/A 34.107.140.113:443 tcp
N/A 13.52.40.43:443 tcp
N/A 13.57.20.188:443 tcp
N/A 13.57.20.188:443 tcp
N/A 18.161.6.62:443 tcp
N/A 10.255.255.1:53 udp
N/A 44.230.185.47:443 tcp
N/A 45.77.107.105:443 tcp
N/A 44.230.185.47:443 tcp
N/A 44.230.185.47:443 tcp
N/A 104.18.36.155:443 tcp
N/A 74.119.118.93:443 tcp
N/A 69.173.154.5:443 tcp
N/A 34.120.63.153:443 tcp
N/A 204.237.133.116:443 tcp
N/A 35.186.253.211:443 tcp
N/A 54.148.99.204:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 16.157.7.96.in-addr.arpa udp
US 8.8.8.8:53 47.66.84.99.in-addr.arpa udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 77.6.161.18.in-addr.arpa udp
US 8.8.8.8:53 75.112.196.23.in-addr.arpa udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 44.226.190.42:443 tcp
N/A 54.148.99.204:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 8.8.8.8:53 24.6.161.18.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 acdn.adnxs.com udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 29.191.246.204.in-addr.arpa udp
US 8.8.8.8:53 97.33.251.142.in-addr.arpa udp
US 8.8.8.8:53 88.66.84.99.in-addr.arpa udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
US 15.204.97.213:23576 tcp
N/A 104.22.74.216:443 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 241.158.82.98.in-addr.arpa udp
US 8.8.8.8:53 13.240.194.69.in-addr.arpa udp
US 8.8.8.8:53 226.215.251.142.in-addr.arpa udp
US 8.8.8.8:53 140.1.200.54.in-addr.arpa udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 34.160.128.112:443 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.1:53 udp
N/A 104.18.43.90:443 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 142.251.33.66:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 74.119.118.149:443 tcp
N/A 142.251.33.66:443 tcp
N/A 142.251.215.225:443 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 35.244.193.51:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 104.100.168.91:443 tcp
N/A 104.100.168.91:443 tcp
N/A 104.100.168.91:443 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 104.18.38.76:443 tcp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 23.216.82.57:443 tcp
N/A 35.71.139.29:443 tcp
N/A 74.119.118.134:443 tcp
N/A 34.98.64.218:443 tcp
N/A 34.160.152.31:443 udp
N/A 34.160.152.31:443 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 67.205.150.146:443 tcp
N/A 96.7.157.16:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 74.119.118.149:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 204.246.191.68:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 34.107.140.113:443 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 18.161.8.42:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 99.84.66.47:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 18.238.217.67:443 tcp
N/A 18.161.6.77:443 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 104.22.74.216:443 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 usr.undertone.com udp
US 15.204.97.213:23576 tcp
N/A 141.95.98.65:443 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 190.238.4.52.in-addr.arpa udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 8.8.8.8:53 pixel-us-east.rubiconproject.com udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.2:53 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 c.bing.com udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
US 15.204.97.213:23576 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 s0.2mdn.net udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
US 15.204.97.213:23576 tcp
N/A 10.255.255.2:53 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.2:53 udp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
N/A 34.160.128.112:443 udp
N/A 34.98.64.218:443 udp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 23.196.112.75:443 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 5.146.173.69.in-addr.arpa udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 8.8.8.8:53 pixel.tapad.com udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 pbs.yahoo.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 204.246.191.38:443 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 74.119.118.149:443 tcp
N/A 172.217.14.226:443 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 142.251.33.66:443 tcp
N/A 142.251.33.66:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 18.161.6.24:443 tcp
N/A 3.163.21.162:443 tcp
N/A 3.163.21.162:443 tcp
N/A 3.163.21.162:443 tcp
N/A 104.22.5.69:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 172.217.14.226:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 18.161.6.52:443 tcp
N/A 44.239.48.136:443 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 129.160.250.199.in-addr.arpa udp
US 8.8.8.8:53 252.148.254.104.in-addr.arpa udp
US 8.8.8.8:53 123.133.237.204.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 253.171.91.3.in-addr.arpa udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 match.sharethrough.com udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
US 15.204.97.213:23576 tcp
N/A 142.251.33.66:443 tcp
N/A 142.251.33.66:443 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 204.246.191.29:443 tcp
N/A 204.246.191.29:443 tcp
N/A 142.251.33.97:443 tcp
N/A 142.251.33.97:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 99.84.66.47:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 99.84.66.88:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.1:53 udp
N/A 52.223.40.198:443 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 23.43.82.11:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 98.82.158.241:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 98.82.158.241:443 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
US 8.8.8.8:53 106.160.6.74.in-addr.arpa udp
US 8.8.8.8:53 102.33.251.142.in-addr.arpa udp
US 8.8.8.8:53 131.196.214.74.in-addr.arpa udp
US 8.8.8.8:53 124.6.161.18.in-addr.arpa udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 cm.adgrx.com udp
US 8.8.8.8:53 a.tribalfusion.com udp
US 8.8.8.8:53 ad.mrtnsvr.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 8.8.8.8:53 pixel.onaudience.com udp
US 8.8.8.8:53 uipglob.semasio.net udp
US 8.8.8.8:53 um.simpli.fi udp
US 8.8.8.8:53 160.118.241.54.in-addr.arpa udp
US 8.8.8.8:53 168.153.146.124.in-addr.arpa udp
US 8.8.8.8:53 51.133.90.69.in-addr.arpa udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 142.251.33.66:443 udp
N/A 142.251.33.66:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 151.101.42.49:443 tcp
N/A 54.200.1.140:443 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 142.251.33.66:443 udp
N/A 142.251.33.97:443 udp
N/A 142.251.211.228:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.251.33.66:443 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 142.250.69.206:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 69.194.240.13:443 tcp
N/A 142.251.215.226:443 tcp
N/A 142.251.215.226:443 tcp
N/A 142.251.215.226:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 syncaps.cootlogix.com udp
US 8.8.8.8:53 ssbsync-us.smartadserver.com udp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 8.8.8.8:53 amazon-tam-match.dotomi.com udp
US 8.8.8.8:53 sync.inmobi.com udp
US 8.8.8.8:53 sync.ipredictive.com udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 image2.pubmatic.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 cm-supply-web.gammaplatform.com udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 px.owneriq.net udp
US 8.8.8.8:53 gocm.c.appier.net udp
N/A 99.84.66.47:443 udp
N/A 142.251.33.66:443 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 204.246.191.68:443 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 69.147.80.15:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 96.7.157.198:443 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 104.18.36.155:443 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 54.177.133.170:443 tcp
N/A 54.177.133.170:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 104.36.113.112:443 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 yieldmo-match.dotomi.com udp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 cdn-ima.33across.com udp
N/A 127.0.0.1:10801 udp
US 8.8.8.8:53 cdn.id5-sync.com udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 casale-match.dotomi.com udp
US 8.8.8.8:53 tr.blismedia.com udp
US 8.8.8.8:53 i.liadm.com udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 52.4.238.190:443 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 udp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 142.251.215.226:443 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 99.84.66.47:443 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 142.251.33.66:443 udp
N/A 204.246.191.29:443 udp
N/A 142.251.33.66:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 69.173.154.8:443 tcp
N/A 104.18.36.155:443 tcp
N/A 18.238.217.118:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 98.82.158.241:443 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 172.217.14.226:443 tcp
N/A 69.173.146.5:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 54.148.99.204:443 tcp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 3.210.226.4:443 tcp
N/A 98.82.158.241:443 tcp
N/A 98.82.158.241:443 tcp
N/A 98.82.158.241:443 tcp
N/A 10.255.255.1:53 udp
N/A 69.173.154.8:443 tcp
N/A 34.36.216.150:443 tcp
N/A 54.148.99.204:443 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
US 15.204.97.213:23576 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 199.250.160.129:443 tcp
N/A 204.79.197.237:443 tcp
N/A 13.107.42.14:443 tcp
N/A 34.98.64.218:443 tcp
N/A 104.254.148.252:443 tcp
N/A 104.254.148.252:443 tcp
N/A 204.237.133.123:443 tcp
N/A 204.237.133.123:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 34.160.152.31:443 udp
N/A 34.160.152.31:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 172.64.151.101:443 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 3.91.171.253:443 tcp
N/A 3.91.171.253:443 tcp
N/A 3.91.171.253:443 tcp
N/A 3.91.171.253:443 tcp
N/A 3.91.171.253:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 3.91.171.253:443 tcp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 142.250.217.98:443 tcp
N/A 142.250.217.98:443 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 35.212.160.220:443 tcp
N/A 34.111.113.62:443 tcp
N/A 185.184.8.90:443 tcp
N/A 74.214.196.131:443 tcp
N/A 74.6.160.106:443 tcp
N/A 142.251.33.102:443 tcp
N/A 52.10.28.223:443 tcp
N/A 10.255.255.1:53 udp
N/A 52.10.28.223:443 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 35.186.253.211:443 tcp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 18.161.6.124:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 34.98.64.218:443 udp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.1:53 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 104.100.48.186:443 tcp
N/A 127.0.0.1:10801 udp
N/A 3.210.226.4:443 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 10.255.255.2:53 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 udp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 127.0.0.1:10801 tcp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.1:53 udp
N/A 10.255.255.2:53 udp

Files

memory/1056-0-0x0000000000400000-0x000000000051A000-memory.dmp

memory/1056-2-0x0000000000401000-0x00000000004B7000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-C83SG.tmp\planetvpn.tmp

MD5 9e9ef955001906e8b747e86f44f54b22
SHA1 7ca2f3294f5b1c202dc5d5bbb78c1890e70d1e72
SHA256 5c2848f6ba1cfbfeb136174d94632a7c0bce132fc11664559b88ca0180e919d3
SHA512 5eaeff606ef999f7a30adc2f78658fbc3c9cf427b162aed94488c867a2cd838a6d67c9165b5d114f89a2957858accd6246c5b34e971e4364a26ff17661b8b7af

memory/8-6-0x0000000000400000-0x0000000000756000-memory.dmp

memory/3692-9-0x0000000000400000-0x000000000051A000-memory.dmp

memory/3692-11-0x0000000000400000-0x000000000051A000-memory.dmp

memory/1056-15-0x0000000000400000-0x000000000051A000-memory.dmp

memory/8-13-0x0000000000400000-0x0000000000756000-memory.dmp

memory/4560-19-0x0000000000400000-0x0000000000756000-memory.dmp

memory/3692-21-0x0000000000400000-0x000000000051A000-memory.dmp

memory/4560-24-0x0000000000400000-0x0000000000756000-memory.dmp

C:\Program Files (x86)\PlanetVPN\PlanetVPN.exe

MD5 2ac9a036b05fb71f1b3f7a700e2339e2
SHA1 e5d6544c5a2063da181ad2a6bb513dbbc317623d
SHA256 f400a3c8271563832f12704b97fab75cea68c85f072e975713629a4c8cc2202c
SHA512 838f6b86591134c15eeaac7c2546260dbb98fc403421197a8cc042d26febb263362fb2f06075245a74ec204ba460258176ce52c7eec2c375cc3a0ac295c021ac

C:\Program Files (x86)\PlanetVPN\bin\is-80095.tmp

MD5 e22b2e3d650c33c9197f985b7516da70
SHA1 87fe823dfd9a2ed7596cbfe249318c17e095aeb1
SHA256 2270871989e6c90df07b3e4630b4c4b6dd0e33e2a23ba3c52a7ff7bc3553304e
SHA512 84c9ca6f4dd73fb1f426671f937ab0e0210dce0bfb0e48fbb8e0305d31aca97d762a6b462c8daef5092d27b612fd7bfc7a6e3664995eee2ece25598dd3b48af8

C:\Program Files (x86)\PlanetVPN\bin\is-BMNVN.tmp

MD5 98130c9779c39825dd123029060b8084
SHA1 57ab9af726692dbb0d2d65ab95f03f1b87e7da3e
SHA256 479907904acf2836a3e103a192393e98c98cfddc1b4c0b8ff20a442521900c6a
SHA512 4afbcb353bc4e697005f05ce729d52d14ce0538a0b3fc76044a72725296cd805682cb004630cd20b1d150ddf348f92478b5243dced378cf4720be51b61e117c4

memory/4560-195-0x0000000000400000-0x0000000000756000-memory.dmp

C:\Program Files (x86)\PlanetVPN\bin\Wireguard\is-7A95G.tmp

MD5 9aec524b616618b0d3d00b27b6f51da1
SHA1 64264300801a353db324d11738ffed876550e1d3
SHA256 59a466f77584438fc3abc0f43edc0fc99d41851726827a008841f05cfe12da7e
SHA512 0648a26940e8f4aad73b05ad53e43316dd688e5d55e293cce88267b2b8744412be2e0d507dadad830776bf715bcd819f00f5d1f7ac1c5f1c4f682fb7457a20d0

C:\Program Files (x86)\PlanetVPN\bin\Wireguard\is-UK4F2.tmp

MD5 051973a1420749e10d007049f15a30ab
SHA1 27141d4e7847e16f3cedd487dd3f074811556ff1
SHA256 672458902acead23b1a4dbca8b26e51324e88948196bc30d68703d45547898e8
SHA512 0f105ba29af981afe3a43e6d789f5df8a501c252d3f46bf730d5c92c98358c6656cbdc7bd7d5a0d4c5357ae0acb1144828358b07cf2b1515512ca9b4d3f047fa

C:\Program Files (x86)\PlanetVPN\bin\Wireguard\is-AEV6H.tmp

MD5 ed53eee1623a43e9ae174262169f0f2e
SHA1 4bf7e9fa40878e19d6d7b8277982ed958681af86
SHA256 0b5532f93126db45689d7e3162cfc6951f78738a182e52712bb2c71980468f23
SHA512 dce1bc89033313934323e9ad1fd0ef7a525df0fd8f2f7c64b5ca8f5e7780b5526ce9e1fff408f8a00b46f718763d492eae059b7d11d873eea3186e8584dca53c

C:\Program Files (x86)\PlanetVPN\bin\Wireguard\is-41KH1.tmp

MD5 39d509b1675c380dc549972506a8f717
SHA1 7fdbb1897ccd3ffcdee39ac3838e19f7b9d3f6c7
SHA256 bb88391d53cf771c58887cb54101b5dc638abeb84bce4beddd82be5fb4bae671
SHA512 bb4cfd92dd772b4d7a5bc84a6348be1e7d96864b086bfc331713ebefb47e30c7d1b304cde7d3a25b388ccd7e59816b0e3fe96f85676c722664be470723960ca9

memory/4560-264-0x0000000000400000-0x0000000000756000-memory.dmp

C:\Program Files (x86)\PlanetVPN\platforms\is-U77O9.tmp

MD5 10de385a50aba297f8b92fb2eeaca1a3
SHA1 b1506e0f27f0661e3c46d2389159b8fc1fdc704b
SHA256 bd092da50a3d1d5113d0f5404bc8854faabc4875dd3247c81c4267fe8599e338
SHA512 29e8781cf4c98a2ea4d97cc0dd5f8bcfc8825caec55bd5d82c7124a4668c6823605910ac4f14d1a26fe46dfadc9bc8957c3c69b35d81837f8fc1f8d958e41f2c

C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Imagine\is-CKRND.tmp

MD5 c51a96cfe7de9ef5f7499b520aef04ee
SHA1 fd088304215ec2f081fb3b30383140fb716f0842
SHA256 c7f74755b3fc438dbdcb415930beaada79e45a540424282daecf5f538ee3489a
SHA512 80a19ab44c7232abb863575c63ff25f235e2ea49a9532fa23adacc8beebacaa3b36067e3e486b5bdb5f936bafd442c70127f7e028ead02241aa2b3cb35512be3

C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\Imagine\is-N94R1.tmp

MD5 f5cd8ac746b6994ed71ff8301b42a56b
SHA1 ba037b256ee49d9fc2c30bd11ccb8a01993a38b5
SHA256 1d4f3f1d0dbb8cae0d392c2556889c9639a1a51b055e47bdaabedbd33bd4a934
SHA512 6b465228d5918fc4a1eb093a0896abfbd11a57abd2641a6f89581b063e6537f5bec2b33084f873871026526c39741a10ce11c0f52be80b35257ec86f7bd27e75

C:\Program Files (x86)\PlanetVPN\drivers_x64\tapinstall.exe

MD5 65379a2610ece62ab38b201d27200848
SHA1 6bbed21bac02a2b123cbf47ed99893b96ff48c3f
SHA256 315e6c9856072d7fee07929157d74b2496b82dc01e04383559bb6ab80032873d
SHA512 9f4d195056ae0e43eb051746767e4045c91e8bd141d217ba9eb287bcc2796ac7c9964d8cbf7971c9a53a19e120952d361f914edc489ba94e450512477f8a3960

C:\Program Files (x86)\PlanetVPN\drivers_x64\OemVista.inf

MD5 87868193626dc756d10885f46d76f42e
SHA1 94a5ce8ed7633ed77531b6cb14ceb1927c5cae1f
SHA256 b5728e42ea12c67577cb9188b472005ee74399b6ac976e7f72b48409baee3b41
SHA512 79751330bed5c16d66baf3e5212be0950f312ffd5b80b78be66eaea3cc7115f8a9472d2a43b5ce702aa044f3b45fd572775ff86572150df91cc27866f88f8277

\??\c:\program files (x86)\planetvpn\drivers_x64\tap0901.cat

MD5 c757503bc0c5a6679e07fe15b93324d6
SHA1 6a81aa87e4b07c7fea176c8adf1b27ddcdd44573
SHA256 91ebea8ad199e97832cf91ea77328ed7ff49a1b5c06ddaacb0e420097a9b079e
SHA512 efd1507bc7aa0cd335b0e82cddde5f75c4d1e35490608d32f24a2bed0d0fbcac88919728e3b3312665bd1e60d3f13a325bdcef4acfddab0f8c2d9f4fb2454d99

C:\Users\Admin\AppData\Local\Temp\{28ed88a5-a4c3-184b-b7d6-ad0880a3386d}\SET6F80.tmp

MD5 d765f43cbea72d14c04af3d2b9c8e54b
SHA1 daebe266073616e5fc931c319470fcf42a06867a
SHA256 89c5ca1440df186497ce158eb71c0c6bf570a75b6bc1880eac7c87a0250201c0
SHA512 ff83225ed348aa8558fb3055ceb43863bad5cf775e410ed8acda7316b56cd5c9360e63ed71abbc8929f7dcf51fd9a948b16d58242a7a2b16108e696c11d548b2

memory/4560-3403-0x0000000000400000-0x0000000000756000-memory.dmp

memory/3960-3453-0x0000000002610000-0x0000000002C41000-memory.dmp

C:\Program Files (x86)\PlanetVPN\Qt5Widgets.dll

MD5 b037b86cd074ea2a216bbd4b7b489c9c
SHA1 bc6b32e01e03887b06e297009efcf965083aa435
SHA256 2f0c2a362f2ef318ce80e03e914981ad42a1751c74b534725a6bf3cf50ce03a3
SHA512 39472c8ba41dbe53e180568ca61472fd3b912ea55227bbc75e9e2889f9d18551b971079824e9102afe0f132782b20c42f2b7c06b576eba2509c36e5f77b6572b

C:\Program Files (x86)\PlanetVPN\Qt5Quick.dll

MD5 c300fa804a97c846a13f098a22934502
SHA1 3c3909fbdb64fd3a62134c3c634c7f2ded16ef36
SHA256 b7af3bc93e2905e336886805553dec7313e4567886f7f2ac5981778cdd67173b
SHA512 e45f011c10831c0f9542f1374d12e199403aab9e3291cb086a08bf119be2241faebe461af30f2235ff3b7af5267e1b4479d692bde46656a7145b61544f013dc1

C:\Program Files (x86)\PlanetVPN\libQt-Secret.dll

MD5 33a9394b124d1d1133179b469261783f
SHA1 4fc5644d31d1baef57bb88bb7e7833a9c4159437
SHA256 af73201f89ef2c034a992d3cba32cc0b53af81cca066d57ed31d0939d8fa61c0
SHA512 965060b3fb3630f00362c61a6c2d281b98c2f6dab0de46b9e945031a320d775fa48783d3ecaae83e45f4fa75b33a8aa5eb012531735211b8488ed8c0e748fc4d

C:\Program Files (x86)\PlanetVPN\Qt5QmlModels.dll

MD5 a097b71d3afbc8e27dc4f577ed6ce0f1
SHA1 7ef05f005ee2dc7f0676d4b9fe22ee5dab86bb85
SHA256 4d4d9965174560fb8d9be778c2344deca655717a772bb549f57244cc92b58617
SHA512 70a96835180790e6f0c8ea99e2d16ef2484bea187a958a433340aedcec7a277b7b8ccfa82653be9bc7de5b0a4eb1962342a049749bc3357e15629bac3cd55649

C:\Program Files (x86)\PlanetVPN\libQtBigint.dll

MD5 4368ec31dca86376f5fb53b6d21c2165
SHA1 8eaa9d021886ed87c6e905289690c905493fd14a
SHA256 6730803897a74622f3cc2679c3014c6d1792e9a0158f3980dbd4c63f7dbc07c6
SHA512 e24000a37349adddde7d127d7a03e6381adb23aa760a3116a82a83a02c8f22bb1f15341889a3d101c1ad08244ec9d565580b00aea74b7f7f41ddd31d683b75ab

C:\Program Files (x86)\PlanetVPN\Qt5Svg.dll

MD5 825b515b5694b55982c4f7d004a94ad4
SHA1 7430898bb90f9e98bc85e0b172889c9bd63b5dc6
SHA256 d7f56abfc93e7d4d5c79b568222f09ffeecdd08f4c18c2c17dfab00114dd40a0
SHA512 1ae16ef69878efa975693f77498355a16622d4dbc619a674b5178d367c5cf82c64504cc8762033f2da4512c537afa20542dbdfd61a0fad91d44be87263d37993

C:\Program Files (x86)\PlanetVPN\Qt5Qml.dll

MD5 65781efc205f808159563cb526332e28
SHA1 771cfa537a523cad8987179a0211c653cda30c68
SHA256 7244b065771674bf963d998acefad1ee0c93ababfaf667724c4ea3c6bf4f0bce
SHA512 fadd974e9353575ec3e5f631643e246bfbbb0da30c90225fb18c587517603b4f279b0d5f1cab86e47844edb46f6832fda2a338e9717b1534faec7e76bd4d2304

C:\Program Files (x86)\PlanetVPN\Qt5Network.dll

MD5 ced4531f553504ed6770d999f9c82cb9
SHA1 3405a3118bb6479413b9a749ce4c0b395622883c
SHA256 77f1bd3192d9e8b15dd23adb15a3f83e92e9474df9a30450247fbe9e96b71736
SHA512 df98b27470b30377928bcea23e18b0c3d8e7929d0d7ee6862887440f6ef577e5172fcb02b82a20b4903ce9eb7e1d00cfb8e1785476cbaaee3da92354f701dcbc

C:\Program Files (x86)\PlanetVPN\Qt5Gui.dll

MD5 f676936b5dfce1c5ac2f8a1a7f577844
SHA1 c9870365d594bf1d6a4215acd4e730695166f809
SHA256 77f8946ac559cd03694d9a36ab4630cc7d5f0db62b34c00ecec12bc021eafbe9
SHA512 ce4ca22c4afb55a035c68711708ac86b5abf08ddca0bb0b059c3ad130aa1c9266a36e412b4feaeb4cd89edda6aa8ad95225e0a777fb33bcbae828b41c316301a

C:\Program Files (x86)\PlanetVPN\Qt5Sql.dll

MD5 4a043538298514e28359cae6f92ea241
SHA1 41e0433977697d4a8d1036cc39436f8a3e5e7d17
SHA256 998946d2f9d9e77ab5114992ce8bd26aba3ce80ff777791a2446f190046a9391
SHA512 9716ab208d8ca5f7075c16065856a27b25dd569d008d4dc365ec89951ca2610c74582e2a858d0f52eac1b1f0d90bb8ad209106ca01185e0c455738039e455771

memory/4560-3458-0x0000000000400000-0x0000000000756000-memory.dmp

memory/3960-3460-0x0000000002C50000-0x0000000002C73000-memory.dmp

memory/3960-3462-0x000000006E7C0000-0x000000006ECBC000-memory.dmp

memory/3960-3464-0x0000000002610000-0x0000000002C41000-memory.dmp

memory/3960-3463-0x000000006D9C0000-0x000000006DA12000-memory.dmp

C:\Program Files (x86)\PlanetVPN\styles\qwindowsvistastyle.dll

MD5 f17db40c8253fab8642753677453c49c
SHA1 db14600290a48153481e5d84a378b08d8c55bcfb
SHA256 5e6bfaf6dcd4446ff34a6a385652923c470037963235072e624887d1bca98565
SHA512 b9ab3f59dd87e3f0752fcceec596ffa306b0bba6cba9864760e1a9b87ebbe0fc9c22adf8181bf6ec45973d774f91dbb6dc439809eea892cf92b7334a11212a29

memory/3960-3461-0x0000000061B40000-0x000000006225D000-memory.dmp

memory/3960-3472-0x0000000006220000-0x0000000006420000-memory.dmp

memory/3960-3482-0x0000000065C80000-0x0000000065C96000-memory.dmp

C:\Program Files (x86)\PlanetVPN\Qt5QuickControls2.dll

MD5 923c8972ca770c30e2842b35ca6241b0
SHA1 782fa6d1e117d27654a5b1c11a41ae3e89b87a38
SHA256 4b4828ad11bb52807fcd1a09c6449d843257f6f91fba2c72a3f9f1c7fe5aef56
SHA512 1d0c8c21958a97197b8e03d0822ee766857ac2b207463ff53ac6d03d8dd57aa66dad1a874fd6dcc039bade82e49f1c8dcf7caa9f9ecf7bdfb1508bec4bacdf43

C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\qtquickcontrols2plugin.dll

MD5 b64cdbba8f86ad1570980766ba01fc04
SHA1 f22fb76a9240414408cf732561a7306d1b49c49f
SHA256 9e7ae57b5f45ebca1f9130a238850910fb3d0124eaf69c219d94db0e74ec4c99
SHA512 13b03e6e0ee0c9497002ffe16956c498b4d6d5d40168e208d35039de58578a7d1b3d37dc3133344dec34072f0ec53a84f9e3061df97c0399fe825ac8aa77ebf1

C:\Program Files (x86)\PlanetVPN\QtQuick\Controls.2\qmldir

MD5 659ed029afaeabbe4235968ff5292736
SHA1 565ceba5b695eebbf28030965ee5929c2a5a2346
SHA256 7b404175bb8e2b0d3822e75320c8d6d09c61bb53f4513c235a7d04ac7d34fd57
SHA512 41fcb039c054c7decb9fc7ca198f3218dc0965813758b66c5b8b174b732040a33f2d3f54037aec7a9c48af5cd3bcc798ddd41c7458924b8c9bdd49a38846195b

C:\Program Files (x86)\PlanetVPN\QtQuick\Window.2\windowplugin.dll

MD5 aaa6f063228fe0f039fbfbdd71350b52
SHA1 0191185074bd6ae95910a9abc33245d68501fd01
SHA256 9ce4c676795449331955fbe0475b0ced2672d9f2e3693df06dae8a354306614c
SHA512 0f5626fa285c914407debbb815c8a867da19cc50f0e08303d67783d57a5cb5ed73cdcbde7273b4cd19a576bb4dcfbf4b88d1e2b00003e3519c61e6a89681a31d

C:\Program Files (x86)\PlanetVPN\QtQuick\Window.2\qmldir

MD5 c434589591a9b33cbe88891afbb7c144
SHA1 42476fb63f3cf463b4bb03b47048aa0918e588b5
SHA256 8d88b81547e1573f8c91df998ea82608e0a79770b014c82f760a67388b41945a
SHA512 5a09830970ea37942166c1e5e5ce0fe452290eb9cd662ffaa9858bdb61806caa03b1016d30c98871a7b6c8fdfa369e29e3940a5f9779d967b98ede5901f4d30f

C:\Program Files (x86)\PlanetVPN\Qt5QmlWorkerScript.dll

MD5 4ecac5dda76d1060de28f45ae3746723
SHA1 f147bc6d65142fd8fb055ad8882c4099856bdc50
SHA256 c0896506288e3da386d0674fec374272a6785cb982b3b6fdcd2214fc6c431f69
SHA512 d6623ee3f50714db5acc6b40f46eec0677ea80136f078d8fd65a56b95ea4a24a13a0c54e9b01d856db152287bafde7474307a00cbde477cbcc7c7c50e57e478d

C:\Program Files (x86)\PlanetVPN\QtQuick.2\qtquick2plugin.dll

MD5 bc48935d7fb9d87eed3994024f1071f8
SHA1 9cea445364aae84a38d3e79b5aabdffd4229a284
SHA256 6fccb1c95c2198d15d818e640d7849af9215e741ebbaceecfee3f3315f90b0ae
SHA512 95dc78983ba867883766a3d2a988d56bd9c9a6252e8231e631a294c5a9cee3647862909f0282284d6c5d734d41685b8ca53823538bb23a7549098e5477676720

C:\Program Files (x86)\PlanetVPN\QtQuick.2\qmldir

MD5 d2cf96786ce59e93a2feb2178603a27f
SHA1 7478dfedcd7ac1795bf4ff2732ef716ec82b061a
SHA256 b6f63056ade6925aa070d3b2bd4133d26e80df4ea2719e81ad90027e19661ae8
SHA512 4fcde288c6a690728f919b70308b3bb2ead62c40223bea14e52ec5f3ef74f5467b1930f419df77d78b8d50e84ec81a1fe78cc9a3b42c4a6d261ba77c654a1714

memory/3960-3471-0x0000000005DE0000-0x0000000006220000-memory.dmp

memory/3960-3487-0x0000000006A30000-0x0000000006A7B000-memory.dmp

memory/3960-3489-0x0000000006A30000-0x0000000006A7B000-memory.dmp

memory/3960-3515-0x0000000061B40000-0x000000006225D000-memory.dmp

memory/3960-3517-0x0000000069900000-0x0000000069AE2000-memory.dmp

memory/3960-3555-0x000000006E7C0000-0x000000006ECBC000-memory.dmp

memory/3960-3602-0x000000006CE40000-0x000000006CE7B000-memory.dmp

memory/3960-3606-0x0000000006A30000-0x0000000006A7B000-memory.dmp

memory/3960-3605-0x0000000065C80000-0x0000000065C96000-memory.dmp

memory/3960-3604-0x00000000657C0000-0x00000000657D8000-memory.dmp

memory/3960-3603-0x000000006DC80000-0x000000006DC8F000-memory.dmp

memory/3960-3595-0x000000006AA80000-0x000000006AC6C000-memory.dmp

memory/3960-3589-0x0000000064B40000-0x0000000064B54000-memory.dmp

memory/3960-3587-0x000000006E0C0000-0x000000006E0F8000-memory.dmp

memory/3960-3667-0x0000000007420000-0x0000000007872000-memory.dmp

memory/3960-3590-0x0000000002610000-0x0000000002C41000-memory.dmp

memory/3960-3674-0x0000000004F60000-0x0000000004F61000-memory.dmp

memory/3960-3676-0x0000000004F60000-0x0000000004F61000-memory.dmp

memory/3960-3683-0x0000000004F60000-0x0000000004F61000-memory.dmp

memory/3960-3682-0x0000000004F60000-0x0000000004F61000-memory.dmp

memory/3960-3681-0x000000000A4B0000-0x000000000A4B1000-memory.dmp

memory/3960-3675-0x0000000004F70000-0x0000000004F84000-memory.dmp

memory/3960-3673-0x0000000004F60000-0x0000000004F61000-memory.dmp

memory/3960-3672-0x0000000004F60000-0x0000000004F61000-memory.dmp

memory/3960-3671-0x0000000004F60000-0x0000000004F61000-memory.dmp

memory/3960-3670-0x0000000004F60000-0x0000000004F61000-memory.dmp

memory/3960-3669-0x0000000007420000-0x0000000007872000-memory.dmp

memory/3960-3588-0x0000000068280000-0x0000000068307000-memory.dmp

memory/3960-3583-0x000000006FE40000-0x000000006FFC3000-memory.dmp

memory/3960-3564-0x0000000068A80000-0x000000006911A000-memory.dmp

memory/3960-3490-0x0000000000400000-0x0000000001DB6000-memory.dmp

memory/3960-3594-0x0000000002C50000-0x0000000002C73000-memory.dmp

memory/3960-3563-0x0000000067940000-0x000000006799B000-memory.dmp

memory/3960-3562-0x000000006D9C0000-0x000000006DA12000-memory.dmp

memory/3960-3524-0x00000000662C0000-0x0000000066726000-memory.dmp

memory/3960-3512-0x000000006FD40000-0x000000006FD5F000-memory.dmp

C:\Program Files (x86)\PlanetVPN\bin\openvpn.exe

MD5 4be6a8924e40f1dc735b5e0e81a14123
SHA1 d19766f5a62d43f6e088138c0a3d26e2a8cc807a
SHA256 efb6db2c4e9c4f76252301de300ee5d5567a33c89d6f41d2347e0a43632e08ac
SHA512 00ee25a875c5a76ecb8907d1d2873c581759e2209124f238aa7bafcc54fcc4ab23384a1fd3838c63e82abacc18cc4b69dd0bad8afd7c7531b42dc9c67f3f0cac

C:\Program Files (x86)\PlanetVPN\bin\ShadowSocks\sslocal.exe

MD5 b9b767ec19db472774fc5bc5dd71a1f1
SHA1 0dcc090ed2b7c9c0dc221f0bb00dba887cfe5131
SHA256 f3da3c973eb3825a7bb563c5175ced29b13863fd6e4de4cf2f747d4f2821ca9a
SHA512 436659ce83e435b653e12f221b90492ddbe1750b89540f9f3a97afd1afb402cb85028009c9bb29620c8b170d408a703c700aa978d30718969984ee41fd6015d8

C:\Program Files (x86)\PlanetVPN\bin\ShadowSocks\tun2sock.exe

MD5 c4baf2236e89c78ec893ff71557a1aed
SHA1 16a0b80b360e1c1a2ae310043e21cca346208755
SHA256 b0774669b6f603c08e124807a06e862ce82db69feec4afcf34796230322fb55f
SHA512 287a608443d9f00e295776702d378c41f407d39aa771459209b382f731525c61f1a805bec0b31e0df5eb158551e8fd495bdf7359fcef3f449d75c510288a8718

C:\Windows\Temp\3e3d4d3676d37ea4eaf0d5fa4a32ce88404b10fc2224a1db397659c0ec5332a6\wintun.inf

MD5 001c9ccc674d9d16dc371d075beeb05f
SHA1 ebe7fed368867bb40a3cca92a87457d765ed15ea
SHA256 0181e3af3e45efd36fa74de8245103c2c93ffc01e896dd4235f55d89e26d64b3
SHA512 8ad00678eb1428d4d0689500d675764a992b76332c1254a163d06614af268b75581b62db560a768f9a23562ba92a226eb01157c03af97875fa2994e8df115ae3

C:\Windows\Temp\3e3d4d3676d37ea4eaf0d5fa4a32ce88404b10fc2224a1db397659c0ec5332a6\wintun.cat

MD5 c2e6e0c40e3af1a9cddd25ba17c9bb36
SHA1 d71050a78d0888dd670ad8fcafc8cc43d3ce344f
SHA256 8341392ff3ee5895c56ec900d56b1e7ebdfef4a1fafdd9265870b1e6e37c7946
SHA512 bc13b18407eadbe093979aed924b2c07e90625db12bb32c13db035d429dfa831d65e1e27c2d603cf5c03d74a2a5f4dae25ce20a0ecc787d7d37a72b6f0cb9fd0

C:\Windows\Temp\3e3d4d3676d37ea4eaf0d5fa4a32ce88404b10fc2224a1db397659c0ec5332a6\wintun.sys

MD5 43d91124fe8112d0027842824dad7326
SHA1 1e0dd7b0d0c0b880bf6864134d1e792e80e875fc
SHA256 1a7bb3555c5419befb1a5f54267dcae9a7af16749ddf4eef9b431fcf0b863110
SHA512 6a51ad090239567052186e450425a026d15cb6870e3824d1d651f001107d8c20b8e4e4324026c155ada9b8e23e18a89dca794f8e17334a673b43af2b6619f8e0

C:\Program Files (x86)\PlanetVPN\bin\Xray\xray.exe

MD5 ecf3ae4d6e783459ac62bb19cd2a6f5f
SHA1 17800c520ca2998f1472ceda9bd1d8f1935223bb
SHA256 27d87a6b0b43ec27c0ca297c0ee1bd0307cc3ed15ca34ab96814b8e669b33171
SHA512 716388ee3c786030c626a59b0218fb34a764ebc05febda8c3d2f43506dbcb8d06ffeeb73a980c32a306a66f4725c60e36bd9e929adb243d5258acd0be9fb0421

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 4ade89539eb526bb64b85b12378d5b54
SHA1 384687f2c5fd58afcfac8fc8b15df110ed86b42f
SHA256 710eca7c898045b41547172abcdf426dac03ab1bc89413c7038832e43f8e6783
SHA512 131f5f6ce3ba85b171a9c98d307b5b9be5c330f9491226df28ac787503fbdbbf1aa11549b64fd92f84e2016b2f5c95ff256bcbeea7e5e81eca0e931f8513ed4e

C:\Users\Admin\AppData\Local\Temp\scoped_dir3232_2024369861\6422ac42-7346-42f5-9598-32e90c047c91.tmp

MD5 187460a692d5a0dac3ab9cd27f9c2202
SHA1 c6eddf8f8c4c4cda2d7f9eb619eb2bfc748b9e48
SHA256 60dcb9951ac51301a24b018f4f47cd413c710d80a79af2c35ebdb75aad3d95c7
SHA512 5d0a22e2a70305048ddf25e68fe771caf8106e6ada6bb3369bc7a44417b9faeea611e00263ae3dad564b45c9f2c0b6bb2ece69b1bc76ba16f75c5e4aa5722a9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3232_558670594\CRX_INSTALL\manifest.json

MD5 f4cbcfa79e36512a581ebaba79fbddd5
SHA1 a527540b64a2de96e51d3ff8a11f7f683dba70f6
SHA256 daabc725c9d71b4c9cb6cb807129ccde2637917c29f8063000e350bc8da4b9ef
SHA512 6695d6c76a875aa245f2ce14970d50aa0e16b97a3a1206cfee6d8bf8cd5117150f7cad5b500b65fe50d7609ce09fb6a3b438b2b220ef958d66c63dbf7b9c43c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3232_558670594\CRX_INSTALL\assets\main.css

MD5 32c7f329349d875d2cb208f8473886a3
SHA1 5ed2af297d9dd6c4d99e78de0bce16fc55266712
SHA256 cf6354efe17ebc8c948bc7ca879e89bae33cf0249b68dbd44c67252a73d00794
SHA512 86eb87b49e895c92738cbc847fd35869178da2b5f0ae383b8af2334f831444a99a9d092d2d8d4928bdfe381d000c7335f79c6760a9f1017910b4febb8e5f5636

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3232_558670594\CRX_INSTALL\icons\icon-48.png

MD5 0e1184c33ef01ab34046c4cf2182d353
SHA1 c652961fccf3a4b9f8d48bb3791468cb80fa97a0
SHA256 1e354bd6bc704e72e62306152cec7190ff5a701012f3ff5d1676a1cd24f25723
SHA512 fdd11ce0600e0ca19a0add9e34feee0e7cb61bda378bebb7af215dec529999dc897b36bc26f004582237af670cfa118b352874b06594b75bc68a27541e74b640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3232_558670594\CRX_INSTALL\icons\icon-19.png

MD5 053a51042a8e331b3ae10ee6cb47044a
SHA1 b72b6da110dfefcc825a499132c168b08300c373
SHA256 b5abd41291630e61083bcfbd96d0b41067ceb89f7f33982f651f8e36836dc324
SHA512 fa9978f8ec120d38d9f874ab67071695c6c902f75a779a76c73681926519d4dbae08646d18ebb2c04816adacdd7e16e4b725739264cc0afaef8b8c58945defb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3232_558670594\CRX_INSTALL\icons\icon-16.png

MD5 76250e5cf04dabdc2f99db328565f61b
SHA1 dabaf7db1655830f27e2c10425a6d1c6cd044a84
SHA256 2af33e969d3776912e8f859687add25add17a6d8327b8ba160e46b1ec6ce6954
SHA512 d2b1958215856ada5cdb6c334a3dea7f6714a3e777cf00f89aae056ba8ca1c895ab0f58496377a1e3fa845f3159aab8f3c3eeee693057e60de2f16a15603320c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3232_558670594\CRX_INSTALL\_locales\en\messages.json

MD5 28ef10125a4266a6b90d75f8091a21d3
SHA1 b72538bc59f2da5898c19665b8ab8031fe3e1a29
SHA256 869f4d698e78e7907706b08fbe573de673828211decfa49dc66dbd65817316e8
SHA512 68079a8e6730f812019092f69a52333082294c8bd0d7818db145ae1fc131375c2d69191d762851e99c291ceae335ba652908643617a567df7eb87289c7b0c125

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3232_558670594\CRX_INSTALL\_metadata\verified_contents.json

MD5 05562a9aebe0ecb2b5bac46b253c1f5d
SHA1 a44974ff59e080f23684c1bce2d182b3e70960c4
SHA256 964d4a109f9a02b6012f468cbddfca82dc5e4f6d8fe26ae231c1f1b21c601998
SHA512 c08b4d0acd69556d2939413f2ccbe1049ae85037c09849f4ffc05067b474575c5d6621e380ddd8ba2a87b43433ec7e41fcfee4e7b410a5d7877269f29c9c7088

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3232_558670594\CRX_INSTALL\popup.js

MD5 df97fab21e7c7286b1b26970c3bd1f7f
SHA1 cf27c78f2e1b7ad087584541a0ec1985a00d8303
SHA256 2b916ccffb9fe9933b81e647d1052c2632403eaffd5a6207bc212c4f116f956a
SHA512 6e971d92bd3ce33e8b40aa782d655a0fdb864faf38a42a02d988ffd5f9811da8820448aa16aade59507b55982b9f6879688a7babbf3659a39f8e4c500879dffc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3232_558670594\CRX_INSTALL\popup.html

MD5 707e01e1fe9e1ade0bf95fcaf81eeff7
SHA1 acb971cfec8ada44fe81be34a586b02135a72939
SHA256 e3ad00fd455a5db56d9384347aff4db2e0e25c05dc7f962d2e3586491ce2f0a4
SHA512 946d77b95e31d18a1319690d81992fa16c4d117e63c369139b13946542d02cc5292b9998ef6af3c99e763ccae51b163001040b9ce36b74200c194c4df9a70f4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 881745f30973c6707659d71a423946b8
SHA1 6c397bcfc2b7b72015d4ba41e3a7b298e4a6c151
SHA256 69793275ef5a11505005d0fd5dc2cf567aa631d5cadc355191a86c72d816733a
SHA512 b5f68373063529cdb4bbbcb964102cdd5f68e2dc0c4689f8e3f470aaeb18530e643810a4cdb043558a7f084f32a10c0de4090e8c48c9e62a3fe65baf1acccafb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a3bf0a734f001cdddd94d9748d9be2fe
SHA1 72e1a81570b3a8f111c5fc8d25dba48e76351c74
SHA256 718b7597211d525748974d8b5cbbb655809eb0c1de3e467586828472da2da2e9
SHA512 04897975c43bbfc1fcfd5135e7062412356d47b86c9a4dfe4293b4907e717e648d47e528df0cbc33a5e1d39faf2c6d633cc96776f0f8f541a37eef1863652b8d

C:\Users\Admin\AppData\Local\Temp\0522b542-0be6-4e96-882e-e9e04998f5e0.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Temp\1a141876-b411-4be7-b7f2-32857089775c.tmp

MD5 da75bb05d10acc967eecaac040d3d733
SHA1 95c08e067df713af8992db113f7e9aec84f17181
SHA256 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2
SHA512 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0a2843bd7ab5999563f01ec793757297
SHA1 9e34ceb4ed96c4332a02a765405472afd4ae6519
SHA256 464f4b5b1ce2bf138d8596901878f5c634b3b064813c476ffc8d2b9890f18019
SHA512 f4483a417a211bb364268c7c8c8c82fd27737e38739b419907a0937c0453dde970ea3db3a542b0c2d07cae9a5a616d9e805287716cd2611a0d229f7b7ba6ba0d

C:\Users\Admin\AppData\Local\Temp\scoped_dir3232_1789331091\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c9cc9c6b3791a4c07a35b4f5e4af865a
SHA1 3d17ec8450a238e21ef4540854af98f15cd68585
SHA256 7e6d7a26cb9fc1e5465dfda9dbcb414ff6f47da6ca896d42fbc104b90bddd08f
SHA512 7e0b951d529edc52302d6211ea6fb26b5c4db3343b8ebc3a4793b3e557b9e84a910d9c99eb97d93a014fde007505b8740ea869bc1dde714cf9e56cd9e453c01f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 ef2c31b95460e5ba2cd7463e26f9c84a
SHA1 289576848a9399464f922e2a0b2b8f1db0f58122
SHA256 6f22c0c9da0067a2708333ba988b3fccfb02a20f2720ac29a21c6df767d93341
SHA512 438862aa2aa2581d3ab31e1554ff9c2f4ccac1ef434ca152a3f77630a11e18cb95313d975f8f32284d7887d5c19bdd4888f512d72a6781f7937e51a48ad3325a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0e3cc79803ae3910bd3c4811c1e369a9
SHA1 e749594d6bc5bd5e0fd732ef12273465f40d3f9e
SHA256 426c27c2c92554cc0c894d30920432e9fe18016389a41c8973c426204008bc6c
SHA512 26d1bc75b370b16b95745ccc95d67669ec504093e4f44b595fd51a6e3ea2f7e35961c6e082c7f9064ffdd003b3f7d9d39c58704a303d390ebc198d2a20589fbc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 ad9072e8f3973537f9a65c54b9404741
SHA1 334bd96d199abdf756b0489ae4662718e5f3333e
SHA256 4baf17d8627579b5608b749d7124e1ab63748f14c851be7ce1016ee469756aec
SHA512 5e70abc25b9e954375699fae2a68d30104aa9a19b44474d4d5dfe59add77e5a606287a5df4a4bbe29af72984d2d55394fd1d65909bcb5a2e09486ebea2f14f31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e3051ba6c28433be7213522f45e9d815
SHA1 18496c34da4fb2b2dcb3150241fd70cbbdff6d8c
SHA256 a491dbaa1054b0095348f0ffb47b6d2a9e32228b712c16181e4a97555976bcce
SHA512 5448d4eb259dd51bfbe69731bfb1ab68a2e417fba4614a8ef95fffdbb98bea0d2c44b49dbafff541b50265c2aa7223abeb33b08c35f5969c10c8f66522f1c529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e

MD5 dee46781c0389eada0ac9faa177539b6
SHA1 d7641e3d25ac7ac66c2ea72ac7df77b242c909d3
SHA256 35f13cf2aef17a352007ab69222724397e0ec093871ff4bd162645f466425642
SHA512 049b3d8dcfb64510745c2d5f9e8046747337b1c19d4b2714835cc200dc4ba61acaa994fec7c3cd122ba99d688be6e08f97eb642745561d75b410a5589c304d7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b815df0baae72399f8ee8c67939107da
SHA1 d61a7099daae8864e9599342fdc9506f21fcc0bd
SHA256 3990c39036ad639137531ffddc680af60594c7294b6ab480e6b7a381016ff413
SHA512 1ff970e0262d3b36a82cf27f9632caf12e7bf31bf0a2ea55faf48afc0e97b2bfaa1d389d3cdb7dfbc308acb06d6e1e6819ae70160c76a8ca6d50cc9bca7907ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 831e8912b3aee19c9e019fa11ced0c20
SHA1 5be67c315bc19859718cf04f925994f7597a819e
SHA256 8a5d9e9acf364515fe261099c82283af15c39e788692567032ab9c1bbb6f7db6
SHA512 13e7af833ea51aaabbeb2209b6ed9e0b7a332f394241d82ab953a790c5e3e4e2affa129020be369db099951e0f164181537ee12edafdf72e68c5f3f98aa4837d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 be5ca51ea4aa6dcf018de9953f6ac4f3
SHA1 59033593735bca19f51c0be9d7aceb74e1f2f85c
SHA256 1dfedb84ed98419a604d31c729bf4ffeed1ebf94b44fceebe9c1484407de050d
SHA512 7b3d1f8b781c2f35dbdefe6af0bb022fdfc7c6137ce39b54a9b6936f8f46cb0f9c026c34836744f6bc1cd6d0d4e0d857b3327dd8c940b2dcd71dd691d6c8ed53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a64e4a894be808e00f0d1afaa74a3b2b
SHA1 165b95c51af9fdd3bc4895a64680089a7056fbc3
SHA256 22e74bc77d4c214ec038c64d78b58811002487682292ea2883e8d22e5003ff14
SHA512 bb8dc5a86ced67a3c08d7193f702e22b4a835558ef22c0552ef228e92456c0f11d5accecfda0aeefe71ba2d7d24896f2208360fe46299112d4470a6998dacd5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bb5a9f6c7b2163aef9906e9c5f8fec52
SHA1 7a639b6d7b6f37d6a96bab26ef83125befd969f5
SHA256 1557c5e3dd060390458dcf00e0147892394602bca826b70f8fdeddf76979edbd
SHA512 8627db0c20291f84a13a749445874a67655ed1de902bd306da3edfac79f9f6a07815284af6da21fc3a089ec3217ba47e858331ff4ba90205961f357ffd71cf04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ab6ad76b1f1d3b6150d4b34257d56c6a
SHA1 f9bef5ef3edf501774a046ed757fd467ee3cb9e8
SHA256 faa15d6b79cb3a361f02515635c1dbe1be24e440725bf9344690ad7bac91f686
SHA512 dcbfa67cc7d31c35fc9472358e7924463903d63f6411d30a9648a9697571da2045848a0f5d549de8a2f0ba2ea649ec3bc7e8852ff91b3ba17b61b3687d1e0a96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e364dbdd6bdfccb370744f8aa3a70754
SHA1 4a2f5eb4744145c981cf48176791e76638b061b1
SHA256 3dbed377fe257b69c8592896f0327b93c5219352fe05e5ca3035d5487ec0f6b2
SHA512 ce23b7db3b4a16c13beedf2286b69a2f2a6da491fbfbd3eb8f079c3f99a80354453cf2ddc3ac7ca10f2cca81c0453a3aabf9a59ba018dedca6a7bb6e4ef049e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a1b7ec7a95ccbde45f1fe4ebcdc8942b
SHA1 d3edb64d48f1781c827898797c96058140f986de
SHA256 6c210307a5c8a82a2c16518fd24ff48d10d6cb261d4f0209238f9f4b1420fd8e
SHA512 091e1b9f354350f79a2177b030392e6381783617027ae9fa2164967f393adca87ecba74d52a466e97ac87faf91fb389b89d69eeb5f6f1a4acc148652fac90f2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d6d523de006cb929b3b401dfecb67f25
SHA1 dd2cb3fc7f37fa1abd77c8c6ff7473fe9d6af687
SHA256 8c15a08082f580f8596cfc00317f4415b488744e5ec49e78730ab028f34fbfd0
SHA512 50e4c4de46d702651ee3bd309fe6a2d0097e07e6e92fe81131207863f93bc23ddf21cb15f9441f07d2aed12ef4f57e024a57316d8f63d887c8fd76c8411c88f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 bd3963c0e9845f30f3019ce033a86477
SHA1 1e34aa8f57ab1650284b33a41205f789e3b93986
SHA256 9abb2d132b801b094dac1267fdde2c190a8eb220f5daf21c7d92dc45fc8dbe27
SHA512 0ac53eb23267b96bd70c3b04ad52b38d8641c106ed4cf67d10f997da9136c8bbfc96077bcc32983f09766181baf88150327c5e3fe7ea1fc53c8d38cc85706979