Analysis Overview
SHA256
08a04b950c6031066e2e4ad246b25baef1c48c6227a75060e4ca6cbf440a629b
Threat Level: Likely malicious
The file re-yang-win.exe was found to be: Likely malicious.
Malicious Activity Summary
Contacts a large (718) amount of remote hosts
Reads user/profile data of web browsers
Checks computer location settings
Clipboard Data
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Looks up external IP address via web service
Unsigned PE
Browser Information Discovery
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-11 02:40
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-11 02:40
Reported
2024-11-11 02:43
Platform
win7-20240903-en
Max time kernel
118s
Max time network
129s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
C:\Users\Admin\AppData\Local\Temp\re-yang-win.exe
"C:\Users\Admin\AppData\Local\Temp\re-yang-win.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef51a9758,0x7fef51a9768,0x7fef51a9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1112 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1456 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1612 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2300 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2312 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1580 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1508 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3296 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3152 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3296 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3768 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2424 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2852 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3808 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Windows\system32\SndVol.exe
SndVol.exe -f 45483163 18539
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2460 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3752 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2484 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2316 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3968 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4032 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=1892 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=2460 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=1852 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3696 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=2444 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=1876 --field-trial-handle=1380,i,8268093418905490581,12426273987086199671,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.201.106:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| GB | 216.58.201.106:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | www.pornhub.com | udp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| GB | 142.250.187.227:80 | www.gstatic.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 66.254.114.41:443 | www.pornhub.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| GB | 216.58.204.86:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.204.86:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.180.14:443 | encrypted-vtbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.200.14:443 | google.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c2.gcp.gvt2.com | udp |
| HK | 34.92.53.177:443 | e2c2.gcp.gvt2.com | tcp |
| HK | 34.92.53.177:443 | e2c2.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 172.217.169.35:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 185.199.110.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.110.133:443 | user-images.githubusercontent.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 185.199.110.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | user-images.githubusercontent.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
Files
C:\Users\Admin\Downloads\CopyCompare.cab
| MD5 | e1b1755e0e89fa9847bc4b1eac57d6c9 |
| SHA1 | c49bc803600ba17b864a28b6371d264393289706 |
| SHA256 | 387a02401010c28e554216b2afb827704f27c95fb2c90dd7345d95cfa02ea86e |
| SHA512 | 1989c5428c86dd5eaae8afaf74eda55d3d568dc3b1143ef0249173d5f0068d902f4546707395a273fa4a6b28ffb7ae628e6e0415b9510be9ebf55dc26383211e |
C:\Users\Admin\Downloads\InitializeUnprotect.3gp
| MD5 | 1e06cc0f3b95e6de4ed4464f33df6ffc |
| SHA1 | 871cb4d271fa7c4f13c827d3caeb3400cf4994d5 |
| SHA256 | 04c995013ae7c9c4e2b3457b5c82c54ace56791eb110a248fc8048c462086b43 |
| SHA512 | 7a94fd760c5b7cce36b8ca7bfebcc30f13ad1d9e9224231565bfa98dd86e476e5cda2757e76e6c55747f34902f0d12bd42fb4d4e08c6c94cef2cbc83d839d13d |
C:\Users\Admin\Downloads\InitializeDisable.edrwx
| MD5 | 86919a69ab0efb57f07d13247ab1ba04 |
| SHA1 | 46bd7907605bf97c35178764bc1642410ab18b59 |
| SHA256 | 2630f8f8148c08b89fa7717af262cc87736f694d1025a7012f8807c128f38650 |
| SHA512 | 15fb10aa2ef0da593f7c595a6569bd4266e85d78061787ef07ed0e0ad37fd66b233713d63c10c49e30c9065a41f981444a7581d360515d13f0ee851ee1722a17 |
C:\Users\Admin\Downloads\GroupEnable.tmp
| MD5 | a20b5a48a12895e6f8cd41e94b400d74 |
| SHA1 | ce48a66a6196d7f0271fb2bb5ade2d261d2b43f6 |
| SHA256 | 10fb6d2c6fcc3d8425f1825b70bc15367fe1d5a5d12f66dde8bbfc29ca611ca3 |
| SHA512 | 9081b03eac41fe3defd8ecfc87a8fda94bad6db3fa8c51bfe48f27b3cc369afc593865dc60d3429e8e8399b26f435559bbd592aca1881e1b92bd9b9d8eb36a2a |
C:\Users\Admin\Downloads\GrantUpdate.wmv
| MD5 | a12c8d2554b9a2e516ecda5e2a1f8543 |
| SHA1 | eef63ff6d88eee22558c2175ac821879c7c22fe1 |
| SHA256 | 5c3f61ce66ca901236d35112b329b8a64ffcd0691b0f25081f4a70787736b7f1 |
| SHA512 | 621bae973162d422eeb7f710311ade5230215a9f2ab63dc5dd40e2d891e5e52387080eb084c1202c61d5da9bb8bb7b8fdc84ee4269718a1261c89b20f49c6148 |
C:\Users\Admin\Downloads\ExitBlock.docm
| MD5 | 4d471b70e56e4dbf6b9a0ce9dea61a58 |
| SHA1 | 9141eb20f08c397b464e6749ab8776728d2b31d5 |
| SHA256 | a42971db505eb67e5e309a1b77facfc56bbb55c0173285dd1b8851af945af96b |
| SHA512 | be02e93771c8076e5dd70178c8761c1b266c79587fbd9f37645c13123c8d5dd1797c436d8886328c31bd95cade0e3ad0a25a657446e7c36c4df60081de13c202 |
C:\Users\Admin\Downloads\DisableDebug.vsdx
| MD5 | f01bb8f90e11a3b07dd6b4216cb91fd7 |
| SHA1 | f66740193c35e13ae07649506f372c18fe30e6ed |
| SHA256 | cdf7d649e252d8a69b1d77a7435e4eeec4183ad413e3e168010adedc41d3df94 |
| SHA512 | 6d2cf7f57ca35287050f2c691bce3d8c460a9d5afe2c5af7b7fcc2da7f911088d08ea1b9c200262a8186258e1f0da44210c6aa224940e1548e9f054f8c8cdac1 |
C:\Users\Admin\Downloads\LimitStep.eprtx
| MD5 | 282a303eb9f3dd167b00e49dc0ea8ec8 |
| SHA1 | fb4bc8e14c5971c193f2211bc092cf0c5065f740 |
| SHA256 | 85bae6f3817d18eb61ba9c46c81aa109181a112ab5eea063f9824045e8e4a37f |
| SHA512 | f447bfb6422306f8a33e407f12ecfc93d3b3bf347122fdadf9c91cc1ebf73933bf84f419cb5931bbe50df1437821530f05086826b45b6ae3098714aa0bc94fac |
C:\Users\Admin\Downloads\NewAdd.mp3
| MD5 | 1681ee499818625f1781ddca9c9c64a3 |
| SHA1 | cc9ee3cbf61edfca3ec120b155904a1c121c7d7b |
| SHA256 | c7152eb37045ca670ae606f89f50f5d4b38cb250674d0606ba7e750cfa61986e |
| SHA512 | 3b7747ef17b8b583ef7a4e729c19ebc65a4eb6258bd1f514918ae3821c4f1529b5ab50c7205e565f7a0f768a980d3ff2cd370877ff6a86ad6044080b647f4ace |
C:\Users\Admin\Downloads\NewWait.aifc
| MD5 | 7b1558faff039df2a26d2cdfa1211436 |
| SHA1 | 40c122e22ccfa7f795a640d5033f4f5f4c673ac9 |
| SHA256 | a2c618edf99b955bad4f95d637e0c1f7f2b4b73c897795f46bb3edc15bc4c775 |
| SHA512 | cf657ac71210586b265391c441aa0fc8873e2deb54aff1d6b8a962c7dbfcc5341606d9d9c033d713cd5215ee0b95eed86d34e89c44159fbe7e1603522e6eb7ac |
C:\Users\Admin\Downloads\OutSelect.lnk
| MD5 | 68667bde97545b387f9a09ce7654e1b3 |
| SHA1 | 5021c30c6e4f2790f7c3b57b2f385f031eb9b161 |
| SHA256 | 17e9829daf364b87eff0c2f35184407e8d3665b0e6080f752ef15037bf35899e |
| SHA512 | 3a8038390f3c5bb8d3418b5e1195f0959cb683a00f8a43e35819ababb3e4b53d92dc542c0f8e3b495100e4df15733ead4cc236675e5c0c1b9fb9b2285f115cbc |
C:\Users\Admin\Downloads\PopEdit.dotm
| MD5 | fd5d417c4b2bcfbdabfb080c1124bb8a |
| SHA1 | ea5ca5930fdf660ec87d06156e4e1a793bee2f45 |
| SHA256 | ca6feb1fb4bd37740fe2dcb7710bf61984e8257c1fff8ded16560271704a753b |
| SHA512 | cf158bbd32ad2d72e895631d627a45d3fc8b2fa7a56c69f84eee809b9c13097bd0060c0f523d8317acb7e565ff6b4c4817898af636f81a9336ab8bba0c8ec985 |
C:\Users\Admin\Downloads\PopEnter.wmv
| MD5 | 8b45140aa8177c45372a3bc405fc0440 |
| SHA1 | 38158d35e6d9fd83058c99d42f0a52a184666080 |
| SHA256 | 5316f2fc5f6e3e9daf102e133d3d41683613150d3d8e517a609f4a28cc9e9b20 |
| SHA512 | 5f70deee90ffffef6db3b2079f84f3ef506d001203d7a2d95e255aee98edf5a9eb51d02ceedc97272d768913bb4854dd4d88385d134dcb080b6285001c0cbf0b |
C:\Users\Admin\Downloads\ProtectPublish.bmp
| MD5 | 5e083191f5c73e0caefb695630664509 |
| SHA1 | 992fce84a77af18ecdeb7ec5e7ae4aad76ee8550 |
| SHA256 | f8b251cfb250048a393de2a3d4dfceddb1269032f7c3010b7ab1ee8a3fbec85f |
| SHA512 | 13112cc29d19d0cbeb35efcb40ab91adfd19dc48f7feeada6935d99dcda9efa4046c398d428093f054c160b75ccbdde79027ab0bab8bc5cc3a17f556eb8ac764 |
C:\Users\Admin\Downloads\ProtectSubmit.xsl
| MD5 | 48abf0c3d8439f2ba78a50d4b30b76e9 |
| SHA1 | f00d5f79b02152dbe2fd69ccfdbbc97bb13bacdb |
| SHA256 | fa13bacf0b5270675ca9769b068000b54b5fd8e20a49168374542b538174d284 |
| SHA512 | 94d88719e78199afee4cc8f01d8eac8f9d522e3311f8ee27dadda183b752637fa79a9ebd86e162fcf0190bbac54bd56bd8487b5a4141b63eb140ad8fe4a16f59 |
C:\Users\Admin\Downloads\RegisterPing.xltm
| MD5 | 5fb6d7e0387910c43fc0f1d4ffabfdf9 |
| SHA1 | 7ec84b102e81a4978fb511e671aa54030e0fb097 |
| SHA256 | 81a7109d5a8b5d7e2abab50cc1b9cc2c57f3a34bb9246ec5f0e07f46f0222317 |
| SHA512 | 5d4b7a184736f5d1e8d197e956a51157b75187b1052c9d0516a51ec23a6b411b1000469ca7cab43cd54e00df50bb074bd0767c813d3ed097989ed4a7b2f162df |
C:\Users\Admin\Downloads\RenameEdit.pdf
| MD5 | 8976ce36765190805f37f3e0e8fb68ca |
| SHA1 | 84d8372aecd1707fcd504e48006d63544e9e64b4 |
| SHA256 | ed4f4eee3197aa3d6470ee2484f1c6f9e9881fc9726a0b3997dd13bc44ab931e |
| SHA512 | bb9395d8773ed1b40142490d0c15efa9ac5ec6d1537ffd12dc8445df0a347218846ae79d247f80995bcec5bea05e7137bdef62616c99005d7f3fb8878b333c65 |
C:\Users\Admin\Downloads\SaveSelect.iso
| MD5 | d5e07269719c8b08919dd9835edcc5d2 |
| SHA1 | e55d7afe6ac663164bdc66b6c25373a8310810f2 |
| SHA256 | adfb9485ecf9726a10771552fd6a76b2d74aac792e7d601819d1eac98c38aae6 |
| SHA512 | 7e7246eb7a19545fc69df9ae90fab9e1ac97a0249f4a372022905ab8ca22df767647aeff89a1fc42e3d73ed0bae3bf7ac17505e006d923aeb432777933d92ca0 |
C:\Users\Admin\Downloads\StartMove.mp4v
| MD5 | f7e4d4d016007136861890eab1c9bd37 |
| SHA1 | d128325f2aeb4e751a7692498f56ee7af82425fc |
| SHA256 | 836e2d4e720fbcda971265b4892b421b8b2566c868761c37cb21f8d00f8c6840 |
| SHA512 | 9b041c63faf95082fcb744c89dac0696dae6c8619b69470fa8bc409f9bb7f8f791ade712d0b9d4e9b456f8b7fee53e4e4296e255c62babd334d57cd919ccbf9f |
C:\Users\Admin\Downloads\StepUpdate.m1v
| MD5 | 1a3fc9675d208195237acc4d5668dcd8 |
| SHA1 | 4a0b91af1a1b766aa8eec4fa14a99838f2037019 |
| SHA256 | 06077a7c20fd157dfe4685994a375c8b3034f560dfd7993266bb30f12719292e |
| SHA512 | b09530c10075cd5a5c140d42652d58ed988f11613ab0ad2badb9e5ea67ddbd7806e41feca74f656c25d23f873ab12f40d008b0560bf1a3050068e661154ff487 |
C:\Users\Admin\Downloads\UnblockReset.emf
| MD5 | c19d6b70e2a89773cefced316abc3107 |
| SHA1 | e0564db6492d2000c7948c79f45dfca446fc1e3a |
| SHA256 | 5102648bfc76f3f7d5874e6a52b18d88f48fa81139824949f8442bf68d0f91eb |
| SHA512 | 990fb6616a97e62e25e1aec59d15327f2699a98c9a7427691abd6ab654ca1dbbfa84e8c9ad158f6143cacf1203cc8d50889d78c1bc5b13fc01120c75fc616596 |
C:\Users\Admin\Downloads\UninstallResume.wmf
| MD5 | 44f9d2372382a271c249d7f117721a8c |
| SHA1 | 0a236acc5b2fb19cff06ff8bd46a786d3fbf8584 |
| SHA256 | a18cb83fc034af5a0a0d79b34f4ec4645b10b3a1bd78a7e062a13be5538e2b5c |
| SHA512 | a16e22f818436e1808092a75157de1eac56e95a8cd4046e959032e2612d4b495e816189ef8059dd3756322ff293975dd2b0435ff76179a973ff884988d418f8f |
C:\Users\Admin\Downloads\UnlockPing.jpeg
| MD5 | e394a16deb3ea7a73a0439f67a1c664a |
| SHA1 | e6d329c8fbc94e3b72d8ed7afe11197536b4a66f |
| SHA256 | 60c79184c6d79eff0208dc751867e20870aa5918cc988b931d203d6bff82a824 |
| SHA512 | abbba45210cc0fb07a75bce01a7a52a95f08cba00e5e518b3d02f525ce046745304466bf03530df5066567bc6e9cae1c3bfd0f104465722bbb97b1eb6ee69a0d |
C:\Users\Admin\Downloads\WriteConfirm.wmv
| MD5 | 22e547d2bf9791bef15969e8f54385d3 |
| SHA1 | fd33f5e36c908458f58ccca1d64e949338bcc81f |
| SHA256 | bd48c160642a980d1414cc144f0628a784ddf6305994b6b3f9f168d67305628c |
| SHA512 | 1f983f6399349da17067b7f28aaaaa91bb064afd8b5ccd82ad778c2e8892ba07ddfdd689a2816a040973ca99099e6a74b14de5332345574dbf92349ec613c9de |
C:\Users\Admin\Downloads\AssertReset.bin
| MD5 | 8bccdf2f1f3a9a2f23aba3642289d5ac |
| SHA1 | 725cd8d70437d5ad1ea4d88a2c6dded1d8710f0c |
| SHA256 | 6ed0e22e58700e702b5433b89e45b0ceaf9e412ce7354ecdf051bb73d70a0322 |
| SHA512 | 1f0db0b115c11a8fb5ec7e7a02967f8e73ce3aa6c63e2ade4c0ef3772b338e05269b4c59cc001ea02d384cca81a520ad4372d948a1ebf62ea2234b5d16eb3ec2 |
C:\Users\Admin\Downloads\AssertImport.7z
| MD5 | 1791ec1f9bc361c83ba6783ebd169f03 |
| SHA1 | 96e02a5e8a1a95f00998f83d0a70d8ffce341658 |
| SHA256 | 7bd628b4cc89c8d687b36dcc799399e27b50d414b797d018e606bbd4b477f2dd |
| SHA512 | 657bc352203003dffd415debc2aba2ba8a085ae16592de1179efaa1bb36815f0670280c7f0366ffc2d9cb16fea33d93c0dbce8d17800c775412095e8f1ce4a35 |
C:\Users\Admin\Downloads\UnpublishAdd.mpa
| MD5 | c72a1be038f714593e17770f851c6769 |
| SHA1 | c769815d392df9dd8623056530897ed337ff777c |
| SHA256 | 4a29963576a1904cafb6dcda794f5f3b24b0b2869ab4ecbffc241e814c4813db |
| SHA512 | 5a89c38027d2f984bc383eea0ca36f18c8729aaa6d908ecbf731f1ea41b89af55f97e5321057bd4270d7d8fa88291ae5ce86c437fef0489ab2a27005514ca808 |
C:\Users\Admin\Downloads\CheckpointWrite.jfif
| MD5 | cce17cf6fbba7a51d88ff60e089a1215 |
| SHA1 | a48895b8c198465523b742f9245e577c1ed4b973 |
| SHA256 | 072253b0f875be9638ec36ed39afa918604091b8db7e0a5824752b77dfb5c77d |
| SHA512 | 7f0d840e29855e3a54909a47ac70c22f79f62a233330cb4aae9b554771184e5879d6944a5924a676daba919b2821bfd966b7ddd5b66cc2ee1d9ab448a5e22eec |
C:\Users\Admin\Downloads\ConvertPublish.bmp
| MD5 | 80ef6fdcdee839815588c99a5b8c6e39 |
| SHA1 | 1f7783caba1c1c1264137f1aad47bda7f847f5e9 |
| SHA256 | a733b2524ce137ee68c21cb5edf56710e2fbc116fa17e0a92f68ef9f29276b39 |
| SHA512 | 6b0d237a786889898f3c5f16dcf4fdc5e3c4ececb99da70c8a3a286218a97d8a42cb47bce9266fa17f2773453a71b0eb56b9733aae09410669eb7dca390037c0 |
C:\Users\Admin\Downloads\ConvertFromLimit.mp3
| MD5 | bafa5ee7dd81069ec7934c80d365c854 |
| SHA1 | 18591da62098a935130593cb15282d70857e3199 |
| SHA256 | 484af51f65e35ba636a92a8dc948e06dba7cc43899a630dd61ab5c0b59f68e3a |
| SHA512 | 17bc8a36308452eb16c8756162fd734313f83ce20fe13f0d7981e4dd4e483d2e194dc52b767ee9d28ebf9b8db17054e9ce34384012fc3118607337d2bbab5779 |
C:\Users\Admin\Downloads\ConnectRequest.odp
| MD5 | 52769a4c205f9a1a68f06e2084888c9c |
| SHA1 | 67bcd3d42e9efcdc3f709832fee1b7a8e27435ef |
| SHA256 | f490392d879661255e6883711d8735e7acf9a93cb338f96f35f98c64ae7ad6c2 |
| SHA512 | a606d94737fe5aebd82069a116d53250aee30e49f4465de6f7eaf96c46372b70193d5504b7b650b2eee31f0caf42de6895c2278cb8296d77658834cbad5c9c6c |
\??\pipe\crashpad_1828_LXZYORIWHMMTQEZK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Temp\Cab6367.tmp
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\Tar6389.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
memory/2032-207-0x00000000005B0000-0x00000000005B1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a7ccc37de3a6b8bc55088b47d274a916 |
| SHA1 | 3f711b60bb8f36578990273886ab5833b8ba5a4d |
| SHA256 | a964260c6ccbadb7353dcdf0fb2231119196fdfb280a43bd50e3acb13aa883c5 |
| SHA512 | 384b85e46395c4ab2a35bdabc6aa2519b2b3f5e01c3ba50055bdb5910cc33260280d6ccf5f54bf86e0fcf2fffac343c050453bdd1031affefe5b0f6f34e592d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8564cc484315357ba7cf4ac6d799ef03 |
| SHA1 | 07221f084e4d46bbb9fc27571a7f3d22848ba57d |
| SHA256 | 174c5e4d7ef43f05d986e229de448821c7b7aed7dc81298e28c46ca58c9f69e5 |
| SHA512 | 4f2a9cffed6b65f4b3f7be2e31f6d6b6a44fc650e9d7c9fac3331c35b1f2a3901c1b71c790aea1d93e8d72eb551345c04c3eb28d2fe8702b407621e9e4d7430b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1623bc5767a3de0cd1179166c1aec91a |
| SHA1 | bc614ff9f7c07596afb5e3a0032f9d35b797d67d |
| SHA256 | c7f11e28a85c7338dd49fbc0d551213106a66b0050befbc77dd45c9b8409152d |
| SHA512 | 96ea164285f56c27307cdd0133d7737222e2df2a14426448479ede982de404d28aaddab57cec056b26ffc60573cb74e5501bcf6e68909f9bee18d0309f7cff9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c8b941eaa3996c086d20c35efef42751 |
| SHA1 | b191deaaf2af088d297c94604ef2dbcc334a8353 |
| SHA256 | f4750064c37d15a27d0b764fbcf928ff93b9b48145307af4ffff87034bbadac5 |
| SHA512 | 4b7280096eb2bb177e0fe160cde6b0afd509fa09dd913ef880fa40d8ccd598de8ab0a7e60dc007734615ae651e459890020dc7bc09b7973fe33efde020455847 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 708fba346daa178c68bcc7b4176b5906 |
| SHA1 | 42a3c9e98103b280bfda5433ab63d9460e4c431f |
| SHA256 | 2ac66c2dbdfc90caccb40feafe140bf38bc5857eb25725f5ca7bfcf00104f255 |
| SHA512 | 41b480f089f0ae9eff107721f4ed569223d8e6f538836e81060f8bfae5e94e5a4f0e39876cb46486632d24b519a52ef5730cc375afdfe5aafd81a9f2f58a8f71 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf77ccd1.TMP
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 79d3969f224739be4e950ce8363051bb |
| SHA1 | 43bcd9685208db962592c2b870b5f6f312673fee |
| SHA256 | 39da6d3a158bab001104f7e93b087ca9f66b00dec3e0e673c8208758a8f03cd9 |
| SHA512 | f951a69941e45ad842e2f0a0d009e5b7f97453ee0e8083c7f66d6de6580496ec18b0929addfcfbb6d815418396e15644432545443e832078a34b7e9269b9973b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 795bdde37fa5577de0ba6cc7ee378e29 |
| SHA1 | 377a82ca7a882b2b02ac59584ee93f894b2c75d0 |
| SHA256 | 0fee880e87b499fde8b5e2277338ec068713f13c8656f9c628a92e59de126bd8 |
| SHA512 | 495c9724325c70124dcc5b8995186d79068d524c5dfffcdfd31158ce25434fdc45ebf5ff43dcac61d36e5ec8a48b483e1a33d1afd601ac8204bd2e47a3c130f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d8eacb337ae909916d670170b3709b97 |
| SHA1 | 0769848734ddef4404b1dd274dac29195dbd6306 |
| SHA256 | 87d73613a307eba5f3f30a3db680ea327ea8635fa1b06e418d161ee468f0bb08 |
| SHA512 | 2497e483a0f412d94665c8809c798edc507d9e4b7f6425ad1b164edfdb847be5011e51467273ce845f189ecb4507ee9f4876dfcbfbb910b0caf8c42fe9d3998a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1d816cc7a65b6c1e629fea1d670b362d |
| SHA1 | d15ebd770609060d16200dcc2df14dcd2b93e439 |
| SHA256 | d7b9b47e351ba58b75cd5bf97ff7fa75483a0094ef30e105b13d25b078fbbf5d |
| SHA512 | 1403627ace58a38dc9f4cc9ba8c5633a42744984a63f939c2fe0871f758574341ee4c05ab70ec0c2b10ec629a0592e19caddbb2faf3745d079cece45fb28eda3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 353d6a11ac50f5c9a01d23164d992b4a |
| SHA1 | dd81c94e7f7a66ff31710b5f5ce37013706e81c2 |
| SHA256 | f307a3ec00c6f7722c1bb15f1ebc78679fefaa7aec6952e4f828b3975ede8c40 |
| SHA512 | 296b291e64a2bd506ca50f5203959eff31f1186084ba1a5533951150b88b0b4090ecd3776400ce1889351adc932ac2d2fd4614da2d9cd50cfafb3df942241c98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 6e16a0e00a70defc9c40ae9ece97c9e5 |
| SHA1 | 9772b4012ee94ed05356c98ba7e27e71283211d7 |
| SHA256 | 82c83658c88de47b8e7da9904ca19299fc174763fcee974dd3c087b80b9bd532 |
| SHA512 | 5e3984a7985a21d5644f5b579f32f408b28bfcb4de59764f403e4e10e08085e7b3f099748fa6e22180b6097edb4d8c20b676de182999155b13fdec4fae93367d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | c38ba740afd4d9ab26e57eaf753494e8 |
| SHA1 | cd5335de2af058232688f57ebce8d5b1e0440f4d |
| SHA256 | cc5f63853e59e46e0c06de52459c1289b17bb935480674d85a713cb2d06dab28 |
| SHA512 | 16c6bd8fe90c087b814820c8f34478ae0becdfee1defc545a5f89b70367fe0ecf1d44a42b0cf4efcdf8261d3ddd2bf7441340ce5462017b4074351b49aba7a3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 1bc16342586543c6af7c4a0a1e79854e |
| SHA1 | 587fccbbd81611d3b0628f54820edbf9941f2be8 |
| SHA256 | 94781f24054f1bbf35a3a581676d8a7cdf0a4cacc1b8d2f2b0fdb37501921efe |
| SHA512 | 3ae3f2fc2a4054ff5b20724214850b8e336704a2ec4e05f62ca0817b3379906a9d17da574b609714244ea0d4ad6176d3ff3d7c0b9003e549e52070d38fffb8a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | ae1bccd6831ebfe5ad03b482ee266e4f |
| SHA1 | 01f4179f48f1af383b275d7ee338dd160b6f558a |
| SHA256 | 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649 |
| SHA512 | baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b2a1d7b6d34b0c67da7f121d0d79f7ce |
| SHA1 | 5e9ea19cfd1aa908c79d34b83b5904b19149366a |
| SHA256 | 81d8001d4dfcc93507063eafcdd7bf233141755126f076ff5629abcb4fbd40b8 |
| SHA512 | e874407d0b19b804983d24cb6502fbf35b90519f5c680e8616cda9596cc476cdb525ae66f1fa1803ed470d6def57065cd86dba1003161682344c04b1695aeb5d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 7238137d53b8275025cdfe0b16eefb92 |
| SHA1 | d215b00d29daedd1257b9dd23432e844f1f02185 |
| SHA256 | 279153f4638f3efd93f190f88c4e8e686b15846c29c46605b068c9c197478620 |
| SHA512 | 16107e2ddf0813d8a97bec1793bebe9112e4da32f4df2edcff0eb255163bfcd3c8aaa1c162886a2cb2389bd7bc04a7fa5714e615bb8090ddb9b0a96fd9679c5d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 29d5d66c00c096eb64ad9c6cedc7e91e |
| SHA1 | 9ae7fd054366f5e6cad80e0fc1a6962cfc5d1c61 |
| SHA256 | a1b37766c4d7cb70fcb18afb3208d5ae7fc5b13cf105dbb0bd45e584ca6564ff |
| SHA512 | e6b8f0046fa5071169e2a6b9fd960639f9ad9c66861a7c65f6c498cf1ce3ea916c97cb25854082de30b1e7e53ce6fa219b6cba548ecb9263a871ee1d2632fc52 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 449d35c9deb7dc1322ad9586fddbcfd3 |
| SHA1 | 76fb77be9d5e167f1781ec462d00e404db7b69dd |
| SHA256 | 26589bd2b996d06e70c6862ac0bbaf2f9895d13b810b8c57eac89b694f99e084 |
| SHA512 | f2f1cd703ae5c4c948dfd11441ce00d25244bbda2d4a229873d1d738f97bf99314a27443ed6e6cd38339181282170aee1c8b3440fd849fd0af852b42889432c1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 5b33ec388aeb9bee5f1c6e2142e285b8 |
| SHA1 | 96e5a87ecad66cb3bd4e563fe6328e32dabc6ea6 |
| SHA256 | e7f8156232b675da1bb819a12378b80c9218e20664a5c1bda2bea78edaca025d |
| SHA512 | 162f1815992f0ddd1cc60c407a6324d4359f06a34ad0c005e963ea578dc19daf1d53b88af4870fd8318be52fc331468e11cafdb1e8818941969f5c6dd7ccc418 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c15542c6cf7d2a8fe79f585824211bd6 |
| SHA1 | 4ee9f83718128cca58cdccb731cb3cec9106888e |
| SHA256 | ed88e34083dfdd7c73b9315532bf5c72609346176d69581af9c54ff56194a3ee |
| SHA512 | 1c4fa71290d06edc40c03b1298eae65a40f3d652a8cadbfd3d4a08d6d55fef71724a99e61f07114c094f307fa9672f07bea5f2bf862f39b18fa668b5797c2627 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2fdb2f16aa00e60728535893b2eb4c15 |
| SHA1 | 19a8c36162a3126b980664e7cf621a54021f85d9 |
| SHA256 | c8f9a81d79d125bdf0d833a124f1e2328adc722117a096d131e395e3d9961b14 |
| SHA512 | 89518931a564394fffcc99ee301a8c8a70ec1428ce8001ae7f8e2b13a21b332f9519ad6b790d77e4064961bfbe7cb3e351d098de79c351246402485a0edc909c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8b894bd5a5b14ad2c7cbaa330ca12408 |
| SHA1 | dcf42b61f485cb2422959b0a29f8afe643dc3c82 |
| SHA256 | df9253a38e692fa5f560fff1812b9663924a038e21a4001cf48eb322d77c529b |
| SHA512 | 2bb3f77f93aa2eede3cb38dc594d94fc9e0d31103b67783cafdd8ae815caed0a0883ed922415c39cb307abf2e83e7412792093a648464c4324db216d01c2456b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 51d44a03f09375db26d46455c9a0b915 |
| SHA1 | a2dc6fc1a8a86dd3367b99e62bd5a0eb804634f4 |
| SHA256 | 17859a949a5e62afd4963ee30e6b7e58689d41a7f22be00e41c78ec779725f36 |
| SHA512 | b202a3b2631bea3851586f68583d737ada025ba6b45dbea4a4f4c831c8c7e99c345de144fedcc80e1cb917132f8364f9bd2a12fa0b2b4a85c0beddf24f91603f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 89571d3d25f22345f11ca2b88af90d8c |
| SHA1 | 6499bd5e82f7525272de548d3c553e3af23ae232 |
| SHA256 | 14fe8a3a57f9a223fb6c843a35a00337a1db6cb0c1ffa7b5d37dfc24998da355 |
| SHA512 | 0530be9ad698e6502304b55a206d840a1ecbca1ce1c599c863c35547c761a13834147d46b048ee77a4a4e97e8cd1c84e33c62efca67f7612e7111a1306eb2d22 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\f02db254-0d35-4c40-81bb-9855aad9b80f.tmp
| MD5 | be4036b756d4571c4ddee720fa3f48ae |
| SHA1 | a7f65f8d1f5b5667c5a287589f77ba4ec4688218 |
| SHA256 | 8216006ba73f6ad36332dba0317bc961e85818cbd8b0d08b2babe0e3a6a7c60c |
| SHA512 | 37be37be3c15a4fd6bc9493fc60b7316cd70af6e6b0973e89b7132a94c451f68ba232cc76356f4cb4e1744e4b61845bf15975a6dcbc9435da32cad243c9dc4fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | db916d6659e2416521644d0190a3661f |
| SHA1 | d61394d3a0cf843830ed9740506988282e56acb5 |
| SHA256 | 8dd21137871e2b9fead12076441697109aeb3aa2930ea201eea6b1445b3d1fae |
| SHA512 | 3449460b8f7adc769025dd944a1caf7b6785f9756854a4b64ce716f03276a078c290d451e6b0c643e5d99c45880397b888fbfc8de5a3ca1edeacc5e33c4463f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6da71f11798889ebd401e1ef6088a350 |
| SHA1 | 1cb3433120b5546cefba4bf1503da6ffcd933683 |
| SHA256 | 129733a91a0ade294e133644f7348896bf91d93b0f57cc01520165c4e0af798b |
| SHA512 | b8dc6e6d5452513d04050ebae96ca15329c41394c5e45b2ffe2e204956b71e83e7433524b9972d782a8cfcec1ff4f3dfaade23dbfd695434c64e18af055fc2d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7eda2cef340c3ea34e8ccf4d2616f2d9 |
| SHA1 | 55500fa2c46c7e4d5dc446fd86ed8c8cffb80843 |
| SHA256 | 6292bdee0d3eaed76c64f98159d61b0eaa49fcdb4ff4183ea236e9b1c1f097e5 |
| SHA512 | efde249a019e376da89f2000ea484082e06f9fb83f412de7ef5a1edf116cbe60d43592912374cf8778b5e113e64efe941c3a315703b81da80cb9398a5fe5be3e |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-11 02:40
Reported
2024-11-11 02:43
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
154s
Command Line
Signatures
Contacts a large (718) amount of remote hosts
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4089630652-1596403869-279772308-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\re-yang-win.exe | N/A |
Clipboard Data
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\re-yang-win.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\re-yang-win.exe | N/A |
Reads user/profile data of web browsers
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\re-yang-win.exe
"C:\Users\Admin\AppData\Local\Temp\re-yang-win.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "powershell Get-Clipboard"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell Get-Clipboard
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | api.proxyscrape.com | udp |
| US | 8.8.8.8:53 | openproxylist.xyz | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 104.18.10.5:443 | api.proxyscrape.com | tcp |
| US | 104.18.10.5:443 | api.proxyscrape.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 104.18.10.5:443 | api.proxyscrape.com | tcp |
| US | 104.21.0.95:443 | openproxylist.xyz | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 104.21.0.95:443 | openproxylist.xyz | tcp |
| US | 104.18.10.5:443 | api.proxyscrape.com | tcp |
| US | 104.21.0.95:443 | openproxylist.xyz | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.10.18.104.in-addr.arpa | udp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 95.0.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.138.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 104.26.13.205:443 | api.ipify.org | tcp |
| BR | 177.23.54.13:6006 | discordapp.com | tcp |
| BD | 27.147.209.215:8080 | tcp | |
| IQ | 45.81.145.128:8080 | tcp | |
| PK | 202.69.38.82:8080 | tcp | |
| TR | 178.254.168.12:4782 | tcp | |
| US | 83.171.225.145:8085 | tcp | |
| US | 107.152.98.5:4145 | discordapp.com | tcp |
| US | 67.213.210.61:48785 | tcp | |
| TH | 61.7.157.51:8080 | tcp | |
| RU | 94.45.4.102:80 | tcp | |
| BR | 131.72.69.209:8080 | tcp | |
| HK | 47.242.121.232:5522 | tcp | |
| ID | 203.89.29.41:6060 | tcp | |
| JP | 160.16.109.252:18080 | tcp | |
| DE | 5.189.172.158:3128 | tcp | |
| GB | 154.201.34.11:3128 | tcp | |
| EC | 45.70.236.194:999 | discordapp.com | tcp |
| DE | 91.107.231.48:3128 | tcp | |
| KE | 102.209.18.96:8080 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | discordapp.com | udp |
| US | 198.199.96.195:80 | tcp | |
| TH | 182.52.27.44:8080 | tcp | |
| ID | 36.91.46.26:8080 | tcp | |
| IN | 103.51.21.250:83 | tcp | |
| US | 72.210.252.134:46164 | tcp | |
| IN | 103.85.103.1:5678 | tcp | |
| AR | 200.106.184.11:999 | tcp | |
| CN | 121.230.210.106:8089 | tcp | |
| US | 50.200.12.86:80 | tcp | |
| SG | 20.24.43.214:8123 | tcp | |
| FR | 51.91.109.83:80 | tcp | |
| PH | 112.205.92.14:8080 | tcp | |
| TR | 178.18.207.72:44435 | tcp | |
| VE | 38.41.5.75:999 | tcp | |
| KR | 58.234.116.197:8197 | tcp | |
| ZM | 155.0.72.251:3128 | tcp | |
| ID | 103.187.86.10:8182 | tcp | |
| CL | 179.57.170.143:999 | tcp | |
| TH | 125.25.133.236:8080 | tcp | |
| IN | 45.126.21.75:5678 | tcp | |
| EG | 41.33.219.132:8080 | tcp | |
| LY | 165.16.46.193:8080 | tcp | |
| FR | 51.83.34.150:34214 | tcp | |
| CN | 122.9.4.213:80 | tcp | |
| CN | 139.196.214.238:3128 | tcp | |
| UA | 195.66.156.196:1080 | tcp | |
| US | 162.241.46.40:34295 | tcp | |
| US | 74.208.177.198:80 | tcp | |
| US | 104.25.206.32:80 | tcp | |
| CA | 207.34.88.177:80 | tcp | |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| BR | 177.69.118.177:8080 | tcp | |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| BR | 186.224.225.82:42648 | tcp | |
| BD | 124.6.225.124:1088 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.13.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.22.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.206.25.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.109.91.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.98.152.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.96.199.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.54.23.177.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.43.24.20.in-addr.arpa | udp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 194.236.70.45.in-addr.arpa | udp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 104.19.22.177:80 | discordapp.com | tcp |
| US | 107.1.93.219:80 | tcp | |
| US | 23.231.2.17:19481 | tcp | |
| US | 50.168.49.108:80 | tcp | |
| US | 159.65.39.161:80 | tcp | |
| TR | 88.250.72.224:1453 | tcp | |
| HK | 183.87.158.141:8080 | tcp | |
| IR | 194.31.108.52:55555 | tcp | |
| CI | 213.136.101.36:3128 | tcp | |
| US | 173.208.239.42:17007 | tcp | |
| BR | 179.108.158.204:4145 | tcp | |
| CA | 72.10.160.173:3209 | tcp | |
| US | 131.153.151.250:35158 | tcp | |
| US | 8.8.8.8:53 | 161.39.65.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.18.209.102.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.239.208.173.in-addr.arpa | udp |
| US | 72.210.221.197:4145 | tcp | |
| VN | 115.72.160.16:10001 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 124.225.6.124.in-addr.arpa | udp |
| CN | 103.88.35.200:1080 | tcp | |
| BR | 45.71.167.129:8080 | tcp | |
| ID | 36.91.148.36:8080 | tcp | |
| CN | 223.166.109.94:7891 | tcp | |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| CN | 117.160.250.131:80 | tcp | |
| UA | 176.37.139.137:5678 | discordapp.com | tcp |
| TH | 118.173.230.19:1080 | tcp | |
| US | 193.227.129.196:22846 | tcp | |
| SG | 47.237.92.86:4916 | discordapp.com | tcp |
| UA | 45.134.173.237:8085 | tcp | |
| EG | 41.33.14.23:1976 | tcp | |
| US | 5.161.98.204:45055 | tcp | |
| US | 50.200.12.87:80 | tcp | |
| TZ | 41.59.90.171:80 | tcp | |
| PE | 164.163.185.204:80 | tcp | |
| US | 92.204.135.37:39957 | tcp | |
| CN | 116.63.128.247:3333 | tcp | |
| US | 72.210.208.101:4145 | tcp | |
| US | 50.230.222.202:80 | tcp | |
| CN | 114.106.134.117:8089 | tcp | |
| US | 104.143.251.234:6496 | tcp | |
| US | 208.102.51.6:58208 | tcp | |
| TR | 188.132.222.168:8080 | tcp | |
| ID | 103.55.22.246:8199 | tcp | |
| CN | 47.113.230.224:21025 | tcp | |
| CN | 123.73.242.119:1080 | tcp | |
| US | 149.28.221.67:9060 | tcp | |
| DE | 3.127.62.252:80 | discordapp.com | tcp |
| US | 132.148.128.88:61777 | tcp | |
| US | 8.8.8.8:53 | 234.251.143.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.51.102.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.92.237.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.62.127.3.in-addr.arpa | udp |
| ID | 103.189.123.246:7777 | tcp | |
| US | 8.8.8.8:53 | 16.160.72.115.in-addr.arpa | udp |
| DE | 141.147.33.121:80 | tcp | |
| GB | 195.208.61.116:52803 | tcp | |
| TH | 182.52.67.122:50801 | tcp | |
| SG | 43.156.0.125:8888 | tcp | |
| GB | 139.59.172.98:80 | discordapp.com | tcp |
| NL | 212.123.230.25:8181 | tcp | |
| ZA | 105.214.25.196:5678 | tcp | |
| BD | 27.147.145.51:1088 | tcp | |
| TR | 31.223.22.21:1080 | tcp | |
| CA | 148.113.143.72:3128 | tcp | |
| EG | 154.239.9.94:8080 | tcp | |
| US | 8.8.8.8:53 | 98.172.59.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.139.37.176.in-addr.arpa | udp |
| ZA | 102.132.201.202:80 | tcp | |
| NL | 185.182.194.145:32754 | tcp | |
| PH | 124.105.102.167:8082 | tcp | |
| PL | 46.227.36.152:1080 | tcp | |
| US | 8.8.8.8:53 | 145.194.182.185.in-addr.arpa | udp |
| JP | 160.248.80.91:137 | tcp | |
| US | 32.223.6.94:80 | discordapp.com | tcp |
| CN | 113.204.4.142:10800 | tcp | |
| US | 38.127.179.26:42908 | tcp | |
| US | 104.131.58.165:3128 | tcp | |
| IN | 45.119.114.203:3128 | tcp | |
| US | 8.8.8.8:53 | 94.6.223.32.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.80.248.160.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.114.119.45.in-addr.arpa | udp |
| US | 174.77.111.197:4145 | tcp | |
| US | 8.8.8.8:53 | 197.111.77.174.in-addr.arpa | udp |
| US | 24.249.199.4:4145 | tcp | |
| CN | 222.174.252.54:7300 | tcp | |
| US | 64.225.4.17:10001 | tcp | |
| HK | 16.163.88.228:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 4.199.249.24.in-addr.arpa | udp |
| MZ | 41.76.149.62:8080 | tcp | |
| HU | 85.238.74.91:8080 | tcp | |
| UA | 93.171.224.41:8080 | tcp | |
| CA | 67.43.227.226:16819 | discordapp.com | tcp |
| BR | 177.70.243.1:8080 | tcp | |
| DO | 38.10.179.195:999 | tcp | |
| US | 20.163.56.142:10000 | tcp | |
| GT | 45.5.119.222:999 | tcp | |
| HK | 188.253.112.218:80 | tcp | |
| SG | 139.180.140.254:1080 | tcp | |
| US | 104.239.81.6:6541 | tcp | |
| PY | 181.120.28.228:80 | tcp | |
| ID | 103.124.137.251:1080 | tcp | |
| US | 132.148.155.180:45578 | tcp | |
| KH | 110.74.195.34:25 | tcp | |
| SG | 119.13.103.211:8002 | tcp | |
| CO | 38.51.243.173:5678 | tcp | |
| US | 8.8.8.8:53 | 228.88.163.16.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.227.43.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.81.239.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.25.214.105.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.112.253.188.in-addr.arpa | udp |
| CN | 8.136.100.59:8888 | tcp | |
| AU | 51.161.130.195:57398 | tcp | |
| ID | 103.146.196.66:8080 | tcp | |
| FR | 51.15.223.12:16379 | tcp | |
| CO | 190.2.211.146:999 | tcp | |
| RU | 91.235.220.122:80 | tcp | |
| US | 152.53.36.109:41588 | tcp | |
| GB | 107.181.130.35:5656 | tcp | |
| US | 97.74.229.3:45644 | tcp | |
| TH | 101.109.245.200:4153 | tcp | |
| CY | 212.31.100.138:4153 | tcp | |
| TH | 110.78.148.57:4145 | tcp | |
| AZ | 185.43.189.182:3629 | tcp | |
| US | 162.240.208.119:49188 | tcp | |
| US | 8.8.8.8:53 | 211.103.13.119.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.130.181.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.100.31.212.in-addr.arpa | udp |
| BD | 124.6.225.124:1088 | tcp | |
| TR | 188.132.222.12:8080 | discordapp.com | tcp |
| US | 172.67.126.201:80 | tcp | |
| GB | 8.208.90.243:443 | tcp | |
| DO | 38.156.233.75:999 | tcp | |
| US | 198.11.175.180:4444 | tcp | |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| ZA | 154.73.159.10:8585 | tcp | |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| SG | 8.219.169.172:808 | tcp | |
| ID | 103.109.2.94:4153 | tcp | |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| ID | 8.215.3.250:9080 | tcp | |
| VN | 27.77.228.212:1080 | discordapp.com | tcp |
| CU | 190.15.158.183:9090 | tcp | |
| US | 8.8.8.8:53 | 201.126.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.90.208.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.175.11.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.63.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.222.132.188.in-addr.arpa | udp |
| IN | 117.242.232.86:5678 | tcp | |
| GB | 82.206.131.58:10801 | tcp | |
| US | 67.205.60.167:17360 | tcp | |
| IN | 103.159.46.34:84 | tcp | |
| DE | 176.9.239.181:80 | tcp | |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 172.169.219.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.3.215.8.in-addr.arpa | udp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| GB | 213.52.130.61:47595 | tcp | |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 212.228.77.27.in-addr.arpa | udp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| ID | 115.124.64.74:8080 | tcp | |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| ID | 103.22.99.93:7777 | tcp | |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| US | 104.16.63.118:80 | discordapp.com | tcp |
| CA | 72.10.160.90:27323 | discordapp.com | tcp |
| US | 206.189.237.170:80 | tcp | |
| CN | 223.215.176.37:8089 | tcp | |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.160.10.72.in-addr.arpa | udp |
| JP | 43.250.175.170:38080 | tcp | |
| US | 162.243.102.207:9764 | tcp | |
| US | 47.89.184.18:3128 | discordapp.com | tcp |
| FR | 162.19.7.56:63781 | tcp | |
| IN | 175.101.80.134:8080 | tcp | |
| US | 50.168.49.107:80 | tcp | |
| US | 172.67.181.89:80 | tcp | |
| CA | 142.44.212.57:30439 | tcp | |
| FR | 62.210.122.213:44256 | tcp | |
| US | 8.8.8.8:53 | 207.102.243.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.7.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.184.89.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.181.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 23.82.137.157:80 | discordapp.com | tcp |
| VN | 27.77.145.231:10008 | tcp | |
| GH | 41.204.53.19:80 | discordapp.com | tcp |
| US | 173.208.239.42:17007 | discordapp.com | tcp |
| BG | 213.16.57.50:8080 | tcp | |
| KR | 8.213.129.20:8024 | tcp | |
| GH | 41.204.53.19:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 19.53.204.41.in-addr.arpa | udp |
| ID | 36.67.136.21:8080 | tcp | |
| GH | 41.204.53.19:80 | tcp | |
| SG | 8.219.83.253:15673 | tcp | |
| CA | 104.207.51.211:3128 | tcp | |
| US | 141.98.85.36:8085 | tcp | |
| TW | 59.124.224.180:3128 | tcp | |
| SG | 68.178.168.41:80 | tcp | |
| BD | 113.21.228.106:80 | tcp | |
| CL | 45.4.0.28:999 | tcp | |
| US | 148.72.169.225:30110 | tcp | |
| US | 8.8.8.8:53 | 211.51.207.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.129.213.8.in-addr.arpa | udp |
| US | 65.169.38.73:26592 | tcp | |
| KR | 175.207.13.144:3128 | discordapp.com | tcp |
| RU | 109.236.52.12:8085 | tcp | |
| ID | 36.82.106.238:80 | tcp | |
| AU | 47.91.45.198:8080 | tcp | |
| PY | 190.104.173.62:80 | tcp | |
| EG | 41.33.219.132:8080 | tcp | |
| CO | 179.49.161.74:999 | tcp | |
| DE | 45.80.188.183:25326 | tcp | |
| FR | 37.187.120.71:2354 | tcp | |
| CA | 67.43.228.253:11979 | tcp | |
| US | 8.8.8.8:53 | 62.173.104.190.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.13.207.175.in-addr.arpa | udp |
| ES | 213.97.161.224:3128 | tcp | |
| CA | 159.203.3.234:80 | tcp | |
| BD | 103.141.70.18:8080 | tcp | |
| US | 8.8.8.8:53 | 181.239.9.176.in-addr.arpa | udp |
| HK | 18.163.56.126:80 | tcp | |
| PS | 213.6.68.210:4145 | tcp | |
| CN | 113.78.190.20:1111 | tcp | |
| US | 50.168.72.117:80 | tcp | |
| ID | 103.167.71.39:8080 | tcp | |
| ML | 197.155.158.22:80 | tcp | |
| BD | 111.221.0.118:8674 | tcp | |
| PH | 58.69.201.117:8082 | tcp | |
| CA | 51.222.25.113:52962 | tcp | |
| US | 8.8.8.8:53 | 117.72.168.50.in-addr.arpa | udp |
| BD | 103.161.183.59:80 | tcp | |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 2.197.64.172.in-addr.arpa | udp |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| PY | 200.85.52.254:5678 | tcp | |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| FR | 51.158.124.167:16379 | tcp | |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| BD | 103.161.183.59:80 | tcp | |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 50.173.140.144:80 | tcp | |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| ID | 117.102.224.38:1080 | tcp | |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| CO | 200.10.30.77:8083 | tcp | |
| PR | 198.52.243.9:7777 | tcp | |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| CN | 58.242.249.31:33987 | tcp | |
| ID | 119.47.90.74:5678 | tcp | |
| US | 68.183.122.221:15422 | tcp | |
| US | 172.64.197.2:80 | discordapp.com | tcp |
| AR | 200.32.105.86:4153 | tcp | |
| VN | 150.95.104.109:8080 | discordapp.com | tcp |
| UA | 46.98.196.243:5678 | tcp | |
| TR | 185.87.121.5:8975 | tcp | |
| TW | 118.163.120.181:58837 | tcp | |
| US | 8.8.8.8:53 | 109.104.95.150.in-addr.arpa | udp |
| VE | 201.71.2.161:999 | tcp | |
| ID | 180.244.99.6:8080 | tcp | |
| SE | 82.209.165.206:4153 | tcp | |
| GB | 107.181.141.212:6609 | tcp | |
| EG | 154.236.179.226:1981 | tcp | |
| US | 8.8.8.8:53 | 212.141.181.107.in-addr.arpa | udp |
| TH | 159.138.252.45:8989 | discordapp.com | tcp |
| GR | 84.254.0.86:32650 | tcp | |
| IN | 59.92.70.176:3127 | tcp | |
| US | 104.219.42.115:64912 | tcp | |
| SG | 8.222.250.149:3128 | tcp | |
| CN | 103.30.201.39:3001 | tcp | |
| IR | 37.235.28.194:8080 | tcp | |
| GB | 45.43.82.15:6009 | tcp | |
| ID | 103.105.196.130:3128 | tcp | |
| BD | 119.148.36.249:9898 | tcp | |
| US | 8.8.8.8:53 | 45.252.138.159.in-addr.arpa | udp |
| TW | 125.229.149.168:65110 | tcp | |
| US | 8.8.8.8:53 | 15.82.43.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.201.30.103.in-addr.arpa | udp |
| HK | 47.243.177.210:8088 | tcp | |
| RU | 188.244.38.134:7999 | discordapp.com | tcp |
| EC | 179.0.43.45:999 | tcp | |
| TR | 88.250.204.251:1453 | tcp | |
| NG | 102.216.181.6:8080 | tcp | |
| US | 107.1.93.213:80 | tcp | |
| ID | 117.102.78.163:1080 | tcp | |
| US | 74.208.47.100:22905 | tcp | |
| TW | 118.163.13.200:8080 | tcp | |
| US | 8.8.8.8:53 | 157.137.82.23.in-addr.arpa | udp |
| EG | 41.65.55.10:1976 | tcp | |
| KG | 77.235.19.2:8080 | tcp | |
| MX | 170.78.211.33:1080 | tcp | |
| GT | 190.115.0.17:999 | tcp | |
| RU | 31.28.4.192:80 | discordapp.com | tcp |
| BR | 138.0.206.87:9292 | tcp | |
| TH | 110.238.116.82:80 | tcp | |
| CN | 106.75.86.143:1080 | tcp | |
| PA | 190.123.226.109:5678 | tcp | |
| US | 104.129.205.15:10289 | tcp | |
| US | 8.8.8.8:53 | 192.4.28.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.116.238.110.in-addr.arpa | udp |
| KH | 103.17.213.102:8080 | tcp | |
| CN | 111.1.61.47:3128 | tcp | |
| CN | 117.21.14.245:8000 | tcp | |
| US | 50.84.48.130:8080 | tcp | |
| US | 52.41.249.10:80 | tcp | |
| TH | 183.88.240.139:4153 | tcp | |
| TW | 211.22.151.163:60808 | tcp | |
| RU | 212.3.154.210:80 | tcp | |
| US | 8.8.8.8:53 | 194.28.235.37.in-addr.arpa | udp |
| AM | 217.113.30.218:8080 | tcp | |
| BG | 92.247.12.139:9510 | tcp | |
| NL | 145.40.97.148:10006 | tcp | |
| US | 8.8.8.8:53 | 134.38.244.188.in-addr.arpa | udp |
| US | 12.186.205.122:80 | tcp | |
| CN | 223.85.12.114:2222 | tcp | |
| US | 23.82.137.157:80 | tcp | |
| SG | 8.219.5.240:20201 | tcp | |
| IN | 103.62.237.102:8080 | tcp | |
| US | 154.38.161.76:58381 | tcp | |
| BA | 91.148.127.56:8080 | tcp | |
| US | 165.22.32.217:51871 | tcp | |
| US | 8.8.8.8:53 | 148.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.5.219.8.in-addr.arpa | udp |
| ES | 84.236.185.247:61710 | tcp | |
| EC | 45.4.203.115:999 | tcp | |
| US | 174.77.111.197:4145 | discordapp.com | tcp |
| AR | 128.201.82.87:999 | tcp | |
| US | 47.252.20.42:443 | discordapp.com | tcp |
| ID | 103.165.238.114:4145 | tcp | |
| GB | 8.208.90.194:81 | tcp | |
| US | 198.12.250.231:5091 | tcp | |
| VE | 191.97.19.66:999 | tcp | |
| US | 8.8.8.8:53 | 42.20.252.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.250.12.198.in-addr.arpa | udp |
| DO | 38.56.70.75:999 | tcp | |
| JP | 8.221.138.111:8443 | discordapp.com | tcp |
| US | 147.28.155.20:10067 | discordapp.com | tcp |
| GB | 86.38.236.42:6326 | discordapp.com | tcp |
| ID | 103.76.13.234:8080 | tcp | |
| EG | 217.52.247.87:1981 | tcp | |
| VE | 200.82.188.28:999 | tcp | |
| US | 82.180.132.69:80 | tcp | |
| VN | 116.97.9.74:5101 | tcp | |
| US | 13.56.192.187:80 | discordapp.com | tcp |
| BD | 103.138.123.65:8090 | tcp | |
| UA | 193.106.138.52:3128 | tcp | |
| US | 8.8.8.8:53 | 42.236.38.86.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.90.208.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.155.28.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.138.221.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.192.56.13.in-addr.arpa | udp |
| BR | 201.149.102.241:8085 | tcp | |
| IN | 13.126.79.133:80 | tcp | |
| CN | 123.60.109.71:30001 | tcp | |
| AT | 212.236.38.166:8081 | tcp | |
| KR | 221.156.247.86:53232 | tcp | |
| US | 8.8.8.8:53 | 133.79.126.13.in-addr.arpa | udp |
| CN | 106.45.221.168:3256 | tcp | |
| JP | 8.221.138.111:8443 | api.ipify.org | tcp |
| VN | 116.118.48.208:35050 | tcp | |
| SG | 119.13.111.169:502 | tcp | |
| US | 198.12.253.239:20612 | tcp | |
| US | 8.8.8.8:53 | 169.111.13.119.in-addr.arpa | udp |
| SG | 34.87.84.105:80 | tcp | |
| US | 50.173.140.151:80 | tcp | |
| CL | 201.238.248.134:443 | tcp | |
| ID | 103.172.71.123:8080 | tcp | |
| US | 47.253.105.175:2080 | tcp | |
| IN | 103.60.138.2:4153 | tcp | |
| US | 8.8.8.8:53 | 175.105.253.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.248.238.201.in-addr.arpa | udp |
| US | 65.49.67.161:48324 | tcp | |
| CI | 213.136.101.40:3128 | tcp | |
| CN | 117.160.250.132:8899 | tcp | |
| VN | 103.176.108.105:1414 | tcp | |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 31.204.28.20:20937 | tcp | |
| VN | 171.225.224.132:54400 | discordapp.com | tcp |
| CN | 175.153.130.158:3256 | tcp | |
| JP | 161.202.226.194:8123 | tcp | |
| IN | 103.204.54.50:1080 | tcp | |
| IQ | 188.72.43.162:47193 | tcp | |
| US | 8.8.8.8:53 | 50.54.204.103.in-addr.arpa | udp |
| CO | 190.242.126.170:999 | tcp | |
| ID | 103.156.141.100:8010 | tcp | |
| PL | 185.32.4.65:4153 | tcp | |
| US | 198.12.250.231:5091 | tcp | |
| RU | 109.197.153.121:8888 | tcp | |
| US | 103.54.57.117:50460 | tcp | |
| AR | 190.111.209.207:3128 | tcp | |
| GB | 18.135.211.182:3128 | tcp | |
| US | 154.53.49.83:11289 | tcp | |
| UA | 193.200.151.158:8192 | tcp | |
| UA | 193.34.93.221:33861 | tcp | |
| CN | 113.87.225.78:7891 | tcp | |
| BR | 187.86.153.254:30660 | tcp | |
| KR | 101.101.217.36:80 | tcp | |
| TH | 118.172.47.97:51327 | tcp | |
| CA | 74.56.228.180:4145 | tcp | |
| CA | 158.51.210.75:7777 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 182.211.135.18.in-addr.arpa | udp |
| FR | 51.15.242.202:8888 | tcp | |
| FR | 188.165.45.156:9996 | tcp | |
| GB | 154.202.101.15:3128 | tcp | |
| US | 8.8.8.8:53 | 75.210.51.158.in-addr.arpa | udp |
| CN | 116.114.20.148:3128 | tcp | |
| ID | 101.255.150.94:80 | tcp | |
| CL | 200.39.138.45:999 | tcp | |
| US | 129.213.153.223:80 | tcp | |
| FR | 135.125.9.103:13895 | tcp | |
| SG | 184.168.121.153:30305 | tcp | |
| CN | 183.215.23.242:9091 | tcp | |
| MX | 201.174.73.70:11337 | tcp | |
| ZA | 165.165.170.102:8080 | tcp | |
| HK | 47.243.175.55:8080 | tcp | |
| US | 72.167.8.5:44774 | tcp | |
| BR | 20.33.5.27:8888 | tcp | |
| GB | 154.201.33.5:3128 | tcp | |
| US | 154.202.126.93:3128 | tcp | |
| MM | 103.200.135.226:4145 | tcp | |
| US | 8.8.8.8:53 | 55.175.243.47.in-addr.arpa | udp |
| US | 47.253.105.175:7302 | tcp | |
| DE | 5.9.151.189:30000 | tcp | |
| BD | 220.247.162.70:8080 | tcp | |
| CO | 190.1.201.58:8080 | tcp | |
| US | 8.8.8.8:53 | 226.135.200.103.in-addr.arpa | udp |
| ID | 103.124.137.251:1080 | tcp | |
| TH | 14.207.58.42:8080 | tcp | |
| PT | 2.83.198.171:80 | tcp | |
| DE | 173.212.237.43:43648 | tcp | |
| MZ | 41.76.149.62:8080 | tcp | |
| JP | 160.16.56.40:80 | tcp | |
| LY | 165.16.22.130:9999 | tcp | |
| RU | 188.191.164.55:4890 | tcp | |
| BG | 77.238.79.111:8080 | tcp | |
| BD | 103.234.26.113:8080 | tcp | |
| SE | 185.139.155.155:11813 | tcp | |
| US | 31.204.28.20:20937 | tcp | |
| AU | 119.17.42.150:8080 | tcp | |
| US | 162.214.170.144:3434 | tcp | |
| RU | 31.211.82.158:3128 | tcp | |
| PL | 212.127.78.79:39811 | tcp | |
| DO | 38.156.235.113:999 | tcp | |
| CO | 190.7.138.78:8080 | discordapp.com | tcp |
| CH | 195.15.215.146:80 | tcp | |
| US | 172.67.181.165:80 | tcp | |
| US | 67.213.210.175:34051 | tcp | |
| PL | 80.52.223.98:5678 | tcp | |
| GB | 154.201.34.11:3128 | tcp | |
| US | 74.119.144.60:4145 | tcp | |
| US | 8.8.8.8:53 | 165.181.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.138.7.190.in-addr.arpa | udp |
| US | 74.48.78.52:80 | tcp | |
| DE | 94.130.54.171:7449 | tcp | |
| CA | 167.114.96.27:9300 | tcp | |
| US | 8.8.8.8:53 | 155.155.139.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.144.119.74.in-addr.arpa | udp |
| US | 45.196.151.73:5432 | tcp | |
| ID | 103.155.196.36:5445 | tcp | |
| VN | 113.161.131.43:80 | tcp | |
| RS | 46.40.6.201:7777 | tcp | |
| PE | 190.119.76.68:8080 | tcp | |
| BD | 121.200.62.246:4153 | tcp | |
| US | 8.8.8.8:53 | 132.224.225.171.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.151.196.45.in-addr.arpa | udp |
| BD | 202.40.182.82:60606 | tcp | |
| US | 204.48.31.211:80 | tcp | |
| BO | 181.115.207.118:1080 | tcp | |
| DE | 8.209.64.208:6666 | tcp | |
| US | 8.8.8.8:53 | 211.31.48.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.64.209.8.in-addr.arpa | udp |
| US | 193.227.129.194:22902 | tcp | |
| RU | 85.235.184.186:3129 | tcp | |
| US | 72.195.34.58:4145 | tcp | |
| ID | 103.189.250.65:8080 | tcp | |
| US | 8.8.8.8:53 | 58.34.195.72.in-addr.arpa | udp |
| IN | 203.115.98.30:5678 | tcp | |
| PE | 45.189.118.196:999 | tcp | |
| SE | 193.15.14.198:80 | tcp | |
| LT | 213.252.245.221:6116 | tcp | |
| CN | 117.40.176.42:9091 | tcp | |
| BD | 202.40.178.34:2930 | tcp | |
| NL | 104.40.148.100:8080 | tcp | |
| US | 8.8.8.8:53 | 198.14.15.193.in-addr.arpa | udp |
| TR | 88.248.145.176:1453 | tcp | |
| FR | 51.178.86.221:3128 | tcp | |
| US | 50.171.32.229:80 | tcp | |
| CL | 190.13.147.93:5678 | tcp | |
| CA | 67.43.227.230:4961 | tcp | |
| BZ | 45.131.7.54:80 | tcp | |
| ID | 8.215.15.163:8008 | tcp | |
| KR | 121.148.186.182:51214 | tcp | |
| US | 47.88.59.79:82 | discordapp.com | tcp |
| RU | 46.188.2.42:5678 | tcp | |
| RU | 93.157.248.108:88 | tcp | |
| ID | 202.180.20.114:1080 | tcp | |
| GB | 45.12.31.192:80 | tcp | |
| TH | 110.238.116.82:50001 | tcp | |
| IT | 185.72.40.30:8080 | tcp | |
| KH | 119.82.251.250:31678 | tcp | |
| BR | 168.232.220.1:4153 | tcp | |
| US | 50.236.148.246:31699 | tcp | |
| GB | 176.253.53.25:80 | tcp | |
| CA | 67.43.236.20:11091 | tcp | |
| US | 8.8.8.8:53 | 54.7.131.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.59.88.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.15.215.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.31.12.45.in-addr.arpa | udp |
| BD | 103.123.168.165:83 | tcp | |
| BR | 187.32.20.249:5678 | tcp | |
| FR | 147.135.128.218:80 | tcp | |
| EG | 41.33.203.227:1976 | tcp | |
| GB | 178.128.162.94:80 | tcp | |
| IT | 94.198.211.217:5678 | tcp | |
| US | 8.8.8.8:53 | 94.162.128.178.in-addr.arpa | udp |
| ID | 202.51.114.210:3128 | tcp | |
| NL | 178.159.39.153:8118 | tcp | |
| CN | 117.160.250.130:8899 | tcp | |
| IN | 47.247.78.133:80 | tcp | |
| CN | 47.116.126.57:3128 | tcp | |
| US | 154.202.125.156:3128 | tcp | |
| CA | 67.43.236.22:32249 | discordapp.com | tcp |
| BD | 119.18.149.9:5020 | tcp | |
| BR | 186.201.63.83:3128 | tcp | |
| TH | 159.192.143.241:4153 | tcp | |
| US | 8.8.8.8:53 | 22.236.43.67.in-addr.arpa | udp |
| KH | 36.37.244.41:5678 | tcp | |
| US | 156.228.100.47:3128 | tcp | |
| PH | 222.127.50.56:8082 | tcp | |
| US | 54.172.119.74:80 | tcp | |
| US | 8.8.8.8:53 | 47.100.228.156.in-addr.arpa | udp |
| IN | 103.242.119.88:80 | tcp | |
| GB | 154.201.34.124:3128 | tcp | |
| US | 184.178.172.14:4145 | tcp | |
| US | 132.148.16.169:11835 | tcp | |
| CA | 72.10.164.178:2007 | tcp | |
| IR | 46.209.73.165:8080 | tcp | |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| BD | 180.211.179.82:5678 | tcp | |
| UA | 193.105.62.11:58973 | tcp | |
| CO | 181.129.74.58:30431 | tcp | |
| US | 8.8.8.8:53 | 14.172.178.184.in-addr.arpa | udp |
| ID | 103.15.242.212:47424 | tcp | |
| BD | 115.127.30.28:8674 | tcp | |
| US | 47.252.20.42:1081 | tcp | |
| BR | 177.25.40.146:4343 | tcp | |
| VN | 103.176.108.105:1414 | tcp | |
| EG | 41.65.236.53:1976 | tcp | |
| DE | 3.71.239.218:80 | discordapp.com | tcp |
| TH | 49.49.184.179:8080 | tcp | |
| CO | 186.30.116.46:999 | tcp | |
| BR | 181.233.95.18:5678 | tcp | |
| VN | 113.160.234.147:57921 | tcp | |
| US | 8.8.8.8:53 | 218.239.71.3.in-addr.arpa | udp |
| SG | 68.178.168.41:80 | tcp | |
| SG | 148.72.212.198:43614 | tcp | |
| CN | 117.160.250.133:8899 | tcp | |
| US | 64.225.4.63:9993 | tcp | |
| CO | 38.56.23.33:999 | tcp | |
| FR | 217.182.210.152:80 | discordapp.com | tcp |
| RU | 79.99.110.254:18080 | tcp | |
| ID | 103.175.238.106:8082 | tcp | |
| TR | 38.156.73.61:8080 | tcp | |
| EG | 41.65.146.171:1981 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 171.146.65.41.in-addr.arpa | udp |
| ID | 103.10.97.154:4153 | tcp | |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| US | 23.82.137.158:80 | tcp | |
| N/A | 127.0.0.7:80 | tcp | |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| SG | 20.24.43.214:80 | tcp | |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| CZ | 89.187.157.180:8080 | tcp | |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| EC | 45.224.22.177:999 | tcp | |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| KH | 103.73.164.190:32650 | tcp | |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| MX | 170.78.211.33:1080 | tcp | |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| US | 66.248.237.227:56740 | tcp | |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| CN | 223.241.77.93:8089 | tcp | |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| DE | 43.157.8.79:8888 | tcp | |
| GB | 157.245.41.92:80 | discordapp.com | tcp |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| US | 8.8.8.8:53 | 152.210.182.217.in-addr.arpa | udp |
| GB | 178.128.172.154:3128 | tcp | |
| PY | 201.217.51.9:4145 | tcp | |
| CA | 142.44.247.105:61967 | tcp | |
| US | 104.143.226.74:5677 | tcp | |
| US | 191.101.1.116:80 | tcp | |
| US | 162.243.237.104:12763 | tcp | |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| HK | 49.0.252.39:6666 | tcp | |
| US | 8.8.8.8:53 | 74.226.143.104.in-addr.arpa | udp |
| CA | 67.43.228.253:11323 | discordapp.com | tcp |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| CA | 67.43.228.252:27201 | tcp | |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| ID | 36.92.28.34:8080 | tcp | |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 253.228.43.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.252.0.49.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.213.193.141.in-addr.arpa | udp |
| EG | 41.65.146.171:1981 | 7.7.7.71 | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| VN | 115.79.27.106:1001 | discordapp.com | tcp |
| FR | 13.37.73.214:3128 | tcp | |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| TR | 188.132.222.167:8080 | tcp | |
| US | 198.12.255.193:34321 | tcp | |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| TH | 8.213.197.208:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| DE | 47.91.89.3:8080 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 92.41.245.157.in-addr.arpa | udp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| UY | 201.221.9.105:8080 | tcp | |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| TH | 124.121.44.54:8080 | tcp | |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| US | 104.219.42.115:61710 | tcp | |
| US | 141.193.213.3:80 | discordapp.com | tcp |
| RU | 194.190.254.250:8080 | tcp | |
| US | 8.8.8.8:53 | 3.89.91.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.197.213.8.in-addr.arpa | udp |
| ES | 188.87.137.45:3128 | tcp | |
| TH | 159.138.255.141:9050 | tcp | |
| JP | 133.18.234.13:80 | discordapp.com | tcp |
| AR | 190.114.143.226:8080 | tcp | |
| VN | 101.36.102.238:8168 | tcp | |
| HR | 212.92.204.54:80 | tcp | |
| US | 104.22.60.191:80 | tcp | |
| VN | 103.176.179.84:3128 | tcp | |
| US | 8.8.8.8:53 | 141.255.138.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.27.79.115.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.60.22.104.in-addr.arpa | udp |
| SG | 8.222.158.0:15673 | tcp | |
| DE | 47.91.89.3:8080 | api.ipify.org | tcp |
| CN | 183.236.232.160:8080 | tcp | |
| FR | 54.36.81.217:8080 | tcp | |
| AU | 47.74.71.208:5678 | tcp | |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| US | 50.174.145.11:80 | tcp | |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| NL | 195.181.172.213:8081 | tcp | |
| US | 8.8.8.8:53 | 36.164.216.95.in-addr.arpa | udp |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| SG | 15.235.187.227:62640 | tcp | |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| BZ | 45.131.7.54:80 | tcp | |
| CN | 183.236.232.160:8080 | tcp | |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| CN | 119.179.232.219:7890 | tcp | |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| BR | 191.252.219.129:8889 | tcp | |
| VE | 45.234.60.2:999 | tcp | |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| RU | 194.1.232.150:33333 | tcp | |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| US | 165.227.0.192:80 | tcp | |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| TR | 88.249.206.216:1453 | tcp | |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| TH | 101.109.41.137:4153 | tcp | |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| AU | 47.74.71.208:8090 | tcp | |
| US | 72.210.221.197:4145 | tcp | |
| KH | 110.74.195.34:25 | tcp | |
| US | 50.174.7.154:80 | discordapp.com | tcp |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| UA | 178.251.111.116:24572 | tcp | |
| RS | 178.253.208.146:1080 | tcp | |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 137.41.109.101.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.7.174.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.51.74.198.in-addr.arpa | udp |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| ID | 36.89.214.21:4480 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| FI | 95.216.164.36:80 | discordapp.com | tcp |
| VE | 190.94.212.221:999 | tcp | |
| HK | 47.76.144.139:3128 | discordapp.com | tcp |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| FR | 195.154.106.167:80 | tcp | |
| US | 12.186.205.122:80 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| BD | 103.180.203.142:6969 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| CN | 117.26.40.70:2829 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 139.144.76.47.in-addr.arpa | udp |
| IR | 5.160.32.34:8080 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| US | 104.254.238.122:39096 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| BR | 45.6.15.67:5678 | tcp | |
| BR | 168.228.36.22:27234 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| IN | 115.187.50.99:5678 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| GB | 139.59.187.180:80 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| MX | 189.151.31.226:999 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| BR | 177.184.199.36:80 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| ID | 103.147.246.63:8181 | tcp | |
| US | 35.209.198.222:80 | tcp | |
| IN | 103.69.20.38:4145 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| RU | 94.28.30.252:8080 | tcp | |
| ID | 202.154.19.195:8082 | tcp | |
| RS | 109.122.88.194:5678 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| BD | 103.245.96.124:6969 | tcp | |
| GB | 88.80.188.17:80 | tcp | |
| BD | 27.147.209.215:8080 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| US | 165.227.104.122:48500 | tcp | |
| FR | 81.250.223.126:80 | tcp | |
| AZ | 81.17.94.50:47163 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| JP | 52.196.1.182:80 | tcp | |
| ZA | 196.251.223.54:8104 | tcp | |
| AU | 47.91.56.120:82 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| US | 47.252.1.180:3132 | discordapp.com | tcp |
| SG | 110.238.111.229:6789 | tcp | |
| US | 198.74.51.79:8888 | discordapp.com | tcp |
| BO | 190.186.18.161:999 | tcp | |
| VN | 125.212.192.245:8888 | tcp | |
| TR | 188.132.222.16:8080 | tcp | |
| US | 192.169.226.96:7251 | tcp | |
| US | 161.35.100.178:80 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 180.1.252.47.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.111.238.110.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.100.35.161.in-addr.arpa | udp |
| ID | 103.158.252.86:80 | tcp | |
| PT | 193.136.97.17:80 | tcp | |
| KR | 8.213.137.155:8090 | tcp | |
| FR | 51.15.254.129:16379 | tcp | |
| SG | 8.222.184.251:15673 | tcp | |
| US | 162.144.32.209:28687 | tcp | |
| NL | 45.134.175.67:8085 | tcp | |
| US | 8.8.8.8:53 | 155.137.213.8.in-addr.arpa | udp |
| VN | 27.77.227.66:1080 | tcp | |
| ZA | 154.70.214.105:4145 | tcp | |
| GB | 3.9.71.167:3128 | discordapp.com | tcp |
| IN | 103.250.157.43:6666 | tcp | |
| CO | 181.236.247.8:8899 | tcp | |
| MX | 177.240.20.138:999 | tcp | |
| US | 8.8.8.8:53 | 13.234.18.133.in-addr.arpa | udp |
| US | 162.241.207.217:80 | tcp | |
| JP | 133.18.234.13:80 | discordapp.com | tcp |
| NL | 188.166.15.142:54126 | tcp | |
| US | 23.105.170.34:19801 | tcp | |
| FR | 51.210.54.186:80 | tcp | |
| US | 45.56.175.26:5700 | discordapp.com | tcp |
| FR | 51.68.91.108:9996 | tcp | |
| DE | 164.40.194.76:8080 | tcp | |
| GB | 18.169.83.87:1080 | tcp | |
| BR | 170.239.222.139:8080 | tcp | |
| DE | 176.9.238.167:52533 | tcp | |
| ID | 182.253.109.127:8080 | tcp | |
| US | 8.8.8.8:53 | 186.54.210.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.71.9.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.175.56.45.in-addr.arpa | udp |
| CN | 114.224.134.221:7891 | tcp | |
| CL | 45.4.3.136:999 | tcp | |
| US | 193.227.129.196:22542 | tcp | |
| TH | 159.138.252.45:20002 | tcp | |
| IN | 103.147.98.122:8080 | tcp | |
| IN | 103.25.47.130:8080 | discordapp.com | tcp |
| US | 198.11.175.192:6969 | tcp | |
| US | 8.8.8.8:53 | 130.47.25.103.in-addr.arpa | udp |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| DE | 5.75.161.31:47519 | tcp | |
| BR | 191.243.46.2:18283 | tcp | |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| US | 8.8.8.8:53 | 192.175.11.198.in-addr.arpa | udp |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| RU | 5.228.237.214:8081 | tcp | |
| US | 47.252.27.174:6789 | discordapp.com | tcp |
| AU | 47.91.45.198:8443 | tcp | |
| BR | 168.181.196.76:8080 | tcp | |
| US | 8.8.8.8:53 | 174.27.252.47.in-addr.arpa | udp |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| DE | 94.130.54.171:7396 | tcp | |
| US | 104.20.75.36:80 | tcp | |
| AU | 47.74.71.208:5678 | tcp | |
| RU | 5.180.19.209:1080 | tcp | |
| AR | 181.209.106.190:1080 | tcp | |
| SG | 8.219.74.58:5000 | tcp | |
| US | 8.8.8.8:53 | 36.75.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.74.219.8.in-addr.arpa | udp |
| EG | 41.65.163.68:1981 | tcp | |
| DO | 190.110.36.91:999 | tcp | |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| BR | 191.32.62.144:3128 | tcp | |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| US | 8.8.8.8:53 | 105.214.70.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.247.236.181.in-addr.arpa | udp |
| US | 20.157.194.61:80 | tcp | |
| TW | 114.32.176.158:4145 | tcp | |
| ID | 36.89.85.249:5678 | tcp | |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| EC | 177.53.214.208:999 | tcp | |
| JP | 133.18.234.13:80 | discordapp.com | tcp |
| ZA | 154.70.214.105:4145 | tcp | |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| DE | 168.119.53.93:80 | discordapp.com | tcp |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| US | 8.8.8.8:53 | 93.53.119.168.in-addr.arpa | udp |
| BR | 45.190.141.241:1080 | tcp | |
| US | 50.227.121.34:80 | tcp | |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| SG | 165.154.236.214:80 | tcp | |
| AR | 168.90.255.60:999 | tcp | |
| ID | 103.120.175.75:80 | tcp | |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| BD | 103.182.212.201:6969 | tcp | |
| NL | 167.71.5.83:3128 | tcp | |
| FR | 163.172.169.27:16379 | tcp | |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| GT | 181.114.7.114:999 | tcp | |
| TR | 185.208.101.89:8080 | tcp | |
| JP | 133.18.234.13:80 | discordapp.com | tcp |
| FR | 164.132.170.100:80 | tcp | |
| VN | 117.2.224.245:9305 | tcp | |
| ID | 103.172.71.11:8080 | tcp | |
| US | 156.228.96.141:3128 | tcp | |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| BO | 190.186.1.121:999 | tcp | |
| US | 8.8.8.8:53 | 100.170.132.164.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.96.228.156.in-addr.arpa | udp |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| GB | 154.202.101.195:3128 | tcp | |
| IN | 103.25.47.130:8080 | login.jazenetworks.com | tcp |
| ID | 103.76.91.50:8080 | tcp | |
| ID | 36.73.165.254:8080 | tcp | |
| KR | 43.200.77.128:3128 | tcp | |
| US | 66.29.129.52:42243 | tcp | |
| JP | 133.18.234.13:80 | discordapp.com | tcp |
| TR | 78.188.81.57:8080 | tcp | |
| PH | 119.93.43.16:8082 | tcp | |
| BR | 177.104.87.23:5678 | tcp | |
| US | 8.8.8.8:53 | 128.77.200.43.in-addr.arpa | udp |
| US | 67.213.212.53:13423 | tcp | |
| DE | 3.127.62.252:80 | tcp | |
| TH | 101.51.121.141:4153 | tcp | |
| BD | 114.130.86.145:5443 | tcp | |
| FR | 54.38.176.200:33809 | tcp | |
| NL | 89.20.184.90:8080 | tcp | |
| JP | 47.245.34.161:5000 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 161.34.245.47.in-addr.arpa | udp |
| TH | 183.88.234.3:80 | tcp | |
| RU | 95.31.5.29:54651 | tcp | |
| VE | 201.71.2.248:999 | tcp | |
| IQ | 202.164.194.41:4145 | tcp | |
| US | 104.129.205.15:10289 | tcp | |
| CA | 104.207.62.152:3128 | discordapp.com | tcp |
| US | 12.186.205.123:80 | tcp | |
| BD | 116.68.196.209:1080 | tcp | |
| BR | 143.0.243.80:8080 | tcp | |
| NP | 202.166.211.14:60606 | tcp | |
| US | 47.252.1.180:2080 | tcp | |
| GB | 154.201.33.17:3128 | tcp | |
| US | 8.8.8.8:53 | 152.62.207.104.in-addr.arpa | udp |
| IN | 119.235.50.38:4153 | tcp | |
| BD | 220.247.163.185:9990 | tcp | |
| DE | 88.99.249.96:8116 | tcp | |
| KR | 8.213.129.15:9999 | tcp | |
| GB | 178.128.160.79:80 | tcp | |
| FR | 51.158.108.134:16379 | tcp | |
| SG | 8.219.43.134:20 | tcp | |
| US | 203.85.120.69:8080 | tcp | |
| AL | 217.21.148.50:33192 | tcp | |
| US | 8.8.8.8:53 | 15.129.213.8.in-addr.arpa | udp |
| ID | 103.155.197.49:8080 | tcp | |
| UA | 93.171.224.53:4153 | tcp | |
| DE | 94.130.54.171:7166 | tcp | |
| US | 104.143.250.209:5841 | tcp | |
| KR | 34.64.85.78:3128 | tcp | |
| ES | 92.119.74.49:5678 | tcp | |
| MX | 201.151.252.120:80 | tcp | |
| US | 8.8.8.8:53 | 134.43.219.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.250.143.104.in-addr.arpa | udp |
| CO | 181.129.198.58:5678 | tcp | |
| ID | 123.108.98.89:5678 | tcp | |
| IN | 64.227.140.130:3128 | tcp | |
| TH | 8.213.222.247:77 | tcp | |
| TW | 125.229.149.169:65110 | tcp | |
| CN | 183.165.244.37:8089 | tcp | |
| IR | 46.209.16.180:3128 | tcp | |
| US | 47.252.18.37:9080 | discordapp.com | tcp |
| IR | 80.191.46.59:1080 | tcp | |
| RS | 195.178.56.37:8080 | tcp | |
| US | 8.8.8.8:53 | 247.222.213.8.in-addr.arpa | udp |
| CA | 67.43.236.20:7003 | tcp | |
| BR | 177.130.104.106:33333 | tcp | |
| ID | 43.229.254.200:64820 | tcp | |
| US | 216.21.18.194:80 | tcp | |
| ID | 101.255.150.50:8080 | tcp | |
| US | 8.8.8.8:53 | 106.104.130.177.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.18.252.47.in-addr.arpa | udp |
| GB | 8.211.194.78:8443 | discordapp.com | tcp |
| ID | 124.158.186.254:8080 | tcp | |
| US | 64.49.67.164:5678 | tcp | |
| US | 8.8.8.8:53 | 78.194.211.8.in-addr.arpa | udp |
| US | 47.252.27.174:4145 | tcp | |
| KE | 41.217.223.145:32650 | tcp | |
| CA | 158.51.210.75:7777 | tcp | |
| ID | 123.108.98.89:5678 | tcp | |
| US | 8.8.8.8:53 | 89.98.108.123.in-addr.arpa | udp |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| TR | 176.235.139.35:10001 | tcp | |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| US | 162.0.220.215:24410 | tcp | |
| US | 8.8.8.8:53 | 29.26.27.104.in-addr.arpa | udp |
| GB | 8.211.194.78:8443 | api.ipify.org | tcp |
| UA | 109.86.219.179:53438 | tcp | |
| US | 5.161.78.72:80 | tcp | |
| UA | 193.34.95.110:8080 | tcp | |
| NL | 212.123.230.25:8181 | tcp | |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| GB | 217.69.126.24:5894 | discordapp.com | tcp |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| BD | 103.180.203.25:8085 | tcp | |
| US | 8.8.8.8:53 | 24.126.69.217.in-addr.arpa | udp |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| US | 166.0.235.104:40184 | tcp | |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| DE | 188.40.44.96:80 | tcp | |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| FR | 13.37.73.214:3128 | tcp | |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| SA | 169.148.1.90:8080 | tcp | |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| LY | 165.16.60.212:8080 | tcp | |
| US | 104.27.26.29:80 | discordapp.com | tcp |
| US | 104.27.26.29:80 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\pkg\da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd\@primno\dpapi\prebuilds\win32-x64\node.napi.node
| MD5 | 04bfbfec8db966420fe4c7b85ebb506a |
| SHA1 | 939bb742a354a92e1dcd3661a62d69e48030a335 |
| SHA256 | da2172ce055fa47d6a0ea1c90654f530abed33f69a74d52fab06c4c7653b48fd |
| SHA512 | 4ea97a9a120ed5bee8638e0a69561c2159fc3769062d7102167b0e92b4f1a5c002a761bd104282425f6cee8d0e39dbe7e12ad4e4a38570c3f90f31b65072dd65 |
C:\Users\Admin\AppData\Local\Temp\pkg-XWTUsW\b9a7b76665d92af2d90cc6a15ffdc1a79635559cbc1c40bd1f83c4c4449cd442
| MD5 | 66a65322c9d362a23cf3d3f7735d5430 |
| SHA1 | ed59f3e4b0b16b759b866ef7293d26a1512b952e |
| SHA256 | f806f89dc41dde00ca7124dc1e649bdc9b08ff2eff5c891b764f3e5aefa9548c |
| SHA512 | 0a44d12852fc4c74658a49f886c4bc7c715c48a7cb5a3dcf40c9f1d305ca991dd2c2cb3d0b5fd070b307a8f331938c5213188cbb2d27d47737cc1c4f34a1ea21 |
memory/4200-135-0x00007FFB5AF13000-0x00007FFB5AF15000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_gg0sphrd.eae.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/4200-146-0x00007FFB5AF10000-0x00007FFB5B9D1000-memory.dmp
memory/4200-145-0x00000223E9E20000-0x00000223E9E42000-memory.dmp
memory/4200-147-0x00007FFB5AF10000-0x00007FFB5B9D1000-memory.dmp
memory/4200-150-0x00007FFB5AF10000-0x00007FFB5B9D1000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\powershell.exe.log
| MD5 | ea5a4f60ec7bd099351c92eb06a69584 |
| SHA1 | fe3222bb6aff2b43d56edffd7831ee788fbb5502 |
| SHA256 | 08660d9b875582a433fb91036b79b97bc40070af92d7f382d204441d22a210d5 |
| SHA512 | 18ee9006c7a1f58434ff0a3ca505679d257b21dec7bb2e2d66316592704dbc7d435894610f9ce9cd8fcd5a59b19a46abf2ab70d83dbfb5ad1157b56a58321196 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | 50a8221b93fbd2628ac460dd408a9fc1 |
| SHA1 | 7e99fe16a9b14079b6f0316c37cc473e1f83a7e6 |
| SHA256 | 46e488628e5348c9c4dfcdeed5a91747eae3b3aa49ae1b94d37173b6609efa0e |
| SHA512 | 27dda53e7edcc1a12c61234e850fe73bf3923f5c3c19826b67f2faf9e0a14ba6658001a9d6a56a7036409feb9238dd452406e88e318919127b4a06c64dba86f0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
| MD5 | 446dd1cf97eaba21cf14d03aebc79f27 |
| SHA1 | 36e4cc7367e0c7b40f4a8ace272941ea46373799 |
| SHA256 | a7de5177c68a64bd48b36d49e2853799f4ebcfa8e4761f7cc472f333dc5f65cf |
| SHA512 | a6d754709f30b122112ae30e5ab22486393c5021d33da4d1304c061863d2e1e79e8aeb029cae61261bb77d0e7becd53a7b0106d6ea4368b4c302464e3d941cf7 |
C:\Users\Admin\AppData\Local\Temp\config.yml
| MD5 | 98d55c31ac02b32ac3c147cad3a97ed0 |
| SHA1 | 1d72218c5cdd5cfe65187d66833eeaa16fad9368 |
| SHA256 | b61bac80531f43058953c0747218203b4794908db361ed0a032d79f1168f6bdc |
| SHA512 | 36e48ab538dc41350ad4cb2a0127a1727db54b136e65f12526ac1648d884e462a28ebf7f7ca85eff37da5e7de9baddac9b28819395e65a7eb3dc83dbdd50f78e |