Analysis Overview
SHA256
d3bcd07cac842a5f7a0c99f07454dea366024baf3cd85fba3c12830a2c580f0a
Threat Level: Likely malicious
The file fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.zip was found to be: Likely malicious.
Malicious Activity Summary
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Downloads MZ/PE file
Reads local data of messenger clients
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Identifies Wine through registry keys
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Loads dropped DLL
Checks BIOS information in registry
A potential corporate email address has been identified in the URL: [email protected]
Executes dropped EXE
Checks installed software on the system
Adds Run key to start application
Legitimate hosting services abused for malware hosting/C2
Suspicious use of NtSetInformationThreadHideFromDebugger
Detected potential entity reuse from brand STEAM.
Drops file in Windows directory
Drops file in Program Files directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Unsigned PE
Modifies data under HKEY_USERS
NTFS ADS
Enumerates system info in registry
Checks processor information in registry
Suspicious use of SetWindowsHookEx
Modifies system certificate store
Checks SCSI registry key(s)
Suspicious behavior: EnumeratesProcesses
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Modifies registry key
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-11 13:16
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-11 13:16
Reported
2024-11-11 13:35
Platform
win11-20241007-en
Max time kernel
1118s
Max time network
1120s
Command Line
Signatures
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.exe | N/A |
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.exe | N/A |
Executes dropped EXE
Identifies Wine through registry keys
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Wine | C:\Users\Admin\AppData\Local\Temp\fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.exe | N/A |
Loads dropped DLL
Reads local data of messenger clients
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Windows\CurrentVersion\Run\Steam = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -silent" | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" | C:\Windows\System32\reg.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Detected potential entity reuse from brand STEAM.
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_r2.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\sd_rtrackpad_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\shared_color_outlined_button_a_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_040_act_0312.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\resource\overlay_french.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sc_touchpad_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sc_touchpad_right.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_l_swipe.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps4_trackpad_right_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_mouse_scroll_down.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\xbox_lt_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\shared_dpad_left.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_045_move_0402.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_list_disabled.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps_button_x.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_mouse_l_click_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sc_dpad_right_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_rtrackpad_swipe_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_lb_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\bin\cef\cef.win7\locales\fr.pak_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_button_share_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\avatarBorderOffline.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\steam_controller_spanish.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_dpad_down_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\shared_lstick_right_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_035_magic_0351.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\switch_controller_english.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_button_options_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps4_trackpad_l_click_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\ps5_trackpad_l_right_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps_dpad_left_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps_lfn_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_010_wpn_0516.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_035_magic_0308.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\stream_disconnect_notification.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steam\cached\chatroom_unlocked.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\sc_lg.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps5_trackpad_up.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\templates\gamepad+mouse.vdf_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_forward_over.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_button_plus_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_lstick_click.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\switchpro_sr_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\localization\friendsui_schinese-json.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\minithrobber07.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps4_trackpad_right.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\switchpro_dpad_right_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\xbox_rb_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\light\ps4_trackpad_click_md.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\templates\controller_switch_pro_gamepad_flickstick.vdf_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_060_vehicle_0150.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\licenses.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\icon_collapse_friends.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\dark\sd_rtrackpad_sm.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_070_setting_0060.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\html_lock.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps4_trackpad_l_click_lg.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\images\api\knockout\ps5_trackpad.svg_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\steamui\localization\steampops_ukrainian-json.js_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\graphics\chkSelDown.tga_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\controller_base\localization\switch_controller_latam.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\public\steambootstrapper_korean.txt_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
| File created | C:\Program Files (x86)\Steam\package\tmp\tenfoot\resource\images\library\controller\binding_icons\ghost_010_wpn_0402.png_ | C:\Program Files (x86)\Steam\steam.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\SystemTemp\chrome_url_fetcher_23032_2129548740\oimompecagnajdejgnnjijobebaeigek_4.10.2830.0_win64_dldxogwi36sxwpr57ta4lg57z4.crx3 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_399708922\manifest.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_399708922\_metadata\verified_contents.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_757169869\_platform_specific\win_x64\widevinecdm.dll | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping10520_379772288\LICENSE | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_399708922\manifest.fingerprint | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_757169869\_platform_specific\win_x64\widevinecdm.dll.sig | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_757169869\manifest.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_757169869\_metadata\verified_contents.json | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping10520_379772288\_platform_specific\win_x64\widevinecdm.dll | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping10520_379772288\_metadata\verified_contents.json | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_399708922\Google.Widevine.CDM.dll | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_757169869\LICENSE | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping10520_379772288\_platform_specific\win_x64\widevinecdm.dll.sig | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping10520_379772288\manifest.fingerprint | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_url_fetcher_23032_599562417\neifaoindggfcjicffkgpmnlppeffabd_1.0.2738.0_win64_kj4dp5kifwxbdodqls7e5nzhtm.crx3 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_757169869\manifest.fingerprint | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping10520_379772288\manifest.json | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\VencordInstaller.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\DiscordSetup.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\DiscordSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Steam\bin\gldriverquery.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Discord\Update.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4290799360" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365268" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "179" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = 99ebff004cc2ff000091f8000078d4000067c000003e9200001a6800f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133758046774706181" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365268" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\ = "URL:steam protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\DefaultIcon | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\DefaultIcon | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\MuiCache | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\ = "URL:steamlink protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\ = "URL:Discord Protocol" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9169\\Discord.exe\" --url -- \"%1\"" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\DefaultIcon\ = "steam.exe" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\URL Protocol | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9169\\Discord.exe\",-1" | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\shell\open\command | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\ = "URL:Discord Protocol" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9169\\Discord.exe\" --url -- \"%1\"" | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2584844841-1405471295-1760131749-1000\{167A29B1-096D-473A-8DBB-FC0F9A008D8D} | C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\shell\open | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell\Open\Command\ = "\"C:\\Program Files (x86)\\Steam\\steam.exe\" -- \"%1\"" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9169\\Discord.exe\",-1" | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\system32\BackgroundTransferHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\shell\open\command | C:\Windows\System32\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\URL Protocol | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\ = "URL:steam protocol" | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\steam | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord\shell | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steam\Shell | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steamlink | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\DefaultIcon | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\steam\Shell\Open\Command | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\URL Protocol | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Discord | C:\Windows\System32\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2584844841-1405471295-1760131749-1000\{27E648A9-ADAC-42F0-BCF1-9C88128D325F} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\steamlink\Shell\Open | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
| N/A | N/A | C:\Windows\System32\reg.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e14000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e80f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f631900000001000000100000002fe1f70bb05d7c92335bc5e05b984da620000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\CABD2A79A1076A31F21D253635CB039D4329A5E8\Blob = 5c0000000100000004000000001000001900000001000000100000002fe1f70bb05d7c92335bc5e05b984da60f00000001000000200000003f0411ede9c4477057d57e57883b1f205b20cdc0f3263129b1ee0269a2678f63030000000100000014000000cabd2a79a1076a31f21d253635cb039d4329a5e814000000010000001400000079b459e67bb6e5e40173800888c81a58f6e99b6e0400000001000000100000000cd2f9e0da1773e9ed864da5e370e74e20000000010000006f0500003082056b30820353a0030201020211008210cfb0d240e3594463e0bb63828b00300d06092a864886f70d01010b0500304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f74205831301e170d3135303630343131303433385a170d3335303630343131303433385a304f310b300906035504061302555331293027060355040a1320496e7465726e65742053656375726974792052657365617263682047726f7570311530130603550403130c4953524720526f6f7420583130820222300d06092a864886f70d01010105000382020f003082020a0282020100ade82473f41437f39b9e2b57281c87bedcb7df38908c6e3ce657a078f775c2a2fef56a6ef6004f28dbde68866c4493b6b163fd14126bbf1fd2ea319b217ed1333cba48f5dd79dfb3b8ff12f1219a4bc18a8671694a66666c8f7e3c70bfad292206f3e4c0e680aee24b8fb7997e94039fd347977c99482353e838ae4f0a6f832ed149578c8074b6da2fd0388d7b0370211b75f2303cfa8faeddda63abeb164fc28e114b7ecf0be8ffb5772ef4b27b4ae04c12250c708d0329a0e15324ec13d9ee19bf10b34a8c3f89a36151deac870794f46371ec2ee26f5b9881e1895c34796c76ef3b906279e6dba49a2f26c5d010e10eded9108e16fbb7f7a8f7c7e50207988f360895e7e237960d36759efb0e72b11d9bbc03f94905d881dd05b42ad641e9ac0176950a0fd8dfd5bd121f352f28176cd298c1a80964776e4737baceac595e689d7f72d689c50641293e593edd26f524c911a75aa34c401f46a199b5a73a516e863b9e7d72a712057859ed3e5178150b038f8dd02f05b23e7b4a1c4b730512fcc6eae050137c439374b3ca74e78e1f0108d030d45b7136b407bac130305c48b7823b98a67d608aa2a32982ccbabd83041ba2830341a1d605f11bc2b6f0a87c863b46a8482a88dc769a76bf1f6aa53d198feb38f364dec82b0d0a28fff7dbe21542d422d0275de179fe18e77088ad4ee6d98b3ac6dd27516effbc64f533434f0203010001a3423040300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff301d0603551d0e0416041479b459e67bb6e5e40173800888c81a58f6e99b6e300d06092a864886f70d01010b05000382020100551f58a9bcb2a850d00cb1d81a6920272908ac61755c8a6ef882e5692fd5f6564bb9b8731059d321977ee74c71fbb2d260ad39a80bea17215685f1500e59ebcee059e9bac915ef869d8f8480f6e4e99190dc179b621b45f06695d27c6fc2ea3bef1fcfcbd6ae27f1a9b0c8aefd7d7e9afa2204ebffd97fea912b22b1170e8ff28a345b58d8fc01c954b9b826cc8a8833894c2d843c82dfee965705ba2cbbf7c4b7c74e3b82be31c822737392d1c280a43939103323824c3c9f86b255981dbe29868c229b9ee26b3b573a82704ddc09c789cb0a074d6ce85d8ec9efceabc7bbb52b4e45d64ad026cce572ca086aa595e315a1f7a4edc92c5fa5fbffac28022ebed77bbbe3717b9016d3075e46537c3707428cd3c4969cd599b52ae0951a8048ae4c3907cecc47a452952bbab8fbadd233537de51d4d6dd5a1b1c7426fe64027355ca328b7078de78d3390e7239ffb509c796c46d5b415b3966e7e9b0c963ab8522d3fd65be1fb08c284fe24a8a389daac6ae1182ab1a843615bd31fdc3b8d76f22de88d75df17336c3d53fb7bcb415fffdca2d06138e196b8ac5d8b37d775d533c09911ae9d41c1727584be0241425f67244894d19b27be073fb9b84f817451e17ab7ed9d23e2bee0d52804133c31039edd7a6c8fc60718c67fde478e3f289e0406cfa5543477bdec899be91743df5bdb5ffe8e1e57a2cd409d7e6222dade1827 | C:\Program Files (x86)\Steam\steam.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 | C:\Program Files (x86)\Steam\steam.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\VencordInstaller.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\DiscordSetup.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\bin\steamservice.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Steam\steam.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\VencordInstaller.exe | N/A |
| N/A | N/A | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.exe
"C:\Users\Admin\AppData\Local\Temp\fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\BackgroundTransferHost.exe
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffa3f1fcc40,0x7ffa3f1fcc4c,0x7ffa3f1fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1828,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1824 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2124,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2136 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2204,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2188 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3272 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3324 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3784,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4472 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4632,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4664 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4660,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4792 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4700,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4648 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4964,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4984 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4752,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4684 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5076,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4764 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4656,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3660 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4912,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4604 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5292,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5316 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5336,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5168 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3472,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3360 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5268,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5040 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5128,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5512 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5528,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4628 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5652,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5664 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5648,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5800 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5524,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4408 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1172,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3312 /prefetch:8
C:\Users\Admin\Downloads\SteamSetup.exe
"C:\Users\Admin\Downloads\SteamSetup.exe"
C:\Program Files (x86)\Steam\bin\steamservice.exe
"C:\Program Files (x86)\Steam\bin\steamservice.exe" /Install
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\steam.exe
"C:\Program Files (x86)\Steam\steam.exe"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=en_US" "-cachedir=C:\Users\Admin\AppData\Local\Steam\htmlcache" "-steampid=10644" "-buildid=1730853027" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-uimode=7" "-startcount=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" "-steampath=C:\Program Files (x86)\Steam\steam.exe" "-launcher=0" --valve-enable-site-isolation --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu "--enable-features=PlatformHEVCDecoderSupport" "--disable-features=SpareRendererForSitePerProcess,DcheckIsFatal,ValveFFmpegAllowLowDelayHEVC"
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:4 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Admin\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1730853027 --initial-client-data=0x28c,0x290,0x294,0x288,0x298,0x7ffa5099af00,0x7ffa5099af0c,0x7ffa5099af18
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1556,i,2446722706222684078,15118219799484075233,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=1560 --mojo-platform-channel-handle=1548 /prefetch:2
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=2160,i,2446722706222684078,15118219799484075233,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2164 --mojo-platform-channel-handle=2156 /prefetch:11
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D8 0x00000000000004E8
C:\Program Files (x86)\Steam\bin\gldriverquery64.exe
.\bin\gldriverquery64.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=2732,i,2446722706222684078,15118219799484075233,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=2736 --mojo-platform-channel-handle=2716 /prefetch:13
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3088,i,2446722706222684078,15118219799484075233,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3092 --mojo-platform-channel-handle=3084 /prefetch:1
C:\Program Files (x86)\Steam\bin\gldriverquery.exe
.\bin\gldriverquery.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery64.exe
.\bin\vulkandriverquery64.exe
C:\Program Files (x86)\Steam\bin\vulkandriverquery.exe
.\bin\vulkandriverquery.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3696,i,2446722706222684078,15118219799484075233,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3700 --mojo-platform-channel-handle=3692 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3900,i,2446722706222684078,15118219799484075233,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3904 --mojo-platform-channel-handle=3896 /prefetch:1
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --field-trial-handle=4232,i,2446722706222684078,15118219799484075233,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4236 --mojo-platform-channel-handle=4228 /prefetch:14
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --user-agent-product="Valve Steam Client" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4348,i,2446722706222684078,15118219799484075233,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=4240 --mojo-platform-channel-handle=4188 /prefetch:10
C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --user-agent-product="Valve Steam Client" --user-data-dir="C:\Users\Admin\AppData\Local\Steam\htmlcache" --buildid=1730853027 --steamid=0 --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3916,i,2446722706222684078,15118219799484075233,262144 --enable-features=PlatformHEVCDecoderSupport --disable-features=BackForwardCache,DcheckIsFatal,DocumentPictureInPictureAPI,SpareRendererForSitePerProcess,ValveFFmpegAllowLowDelayHEVC --variations-seed-version --enable-logging=handle --log-file=3908 --mojo-platform-channel-handle=3924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/mobile
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa4ce63cb8,0x7ffa4ce63cc8,0x7ffa4ce63cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1904,2541598152103631511,13564050270350594259,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1864 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1904,2541598152103631511,13564050270350594259,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2416 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1904,2541598152103631511,13564050270350594259,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2541598152103631511,13564050270350594259,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1904,2541598152103631511,13564050270350594259,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa3f1fcc40,0x7ffa3f1fcc4c,0x7ffa3f1fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=4416,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3012 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=3008,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4996 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5948,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5852 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5816,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3376 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=5176,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5940 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=4456,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3400 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6036,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=3192,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6156 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6372,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5980 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=5940,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6368 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=5028,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4604 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=5516,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4740 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=4488,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6416 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=3404,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5172 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6176,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5228 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6492,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5840 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=6408,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5796 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=5868,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3780 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=5052,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5888 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5124,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5192 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5772,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5132 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6696,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6496 /prefetch:8
C:\Users\Admin\Downloads\VencordInstaller.exe
"C:\Users\Admin\Downloads\VencordInstaller.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=4580,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6444 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=6256,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4676 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=6748,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6720 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004D8 0x00000000000004E8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=4972,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6676 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6632,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7028 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7052,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5956 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4472,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7196 /prefetch:8
C:\Users\Admin\Downloads\DiscordSetup.exe
"C:\Users\Admin\Downloads\DiscordSetup.exe"
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --squirrel-install 1.0.9169
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9169 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=32.0.0 --initial-client-data=0x550,0x554,0x558,0x548,0x55c,0x7ff6fbe4a538,0x7ff6fbe4a544,0x7ff6fbe4a550
C:\Users\Admin\AppData\Local\Discord\Update.exe
C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2152,i,17011605192345850802,13238103810824592174,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2144 /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --field-trial-handle=2292,i,17011605192345850802,13238103810824592174,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2184 /prefetch:11
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe\",-1" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe\" --url -- \"%1\"" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --squirrel-firstrun
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9169 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=32.0.0 --initial-client-data=0x544,0x548,0x54c,0x53c,0x550,0x7ff6fbe4a538,0x7ff6fbe4a544,0x7ff6fbe4a550
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe\",-1" /f
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe\" --url -- \"%1\"" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2780,i,17405316617497515922,18294576752084722189,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2688 /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --field-trial-handle=3264,i,17405316617497515922,18294576752084722189,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2876 /prefetch:11
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --field-trial-handle=3316,i,17405316617497515922,18294576752084722189,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3304 /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --field-trial-handle=4028,i,17405316617497515922,18294576752084722189,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4024 /prefetch:14
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --field-trial-handle=4316,i,17405316617497515922,18294576752084722189,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4012 /prefetch:14
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\resources\app.asar" --no-sandbox --no-zygote --enable-blink-features=EnumerateDevices,AudioOutputDevices --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4144,i,17405316617497515922,18294576752084722189,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4132 --enable-node-leakage-in-renderers /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\resources\app.asar" --no-sandbox --no-zygote --enable-blink-features=EnumerateDevices,AudioOutputDevices --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4128,i,17405316617497515922,18294576752084722189,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4052 --enable-node-leakage-in-renderers /prefetch:1
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --field-trial-handle=4040,i,17405316617497515922,18294576752084722189,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4156 /prefetch:12
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --field-trial-handle=4396,i,17405316617497515922,18294576752084722189,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4392 /prefetch:14
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" nvidia
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" amd
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe
"\\?\C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\modules\discord_voice-1\discord_voice\gpu_encoder_helper.exe" intel
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c ""C:\Windows/System32/nvidia-smi.exe""
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discordapp.com/handoff?rpc=6463&key=6d46ee68-ba1d-4761-8a2c-addb9ad2301a
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffa4ce63cb8,0x7ffa4ce63cc8,0x7ffa4ce63cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1852,12287846399804338368,3492889978912839293,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1860 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1852,12287846399804338368,3492889978912839293,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1852,12287846399804338368,3492889978912839293,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2548 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12287846399804338368,3492889978912839293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12287846399804338368,3492889978912839293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12287846399804338368,3492889978912839293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1852,12287846399804338368,3492889978912839293,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3860 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1852,12287846399804338368,3492889978912839293,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4356 /prefetch:8
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe query HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord
C:\Windows\System32\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\Discord.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=4952,i,17405316617497515922,18294576752084722189,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4600 /prefetch:10
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa4ce63cb8,0x7ffa4ce63cc8,0x7ffa4ce63cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1984 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2576 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5224 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=7436,i,4259759967294921835,14738153874634687427,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5500 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
C:\Users\Admin\Downloads\VencordInstaller.exe
"C:\Users\Admin\Downloads\VencordInstaller.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2368 /prefetch:2
C:\Users\Admin\Downloads\VencordInstaller.exe
"C:\Users\Admin\Downloads\VencordInstaller.exe"
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3965855 /state1:0x41c64e6d
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,1161358021509735615,9371351431990770570,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2376 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| RU | 185.215.113.206:80 | 185.215.113.206 | tcp |
| US | 8.8.8.8:53 | 206.113.215.185.in-addr.arpa | udp |
| GB | 104.86.110.97:443 | tcp | |
| GB | 104.86.110.97:443 | tcp | |
| GB | 92.123.128.146:443 | r.bing.com | tcp |
| GB | 92.123.128.146:443 | r.bing.com | tcp |
| GB | 92.123.128.146:443 | r.bing.com | tcp |
| GB | 92.123.128.146:443 | r.bing.com | tcp |
| GB | 92.123.128.146:443 | r.bing.com | tcp |
| GB | 92.123.128.146:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.128.123.92.in-addr.arpa | udp |
| US | 20.189.173.1:443 | browser.pipe.aria.microsoft.com | tcp |
| GB | 92.123.128.134:443 | www.bing.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 216.58.204.74:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| GB | 216.58.204.74:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 216.58.201.110:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.213.1:443 | clients2.googleusercontent.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | tcp |
| GB | 216.58.204.74:443 | content-autofill.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.200.14:443 | google.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| GB | 2.23.210.75:80 | r11.o.lencr.org | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| GB | 2.19.117.21:80 | test.steampowered.com | tcp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | 21.117.19.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:63198 | tcp | |
| N/A | 127.0.0.1:63182 | tcp | |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 162.254.199.165:27018 | cmp1-atl3.steamserver.net | tcp |
| US | 162.254.199.184:443 | cmp2-atl3.steamserver.net | tcp |
| US | 162.254.199.184:27018 | cmp2-atl3.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp2-iad1.steamserver.net | udp |
| US | 162.254.192.99:27019 | cmp2-iad1.steamserver.net | tcp |
| GB | 2.23.210.82:80 | e6.o.lencr.org | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.23.210.82:80 | e5.o.lencr.org | tcp |
| US | 162.254.192.99:27018 | cmp2-iad1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-dfw1.steamserver.net | udp |
| US | 155.133.253.36:443 | cmp1-dfw1.steamserver.net | tcp |
| US | 155.133.253.36:27018 | cmp1-dfw1.steamserver.net | tcp |
| US | 155.133.253.52:27018 | cmp2-dfw1.steamserver.net | tcp |
| US | 8.8.8.8:53 | cmp1-iad1.steamserver.net | udp |
| US | 162.254.192.98:443 | cmp1-iad1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 165.199.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.199.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.192.254.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.253.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.253.133.155.in-addr.arpa | udp |
| US | 162.254.193.103:443 | cmp1-ord1.steamserver.net | tcp |
| US | 155.133.229.20:27023 | cmp2-fra2.steamserver.net | tcp |
| US | 155.133.229.20:27019 | cmp2-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | udp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 104.18.42.105:443 | tcp | |
| US | 104.18.42.105:443 | tcp | |
| US | 104.18.42.105:443 | tcp | |
| US | 104.19.230.21:443 | udp | |
| US | 104.18.42.105:443 | tcp | |
| GB | 142.250.200.14:443 | google.com | tcp |
| GB | 74.125.105.39:443 | udp | |
| US | 104.19.229.21:443 | udp | |
| US | 104.19.229.21:443 | udp | |
| US | 104.19.229.21:443 | tcp | |
| US | 104.19.229.21:443 | udp | |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 172.217.169.35:443 | tcp | |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| NL | 155.133.248.43:443 | cmp2-ams1.steamserver.net | tcp |
| NL | 155.133.248.42:27018 | cmp1-ams1.steamserver.net | tcp |
| NL | 155.133.248.43:27018 | cmp2-ams1.steamserver.net | tcp |
| FR | 185.25.182.52:27032 | ext2-par1.steamserver.net | tcp |
| US | 8.8.8.8:53 | e5.o.lencr.org | udp |
| GB | 2.23.210.82:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | cmp1-fra1.steamserver.net | udp |
| US | 8.8.8.8:53 | 43.248.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.248.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.182.25.185.in-addr.arpa | udp |
| DE | 155.133.250.4:27020 | cmp1-fra1.steamserver.net | tcp |
| US | 155.133.229.4:27022 | cmp1-fra2.steamserver.net | tcp |
| DE | 155.133.250.20:27019 | cmp2-fra1.steamserver.net | tcp |
| GB | 2.23.210.82:80 | r10.o.lencr.org | tcp |
| GB | 172.217.169.35:443 | udp | |
| US | 151.101.67.52:443 | client-update.steamstatic.com | tcp |
| GB | 2.23.210.82:80 | r10.o.lencr.org | tcp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 162.254.192.98:443 | cmp1-iad1.steamserver.net | tcp |
| US | 162.254.192.99:27020 | cmp2-iad1.steamserver.net | tcp |
| US | 162.254.192.99:27019 | cmp2-iad1.steamserver.net | tcp |
| US | 162.254.199.184:443 | cmp2-atl3.steamserver.net | tcp |
| US | 162.254.199.165:27018 | cmp1-atl3.steamserver.net | tcp |
| US | 162.254.199.184:27018 | cmp2-atl3.steamserver.net | tcp |
| US | 162.254.193.103:443 | cmp1-ord1.steamserver.net | tcp |
| US | 162.254.193.75:27018 | cmp2-ord1.steamserver.net | tcp |
| GB | 2.23.210.82:80 | r10.o.lencr.org | tcp |
| US | 205.196.6.132:443 | cmp1-sea1.steamserver.net | tcp |
| US | 162.254.193.103:27018 | cmp1-ord1.steamserver.net | tcp |
| US | 155.133.229.4:27019 | cmp1-fra2.steamserver.net | tcp |
| NL | 155.133.248.43:27018 | cmp2-ams1.steamserver.net | tcp |
| GB | 2.23.210.75:80 | r10.o.lencr.org | tcp |
| US | 8.8.8.8:53 | 132.6.196.205.in-addr.arpa | udp |
| GB | 142.250.200.14:443 | google.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| HK | 103.28.54.100:27018 | cmp1-hkg1.steamserver.net | tcp |
| HK | 103.28.54.101:27018 | cmp2-hkg1.steamserver.net | tcp |
| JP | 45.121.184.20:27019 | ext1-tyo3.steamserver.net | tcp |
| JP | 45.121.184.20:27030 | ext1-tyo3.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e6.o.lencr.org | tcp |
| HK | 103.28.54.101:443 | cmp2-hkg1.steamserver.net | tcp |
| JP | 45.121.184.21:443 | ext2-tyo3.steamserver.net | tcp |
| SG | 103.10.124.5:27019 | cmp2-sgp1.steamserver.net | tcp |
| SG | 103.10.124.5:27018 | cmp2-sgp1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 101.54.28.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.184.121.45.in-addr.arpa | udp |
| SG | 103.10.124.5:443 | cmp2-sgp1.steamserver.net | tcp |
| US | 162.254.195.75:443 | cmp2-lax1.steamserver.net | tcp |
| US | 162.254.199.165:443 | cmp1-atl3.steamserver.net | tcp |
| US | 155.133.253.36:443 | cmp1-dfw1.steamserver.net | tcp |
| US | 104.19.229.21:443 | udp | |
| US | 104.19.229.21:443 | udp | |
| US | 8.8.8.8:53 | ipv6check-http.steamserver.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 155.133.229.4:27019 | cmp1-fra2.steamserver.net | tcp |
| US | 155.133.229.20:27019 | cmp2-fra2.steamserver.net | tcp |
| DE | 155.133.250.4:443 | cmp1-fra1.steamserver.net | tcp |
| SE | 155.133.252.68:27019 | cmp1-sto2.steamserver.net | tcp |
| GB | 2.23.210.82:80 | e5.o.lencr.org | tcp |
| US | 8.8.8.8:53 | cmp2-sto2.steamserver.net | udp |
| SE | 155.133.252.69:27019 | cmp2-sto2.steamserver.net | tcp |
| SE | 155.133.252.68:443 | cmp1-sto2.steamserver.net | tcp |
| DE | 155.133.250.20:27024 | cmp2-fra1.steamserver.net | tcp |
| US | 155.133.229.20:27024 | cmp2-fra2.steamserver.net | tcp |
| US | 8.8.8.8:53 | p2p-fra2.discovery.steamserver.net | udp |
| US | 8.8.8.8:53 | 69.252.133.155.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 104.19.229.21:443 | udp | |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.82.234.109:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | cmp2-seo1.steamserver.net | udp |
| KR | 146.66.152.53:443 | cmp2-seo1.steamserver.net | tcp |
| KR | 146.66.152.52:27018 | cmp1-seo1.steamserver.net | tcp |
| KR | 146.66.152.53:27018 | cmp2-seo1.steamserver.net | tcp |
| US | 162.254.195.69:443 | cmp1-lax1.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e6.o.lencr.org | tcp |
| US | 162.254.195.69:27018 | cmp1-lax1.steamserver.net | tcp |
| US | 162.254.195.75:27018 | cmp2-lax1.steamserver.net | tcp |
| US | 155.133.253.36:443 | cmp1-dfw1.steamserver.net | tcp |
| US | 205.196.6.132:443 | cmp1-sea1.steamserver.net | tcp |
| US | 155.133.253.36:27018 | cmp1-dfw1.steamserver.net | tcp |
| US | 8.8.8.8:53 | 52.152.66.146.in-addr.arpa | udp |
| US | 155.133.253.52:27018 | cmp2-dfw1.steamserver.net | tcp |
| FR | 185.25.182.20:27032 | ext1-par1.steamserver.net | tcp |
| GB | 162.254.196.80:443 | cmp2-lhr1.steamserver.net | tcp |
| GB | 2.23.210.75:80 | e5.o.lencr.org | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 151.145.64.172.in-addr.arpa | udp |
| GB | 104.86.110.97:443 | tcp | |
| GB | 104.86.110.97:443 | tcp | |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | udp |
| GB | 216.58.201.110:443 | chrome.google.com | tcp |
| GB | 142.250.178.14:443 | play.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 142.250.178.3:443 | id.google.com | tcp |
| GB | 142.250.200.42:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.178.14:443 | play.google.com | udp |
| US | 151.101.129.140:443 | www.reddit.com | tcp |
| US | 151.101.129.140:443 | www.reddit.com | tcp |
| US | 216.198.53.1:443 | support.reddithelp.com | tcp |
| US | 216.198.53.1:443 | support.reddithelp.com | tcp |
| US | 8.8.8.8:53 | static.zdassets.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 216.198.53.3:443 | static.zdassets.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 216.198.54.1:443 | reddit.zendesk.com | tcp |
| US | 104.17.249.203:443 | unpkg.com | tcp |
| DE | 18.155.145.22:443 | www.redditstatus.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.54.198.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.249.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.145.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| GB | 142.250.178.3:443 | id.google.com | udp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| GB | 142.250.178.14:443 | www.youtube.com | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.230:443 | static.doubleclick.net | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 172.67.183.184:443 | vencord.dev | tcp |
| US | 172.67.183.184:443 | vencord.dev | tcp |
| US | 172.67.183.184:443 | vencord.dev | tcp |
| US | 172.67.183.184:443 | vencord.dev | tcp |
| US | 172.67.183.184:443 | vencord.dev | tcp |
| US | 172.67.183.184:443 | vencord.dev | tcp |
| US | 172.67.183.184:443 | vencord.dev | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 151.101.65.140:443 | w3-reporting-nel.reddit.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | udp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | tcp |
| US | 104.22.21.64:443 | cdn.localizeapi.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| DE | 54.230.55.152:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | udp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| GB | 142.250.200.42:443 | ajax.googleapis.com | udp |
| US | 104.22.21.64:443 | cdn.localizeapi.com | udp |
| DE | 54.230.55.152:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 34.126.226.51:443 | stable.dl2.discordapp.net | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| GB | 216.58.201.99:443 | update.googleapis.com | tcp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 34.126.226.51:443 | stable.dl2.discordapp.net | tcp |
| US | 34.126.226.51:443 | stable.dl2.discordapp.net | tcp |
| US | 34.126.226.51:443 | stable.dl2.discordapp.net | tcp |
| US | 34.126.226.51:443 | stable.dl2.discordapp.net | tcp |
| GB | 216.58.201.99:443 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | discordapp.com | udp |
| US | 8.8.8.8:53 | discordapp.com | udp |
| US | 162.159.130.233:443 | discordapp.com | udp |
| US | 162.159.130.233:443 | discordapp.com | tcp |
| US | 8.8.8.8:53 | 233.130.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| AU | 34.116.74.210:443 | e2c10.gcp.gvt2.com | tcp |
| US | 162.159.134.233:443 | discordapp.com | tcp |
| US | 162.159.134.233:443 | discordapp.com | tcp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | remote-auth-gateway.discord.gg | udp |
| US | 8.8.8.8:53 | remote-auth-gateway.discord.gg | udp |
| US | 162.159.134.234:443 | remote-auth-gateway.discord.gg | tcp |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:6463 | tcp | |
| US | 162.159.130.233:443 | discordapp.com | udp |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | status.discord.com | udp |
| US | 8.8.8.8:53 | status.discord.com | udp |
| US | 162.159.137.232:443 | status.discord.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.133.233:443 | cdn.discordapp.com | udp |
| US | 162.159.133.233:443 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | images-ext-1.discordapp.net | udp |
| US | 8.8.8.8:53 | images-ext-1.discordapp.net | udp |
| US | 162.159.128.232:443 | images-ext-1.discordapp.net | udp |
| US | 8.8.8.8:53 | 232.128.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | media.discordapp.net | udp |
| US | 8.8.8.8:53 | media.discordapp.net | udp |
| GB | 216.58.201.99:443 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | latency.discord.media | udp |
| US | 8.8.8.8:53 | latency.discord.media | udp |
| US | 162.159.130.235:443 | latency.discord.media | tcp |
| NL | 35.214.163.28:50001 | udp | |
| NL | 66.22.197.133:50003 | udp | |
| NL | 35.214.180.75:50003 | udp | |
| NL | 35.214.137.136:50002 | udp | |
| NL | 35.214.208.163:50001 | udp | |
| DE | 66.22.243.193:50004 | udp | |
| DE | 35.207.171.222:50002 | udp | |
| DE | 66.22.243.44:50002 | udp | |
| DE | 66.22.243.159:50003 | udp | |
| DE | 66.22.243.15:50004 | udp | |
| IT | 35.219.249.126:50004 | udp | |
| IT | 35.219.230.140:50002 | udp | |
| IT | 35.219.235.98:50001 | udp | |
| IT | 35.219.248.63:50003 | udp | |
| IT | 35.219.245.56:50004 | udp | |
| ES | 34.0.196.207:50001 | udp | |
| ES | 34.0.199.71:50004 | udp | |
| ES | 34.0.194.214:50001 | udp | |
| ES | 34.0.223.68:50002 | udp | |
| ES | 34.0.212.174:50003 | udp | |
| SE | 66.22.237.38:50002 | udp | |
| SE | 66.22.237.139:50002 | udp | |
| SE | 66.22.237.40:50004 | udp | |
| SE | 66.22.237.41:50004 | udp | |
| SE | 66.22.237.149:50003 | udp | |
| US | 8.8.8.8:53 | 163.208.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.130.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.199.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.223.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.196.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.245.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.194.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.248.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.249.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.212.0.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.230.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.235.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.171.207.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.243.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.137.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.237.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.197.22.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.180.214.35.in-addr.arpa | udp |
| US | 162.159.130.233:443 | cdn.discordapp.com | udp |
| GB | 104.86.110.97:443 | tcp | |
| US | 162.159.129.232:443 | media.discordapp.net | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 104.86.110.97:443 | tcp | |
| US | 150.171.23.12:443 | rum18.perf.linkedin.com | tcp |
| US | 150.171.85.254:443 | p-ring.msedge.net | tcp |
| US | 20.106.94.33:443 | bc1778fef893c9fd8819ba7ba9f220e5.azr.footprintdns.com | tcp |
Files
memory/3108-0-0x0000000000400000-0x0000000000AB0000-memory.dmp
memory/3108-1-0x00000000778C6000-0x00000000778C8000-memory.dmp
memory/3108-2-0x0000000000401000-0x0000000000418000-memory.dmp
memory/3108-3-0x0000000000400000-0x0000000000AB0000-memory.dmp
memory/3108-4-0x0000000000400000-0x0000000000AB0000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\dd6ea331-42b0-468b-a4cd-a9696086f5b1.down_data
| MD5 | 5683c0028832cae4ef93ca39c8ac5029 |
| SHA1 | 248755e4e1db552e0b6f8651b04ca6d1b31a86fb |
| SHA256 | 855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e |
| SHA512 | aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3 |
\??\pipe\crashpad_4868_IKYTCDEXCYPTSHNY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4868_1246478831\decb373d-e863-4e34-a8c6-8237f8a28dcf.tmp
| MD5 | da75bb05d10acc967eecaac040d3d733 |
| SHA1 | 95c08e067df713af8992db113f7e9aec84f17181 |
| SHA256 | 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2 |
| SHA512 | 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4868_1246478831\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | e3a1d851c5b2f4b040b72c271a1238c6 |
| SHA1 | a1190fbcb93885ddd3868bec20876e674ef542ed |
| SHA256 | bca1aae583d372dcf68336798fe44a67cfaf3c86ccce16705458745e2c42d1cb |
| SHA512 | a7246e021b80661c6dac61529bf580b2ab36494b2186af02cef7e03c0d2cdb632cfd64851d1bf4f7410105f1f786a63cd4389c276ebb232b74e9776ba498e91e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5573eba8a71fd38c85450d14963fd686 |
| SHA1 | cd18ce691a2c44da7eab613f56d50e2eea1885f0 |
| SHA256 | 0c5607f94850ed2561ecd7933318d4d0fcdf1ff45c8e87cddb3da5c847660aa7 |
| SHA512 | 6669b3326c0dfc3f90d103cf840d36cad332d1c069030c6c0b3c7fdea1cefca834f6188d888fd7004e1f758dc3e464143b97f8f2fa01aba3274a358feb1345db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 57570e424d78ba1ce01f6aa792f43488 |
| SHA1 | 004dfa6d0b17e00efab2e13cea2604c16f7ca046 |
| SHA256 | 0bc31c79e7ff12683c1eeebf5d80a22a98f28298499d943dd5182056dab79abf |
| SHA512 | 2d98e1b7c658ffd1c4ad3437880305b2f0a5d4a817d12a0671616c034a04f16b8fe9871d2c04b0097bc1bc6caac267e0e7a9914dea696a0e5cab4768b4b94d3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 934d0867fbadd825368f29b4ea55cdb3 |
| SHA1 | 369c43a46f34acb673cc49ad286e705fbf61f799 |
| SHA256 | 2b6c85bc8dc87b70e949cb128f5a39b5469358ad4ce219c74279bfc0b4d6e956 |
| SHA512 | af30c2942e292c2b0263e6e30c024c2bc9715405296c99863733220efb6b0461d76aff64969f6f3015c791cdcdc617288dc510e225d67f30bf3e88301bf04a0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 386306c56a2bb0ddf1f9261365795fbd |
| SHA1 | 83c6a08b99487936e0df314eb2fd7fa5ef94ba25 |
| SHA256 | 888fa3342666d9250459cff7ae814177ef8bf0a90f1f3a826d960099b3c6d3dc |
| SHA512 | 782563794b68d1e0946a3c4649a72a0dd28eab4c1d56c24007d947be251343d1c6d97c7f7522fc7c1939afea838b545929e813a719bed201614b7d8ef1b62dff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | fadab0243ab279a7177ef40deffb928a |
| SHA1 | 297e2dc2afa4600f5dd031f5f0b9f46dcf402b39 |
| SHA256 | 4114eb29b0acd5461c1e0c0d8a6948c1214771c99a3fc39673d94be5f4adfc5c |
| SHA512 | c718aea0ce77a5d76a8fb5bae830f7783e9b57d8a58db48446a66f52e76a146ae0a840d236bc9f773c86bea3d33f9dbd82b3472b4dcd0092e6448ce2029787ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e9d6e0e376ed5d27253f3b2e1a11becb |
| SHA1 | 162c0bdfcac158dd434727babd872b757252ff85 |
| SHA256 | 572092b2f12034244ab38a8107bdb9df8c15a0833ca033f14a598b76998ed43b |
| SHA512 | 995321759b574d365fa63d984a4545fc68b2bdab4c96024772744372062d6290e68afdb41125b84b8169977545765fed2c1e65147246ee7ffeafb8a089de444b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 49a3793c173f0030c57c300f1f898f4c |
| SHA1 | 10ae2ad0f7a188e2134ea34bbb92345d2ceed2d1 |
| SHA256 | 7baf274071bf1c231192f448671f62d848f1b5221e6d178bfd271d9aa6e517c2 |
| SHA512 | bd98dc1a23a4968dcd048f360c462e80f2ce06fe643dd16fcc2e3434bc6ce4a463115f524c931b777104a0f45b034a41d41a240a45c4c735a9a24549b98999e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0ee136199ca1fd114e445e1d48811847 |
| SHA1 | c7fda0efde9ea006286392a7a07e8fe43ef0b851 |
| SHA256 | a7bd376d083d0d4bce4496d4114235800ddf9a9d3c19090775fd06abbd45bfc3 |
| SHA512 | 832e66774e9424a810195be0fc2244a374352d83dac4012c8ce19fe9df3e0f6d9a0a0dd653f73d0715750571a31e46b2284f826e45375c8b60d68aae7300ce5a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 89b39f4fd95de402d3f5a7fa7b926dfe |
| SHA1 | 0a17a15190bb59bfa2ffab6ddb191b84f64b2f1c |
| SHA256 | 35072efada7994680d8974194198ea0fff7db7a9961994e9034145444bca1292 |
| SHA512 | a222a1865e99ac79901dfb8629c13d3d530475676d49f35574f98fcbe05a82b724458f3c7a12cb808ec9d1cd41a59de07920b115ac520e0660817ca1b76286a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3ca0556bc4b45b0588dbc779ea0ae099 |
| SHA1 | 063832075f1409ab6a2adefc911fbe13551f76f2 |
| SHA256 | 43bd7ed59ca6638e862962da33cd50ba0ee221a43f1ee333b84b43fd12c99b00 |
| SHA512 | 48983b3db26412b96ac95708fcec4e657907bd08f3cd46e5612b6efc15cab922a45c16cb89277eb323aef23b76f3c44f853b6a58ff9458aebacb3fc0f1e713cf |
C:\Users\Admin\Downloads\Unconfirmed 381581.crdownload
| MD5 | 1b54b70beef8eb240db31718e8f7eb5d |
| SHA1 | da5995070737ec655824c92622333c489eb6bce4 |
| SHA256 | 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb |
| SHA512 | fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 88600c86740a1f13116883d3a145fcda |
| SHA1 | 23cf39a4059bc34d3267b6976dd3bd2d0532699b |
| SHA256 | 0a48c61fae13df4ab6ee6fda2cad219bfb74e911c01a7813bef082abce1c9269 |
| SHA512 | 73a3f813a9b11d7977d9d53c16df0bb0236a0e6ff8a1e733bd59d80614f5623633f38874d0628195a4b6d08e8c324a0b22fb52bfee0ed39c424f79181222188b |
C:\Users\Admin\Downloads\SteamSetup.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 92bebe7bf98c37c2b6b224e29070f57d |
| SHA1 | d4150c1c2fc88861fef2a69d061c9a09dcff8394 |
| SHA256 | 1792d83e6579d4d37b52bff9406f37b646b43409c06192a51d9c0bbac3fb517b |
| SHA512 | e14fed15d0c29fdbdc7729cb4ca8440998269170ff7e63bbe14e9342b27eb627810e146008509f85bc7fd7c46ec278131cc3c4a5bd5b8ec8317bc944e7fa89b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d4fb5d7813d181588460790b96b00c65 |
| SHA1 | 5557f439a7d5174dad32b6775f70095b078a5376 |
| SHA256 | fe0ffecfa5a2bd5e4edf7f9176387a629f20512d10abde56dfaf5080c6a5dc04 |
| SHA512 | fe64dad7a98e3665e721a70cb29891af9b5c51d068c5a4a18aa71bd3653fe659650316bbe8290776bfc73632270fe4cce5bf6190a81722d4b0fe45f223b13b2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31273cf24c1e5ede90f3208c7cdbf52f |
| SHA1 | e8596648b97ba512628b6c0b3c93801751cb2925 |
| SHA256 | dd04aa109eebf8dcb6e1f803e2d7bbac002af777582d383b312877a7a18df2c5 |
| SHA512 | fcc9448e3b35754509bd4cded7e79ba8c269bfe36041ad42b1bf078ed5bbc4569a6e6475605616e048cbbda5f503d8f7d9dc6e80640df4d08ee3fe0a6aac0c57 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 122e37385cbcf3f57707d3acc67b3b1d |
| SHA1 | 268afbd16cdcb46d554a8fc9093c29d1a145e842 |
| SHA256 | ab9bdcd4d6134f62cb05af75086023c4dc3c837cbbc1298001aacb2d3c7e3b21 |
| SHA512 | 3a86435f05c567aa9a7657cd41534427da8c2fbe0d0d77150b2e312136b5ad0be56eaee28e84298465c1b18ca5abbd532e02206931c37422ed962fed1fa1af1e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f6b6877293306ec0cdd758e27541bf30 |
| SHA1 | 775aeed42b052afa86c2a40fa25d0c6a289617b8 |
| SHA256 | b3e0106db20d2c0cd715a012fbb92a931d72c0d57f7718d916714c5a03996db8 |
| SHA512 | 9cdc168b2221743b6c12cc170396ba907bb3208cd4ab95befa1f3ceb460f08f7be6f70ac400ba7ff637e0bc0fb0318c72dc9046796e852d938cab6bdccbf66d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 667212c02e2a3c9b2fa53bcd5c79deb5 |
| SHA1 | 38c923df6490db1353744ea6d2ed84699fcdad99 |
| SHA256 | d96854baff65636f4c6b0615a5253251610bfbe552d437c1145e7fb31c0825e6 |
| SHA512 | ebf633c153b321c0d882885ca93247f61c84dd1107757aee202a954b35d3f0484348a538d59e2506e6979436d561bba94527dbaec77be73fb4543598d6a052d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 78a8042e7c13a5aa3652da134ba60bca |
| SHA1 | d05a9dad1bb30e36d3e55a82a1800c69c1cc0af3 |
| SHA256 | 25b61cb005fadfd3f7a46dd1f322aac67c23d78f9dbb64d585320f609848ae26 |
| SHA512 | ce87cf52350fee17718f1d5d727924e121122be965016a4e757373ca098e58438d808da088453b28ac0d034133c9ad3a077882adb53fc1286b4bd911f8def69b |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\Temp\nszB25B.tmp\System.dll
| MD5 | a36fbe922ffac9cd85a845d7a813f391 |
| SHA1 | f656a613a723cc1b449034d73551b4fcdf0dcf1a |
| SHA256 | fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0 |
| SHA512 | 1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b |
C:\Users\Admin\AppData\Local\Temp\nszB25B.tmp\nsDialogs.dll
| MD5 | 4e5bc4458afa770636f2806ee0a1e999 |
| SHA1 | 76dcc64af867526f776ab9225e7f4fe076487765 |
| SHA256 | 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0 |
| SHA512 | b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2f690faab737a5885834b1688ffd032f |
| SHA1 | d8d6ed05ae69cc8851b560b67761360a29d1f499 |
| SHA256 | d8d0b26805ee98af0e934ff655882be61783ac282f470b68d2a7c45d60bde4ff |
| SHA512 | 3738176894742aff17ada22118ace7d7ecdc691a4725a0392e87a19a4187b30e5d3e41619e37168338dee806f19276526ad159d0b68e24a35674b640d6236b13 |
C:\Users\Admin\AppData\Local\Temp\nszB25B.tmp\nsProcess.dll
| MD5 | 08072dc900ca0626e8c079b2c5bcfcf3 |
| SHA1 | 35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37 |
| SHA256 | bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8 |
| SHA512 | 8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c |
C:\Program Files (x86)\Steam\Steam.exe
| MD5 | 33bcb1c8975a4063a134a72803e0ca16 |
| SHA1 | ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65 |
| SHA256 | 12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1 |
| SHA512 | 13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49 |
C:\Users\Admin\AppData\Local\Temp\nszB25B.tmp\nsExec.dll
| MD5 | 2095af18c696968208315d4328a2b7fe |
| SHA1 | b1b0e70c03724b2941e92c5098cc1fc0f2b51568 |
| SHA256 | 3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226 |
| SHA512 | 60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5 |
C:\Program Files (x86)\Steam\bin\SteamService.exe
| MD5 | ba0ea9249da4ab8f62432617489ae5a6 |
| SHA1 | d8873c5dcb6e128c39cf0c423b502821343659a7 |
| SHA256 | ce177dc8cf42513ff819c7b8597c7be290f9e98632a34ecd868dc76003421f0d |
| SHA512 | 52958d55b03e1ddc69afc2f1a02f7813199e4b3bf114514c438ab4d10d5ca83b865ba6090550951c0a43b666c6728304009572212444a27a3f5184663f4b0b8b |
C:\Program Files (x86)\Steam\public\steambootstrapper_turkish.txt
| MD5 | 29f9a5ab4adfae371bf980b82de2cb57 |
| SHA1 | 6f7ef52a09b99868dd7230f513630ffe473eddf8 |
| SHA256 | 711675edb20b3cb70acf6cf75f2eea8e0d87c8ace3e11c8df362b4517427a34f |
| SHA512 | 543fe63f791250e05e8fda24fd2ceadebb4c8925e8927de49ae490895c87eed3e61a9ad50237532649f99fe3165836261de215ee3f66ffbfc6d677ddeea7732a |
C:\Program Files (x86)\Steam\public\steambootstrapper_thai.txt
| MD5 | 53f7e8ac1affb04bf132c2ca818eb01e |
| SHA1 | bffc3e111761e4dc514c6398a07ffce8555697f6 |
| SHA256 | 488294b7faff720dc3ab5a72e0607761484c678b96d6bcd6aad9ee2388356a83 |
| SHA512 | c2e79c2505a6fd075df113ffce92ad42c146424ca39087601daa4ed15a2b5528d478a093921d9d8a738c7b6b963275a0693ebe526b6e2135d14ced03639d0e70 |
C:\Program Files (x86)\Steam\public\steambootstrapper_tchinese.txt
| MD5 | 194a73f900a3283da4caa6c09fefcb08 |
| SHA1 | a7a8005ca77b9f5d9791cb66fcdf6579763b2abb |
| SHA256 | 5e4f2de5ee98d5d76f5d76fb925417d6668fba08e89f7240f923f3378e3e66f6 |
| SHA512 | 25842535c165d48f4cf4fa7fd06818ec5585cc3719eff933f5776a842713d7adb5667c3b9b1a122a1152450e797535fc7a8e97ebdd31c14b4d4900a33ede01f3 |
C:\Program Files (x86)\Steam\public\steambootstrapper_swedish.txt
| MD5 | b2248784049e1af0c690be2af13a4ef3 |
| SHA1 | aec7461fa46b7f6d00ff308aa9d19c39b934c595 |
| SHA256 | 4bf6b25bf5b18e13b04db6ed2e5ed635eb844fc52baa892f530194d9471f5690 |
| SHA512 | f5cee6bba20a4d05473971f7f87a36990e88a44b2855c7655b77f48f223219978d91bcd02d320c7e6c2ec368234e1d0201be85b5626ef4909e047e416e1a066c |
C:\Program Files (x86)\Steam\public\steambootstrapper_spanish.txt
| MD5 | 66456d2b1085446a9f2dbd9e4632754b |
| SHA1 | 8da6248b57e5c2970d853b8d21373772a34b1c28 |
| SHA256 | c4f821a4903c4e7faea2931c7fb1cf261eba06a9840c78fdca689f5c784c06c4 |
| SHA512 | 196c2282ba13715709ece706c9219fe70c05dd295840082e7d901b9e5592e74b1bb556782181cdbe35bd1ab0d6197fef67258b09491fabc6f27606dbed667d49 |
C:\Program Files (x86)\Steam\public\steambootstrapper_schinese.txt
| MD5 | 56dcf7b68f70826262a6ffaffe6b1c49 |
| SHA1 | 12e4272ba0e4eabc610670cdc6941f942da1eb6a |
| SHA256 | 948cad1bb27109e008f2457248880c759d3fa98b92c5b4033b94f455cb8ac43f |
| SHA512 | c3fd9caf0bd4c303a7cc300faada9cfe6dd752e82d67625b31f4c0c2c091596508bb477fe19f758fdf79b25b8ac3f5320a8785d2b6705b9bcc28a054a59454e2 |
C:\Program Files (x86)\Steam\public\steambootstrapper_russian.txt
| MD5 | e04ad6c236b6c61fc53e2cb57ced87e8 |
| SHA1 | e9d4846b7e6cc755ee14a5d3fa45ee7d3bf425a4 |
| SHA256 | 08c775efa77c2a92d369f794882e467b6e2526e61bc7aa7724f48e174524502e |
| SHA512 | 0dfb7e6d811d649103499018f3d115c542fcaba420ceb69124a4d837fe162ce514e7be2040860c5ef5f9c01c961fa6eea8730606b73ec107d87597989b6fd331 |
C:\Program Files (x86)\Steam\public\steambootstrapper_romanian.txt
| MD5 | 6367f43ea3780c4ee166454f5936b1a8 |
| SHA1 | 027a2c24c8320458c49cd78053f586cb4d94ee6f |
| SHA256 | f8d1972e75a320344e3c834ba0a3a6a86edb39e20ef706bda9b7965d440d1998 |
| SHA512 | 31aab33e0d272cb43a8c160b3d37256716a683e5052192fd0e4d3cdaf30a10a9afa9d26d5d14ad216ee455627c32892a711d2bc137ee7a7df9a297f001a19e32 |
C:\Program Files (x86)\Steam\public\steambootstrapper_portuguese.txt
| MD5 | eb8926608c5933f05a3f0090e551b15d |
| SHA1 | a1012904d440c0e74dad336eac8793ac110f78f8 |
| SHA256 | 2ed2b0d654d60e0a82b0968a91d568b775144e9d92f2b077b6da75f85ad12d04 |
| SHA512 | 9113c42c38836f71ff0cc7019aff8c873845f47fbf1ab97e981cb038f4d8495b6df784402b1ee9666e8e567ae866b0284c81e6a16efb47131d5ef88569c4843a |
C:\Program Files (x86)\Steam\public\steambootstrapper_polish.txt
| MD5 | 9b0b0e82f753cc115d87c7199885ad1b |
| SHA1 | 5743a4ab58684c1f154f84895d87f000b4e98021 |
| SHA256 | 0bdeee9fa28d54d384e06ea646fbcfe3f06698a31dfdc1a50703ffe83ad78d32 |
| SHA512 | b7780b82fbe705bc8e5a527c011eb685c99ef0b2eb810617b9f82b891341af95ef1c2f46dce9e458c0c4dcc3e7a0d21db6c77f03419cd1c4b521a9b72f9017df |
C:\Program Files (x86)\Steam\public\steambootstrapper_norwegian.txt
| MD5 | 58e0fcbee3cca4ef61b97928cfe89535 |
| SHA1 | 1297e3af3ca9e4fe3cc5db78ebbfa642e8a2c57b |
| SHA256 | c084a68b65d507eb831831aa2ab9afb9536cb99a840d248cc155ff87fad18425 |
| SHA512 | 99aff0c481e34cd0e4fcbb2af471afb56d91aa11be664462b08e17ae169ca03ef77e7063b4ecd0f38ca7b2f6dc0bf2e316c7b31dffbbcfc763cd8fae27dc78d2 |
C:\Program Files (x86)\Steam\public\steambootstrapper_latam.txt
| MD5 | 7913f3f33839e3af9e10455df69866c2 |
| SHA1 | 15fa957d0a6a2717027f5b35f4dbe5e0ab8ece25 |
| SHA256 | 05bc1f4973c6d36002ac1b37ce46b1f941fcb4338282e0ec1ec83fb558d1a88c |
| SHA512 | 534e541757d19ee157a268bf7ea358b48015f400542fcfa49cdb547cd652926160f015fe2cf026d9c4996e56ab90ca3899dfd457997d915bf6bc9d7bb00ba804 |
C:\Program Files (x86)\Steam\public\steambootstrapper_koreana.txt
| MD5 | 202b825d0ef72096b82db255c4e747fa |
| SHA1 | 3a3265e5bbaa1d1b774195a3858f29cea75c9e75 |
| SHA256 | 3d1399f5323a3ece1b1a8b3b31f8fd7f50c3bd319ab3f1c38c6e347452c95314 |
| SHA512 | e8fc7cc09f431301d22a07b238179ee053505090e3c4db30ead061513fe7159f1fe8b80efc93f4597fe00f01087bbe0bb2231e13693d72c8def138657cb91566 |
C:\Program Files (x86)\Steam\public\steambootstrapper_japanese.txt
| MD5 | 7e1d15fc9ba66a868c5c6cb1c2822f83 |
| SHA1 | bfe9a25fdc8721d7b76cecb9527a9ba7823dc3d7 |
| SHA256 | fc74e26a8baabbe4851109512d85173b75dbf7293d41eb3b92a1957a773c8265 |
| SHA512 | 0892be14a858cc860766afb1c996b2c355108a7e50971ea3ec00d15069e919a6eb05a61fa839bea3938492c391e274144c5e248f4c204a602bf36adf27e5b406 |
C:\Program Files (x86)\Steam\public\steambootstrapper_italian.txt
| MD5 | 8958371646901eac40807eeb2f346382 |
| SHA1 | 55fb07b48a3e354f7556d7edb75144635a850903 |
| SHA256 | b01ec64d75fd1fbd00fbeb45a3fb39244911a8b22bb43de4e0c03f205184f585 |
| SHA512 | 14c5dbb017822336f22bf6779ccd4a66604ddc5f2c3caa24271e96f739fef007754d96844efa422d6682cbcd2d3bc902c36f0f6acb3eb87ed8d7b3f885973554 |
C:\Program Files (x86)\Steam\public\steambootstrapper_indonesian.txt
| MD5 | 1514d082b672b372cdfb8dd85c3437f1 |
| SHA1 | 336a01192edb76ae6501d6974b3b6f0c05ea223a |
| SHA256 | 3b3c5c615fd82070cc951ab482d3de8cb12df0b3df59fbd11f9d3271fa2fbca4 |
| SHA512 | 4d41c945ce7c94746875b0dbceb14811d4966de4e97fe047406a304162fde7e1e2a16367fc2e43978e2e5aa66749f036b4444aa2312673c2cc3af296e8b77f55 |
C:\Program Files (x86)\Steam\public\steambootstrapper_hungarian.txt
| MD5 | 18aaaf5ffcdd21b1b34291e812d83063 |
| SHA1 | aa9c7ae8d51e947582db493f0fd1d9941880429f |
| SHA256 | 1f45bb7bdfa01424f9237eec60eba35dc7f0dc4e8c2e193fe768fe96d3ff76d5 |
| SHA512 | 4f3e56d1abe26b56d3f805dc85baaca450c0c7bec57ebcf8a6bb6ebb8588307dad130c83bf792bac76694909a14fd6a4d7d1e9b31e32fba11256343b9fc18154 |
C:\Program Files (x86)\Steam\public\steambootstrapper_greek.txt
| MD5 | 189ba063d1481528cbd6e0c4afc3abaa |
| SHA1 | 40bdd169fcc59928c69eea74fd7e057096b33092 |
| SHA256 | c0a7a1df442ac080668762df795c72aa322e9d415c41bd0a4c676a4dc0551695 |
| SHA512 | ce59ad9b17bab4de1254e92ce4fe7d8c8242832f62ab382e8f54199a9932cd11b5800cc33895441426373d5210cc74104e0271b721a7e26ed400b716ae4d5903 |
C:\Program Files (x86)\Steam\public\steambootstrapper_german.txt
| MD5 | 5c026fd6072a7c5cf31c75818cddedec |
| SHA1 | 341aa1df1d034e6f0a7dff88d37c9f11a716cae6 |
| SHA256 | 0828572e4fa00c186dbf1d9072a6154d65cb499c6a37e338f3305f77a2fee382 |
| SHA512 | f9d28714b2a05f8d9025f1692e4d7e8baa6daf6176353f65646a38814a242ef2adededa44419edd69f10cf96ffba506dab7cb6e52111457bf69cffef12174b12 |
C:\Program Files (x86)\Steam\public\steambootstrapper_french.txt
| MD5 | 10c429eb58b4274af6b6ef08f376d46c |
| SHA1 | af1e049ddb9f875c609b0f9a38651fc1867b50d3 |
| SHA256 | a1f6ba57ee41e009d904905c0ce5e75a59ee6790e08542561303109e1faafa13 |
| SHA512 | d8760f61760bffd8671b727d386ae220e7e6e68829a01553cfd5eb60ef8bd1d7c1b25e7b17a6db5bd17ba6712ef44999726764459318e784843c73bc4facaf46 |
C:\Program Files (x86)\Steam\public\steambootstrapper_finnish.txt
| MD5 | 9e62fc923c65bfc3f40aaf6ec4fd1010 |
| SHA1 | 8f76faff18bd64696683c2a7a04d16aac1ef7e61 |
| SHA256 | 8ff0f3cbdf28102ff037b9cda90590e4b66e1e654b90f9aea2cd5364494d02b7 |
| SHA512 | c8ff15373b37e848e6239a82424569e77c82a5fc557d17e7d2ed1d0d2b2f7d026cc1e2bc98cb5ee945c02cfefb82803c23fa6a26f48ff0adcf762f94cd5dd035 |
C:\Program Files (x86)\Steam\public\steambootstrapper_english.txt
| MD5 | da6cd2483ad8a21e8356e63d036df55b |
| SHA1 | 0e808a400facec559e6fbab960a7bdfaab4c6b04 |
| SHA256 | ebececd3f691ac20e5b73e5c81861a01531203df3cf2baa9e1b6d004733a42a6 |
| SHA512 | 06145861eb4803c9813a88cd715769a4baa0bab0e87b28f59aa242d4369817789f4c85114e8d0ceb502e080ec3ec03400385924ec7537e7b04f724ba7f17b925 |
C:\Program Files (x86)\Steam\public\steambootstrapper_dutch.txt
| MD5 | 31a29061e51e245f74bb26d103c666ad |
| SHA1 | 271e26240db3ba0dcffc10866ccfcfa1c33cf1cc |
| SHA256 | 56c8a86fa95eab0d8f34f498e079b5516b96d2a2f1ad9c2a888555e50e47f192 |
| SHA512 | f85865c1e9ab45e5586d3dd2b45d15265193e8a3c34b6bb1ac7e415a1ea878cfb044e8e01012e917e4f00bb9e0a422f56253f328df1bac99a145e19433354cf8 |
C:\Program Files (x86)\Steam\public\steambootstrapper_danish.txt
| MD5 | 03b664bd98485425c21cdf83bc358703 |
| SHA1 | 0a31dcfeb1957e0b00b87c2305400d004a9a5bdb |
| SHA256 | fdf7b42b3b027a12e1b79cb10ab9e6e34c668b04eb9e8a907d8611ba46473115 |
| SHA512 | 4a8cdd4b98432ba9d9b36bc64aab9a2eab31a074d1cbdfab3d35a14216c60752b5580c41bbb70104993420043685d3bd47eb6637b8fcbb3f42f76a15e4be041d |
C:\Program Files (x86)\Steam\public\steambootstrapper_czech.txt
| MD5 | 2158881817b9163bf0fd4724d549aed4 |
| SHA1 | c500f2e8f47a11129114ee4f19524aee8fecc502 |
| SHA256 | 650a265dffdc5dc50200bb82d56f416a3a423eecc08c962cfd1ba2d40a1ff3f7 |
| SHA512 | f3594aad9d6c50254f690c903f078a5b7a58c33bd418abdad711ebb74cfbdb5564679593e08fb2d4378faaf4160d45e3d276ba1aa8a174ed77a5791bcac46f28 |
C:\Program Files (x86)\Steam\public\steambootstrapper_bulgarian.txt
| MD5 | 4c81277a127e3d65fb5065f518ffe9c2 |
| SHA1 | 253264b9b56e5bac0714d5be6cade09ae74c2a3a |
| SHA256 | 76a6bd74194efd819d33802decdfddaae893069d7000e44944dda05022cfa6d9 |
| SHA512 | be077b61f3b6d56a1f4d24957deaf18d2dff699bda6569604aac4f1edb57c3cfd0abc5e2a67809f72e31a90b4aed0813536c153886da2099376964c60e56001a |
C:\Program Files (x86)\Steam\public\steambootstrapper_brazilian.txt
| MD5 | 0340d1a0bbdb8f3017d2326f4e351e0a |
| SHA1 | 90d078e9f732794db5b0ffeb781a1f2ed2966139 |
| SHA256 | 0fcd7ae491b467858f2a8745c5ecdd55451399778c2119517ee686d1f264b544 |
| SHA512 | 9d23e020875ed35825169a6542512ec2ffdb349472a12eb1e59ddc635e57c8fd65fa919873821e35c755aa7d027c9a62d3d0fa617340449d7b2c4cf8dd707e93 |
C:\Users\Admin\AppData\Local\Temp\nszB25B.tmp\modern-wizard.bmp
| MD5 | 3614a4be6b610f1daf6c801574f161fe |
| SHA1 | 6edee98c0084a94caa1fe0124b4c19f42b4e7de6 |
| SHA256 | 16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b |
| SHA512 | 06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281 |
C:\Users\Admin\AppData\Local\Temp\nszB25B.tmp\StdUtils.dll
| MD5 | db11ab4828b429a987e7682e495c1810 |
| SHA1 | 29c2c2069c4975c90789dc6d3677b4b650196561 |
| SHA256 | c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376 |
| SHA512 | 460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a213f2fa0548dffc58a2d7aa07fbe179 |
| SHA1 | c1355963c5a97bd3dc3567c8ce375ea02298a297 |
| SHA256 | c05dfa471560d09b507e71058590f5b937cf585be7913d5602ba9a36e4b9b976 |
| SHA512 | 078a37a29bf1c382d263e0b30ce5eb357eeac86543cc57224f0dc011ffc99e35bbb300358284f0c2281d494f0927aba43f58fc19e372e31d48613eed5b6fc6c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b9b539bf8f9a9532f437d5e7f7aaeec4 |
| SHA1 | 5cb5ee3db705f660d2cc9ec468ce1942e976c850 |
| SHA256 | 17180b5589e606737f5bd6bc131391c21225ac3b8fec9d527efa9b5024b4a549 |
| SHA512 | 01a4a393977a4a9254c442f585182cd6a7998d05116fd7a5fd156aa871f056bb3cc6656a2b43960c4d542443ab4468042d83cba4cc072c451c844a449f9c2290 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 340a513e3ed9c6869bb2533beb0ad7ff |
| SHA1 | 92e7973c281ded1ecd11d8bb1168fd254e8930db |
| SHA256 | 1b7c713a97dc6e7a29ac163545d9f8de64a872cc2028391e9f4fceb8d4043d1e |
| SHA512 | 3b24c2acb4897871f59f1a5353c6a1124856f0b659bb3d4c7d1eb30e7316ae1fa21f6c6e07e7adddff899fb0fcbfe2e1e9c6e60df75bcab582a5df6a5783b95b |
C:\Program Files (x86)\Steam\package\tmp\resource\filter_clean_bulgarian.txt.gz_
| MD5 | 836dd6b25a8902af48cd52738b675e4b |
| SHA1 | 449347c06a872bedf311046bca8d316bfba3830b |
| SHA256 | 6feb83ca306745d634903cf09274b7baf0ac38e43c6b3fab1a608be344c3ef64 |
| SHA512 | 6ab1e4a7fa9da6d33cee104344ba2ccb3e85cd2d013ba3e4c6790fd7fd482c85f5f76e9ae38c5190cdbbe246a48dae775501f7414bec4f6682a05685994e6b80 |
C:\Program Files (x86)\Steam\package\tmp\graphics\icon_button_news_mousedown.tga_
| MD5 | 00bf35778a90f9dfa68ce0d1a032d9b5 |
| SHA1 | de6a3d102de9a186e1585be14b49390dcb9605d6 |
| SHA256 | cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2 |
| SHA512 | 342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041 |
C:\Program Files (x86)\Steam\package\tmp\graphics\[email protected]_
| MD5 | 577b7286c7b05cecde9bea0a0d39740e |
| SHA1 | 144d97afe83738177a2dbe43994f14ec11e44b53 |
| SHA256 | 983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824 |
| SHA512 | 8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 619d6e5390b1390b5779b56514cdd64c |
| SHA1 | d95df461fa68ac3332161e6aa0ce642e99280745 |
| SHA256 | bce11780eb4975ed98f1741a427417ce2b32474544934fc1fb6dc46ddfaa4cff |
| SHA512 | 70458db54afd07af728577b6555c1c588930f3dc74009727682df6965ad22cc15e5b60e210a9144824a949acc4aa29618731bb0cef67ee02ea150d2b0aa98584 |
memory/4596-13289-0x0000000000CE0000-0x0000000001192000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
memory/12692-13324-0x00007FFA5FFF0000-0x00007FFA5FFF1000-memory.dmp
memory/12692-13323-0x00007FFA5FFE0000-0x00007FFA5FFE1000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Shared Dictionary\cache\index-dir\temp-index
| MD5 | 5c1936192eccdaa43c2f072f295ef14e |
| SHA1 | e6d3b1f698065068b914de17c43b5b7051cef293 |
| SHA256 | 19507c796695710290c28622ddd484a0e1ee3d5297e51513dbbdfd8678ddf3d6 |
| SHA512 | ae0d1d8b54b597247f26b15c628ecb4725a9d9379d03d3ec04e456fe4926b762dbb4a8fa2471ad2d870c2ab19c8f51995133184daa15bdf285ac7a68d3fe7604 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Local Storage\leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\DawnWebGPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 6e6a2b18264504cc084caa3ad0bfc6ae |
| SHA1 | b177d719bd3c1bc547d5c97937a584b8b7d57196 |
| SHA256 | f3847b5e4a40d9cf76df35398bb555117dfe3626c00a91f2babdedb619d6ad53 |
| SHA512 | 74199ff275400b451642cde0a13b56709735676959d65da11ac76dd645ab11dac5de048ff7ede0cb8adb3a3056b3ecbeb3dc7481bac3768d02051e564c74b679 |
C:\Program Files (x86)\Steam\config\config.vdf~RFe5bab40.TMP
| MD5 | 3cdebc58a05cdd75f14e64fb0d971370 |
| SHA1 | edf2d4a8a5fc017e29bf9fb218db7dd8b2be84fe |
| SHA256 | 661f122934bbc692266940a1fe2e5e51d4d460efb29d75695b8d5241c6e11da7 |
| SHA512 | 289c40fae5ec1d3dd8b5b00dd93cf9cada2cb5c12bcfefea8c862ddf0a16dced15d6814dad771af9103b3a5d3016d301ee40058edde3fdea30d9767146d11cd6 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | a2ec2e91c3ef8c42e22c4887d032b333 |
| SHA1 | e2c738a2e9400535b74e2263c7e7d1ecefe575f2 |
| SHA256 | 8f9f970835f133258a7f740126012439385bbaa5a1d6a9d0d967a390977441c3 |
| SHA512 | b069d241efb19e09ec8b5e60ef6c43e00d5cc0f774b9340127c2180356dd1964ac625c1afdfaee5f99e72b26f56046fc329aadbbc365b403af765a55e9c9aab3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 893e715ab2cb6be5d89fd20539938400 |
| SHA1 | 966a8cebae66635b7bb98a85000e86d6dfd72dec |
| SHA256 | 9c63b73c1df090cf5a9ba094b0928d472db85ef766de44d2bfaf7b1b31242068 |
| SHA512 | c8f08c2f066e86ba9716e0cd84c8dffef16104ca1231fba32fcf05a2ec842d646109baf968e54691cf84277b49ba50dfcca2af35493fba1a574ea0509b9283ec |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 551b380f9b72d9a9523b01a003e04c13 |
| SHA1 | 2a0899a963bda6649a690731343afbd9b0c47181 |
| SHA256 | fb95a4e3d1f417a0d4fca9f6e900e8f55ebb98bdeb5c109b03f517278a6c1e0d |
| SHA512 | 432aa0c6a9200b5245a40533d9af6e03cc8381e23ccad129b0c22c421579d831b6c72eff29bc88e2031db6f57e7846e4f75de3abb2687508c975b202c4fbb094 |
memory/10644-13455-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000003
| MD5 | 9fa060a599b0ee1912f2073ed59df3c8 |
| SHA1 | eaaeef616747d09506c6ed1d96901d2c8d1ad4e0 |
| SHA256 | 7924474a8f327264982347dc932997ed49890ea4114925024ba678fba2d4e90c |
| SHA512 | 93837c0d1bf848ff603073bce6ac252f770a35fad094b294609682e11b04b463292c74c8440891e89741f28fa67a888ed6fdc1575fda99a3c2b6065ccc4e7b47 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000004
| MD5 | 544a6e4b1b34c5132739a0d2ba39b18d |
| SHA1 | 683d474bf1ef4998ae5e37bdd219f34f15a12eb5 |
| SHA256 | 369ca10d1b319a8fb94a6cd6143f4a524833faec18688d733508dd2c4f6db7e1 |
| SHA512 | efa73011d5933b27c23282e0e3caaaec3485d6db3b92212106fa6636b18365704904e7cc444a8b51d0e32d3a29c13e1bc2dc296214c492675b912de85824d4c3 |
memory/11000-13570-0x0000024147B20000-0x0000024147B21000-memory.dmp
memory/11000-13572-0x0000024147B20000-0x0000024147B21000-memory.dmp
memory/11000-13571-0x0000024147B20000-0x0000024147B21000-memory.dmp
memory/11000-13573-0x0000024147B20000-0x0000024147B21000-memory.dmp
memory/11000-13579-0x0000024147B20000-0x0000024147B21000-memory.dmp
memory/11000-13578-0x0000024147B20000-0x0000024147B21000-memory.dmp
memory/11000-13577-0x0000024147B20000-0x0000024147B21000-memory.dmp
memory/11000-13576-0x0000024147B20000-0x0000024147B21000-memory.dmp
memory/11000-13575-0x0000024147B20000-0x0000024147B21000-memory.dmp
memory/11000-13574-0x0000024147B20000-0x0000024147B21000-memory.dmp
memory/10644-13580-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 20a29c71d35dcc37987e72885b925f75 |
| SHA1 | 6510e44cc3c7e7f9eb35d37fab81b3b05109313f |
| SHA256 | e89ec7196eadafb1a0452fee47bceb3f74fe0be31babb945f2ab1a8addf75329 |
| SHA512 | 208412f208b2c778a970f620d626d4c632020285d7c76008e5a5aa83a13d2a6bb304de5567a70d2dfefa727412851087bab746ad1b7394570a2f71cf49388fe9 |
memory/10644-13593-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ae3ff0bbc92e3861d80be4ddcb2f7a95 |
| SHA1 | a7cc332ab34189f275116c593ef12aca36ab65cc |
| SHA256 | 4ac85eb63c3abefe5a4d325a4586d241d8d132fd5975dbfd28ec4985719517c7 |
| SHA512 | 31380e8b352dc0263de98461c45d29edd8d69fecb4107a213e6ecc845aca94a61702e5ccf5e9927e579487cca95af769b8de9a302a9bdd4eed81cd60dbcda115 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | a552c9c4feb0f594211322858904ab03 |
| SHA1 | 0eb4bc3a101acae37bb825efb355b826ae9b555c |
| SHA256 | 31d89c945a76a16e401e4f999ebc39aa43d5bc529c91d1e9ab5f9048a6989ae6 |
| SHA512 | e4993bad407efe4fd7267635e61989c6d1c8e4aa72c2ad44b4e8e18df21ffbc6865dac6ad59de49dcb0c1c4aca9db269e13b7d09ed083858dbdebe1cb84fff35 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json
| MD5 | 602c49f9246967bdcff45b4f43cf2fb0 |
| SHA1 | 4c5796e0c724bbd7a9244cc8a0fc9e8f40181f2d |
| SHA256 | a3ad9649c1038078038be1abd591cdba73b4b4f5cf30e11bb6cb7a432b746114 |
| SHA512 | 2f273c0dd0127071f4c768cfe7277c6efff84c1ef4f4271c1326db3658c84261794b106af3198717f349fbaaaf276163700bbb50ae20fe52ed0a88a192d46f77 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\UserPrefs.json~RFe5c3010.TMP
| MD5 | 68b20851ccb9834d21fb32615e42bd43 |
| SHA1 | 88fab935f0b9484994097c08f785e9ecb7d68127 |
| SHA256 | a954b528dd65ad6c4c2091fa32f17abdb7a49454ce88e10bb6c377734c70c26f |
| SHA512 | dcb0771120c8fe35213d60e9abf4b242af807324759e3c99e9b2569c00a941d885d53ef6fadfe69e6b740e0b52a6008602605d643801190a2d29175a7d065e15 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | f8e6b18b052ab8bacccaa9891a577e78 |
| SHA1 | e4721e6cbbc0ee29f9c266cb126406d848de2f57 |
| SHA256 | 718c4aaef80a66bdd40a8add985aecfa433eace33366d399bff080d164c25779 |
| SHA512 | 6cbc39db66a6a32b10ab85fbc4bf6c93f981847e4d6cee728ee1fce945a63df5e9757108104c7cd39e520c96c457e9f8e47a16efa771260da9a98c54dbaf8ed4 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity~RFe5c302f.TMP
| MD5 | c1d4d7c1377092cf2c7484655cfe2014 |
| SHA1 | 855c2fe50d31976ef532b3567332796f4bf0e5b2 |
| SHA256 | 641835e765b99d90f34a072e82097a536323d16942a75e457691c4b6bf4b4ac6 |
| SHA512 | 56c60a9d6f54160ce0d25ac6bebe26e561f9e7a2f73c86dea3f166d230af929802bb377ed778c9b8580a2b318b5123b204c51b59ff2818a17976a3cc63705413 |
memory/10644-13630-0x000000006EC60000-0x000000006FFA1000-memory.dmp
memory/10644-13631-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9a6f6b150cc46665dde8a8f9d45653bb |
| SHA1 | 7c9b718f6d46c96bab47750dc2824fd6ac68a0a2 |
| SHA256 | 35450633d0c70c2dd9294a6a56f4e524f859bd0dd516b9343561268ba0727c71 |
| SHA512 | edef23fda831ba3ba58c6663962c8ddd2efee2c521ba0bc5a32293befb52733004a71166a62dbefbecf418b6664c08f16786a140d7e6569a16b4ccbdd207c162 |
memory/10644-13652-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | f23b73c5bfaf6c970f4cbe93ece17406 |
| SHA1 | ea7c8757b13e0f6816625eb1323f8707aa90cfe3 |
| SHA256 | be88a9b351e09e272f2f5c026ca73156d83f7cc6ff0cc76401e3498e7ef1f34d |
| SHA512 | 446f4014be3255bc5eeb3a682be1b1cec7149809db0015f7a75118bf6b4920ee5f4a194a64fe02901e560fe28078fa814f137817dc425c4eab77d567b1de2755 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6b16b1bcb59ffcbad1a5cc4b7cffbc7c |
| SHA1 | 8c688e934659b3b14c6cdefaf1092b8609c73c81 |
| SHA256 | f192906d5cb35f3f15e534dfd4d3555882a31bff74d0f7d9e1442b9a2e26f65a |
| SHA512 | 27e0175299f829e2f768427a780dde071344f630a16b40340bef10e960dbfb4e3539f764fc476f839f29b4f4dd40197cff61a4b7917a09a5b1bd8b706cd719ba |
memory/10644-13674-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | c53430e3d60aad647494eeeb6cc86d3d |
| SHA1 | 74321a54609c633cde288ef0653cd006dbe18c76 |
| SHA256 | 135d0aa0b0373875adc45ba57827db846a7908f4662fde1b3fd76b2dbab71f83 |
| SHA512 | f5fd6090df428d621f5f99ca900ac984920878caec119d5b48102d8eea4caec1ea06f38f0e0cf9ce5259337d4c61cd111fdb10d60864ac79467838af8ea968d8 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json~RFe5cb899.TMP
| MD5 | d61ad99d4962274173b48cd43b61b46b |
| SHA1 | b2e643ff6c00242de0dcada24f4b36b79b1a1de2 |
| SHA256 | 36d6a08a1b411212a99637d61448d6993ed1da0db1ce35444dc133afb3c330d5 |
| SHA512 | 72a943e04d3656252f56328020c50bad7d194ae6612f7fefae00f47c236fc85f21819678b4e1aecab4ab5b7e1003898541da02f73b857028c50734999caf9da0 |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 3594f1b0a67bdbdb342654d54a67ff04 |
| SHA1 | 75c4186b4875d4b7e1a5b6dcb2f8daf59d79bf90 |
| SHA256 | ac7d81db97029f68a7b05cc5b5e2c5216ddc7925b803cf62e1fd7086cc5602d1 |
| SHA512 | f2d3f28c39e3906b3f43ac5b0daee8d5ed0125802df09728ad851351f66764ac6557bebd4020294a2ab4d71f34a5d0dcf76833be6f416271b58b2236730d4f8d |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\the-real-index
| MD5 | 51a495c5f614aa14b797e59d8410c29b |
| SHA1 | 8fe294c0a29c92f5237e277c92bf93a41f74238d |
| SHA256 | b32e7676ae0ca78c2c4efa23de3ad4e8896fb45944b2f41f5ddc820e3df17620 |
| SHA512 | c11fdc9bdad65ec45b25edfbc41ef81efb043d6af5f199deefc8da6ed53e4aac03e2152bf01bee79310f9f6bc0d3d77cb2e5c63a690655e5c042585d7f3c3f43 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 6e123610c29f767e9540270db3c11acb |
| SHA1 | d45643a4cadf61ae8e5890fe235cbab3841b4140 |
| SHA256 | c69a9f6ead8e0edce69c0313eabf1b50cdb77de2d3e5b81b57081c130f87c80e |
| SHA512 | ab430b7597b5e8cee69bc6fd3369568955130075c5d59975029fe815bbd5f511b49ef68bfaeeb8531f48d185841113027f3f196bb2515bee4fd9b469acb18c18 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State~RFe5ccc21.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 93463f99c50cd04e9195f96f43df249a |
| SHA1 | cd820506793335dbf3928f3092fc3710cd6c1651 |
| SHA256 | a549f0dafe55a32430eb083d9810f32ed0a4ce26e8430645d6ef473b5434f89a |
| SHA512 | 029f7d4ed8106165d9d107ca94c5a0c0ff28e23117f3c1fb53ad7a7c8396bb2e7b1d4d87b22a6c6192792478965924f48ae4eabff772ee8f084ad655ee0aa1e6 |
memory/10644-13741-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 39ac47e05735228eba218d8903815f69 |
| SHA1 | 042742c15b27ebefb5f05e206ba3da9abd9c8c6d |
| SHA256 | 493d75977e143694da7b6724fd52e03162b6f4eb9cbc18b3b639990241687257 |
| SHA512 | c67bc9aabed84e4e11928d433921051e5ca0ecd15a5af302a7f7c88de6e2db6b7df0383aafcf7b3fbd056f9eb1007fdaa5c27495992d0cd55d5c9dd5e20b7f26 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping10520_379772288\manifest.json
| MD5 | 2ff237adbc218a4934a8b361bcd3428e |
| SHA1 | efad279269d9372dcf9c65b8527792e2e9e6ca7d |
| SHA256 | 25a702dd5389cc7b077c6b4e06c1fad9bdea74a9c37453388986d093c277d827 |
| SHA512 | bafd91699019ab756adf13633b825d9d9bae374ca146e8c05abc70c931d491d421268a6e6549a8d284782898bc6eb99e3017fbe3a98e09cd3dfecad19f95e542 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping10520_379772288\LICENSE
| MD5 | f6719687bed7403612eaed0b191eb4a9 |
| SHA1 | dd03919750e45507743bd089a659e8efcefa7af1 |
| SHA256 | afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59 |
| SHA512 | dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56 |
memory/10644-13790-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | eb8b518b235146c140c6f633481eda7c |
| SHA1 | dd1625f06195875784bba6932e7962976ea78471 |
| SHA256 | 3dd0fb435451581d88a2db495034e9a0bb9aaf58663aea74e20da02a3ed7a91d |
| SHA512 | 3b633834693104ba61ea368c91f0d7fb93a62070842bc1e23a1a96b76344b28926a3258b3d39a287b19144c17e5766f20857b0621952a29ae90a482f0f190b5f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e2192db4425b5f63cdf8417c19782a20 |
| SHA1 | 470932d12f66ad1a0567c22e41561059b4b9a002 |
| SHA256 | 48a9b17b82d424a7a39c7b3102b76ef098a3e494d967c49ced8ff4491bdb7f85 |
| SHA512 | a6fc9fd849e7584c66ea1417924bd9eb5b161a5f860c13193f0f57bd99310981f9c860dc182d011b0c4f3ab9b5a14693afc51c70cc7e88a420c78f40dbf373e3 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\LocalPrefs.json
| MD5 | bb28f16364e29eb2bcf76d8b8bf9b55f |
| SHA1 | 99845904efd777d98d0f343a466e9ac6ac44f055 |
| SHA256 | 52fba44e37426472370006b2513d0ecba6c9f9b0295b704e396c6a76a0f82da0 |
| SHA512 | ab86664aebd70a5fbdc5c09af6a0b27fc334463fc86aa4b226b8ac575c57e7af1753c2c530df6da69bbfb43e1dccae40395a4c140dbfe96d629799ff12b61f12 |
memory/10644-13820-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 7dffc6002800e9b20cd92138b31be01c |
| SHA1 | e61195b62f80871655d32d2ce147391aad0c6a77 |
| SHA256 | 692d6e0051bee1f7dcdc50d6f81544c7eca3f99d501608c4a66517236c9078c2 |
| SHA512 | 6968fa92e7f803d7b0dcdafd74d8cb42fe379d5d2181a0dd9d4af3bee029d55d8b38d40665b625acc9a3a19cacf15dcdb7120b5f90bd0240cf16d16da443e867 |
memory/10644-13830-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ec70b9cbe770d598e0becd524809911a |
| SHA1 | 814dd377ee4ad857e7159ce0855cdedea167684e |
| SHA256 | 7675d6ce6632f0ccdfe8c58a8b67054953fce758ef94e3c5e27f174d2f2baf52 |
| SHA512 | c34672c8b60970158267d220ecc6f555ea9be8810f2ce947a53b5a2185b8b2cb246ba4fabf8697b05c8907cf0fa54c07e23a72403f1765dc3aae1b78002a81f5 |
memory/10644-13840-0x000000006EC60000-0x000000006FFA1000-memory.dmp
memory/2228-13843-0x0000023FEE9D0000-0x0000023FEE9D1000-memory.dmp
memory/2228-13842-0x0000023FEE9D0000-0x0000023FEE9D1000-memory.dmp
memory/2228-13841-0x0000023FEE9D0000-0x0000023FEE9D1000-memory.dmp
memory/2228-13850-0x0000023FEE9D0000-0x0000023FEE9D1000-memory.dmp
memory/2228-13852-0x0000023FEE9D0000-0x0000023FEE9D1000-memory.dmp
memory/2228-13849-0x0000023FEE9D0000-0x0000023FEE9D1000-memory.dmp
memory/2228-13848-0x0000023FEE9D0000-0x0000023FEE9D1000-memory.dmp
memory/2228-13847-0x0000023FEE9D0000-0x0000023FEE9D1000-memory.dmp
memory/2228-13851-0x0000023FEE9D0000-0x0000023FEE9D1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8cde8478d7f3b2f5f1e8a0dea9405ecc |
| SHA1 | 94b9d7987497845666041683c53175f65900d39c |
| SHA256 | 85dd968bbd33aa6b9ab433a55abefad78e9be955c33f9730e617d016dd545a3d |
| SHA512 | c8062be6d3704c92d9350ec4f324cda972f5d7a7947708d93dfc24139d2979ab0987ab32c7e9b6455c963f175d99abf1a53f32fee1c0ddd45be7187d457c3680 |
memory/10644-13870-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 82bd1cdefc8fddd34d8b4147801cee51 |
| SHA1 | 1fde864158f97700f97df23dc2f7bf3121f65471 |
| SHA256 | b2848f9f36bf118f02af6fe73e3b763e1f591dfd04853ea312def20112caf159 |
| SHA512 | 0dbcc67be8e457c3084386d5a8d50bc75df3af43cb5c54c7b63227b2252b491a19407b38ee42edb32291c2e692399d716185028a580687e1ec645dedb61c926c |
memory/10644-13871-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 66f15870049addc792b8dc84ea033f1e |
| SHA1 | 8adccd8e05c55967f2d69303bec470d14b09b532 |
| SHA256 | 427d6234621099dd4446ebabe9d7b8beb25c120d25ded1118d6b831551dc3492 |
| SHA512 | 9e34b132380be3167aa6153c1263d26590acc8a3fef5b5c9ff9d5bbcbde7b59a2c9cf4780c107d6e83e442ecec692802441311927c81c2d9e7566bdf93276fad |
memory/10644-13896-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 6e37b35236e3f113a8266e2dd6bbc340 |
| SHA1 | 713a84ec3d84fb3ca10aefd25bed581d74c910aa |
| SHA256 | 424bec75738e96768ee25c455290235f1fd63c3eb1a37c2ebb2d7651e6999fd0 |
| SHA512 | 7de267a353e50c614950bf21428beb0dcc96606f8fc879f2b821ad3b57f8a8d4be72b6f390dbc0a599b74f38396006b08677a1571cb1ff4631cffce5210e05a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 743c8f804079cc84784ca485211b4b9b |
| SHA1 | e640afb1a92af159f29415e2be6bb27e9f48d7c7 |
| SHA256 | 9165c2175e8b29bf0b667fdb3bfe6b1ceb215c3a0b382908c7b373f4512e2264 |
| SHA512 | 94bd6fd4fc302162e394fb67e9aeb37f798a17e0e6090d1198e8a4095f7f3d54fe4eb520f2b50e74878b6e4b5f8bca35f0ba5d0783f83ad5eaf83ea378e9a450 |
memory/10644-13915-0x000000006EC60000-0x000000006FFA1000-memory.dmp
memory/10644-13916-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 281e7b7af623e815351d86163dda8cb7 |
| SHA1 | 9e5e76ebaa7f9833605feaaa00fd70495db2e9ff |
| SHA256 | 58c1ddc984244725756d80f7de1b73d19f81fab25fda35784a93677c3a330b60 |
| SHA512 | 542503cac3dc2530db8328a98f38882613f60469e58d0e0f7bd69b8d1737697f46c9dbaf0cd1fac589445ebc8de4c736b6c61e9a145702a0ef67872afcabb20f |
memory/10644-13926-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 266605da42ce56cfcf19c77fe6ea9992 |
| SHA1 | 9f29bddb01264a1781eb3347e39a8d54254bb6ce |
| SHA256 | 4e23695b3e980cd21639efb5cc893747c4657e8262e724c1f7c685576ef0ae86 |
| SHA512 | 8e4ab22b74f024711e84a57a28d0f205b5d4cadf176a3c0552e971303d49a1fa1a5d3b623c7bb93cd335992739057b815bd39565473558d1f4ff681e05175d85 |
memory/10644-13936-0x000000006EC60000-0x000000006FFA1000-memory.dmp
memory/10644-13937-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5352486b04a99f58e01a0c019a6a86c5 |
| SHA1 | 21bd65c6fb2b12b31dfe84216f2ed0f1747855cd |
| SHA256 | 73559b27ee715880b45d7e9d498a4116851b55abcc7d4dff0afff26845b1eb7c |
| SHA512 | ed50247ad9474afaa30ad12b8e464fe4bd97f4e0dc8da161bcfd112b09ccf30a09060bd245ef6e4bb2212974712808258d884cdf0eecadef05c22b0a8e083794 |
memory/10644-13947-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c07f71dcc0bd5312364e96ed67752f85 |
| SHA1 | 200dcba4fc26d12302fc31adbe5f29622153dc8a |
| SHA256 | 6bc9b5456cf4ce1d045c6b7320923e35c3a0cf337ad53b33480bc0f610d7e875 |
| SHA512 | 76e900cbf65c1ecfcb00190f738382a9cd627ae1209bd4c08be8ddf1faf157d2eb06bd0249eed9f1a4bce070affbaed2db97c3695689c7f8a79c8232f10abd6c |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 4e70b4c562250a5287b6d0db8f2ab89d |
| SHA1 | 83fe2efddf73f4bb04b31514b2b1cbe5d95f1cfa |
| SHA256 | 99568fe26af0c22439b9308e4898c86154c0a86b9d3d9866d154a7caba833a16 |
| SHA512 | 4a3f48976daeea2ad639bba2a5eefd97c8bb11f0615272974e48d7780d6e098b9d1f5a29cc75908e2b2bebb7afcb1f2178d95d3e5fa305516985fb440fea023c |
memory/10644-13975-0x000000006EC60000-0x000000006FFA1000-memory.dmp
memory/10644-13976-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c7339a8323c2284a0834c9faa198c53d |
| SHA1 | f2bd83cbafb504c99ddb80fcead8a57b310b0f97 |
| SHA256 | 952258fd211f1bdb1a1d7640f986adb8d7171a6de40c2adcddbde7f50fdc1b05 |
| SHA512 | c58d3888d1789c82c9f169905daedc3aa30ff86b0aef8e599ad31f346b72efb21bdcbd7008d32cb542ea8179f31f4e05bd7bec51cf375c88c26b74e067808fd0 |
memory/10644-13986-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | fd4d92d19dcc8e908a86990e92c0d42b |
| SHA1 | 10798bbd2297a70b8cf34b17f5b730b2985f1904 |
| SHA256 | 94a8150b45150dc5e97ea58664e85f0895860cfe1950fe80dc59c0e374301898 |
| SHA512 | c745b509f44ae2a8a34ec0f141189841adc632cafef8da2883b14e8b5cd8b702cbdabbe3395ecf3df1ab2a160033f8db585a67572ca490cd70cbdf1b522323d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3dec3a74a431f4fb3b59ebdef2aa776e |
| SHA1 | 97fa2d1933fe949006dc6afd9c5b3c9054a75734 |
| SHA256 | e972b47e948c1e90fd4f8a8229377dcbaa6a07cdede503e94eae34c484243257 |
| SHA512 | 457cd20fb43623c09fb1f532e7dab3df0fcb0234c2f961e4f5b63939f4ff247455dc602ca152047e0d1b0a3ee67c125d155efb55a5fa090c98119c86dd41a66d |
memory/10644-14005-0x000000006EC60000-0x000000006FFA1000-memory.dmp
memory/10644-14006-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 237965f1fa583e90bceda732243552cb |
| SHA1 | a93a8687b7ff8b7ef291dfa674cdbf18dfcc3dc0 |
| SHA256 | f51bb774634160331e0b50abebfa4c2cd054d9c0c878d6387f6504e78eeb65c9 |
| SHA512 | 7261729eccb5cfc12864d379aa99e64946e8b859ca9ba40350b59baa12e93a344974ff14dcbc038c6ea935c4a03d300aca841f247544ab760202322c1af80466 |
memory/10644-14016-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2ee694123e754d2d59493a0502e57f41 |
| SHA1 | 27b2be67472328aebde42d150f465bfdc1bfb6a3 |
| SHA256 | 9b16c962ff41cb4f6aa0b46f45cd70799438ee4a7526d84b20e834da59634f72 |
| SHA512 | f59b47fad125294a5079350f7961d6fe26b8f1166d843f2912b496533ed6a3fc2a098019709cc36d4f09d1395f2a607b14abab9621c79fd380bc7a8207e317dc |
memory/10644-14026-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | 6aca741a9b691c26db03a3dffef43337 |
| SHA1 | afd507bc142f4b4a46911a7b6150458a2c3f502a |
| SHA256 | 99b9708dd1a01bfa7149b084b69ce0a937cdd34a3c4d1635488eed4fbaa94323 |
| SHA512 | f50de97e504cc55caebcc97fa3bea4fcb18cc6db23e2e41bbf5e12c1cb6dec32a281ed92b2978eff7a9566c1f6f84c4aad4cde8d1e2d815ad8fab42e7838f03f |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 32d9f513dfb6afae5d480fe73f67b1f1 |
| SHA1 | 4bae5c41628118f2909ab5ee81edc7aa3a3913bd |
| SHA256 | 3b73a1a4a3651ae513a58fd2360cda9fa80a9859fa4fe1315f0d876725c13161 |
| SHA512 | 081843f3fa2542181f18bcaa124052ee06fdebea890f281605c70ebdc6a349fb7df9eca183fa00585cc7c78099d0a75b79ebbef800682ecfc42fb6c6ec4b5f91 |
memory/10644-14055-0x000000006EC60000-0x000000006FFA1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 505edb0b9d9559b869a841f92d87dd71 |
| SHA1 | 1d171be13c64927ab8246d2810f9d570f7614546 |
| SHA256 | a0c1f1ea1a59f9d417424a0ff599432f5a062299a4eadb3090bd4c711787f019 |
| SHA512 | c28342a3735bdbbbb6bcc98674c021c35340983f50bab7f1e57203b0d7763eb10167645033b9555aa7637b45802df2980e5593dc32a37ef3ea57e427792c5a27 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 4f56929cd408d5f8f0b98cc748816082 |
| SHA1 | 4b150c4c9b6ff130b6411e90c6d271038732140d |
| SHA256 | 2f91cbf55775ec096fdb7dafb6176e4d1be8bd39462514c7a665c13243ebdc6e |
| SHA512 | e769ea5ccf464dd98487814203716ea2ca9d90cbd0e54c9202d1d4adbc819f90542451283f8524a2205f8b69f1d5857e6dc0190b4dded14b26d0a176fd4e7658 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a26735bebb0a5f317bdde367239896c2 |
| SHA1 | b2b6bf36c4e3cae0e3f5abc9759080bc86a5e8ff |
| SHA256 | 12e8020adff9737428be5be52471fe70b659dcfbc75f07f39852d52feb13ce85 |
| SHA512 | 2d0bc1c9cff5903af6ba87537d49425be0b64f344026067e35d8478f53c301c62d5ad475ccde30ee02a17f6295822e284296136625c983cd9c5e59107d226bd0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3f9070a046d8e2fdd7ea481b9c017f86 |
| SHA1 | 51835662b53462799d606039a7d09e69a184204d |
| SHA256 | ecb6590110c5b87f8b904c78636a914c6b3b857344910e5866e387cd0b8b2d26 |
| SHA512 | 5fa06e9e52af1d4e402d0299b8901ded3f0eed37aa965fd62172ddd284070f1ed4d84aed590044743a88a61a16d5943280ed270a6608248db67d314d09ccaf4a |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | fd640a72f8b8f08f0c46b50fd4466580 |
| SHA1 | 3637df52947758bf9bd65cb3d89fdddde5bd9d69 |
| SHA256 | 7fdbdaf2be2b4e639f4349f4b5fe07317ba2f5db588788f78f1cb3baed38dee7 |
| SHA512 | 1cd694451b3efee9fa34ca991bd905c8bdc77bddc1534c4e2ac7c5facd8dee3937169367f89cde1b41ce2b8f67eb8a0be7928828205180621e8f30bc14206467 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Cache\Cache_Data\f_000013
| MD5 | 3037c0077b941dc351df78fd549ac9fc |
| SHA1 | 7aa416ed095359fc1140b5fab3c55754650961bf |
| SHA256 | 72994185cb2873448f157cbf8cf0b6230abee6886060fdbf6d814be95e1e92a3 |
| SHA512 | 27ed138b8cad4f3e1b768714a72c833dad25475ac5619fd74dfbee779683a6500e0b726d53c703d08a13983347a5dd472eafdd674c12857df058c0b775b6f61c |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | f6860a7ceb62d7185db1e37e09ae4182 |
| SHA1 | af2d4bf2e9ff5904961331fb5ee50528e5f6beed |
| SHA256 | 2e010396a1494bcee49bb3859b2889998d8c5932b10490a8a46bc5222965c421 |
| SHA512 | 57679ce34b47f91881e0c866298c3d3648b85085fe17c04aead10b99eac195c7c8d6fbc67f36b498f80f3a7df0b3093271c3e248fe27ba25d48afb7e373dce0c |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Code Cache\js\index-dir\temp-index
| MD5 | 6f4231b0297c91e9b2d425c8f2a377c3 |
| SHA1 | 7283485cc09731f154ef0dd021f4206af1614c52 |
| SHA256 | 158a1e534a0ac92c6af3516ab8a91353fa7e5dbfc525e765996061b37b18e523 |
| SHA512 | d5852b4b9d80a8ff412126a6c1dff0165c8851b2fedbb25c4182e3e4a6fab529099e76770a3032fcc2c0a36ffa1c91280cf228eb11dc64ec8f84335206a5fa24 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 42e017525ee6e8543b7a73a3ee362c50 |
| SHA1 | de4eab02321bf90b7ea4401eaee649a828757f0f |
| SHA256 | d442f07698e8fc8ca7c22e9a6dc548394abbc32c05490536eea222fe2ca70c9e |
| SHA512 | e01eebe0abd6ea11b79090ec05babe7276b9f824785f181d8e6162520b67a06646558642b8ab4ac36fb32f4fe22d5d49a5c95bfff42feb46aba17d9f08117f43 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 181f8a79df06cce5ec4f103ebf6e3213 |
| SHA1 | f5826e0163b502aef6c92015c72b0ee88380f07e |
| SHA256 | 71b143db96c80da98e2ea382711c763c51676a3437b2c9f951820bcf0afb8cdd |
| SHA512 | 28553e5c1d2b89f7043a79621c0c68c02ed97a6a3727d595390725d5440fdacce5223f700111c835bf95a2e63861bee19ed0c927f84921cbe227afb340033b5b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7d129db4e3ccb6d8e7414065c05e3b45 |
| SHA1 | 136629a71b9948df57bbc6c9b8c0ab565a72c43a |
| SHA256 | 822cf7a2df399fdf43de81274bac0031b4fa70012bfb9bc9881328d4262f34b0 |
| SHA512 | 4f5394e222a59aaf2528e1767fe29c2dec94759f7df9ef1dd80719a8d101b6a0f1bdef665cfc0a6792824779db74495aea2094ccae47ca28069c42debbb5568c |
C:\Program Files (x86)\Steam\config\config.vdf
| MD5 | b05ff1d012c0cae494f5468054b8a350 |
| SHA1 | 177505956c200d6cc1b9139a3cf5c1f162a3dfad |
| SHA256 | 70c0fbd0c7d5f65918408ce1ec7b617acbaecf1f87408fca3b70201f1c831b61 |
| SHA512 | fa1f16455361c3dd12247e1899eeae60fa030ca99094360289ccdfbd448ced17c00472b4b1d2d9ccebe698cbbebc31aa29643186a1f2725fe2a99d69360aeb27 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | 432310455fd8ad2799298b7bfbd273d0 |
| SHA1 | 97ff9acfca286b77086edabf2c5b66aca4607312 |
| SHA256 | 35f6749bcd4f9446234300e851431971924f640aafaf9318b598c315079b6616 |
| SHA512 | 9d0f4fd0e43517583223b170a895359758e6edd768fa029ce4e12568c503630f4d244e931aa0cbfbf23834b8f203cc8519b34bcfa7622dce5a9c5ed2d96e1ead |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 46afcf3f8d68875560c0e569e6069c4a |
| SHA1 | 82be91d3948fd6cec7c7e241fd702bd984ad7c94 |
| SHA256 | 77c0e266ab04b4bd2997159f861430d95278c232d97062ce661b0368e33a0f30 |
| SHA512 | 07414f2b82158616ecd10cc1bc0a30ca9a477a7f7b06e5fc17653ca90556f8d0fe313fc78f73c7141af2234420ab438c7ce1d8569f83a7f580d61fa29a5c4fb9 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | b8c55a4ddb78a8cecbf83a9b52ae6fa9 |
| SHA1 | da0a3f4ea7b1249608bc439b2f137b1e76a2b419 |
| SHA256 | d79f72bc3ae60868aa128dea2299f154b27c4be187d9256173ba383fa91f88bd |
| SHA512 | 75c13c9316885ec7a8086a0f8e4a153136dfc0e7ac77aaa8e11d404edcbd0b1bebf62122e86c6d5462b822d715ef57b721fb5e767141282f8beea17b78d9f573 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | d9f7c14edc28798088b9c040d9890db2 |
| SHA1 | 55b3f2d9b27b6449b81cfe7c5fd404b79f5acd96 |
| SHA256 | 283ac92825ce30305a87b14cd5b2cfc5e1411ace6540f254d4fdd8807fdef13d |
| SHA512 | 2b0e3823135206f4cd9138f3b5b1ec1edb7f219abe46e82f4dd339edd64951e93cd01e7a103d6abe29e3901ad127ccf7d78923897d656792f646826cd63991a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8473c8ca11d1f88e6fd18bf1449b4554 |
| SHA1 | def6104f25d2f25b5b99b213b109b40108a5b0d1 |
| SHA256 | d3b3635589f15e9fd7456473225a826a3024f03f0065e82aeed3a808a8f331f2 |
| SHA512 | de573639d155f62892381c3df0c3c2b8b2a95290c3696da1ce58b95442b589756e2edae384d7876906c3c70a9e703de2dab6d7c8051c74982e89568a47feaca2 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | dab637c7e064480f739d329d3e576160 |
| SHA1 | e410f90baf0204501fc3aefb9280ca5b52364ca6 |
| SHA256 | cef7105bc2418e132facf03197c046d76cf070a01876b90c5697f1b3825d335f |
| SHA512 | 2ff325a7834c687ac1ce6e2f8147d87c0f4a2409e2e6b95d90b03d949a412aace40b527cea630987badd4e2939da6c1bb71742e677041773457f29888e5a631e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e419cb03d693ce91e407e696c7c5acff |
| SHA1 | dbd5402c66a5bc72eb971134b8b7c6869075f2fa |
| SHA256 | fa46832b3f7908c0551faa2e1b26f82ec0ff21704786e403e038df385fcca287 |
| SHA512 | 6a29f0d8a373f0274e9f7e7495427dd470d7fddb9eb7a24994dbc6fdb5f4869984d739f874de7ca9909e3d69dbd9e1f8bea5430ddff8d4cd04ba67e8b28b0a31 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\TransportSecurity
| MD5 | ce54558487285e14cfa41b6150436c55 |
| SHA1 | 049af65ac240d9bfcc1ea16f77174112f631af6c |
| SHA256 | b232b2b9ef52d4801ebf2216f6fe6afb3026053f7dcf60f8d160211525a6f6bd |
| SHA512 | 69abd7eea46df82084ac74515e2b328535b6b46555ac068824815f0712222ba4bbdd2db64dbab88d6d1bbc070b9ba744cd5dfdc5f95d87b13c8cc9ea1606bce4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 02a4b762e84a74f9ee8a7d8ddd34fedb |
| SHA1 | 4a870e3bd7fd56235062789d780610f95e3b8785 |
| SHA256 | 366e497233268d7cdf699242e4b2c7ecc1999d0a84e12744f5af2b638e9d86da |
| SHA512 | 19028c45f2e05a0cb32865a2554513c1536bf9da63512ff4e964c94a3e171f373493c7787d2d2a6df8012648bbefab63a9de924f119c50c39c727cf81bdc659f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\5ff330b1-b76b-4b35-a293-790d12d7ae77.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 826c7cac03e3ae47bfe2a7e50281605e |
| SHA1 | 100fbea3e078edec43db48c3312fbbf83f11fca0 |
| SHA256 | 239b1d7cc6f76e1d1832b0587664f114f38a21539cb8548e25626ed5053ea2ab |
| SHA512 | a82f3c817a6460fd8907a4ac6ab37c2129fb5466707edcfb565c255680d7f7212a5669fe2a42976150f16e4e549ea8310078f22ed35514ee1b7b45b46d8cc96e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 72310b650cf8502ecf1fe27529328aa4 |
| SHA1 | 1484bef54ae6a8ccc670f1eb139f24c726ae2d96 |
| SHA256 | 3fb86db93ac1da71a35d0005350968ee69308cd06e03fdc43714735ab1ee43b4 |
| SHA512 | 3a60afa6455041b504db5a88b099e388807852c0914bfde3a71411c858db49199c5e9e3f04536bf4d1f6180951288beec876ab766e2286d8a38cacb34aec7b88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | ef94e26e09fd6962f86f29c1c30f7447 |
| SHA1 | c574353d60b5973522a96fe726b0d26092167386 |
| SHA256 | 2c3a7f1d3f5524c76c35942871974ee222eb012c65ec7f19d83c392f87b50847 |
| SHA512 | 77abdad3b1f76fdd8eaa4cb3b2dcb9e5e0c00f46f25b52420e24129c4b178b34103329de52c15b130c3dec214c77e25eecbd2294855c1b3ca39936c8c94a5b26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | c9e90bc8ec6a09d8a69f4a4dc6fe8b6a |
| SHA1 | f099ace175891bb8b81eea2595bf8de8027bec6b |
| SHA256 | 8fa6b37e750ce1df8e880691ea6dcd4aa922b55a722aa0b1df8ed6302aaf723e |
| SHA512 | c4bda62806935165c94191234b8782408876f1336279a26d58ab3a75f41c51433ad24516c0354a8a047c1e743c4fbb8989938b6a1ff29ae0585b3fd08230a497 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 1cd9f819fae888ce4860b7f6093347f1 |
| SHA1 | 04f78da120741f1198d595af811b2c42ca9d5406 |
| SHA256 | d90bde2cee49d26d93cc149da64ebfe3b57b6f391c1fe84c696a2d5e3f33b3ad |
| SHA512 | 2f7e22a0b36ed64c6be176f48f91663bbaca60d7a4ea862a6a81678fadc1d8df31c59a3266d1097654fb52345e0d2e292b8bf48e9497be9c3e3be89cf43bf90b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | fb8a686df2e4d5987c9e43e10b480df7 |
| SHA1 | bf85d7c64d6c23fb859989f0229c083aa857197c |
| SHA256 | b6b6c978ff263141e66d878ec683c0092f651fb874a21556d921e62e6c7ad887 |
| SHA512 | e21e7287672434bfdeb7de3cc63bf98ebf923fc709941364f68a8fe4ff19259c7518ebef4aa1ae5218ae845450deff5d10dfcc114f562bceeb24b0244900ee57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 47d88f0e30322831ac51429e321af624 |
| SHA1 | 0a3a50ae8c9d61a6d96b872f91b4694187be0bcb |
| SHA256 | ff066f3e1ab3028b7bf326825772da1a50d4c9bfe92ec0abcb52f17ed996482c |
| SHA512 | 416fa132223c396c6ec4ba581383ff0859ee02a7e73acca4836df0e8154600cc9cfa4249832d0370fc7c45232e0114994e7da36d094cd459a6f3c77be539cece |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | e13edde4a25e96e573f37bdd11e020aa |
| SHA1 | 84a0c3cc6cd74b149cc27de2b0fe48bc2acb70d2 |
| SHA256 | 45b526e6aa5356b278aa37e67593a25d09c9653e8a0e71fb8e155111d3b7a515 |
| SHA512 | 9ba4cce47994f949731e594538f56f423ee46a8e602fe922ab6e1d173b87831ae5a80d967d695fc45a08b25aef5c494518b43cde6b4709db690e904b2cc1c053 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | b507567f09861406425726176430b282 |
| SHA1 | ef31ff9a5a918797c76752018a667e29e415e580 |
| SHA256 | 4390634070a440bead4ea3dc609984097da973983ac140b094149b4bbed1349f |
| SHA512 | 23e8a4e14a2a8608c817b88080fabce226ef7c280f5c87baa27780dc1307d60f75d215a91c3de6651f17e6df71219b3e51f2665ce9553c71f427a38e7c81d65b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | cc039445c6c92d32fb74a942a2876d71 |
| SHA1 | 71cc9c01cf705b61ba163bceaa62651865ef5ee6 |
| SHA256 | 1a71cffdaadd8f15a6268dfd76f3524409eb5fbad791ce30def403ea13a373a9 |
| SHA512 | 1834c2c6d6529e69746be6ef8b441997a7e05b00303b10cd2dbc16b0d18cf89a6ead9fb943732f56f7f9b74e347b1bb889a71f08baee17b6b69afbc7350311ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | 57613e143ff3dae10f282e84a066de28 |
| SHA1 | 88756cc8c6db645b5f20aa17b14feefb4411c25f |
| SHA256 | 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14 |
| SHA512 | 94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 176bf12e62ad3ffb5490c848dadac7cb |
| SHA1 | 14eda27178b0fb84305b8d43cd8d0a1e3cb70d45 |
| SHA256 | 0d73ca82feb846da33a99cc3193418d917fc973cbb290c94234c0e27f3da7bdd |
| SHA512 | f15a03143846cc5255c0552bbcff6de07bfd19896051172edd655e62d04e16a9fad82af735ad9052d2db22326be7561d217c890896394d683a12a88689bf7c21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3e743fd9823104e11e085eea80fc2294 |
| SHA1 | 2f8b1b33a755210b7dede07e06070b8ba1585b89 |
| SHA256 | 6ec1f2f22fcb383ebe93043c8ffa9cbc252b0955e204c4e2aa1ef54c95bc0e5a |
| SHA512 | 6034582b51a05fec54a90750b836c3fbcf8a5295d56fb9042f68e0f043106a3177c6d496e04cf98e243219b8a933b63d10f641c6d0eb62e090819d9dbd5834cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8b4cfee836dabce374874cf25de8a42c |
| SHA1 | fd5ba203092bbb4744686110666bbd0a0796801d |
| SHA256 | 9fbb4faf068900a7fee4a7d1d60b2a03bb3beacf1b28b8de713af4aafc6632a7 |
| SHA512 | e0a5f2af921e77b36b0ed8a38c30aa3a3db7d2f2263847df2cb215c20d4d9778d7aa3b15afb4b5cb39cdb40e81fd077616db5b4b4a0f87cd1905e061e00f930e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2dd2ceef-52a9-4fff-aece-f8197c9f6ae3.tmp
| MD5 | dd516f48efc1e18f39e2ad1045b683ea |
| SHA1 | 7066790367390fa6ad60dd4cfe5664db085cb410 |
| SHA256 | 399740592f4bd953a3d452e7e098b8e5f703582d56cd4189a1361f801dfb0009 |
| SHA512 | edca86ab288b19a214f36f1401eb03daeab5e9833a8489a64d58df241aa90c9bcb7c60e351379fec15b06c52a2c965a8b0aa196e518cbaab38f25786db6d6975 |
C:\Users\Admin\AppData\Local\Steam\htmlcache\Network\Network Persistent State
| MD5 | 137a7f5b1c90676589085d05601a5bca |
| SHA1 | 0cdf1409baa35aa32b368e3f6b03618701118507 |
| SHA256 | 80ffd15c0e6a93cc0a87015bae9ddbd5cad788832c128c03dd890db3d386ee1f |
| SHA512 | d04189aaa7683cd05067caf27dfafe20f3c91418d2c26d5154d867c5075d769fdf7f233cb6d4e8faf949af005629532d9b64ec6c4d8703776996d181bf20f17d |
C:\Program Files (x86)\Steam\logs\cef_log.txt
| MD5 | e42a740db6f42779c38cfad382708f83 |
| SHA1 | 50aecda95c7a1f259c5f281147dea8bfddaf263b |
| SHA256 | 8af339271371082bcc85c7b5480cdefd6f1aee36aeaa79230d17ad7b17205aa4 |
| SHA512 | 07f2e874dc566990a082bfb822426134c2f2c7de927c24e08a5d478fe63bfe00a2dbb163c9c208dd4fdd59ee5f87ccdd06736c5d6151bdc61011a222a42c257f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 95115a1584a9f436e16c6d8c2347900e |
| SHA1 | c8b4c4a60d86d7083fc76be33a7349220a4026e0 |
| SHA256 | 41212819dbe0f75ef9a04425f5e03283b22856e334ad54176b9bbd83d1aa0f3b |
| SHA512 | fe5cfe52fe9c8154938f0c1954dedfdf562de58ace46862171f3225b151330ce0c5bb2ac0723c6c96e3414092a8e4ca6e2e0b4c0b2b8f82c79f92cdba858cc62 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 79e90b79849ab24f7077995c4e45f1d5 |
| SHA1 | 3dae744f25bcaa1b690d61b789a8b1e58a790953 |
| SHA256 | 3d2a7a2b6c89618f30d26fd5dac9ff7d52d6cf1d3651fd7aaa1d1229464b1507 |
| SHA512 | 6169379e245102bc4b1ff74bc2c7cf356f24fdef55e5f3f8a7323da36f6ca92f1ec38bf230cacecc89c33e12e1b201de417a570a998f31cb281bed3ae8f8deb1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2a68e44212695262c6e38bd9c8ab9301 |
| SHA1 | e45ead2592d5e8f9dc92cf2a22ac11272a9e1333 |
| SHA256 | e201ee5b37c02833c25bc849628789b9ca388c4a63dfdf266199e9162a1d1939 |
| SHA512 | 5e93b656cdf1ce6f2c520da0045efff307db533aafb09a21457cf33ca8733886f61cd596ee53976e1920af9a6d16c5619934975e05d2772acf711fc9bec360f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9610407b4ce110e0d78dd31ebd74c3df |
| SHA1 | 0ea037cad25784b39b9c93e8d24358f244350319 |
| SHA256 | 580b5ae7407099c8c45b7f8317df04e9ea0ae4ff1d7508005ec8e9891354d4a8 |
| SHA512 | 59a3c8991e25764d97e8d7dbec0dc7ebabf667bf17c635e991e0857412faa9c7fb76278ebd0c3c75fa2749426a6d2cc92f682d0007411274396d7a028406786d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4f9825afc4ba9b11bc7dc60a4e46c606 |
| SHA1 | 1a163b6ef38957b33416cc155d3342c76a731ff3 |
| SHA256 | 88b751e5d1f6cce29c29c4a1affa15946dd7169b8e15018e52e8658fdba0e73c |
| SHA512 | e0f112401ce32f63e7f3c4d68772f16f07df585e8929da68779d3c3eebc68d533c52ca04bfa57644ec9fb1b87f7e58bebcd95a80fedb80b43e51a6b4792c19ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Guest Profile\Code Cache\wasm\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3a23422a4e7e532925858a1fbf290ece |
| SHA1 | 4664e34ce67c69dd52719a01b8fec889a856eae3 |
| SHA256 | 565014ace25fdfbafe5886a0b0e5c292e067f80e935dad86dc604613f16b9242 |
| SHA512 | 499d3af2b58947b3a7862b4dbf77dbff4dc04d6c02477f2091c21c97f1ad76082d771f0f9ee09d3bdfd4261169b670b4e0376e76f4511ab01de5c24dc1dc76d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | afdea07a0e070a6079e7e1f1f9fc78a7 |
| SHA1 | e48858d42a49db1b31ab431508d9175f26438119 |
| SHA256 | b2783fccbfefc18a159821b716e42eaa27578e05da1862c53172a91048d6012e |
| SHA512 | 698020063d256ef5b63585f5d205c2f7def4ef8ca3e433b23a5960fc66f0e27d8c5c45311653ebec06827c7af602a4d4d77a331ec36350c04ea6e9c7a79fbfdc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences
| MD5 | 40ff6d522996e56c0f6c83b5d5f3c52f |
| SHA1 | 42c42c2a79b772916e96f21c359d9048e8a41755 |
| SHA256 | f89697d6d99e27a4f7f4064db8c5492c4cc980b80f8777f92e731df28510d880 |
| SHA512 | 2c397158472a55aae689d06353bb5e9d8ba8117378499a14cf83a591e5f9100a9047fd81eb064a39df67bb78fef6d0aa7ed8f5e57d7f65244646d6be7454446d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences~RFe627ecf.TMP
| MD5 | 9d08e04fc512792a0bf2b3a1a11ac35e |
| SHA1 | dee5602963c5da8679bdceb41cb6b6f9d0108e31 |
| SHA256 | 0530d952a30fda0dc2dc49471cbefe01d57aaaeae46878703b531b9e0cb90eca |
| SHA512 | 067de552dec7e599579a76f69b8e8149d07c333a45f8174552182a9f48be15ff540596c28a23282ea9230e70a36cbcb83f78de8ceb7d41fe522589e660ab0fac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | bd77687182c2aa2853365e67551a9afa |
| SHA1 | 2abc9b9958f8aba829dce9cd9734407ebb31dd6f |
| SHA256 | 41dc1090034a730c5093bc6e530923e2915fd428859dcf40bb7c2f0f76dc5b38 |
| SHA512 | f83dd38b7e0686f525fa375590aa9044beebac0674b9b59428ffe0d1fd58e8f926a416a856a14a5912df916bbc8a7c264cfcdc147c9eba3333339dea143f7877 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 63e0b0aca6492966d824639bc8e410c1 |
| SHA1 | 7113109d454129bbd04935f8f3eb33fd700b02f5 |
| SHA256 | be0fce03b5c2e877cdc9aa859123e5b36f9ebcb6f7a27784f0d678005cd53f1c |
| SHA512 | f144d1737f2181cd67f71f9b2013697b9d168ba199616471ff8bafa7f6fc74b0abdfb4e7efe4a913e92e12a3ed58e4bd15902048ef2f1adf2219dac3ef95985b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2c7e59616fd7ed731271bcdaf6c33265 |
| SHA1 | c1e4541a11efda8dd0308ff0dee22381cca5de7d |
| SHA256 | db1ac128f3803c751e1d7ee5708e8396e32d2c0c31648ff496a5fc599587c128 |
| SHA512 | 82cbee20a5f5c8355b5b9bce7f1d001d0621be4b0d9d19b8f22cba4006604da9d7185097fde601418a1492d47b3804fd1f6c562e36576653c75c8198d50db320 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bc3a223edb3c612c1021d94dafc170ec |
| SHA1 | 63c3ca65a01655f36492000727ac015250e4dcf7 |
| SHA256 | e3c0b783850bdfacedd05bcd6cc237cb975178019bc4f4b31653861525113754 |
| SHA512 | 8864ba88203f8223ad62acb8c8f6aa7f3132da429654f65439790b1bd623da6f5d01dfb5210e0f279cd0967d0ac2a63141e37c40244ecef9a918dd931d7c438d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 69beb1431668da45637722d42bcdd903 |
| SHA1 | d944c73c7544fdf9634fba04663b76fefbd16e5e |
| SHA256 | 36db8a675775bbcf62c6e7b73968e5b48fedf498f5ea6813ea2c4523b3356396 |
| SHA512 | 69379503be49683363627c90c324f9c5c8516d975bb054c7155e63997d09488cb0f4b4a6ae2e8d7a4985284ea93bff85fc9e04b32922ac7824c6328d2ff454b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 55a673a5a2e5ca226d4f23592fc91793 |
| SHA1 | 637339d5e344cdf77f630b45ffb738bb9c5f5a05 |
| SHA256 | a7b038616f87fd1c1edde57e19e14afe1603f6c043387982ffa1d6fcb6feb6ac |
| SHA512 | d0f62b03d1900d8c6a68cca7656054617eb6819da3601afdd2f31dc2b3223cfba4ec62add31a98daefa83b89fd57c76058ce2beaa62859bbde9f0530652a5cee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4577a74529ff9580395391e07224cc7f |
| SHA1 | 50f647a3ae0e74e394301322d7d2d58adbeb1adf |
| SHA256 | 0eeed02550d7ea20ecf193e0b689d95699077983adab2852f6ae2fa0bb7ffb85 |
| SHA512 | dd7d52b241d8e49d8dba85fd9627668bf6ddcc945d4d0f8b730ff5d1522a9b721710e11ae71c69dd98c3cd0d626f7a7e7df1b43b38efb4bed3b6b80b0c02773a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 25cfec8b6a23e10b66283a92faae0787 |
| SHA1 | 2bd15a3d62410ddde6921bb8a81f8026c45744b0 |
| SHA256 | 19816152ee8cf5d11af4a88185db7a329b3b3d22b20cb2032b07bc4666d56a50 |
| SHA512 | f8b7f43d0c7fb52b5e728c044128768a7e8d306caa040b790b107018c888972267de9e6945c319f239541328311dfd296e6a2fed51335061dd267c77244ae87c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 02c95a7cce91e162d7a47e79dee5c931 |
| SHA1 | cd7b59221d7b30bba2b9a56b7e8bae5e31807440 |
| SHA256 | 9f8649840cffaaf516c32526fb97c693eb84b8cf4828447c5dd866494b04623f |
| SHA512 | ac5606c2435e356d0f91a31970a7620b83c217b0429e94feaa1ad842c8ccf126372959497090f24a9d2a6027ebd61706c9dc99f7cfd8a4bc81dc65d0c8a0fba5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 24393e2ccc4e7a164f062df993d27335 |
| SHA1 | c8f960244677439e72295d499440f295ae5be7c5 |
| SHA256 | 3ecbdf289749ebf07b749a91eb3db3d1f8fc338e5cae2dae22730fb893736130 |
| SHA512 | a675af57b19197f17a1be1351c3cee6a291f23dc2614081bd7bd71adbe5eb0d191c4d50b295d43b3a002d48454a24ef9e4dc52510f2db54dcfe0c8e71948d10c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | d4586933fabd5754ef925c6e940472f4 |
| SHA1 | a77f36a596ef86e1ad10444b2679e1531995b553 |
| SHA256 | 6e1c3edffec71a01e11e30aa359952213ac2f297c5014f36027f308a18df75d2 |
| SHA512 | 6ce33a8da7730035fb6b67ed59f32029c3a94b0a5d7dc5aa58c9583820bb01ef59dd55c1c142f392e02da86c8699b2294aff2d7c0e4c3a59fce5f792c749c5ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 6e16a0e00a70defc9c40ae9ece97c9e5 |
| SHA1 | 9772b4012ee94ed05356c98ba7e27e71283211d7 |
| SHA256 | 82c83658c88de47b8e7da9904ca19299fc174763fcee974dd3c087b80b9bd532 |
| SHA512 | 5e3984a7985a21d5644f5b579f32f408b28bfcb4de59764f403e4e10e08085e7b3f099748fa6e22180b6097edb4d8c20b676de182999155b13fdec4fae93367d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aeafd491196dab8035b7ab772b227583 |
| SHA1 | f5e6679413bd1db32b111705a698c7da369b5dd5 |
| SHA256 | a7f840bbec7f5d42326dd2a1d578fabd9021e2c862180459a5a35befa2b5465b |
| SHA512 | e5d5f4d537be2442e78a2aadeb8751f519dab3c1ca09a6f84d8ebd62c332e4f7e7f4d0c98012a47ad4b4bc246a33f44da32e034716a2f904642c527f626f5d0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a42ae80d664e671a38e8099d59a78663 |
| SHA1 | 5b62d96b7ec94c119502b96b8cd9ca3d6b6aee83 |
| SHA256 | 5e62cd3b4f3827248f014115d25ac9cdb941d20b0b84653a7fe1465f08b3efa2 |
| SHA512 | 99ce04921e0adc5fa522a111570a17b92a4bd2137239211087d6431a3894ca02fd7381fffdbcf3275e25647fb28de07a38fb54a55b3fd97af0bf43bdc5ebbe8e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt
| MD5 | a7a2f6dbe4e14a9267f786d0d5e06097 |
| SHA1 | 5513aebb0bda58551acacbfc338d903316851a7b |
| SHA256 | dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc |
| SHA512 | aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe636576.TMP
| MD5 | f3cb44cd6d37b00ebd07908bf76f2a31 |
| SHA1 | 42f1d6a7850012842e5e19938007f11dcf5b28ac |
| SHA256 | 105e96f7297df5c754ce582ff43207acbc1cc199f15fbe8dae227449384f3aeb |
| SHA512 | d91ccafbbb4fe197ff1c55783ac839df337949ce0979c36ad42a8c2a281367cbdd21d39c605994f3a51c7c2ec8311a1124a04f63b1511aa29ee4010d1ecf9cd6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c924dd6c086a8be99fce263b4ca3d1ac |
| SHA1 | 8a4fd3d5868542afde5c99fb60004c7c6b190a7b |
| SHA256 | 5c61d18bd14a2de45e562ca3bdaad0049a089b33072dfbe69b90239827c88e28 |
| SHA512 | b2db85099f8f96cec2628e25ae08bc3d89b8893645630673baf3c164c8bdac20ee7bbcadff31db171e1782130744f1c282ff705d9c53eaae468e5a4bc7c5b129 |
C:\Users\Admin\Downloads\Unconfirmed 192247.crdownload
| MD5 | 1b8ee61ddcfd1d425821d76ea54ca829 |
| SHA1 | f8daf2bea3d4a6bfc99455d69c3754054de3baa5 |
| SHA256 | dc0826657a005009f43bdc3a0933d08352f8b22b2b9b961697a2db6e9913e871 |
| SHA512 | 75ba16ddc75564e84f5d248326908065942ad50631ec30d7952069caee15b8c5411a8802d25d38e9d80e042f1dde97a0326f4ab4f1c90f8e4b81396ca69c229a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8a70b513f590cbb9ffac527eb1430ef1 |
| SHA1 | ac25d6f6b012734668b5f905adc232407c5483aa |
| SHA256 | 2da93a06ad0ca7090c3f622b8d100dcb134d3a6e899c80b3da68a97f2f46d5b3 |
| SHA512 | 1b2bfa8a2d7a03da3e9199289d6928493b4725405b362bb9e7500ab1b9ee8c8d73bf3ab5d1a5b82d34800e20b284a2024f794d1ea05ea95bcd6d19a0b14ad897 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1a39d9ce83f7a25feb1bc3b3d013b8d7 |
| SHA1 | a2b5e6163bba5d0936404cf096842b4303548e2e |
| SHA256 | ce993ae9f3f0ad72b2b4bf2da4fa2c2711306f5786ec468855b72a62202adbe7 |
| SHA512 | cd0092b168f8bec8e9ce68bfa13b78c94389463eddd87d0c68a54daf95cbe1848a0c18a4d5b85533298a9adc13402c0613cb30c19e411bc4e2edfeb882de7fcb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b17296a20134f02afce77083e7c341fd |
| SHA1 | 36443b46a1149fe77d39df2c2cfec9db56e8f352 |
| SHA256 | 4bd6498a43b26e0eadd6e006b0ce1ab4efc71a217119efdc19aa30852c9f1631 |
| SHA512 | d7aefd36e41860889f4b6a52ec8db754c096c90bdcdf6b4f403f7d928a752a25a606bf45d61c884a8b4b87270d5990c047865e975d6c06b9927e306dee284a32 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c1e5f6a074a3d4e1e21e423caddbaa40 |
| SHA1 | 1c36fb378a272cfb5e03e66efe9de774c78f1381 |
| SHA256 | 70d125b7cce507ced96ce0110a7afab21676b24d66151eaa713bb43cf9db3987 |
| SHA512 | 5ad41692aa0d089dd34466c0cf503b279db1e78ade90a98f2c354b837c80a405e4eee4ab6b79d7d29252e694e9864d94037ad3746c4d8eeb6977b24e35e61646 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fcb682690ef96d295410fcc982e89b35 |
| SHA1 | a1840ac0a2eeebc528fd80664a92eff87c1a5691 |
| SHA256 | bfdd143c71caed21d6424f48f180f4d49154f51c44f4743b5ad69218639b8593 |
| SHA512 | c2ad9176283b70db992ab627eb7874f14c5f63d4a1d2fa2b30de6fca201bbc211ea0db7d8abe17f5297ab691fd5198001aebe834721e00934339abb3b19c9137 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f6213b2ae1e39206e77e06346142a087 |
| SHA1 | a42cf3e0027f4a9c27aa525aad5a52f76c1bddfb |
| SHA256 | 567801567b2e642903599aed864b0276d4d2a95b8774985ec13a3517884dfd37 |
| SHA512 | 39b052f49abf5f8b36a0b6dde74dacf0b1ad37c6ce71b284d2d36a544a8d5a06e0e7285073b826d67e6bb28ee5bdf62fa4e4006a256074d26a4946bc1e363313 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000070
| MD5 | 426c1d4aa7fe56b861314f187d0b4861 |
| SHA1 | 3d37c109b681cc7ebff22a2c8f4a14c6cc5d692f |
| SHA256 | e4fd1935c4541594e2e228e44c4d6b4beb95bdcd2d47037d9f24abbf7f51179c |
| SHA512 | f586f08ab3db26090fe61f3daa4287e3e9b8fbeefabd9c8b88ad8ffcf456eb5bca7ac57a984ad6c96bad21e0ffcfcfe1f6a476688deeeaa75fcb831b6e4236e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
| MD5 | 375c7f41c8d3cebbacd756f65d3b3c3c |
| SHA1 | 46c661efcf5c299e936c5869e9190b7804cc550a |
| SHA256 | cbb0c69e0c24e46c9cc508c6912eb0c8bfc5d4c577b6b069050e5f60f892ccb7 |
| SHA512 | c26d51f5793ec9c2ee7503f358686d6c1a4a44efb130c1653c99c180dc94481921607bfc99304a38ed26e0b8bab60738e48257702bef80a23dbd3aa448b0e4a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 5f3c81d09c7b6028fa27eefe5a1511bc |
| SHA1 | b91c0c84ad6de8db8abd24762045c21507c40cd7 |
| SHA256 | 09b662ebd00a7c8c28abaa3dd5f61e84f2d3ede36b2b716aa5215b307f985d82 |
| SHA512 | 0a7fb163eec8cb8ea3fed1755d43811c6ab32db5503aa65052dbb7cc1e26ec1fc88f36fab5c1cd6404a0b36901f1b62e7e94902433f39f582ca221678476b2ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | 9f309ce7463cc38ded13626598f9c9ee |
| SHA1 | 1fa34958a5346b0fba21f5ee252269d0f5b2e96d |
| SHA256 | 16ca01bb60fb7bfe8b387aa353e00f96215ee415be25ad9c89b76cd1b49a3e3a |
| SHA512 | 1d198d3783eecf920d7fa23d3412411156f9a84e3c0a5918de2eb0e46d38da86381a81aec7c08bca7c4d81e2cd6e959522ffd717de413d7694295e0e1fa9565e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aa1ba6a018081200f673133373409f2f |
| SHA1 | b91c0277ac609bbb493bf14e5e80df318b32839d |
| SHA256 | aa799901ae0a54f38ea56b1a3390da0b540a25b7847b0430ea2cc9dc1683cb9e |
| SHA512 | 916f226d0b2fed5bac3e16ee2b3ee7f1799a3b314b908c057e5d68f2268dc3ff247ecce18823c32f58b413d4d864bdcfb0a3ca513193f61a41a203e593b931e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 44d166b8b0bd3dfc449815dc1acda567 |
| SHA1 | 0e216757ce7d958453f335ffbc94fddd7e5b41bf |
| SHA256 | 0d8407d223691ec7be2fa00698cc7b05ab57d4d65b51fc3bf72bd6c2ada3aaed |
| SHA512 | 5de1d65654ba596ad9882418168ce46b289b3f2354295182fd53db1a7054cef02e5019a677eec8e34167ee312076d6f04db65e203926ab61c6e94823167e8e9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2c580292736338451544613a5f6c3bdc |
| SHA1 | 55acee3d2ed3d85f8836172b869c58446a7afd83 |
| SHA256 | 8d5789914f0035f9a6930f4d456112040dad11ab8642a695ef1c5c882d3194b4 |
| SHA512 | d74c8d981b66f7fade301a8f1b27a228386086385c53b2e96c5ccac652fbf205a1dc9d7130c7f04a0503564f8833ccf2a29cc486e2f6642c72b64b35cb5d70b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c5b9c5f5cacf646acbfff0fdca9a30d2 |
| SHA1 | ad7c836a4eebb46f5c3f396b8e62de355b8e5dc7 |
| SHA256 | 7c65445ca62a00547ed42b4c807923ee543a8df24bd628d8fb545abc7783f1cc |
| SHA512 | bde7b77abf9817ac099a024ad30f0d55e1a619cb1b75ab751ffbb91f6098ece5ecd11387f24ba08bcfbbdfe22118171509c99c3af4206ba2318679c50f433774 |
memory/20020-15557-0x0000000000210000-0x0000000000386000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e7803d6e005940ebdc85ad911da95c0e |
| SHA1 | 6c6166fe4458253f64d682aad6084fb91df78527 |
| SHA256 | 77f81b844e51210a36932b19c35525d37d1046e1d2bd0ce2f6d1e126f383497a |
| SHA512 | 35e4011a1501602e10e36c133c0b1b2e2089656d884bae5ec813da71ce641db7df9d2afab97b398073626cc096010a0db474f3d353f1196eaf3211ec4ce891be |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\icudtl.dat
| MD5 | ffd67c1e24cb35dc109a24024b1ba7ec |
| SHA1 | 99f545bc396878c7a53e98a79017d9531af7c1f5 |
| SHA256 | 9ae98c06cbb0ea43c5cd6b5725310c008c65e46072421a1118cb88e1de9a8b92 |
| SHA512 | e1a865e685d2d3bacd0916d4238a79462519d887feb273a251120bb6af2b4481d025f3b21ce9a1a95a49371a0aa3ecf072175ba756974e831dbfde1f0feaeb79 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\vk_swiftshader_icd.json
| MD5 | 8642dd3a87e2de6e991fae08458e302b |
| SHA1 | 9c06735c31cec00600fd763a92f8112d085bd12a |
| SHA256 | 32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9 |
| SHA512 | f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | bc9a218df5e5e6678369704d2946bbb1 |
| SHA1 | 786c01ef7845bf0585a4197c270277fdc60c20ae |
| SHA256 | d92988742e78078d4d8bb32250fac114df4cbccf58feb9c9acfadf74b4098ed6 |
| SHA512 | 74755eaae967c540fd88ec9ecab2f8f7c3c1aad5d2cb7b3e6c431e91d1f26ef6bb1b58eeed9c00c8edb867adb3a679070767a8fea0bbb9d7b0a1989c6ef6b6dc |
memory/20020-15759-0x0000000006F10000-0x0000000006F18000-memory.dmp
memory/20020-15760-0x0000000006F90000-0x0000000006FC8000-memory.dmp
memory/20020-15761-0x0000000006F70000-0x0000000006F7E000-memory.dmp
memory/21588-15778-0x0000000005440000-0x0000000005460000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
memory/20020-15844-0x0000000009C50000-0x0000000009CE2000-memory.dmp
C:\Users\Admin\AppData\Local\Discord\packages\RELEASES
| MD5 | 1c7f193f8669d55cf67a923219d166b4 |
| SHA1 | c61b2c5f9af4d32c63b836e46e8c979c1894e0d3 |
| SHA256 | e3d4568e1405893a8fba71448ab98e6009972ee6a6a073d386875d7f35c4230e |
| SHA512 | d2719883629564e73e15f3cd4eebbf4e6e8d85dce6803b03a3971754afe1dc6a3627592590661260fc4cbb1ce36ae9ce27742f3ebbd361f3b34a2bbcdcc626d4 |
C:\Users\Admin\AppData\Local\Discord\app.ico
| MD5 | 084f9bc0136f779f82bea88b5c38a358 |
| SHA1 | 64f210b7888e5474c3aabcb602d895d58929b451 |
| SHA256 | dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43 |
| SHA512 | 65bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_399708922\manifest.json
| MD5 | bbc03e9c7c5944e62efc9c660b7bd2b6 |
| SHA1 | 83f161e3f49b64553709994b048d9f597cde3dc6 |
| SHA256 | 6cce5ad8d496bc5179fa84af8afc568eeba980d8a75058c6380b64fb42298c28 |
| SHA512 | fb80f091468a299b5209acc30edaf2001d081c22c3b30aad422cbe6fea7e5fe36a67a8e000d5dd03a30c60c30391c85fa31f3931e804c351ab0a71e9a978cc0f |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_399708922\Google.Widevine.CDM.dll
| MD5 | 477c17b6448695110b4d227664aa3c48 |
| SHA1 | 949ff1136e0971a0176f6adea8adcc0dd6030f22 |
| SHA256 | cb190e7d1b002a3050705580dd51eba895a19eb09620bdd48d63085d5d88031e |
| SHA512 | 1e267b01a78be40e7a02612b331b1d9291da8e4330dea10bf786acbc69f25e0baece45fb3bafe1f4389f420ebaa62373e4f035a45e34eada6f72c7c61d2302ed |
C:\Users\Admin\AppData\Roaming\discord\component_crx_cache\neifaoindggfcjicffkgpmnlppeffabd_1.c900ba9a2d8318263fd43782ee6fd5fb50bad78bf0eb2c972b5922c458af45ed
| MD5 | f265d47475ffd3884329d92deefae504 |
| SHA1 | 98c74386481f171b09cb9490281688392eefbfdd |
| SHA256 | c900ba9a2d8318263fd43782ee6fd5fb50bad78bf0eb2c972b5922c458af45ed |
| SHA512 | 4fd27594c459fb1cd94a857be10f7d1d6216dbf202cd43e8a3fa395a268c72fc5f5c456c9cb314f2220d766af741db469c8bb106acbed419149a44a3b87619f1 |
C:\Users\Admin\AppData\Roaming\discord\MediaFoundationWidevineCdm\x64\1.0.2738.0\_metadata\verified_contents.json
| MD5 | 3e839ba4da1ffce29a543c5756a19bdf |
| SHA1 | d8d84ac06c3ba27ccef221c6f188042b741d2b91 |
| SHA256 | 43daa4139d3ed90f4b4635bd4d32346eb8e8528d0d5332052fcda8f7860db729 |
| SHA512 | 19b085a9cfec4d6f1b87cc6bbeeb6578f9cba014704d05c9114cfb0a33b2e7729ac67499048cb33823c884517cbbdc24aa0748a9bb65e9c67714e6116365f1ab |
C:\Users\Admin\AppData\Roaming\discord\MediaFoundationWidevineCdm\x64\1.0.2738.0\manifest.fingerprint
| MD5 | d30a5bbc00f7334eede0795d147b2e80 |
| SHA1 | 78f3a6995856854cad0c524884f74e182f9c3c57 |
| SHA256 | a08c1bc41de319392676c7389048d8b1c7424c4b74d2f6466bcf5732b8d86642 |
| SHA512 | dacf60e959c10a3499d55dc594454858343bf6a309f22d73bdee86b676d8d0ced10e86ac95ecd78e745e8805237121a25830301680bd12bfc7122a82a885ff4b |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_757169869\_platform_specific\win_x64\widevinecdm.dll.sig
| MD5 | a19ec48b4b28f3aa9c32150dca8c0e39 |
| SHA1 | 02981e40b643c2a987d47bf58f42b7f3ca5aaf07 |
| SHA256 | d363751b0ee48517da1b56c17ffcd78dd57f25b092b09879667db10338077621 |
| SHA512 | 718a24e1fb45ab0fd3db5a5c45b0e0061d9061d8615e2a8d6db2150bf72267e96774094a6fc07a250d5bbbc5133a1cb635d8f7adc5b1751fa99327fce9555941 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_757169869\_platform_specific\win_x64\widevinecdm.dll
| MD5 | 9d76604a452d6fdad3cdad64dbdd68a1 |
| SHA1 | dc7e98ad3cf8d7be84f6b3074158b7196356675b |
| SHA256 | eb98fa2cfe142976b33fc3e15cf38a391f079e01cf61a82577b15107a98dea02 |
| SHA512 | edd0c26c0b1323344eb89f315876e9deb460817fc7c52faedadad34732797dad0d73906f63f832e7c877a37db4b2907c071748edfad81ea4009685385e9e9137 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_757169869\manifest.fingerprint
| MD5 | 5bfbcc6e7aa3e9c1570c5c73f38fa8ea |
| SHA1 | 497bafa5658c6ce8c8010d12f104eebec7a1bae2 |
| SHA256 | 84470096167ea43c0880b39fe44b42f552014e4f85b66805c2935c542ba3cb8e |
| SHA512 | 41bbed6cc317ff190189d63d6d5910d30e23a5160e5ff5f635ff408aab13452da8174556d7120db176701435a3329a93a7450583404d56c34a37b67f1a332edc |
C:\Users\Admin\AppData\Roaming\discord\component_crx_cache\oimompecagnajdejgnnjijobebaeigek_1.567f5df81ea0c9bdcfb7221f0ea091893150f8c16e3012e4f0314ba3d43f1632
| MD5 | 3db950b4014a955d2142621aaeecd826 |
| SHA1 | c2b728b05bc34b43d82379ac4ce6bdae77d27c51 |
| SHA256 | 567f5df81ea0c9bdcfb7221f0ea091893150f8c16e3012e4f0314ba3d43f1632 |
| SHA512 | 03105dcf804e4713b6ed7c281ad0343ac6d6eb2aed57a897c6a09515a8c7f3e06b344563e224365dc9159cfd8ed3ef665d6aec18cc07aaad66eed0dc4957dde3 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping23032_757169869\_metadata\verified_contents.json
| MD5 | 98b310fc33843d771da0089fa155edb2 |
| SHA1 | 5690a43f43673b947eb4c433cb4f5488a287e29c |
| SHA256 | 28f09a4af935d2894689cc00658d597257422caff20a01055efd8e78ad5e829f |
| SHA512 | e76830974ea54c94e857179ca0da893e088034367ca5c33e71c1016b788e737d65ab49ad9a9e6feb85385b963af5c13db0a91e3f3072ac91600e91a1cea0ab6f |
C:\Users\Admin\AppData\Local\Discord\download\b20346575ea70bfbc0bf53a9387d8967fe931f062fa6905b08ab8e97a195e273
| MD5 | 5a93e4fb2f70429b653b42c7b20498f2 |
| SHA1 | c7e54d8367332d41c485a700e2d1373d1126e710 |
| SHA256 | b20346575ea70bfbc0bf53a9387d8967fe931f062fa6905b08ab8e97a195e273 |
| SHA512 | ade9b8b523579d22e99fd46bb26b1aeb9cccd025a2f6a3e380590c6835ed241152a04b3d20a50d40d663d158774412cd984bc391335ed2032d5274b3bd99cedc |
C:\Users\Admin\AppData\Local\Discord\download\8d94b02abe8825fed1279db6f04a122170da21a4b69979b2ac6059d0549f7229
| MD5 | 519429598ef8fd890679495d8ee35757 |
| SHA1 | 687a4b8c91fdb1bd41f81009f2e02eaf74388696 |
| SHA256 | 8d94b02abe8825fed1279db6f04a122170da21a4b69979b2ac6059d0549f7229 |
| SHA512 | c2510c4fbde24a32a637db4c28e27c1de8c9d497f99d6d8b5fa2fd8e9a921a05fbb9f6e5a8ebfd53e416e24ba6181185e640eac83d9a6dc22fef509789c99725 |
C:\Users\Admin\AppData\Local\Discord\download\285047857268662f852fa79ab4b2768778cbd5e71d8eef5b42ef829a2e9d5416
| MD5 | c17f202bfcf06e072fb23b3be6069e67 |
| SHA1 | f478890ed7f6253ccd4df02a41de1fbbf6ed368a |
| SHA256 | 285047857268662f852fa79ab4b2768778cbd5e71d8eef5b42ef829a2e9d5416 |
| SHA512 | 15ef275e2b0a1ece46add7c49e842c392da5b5eb59e3cf5509867ce55c7c75e99e5db6e081dc02d1fc82c56c62dbb7684d5b5540676c1c36ac3a7d20f37db18c |
C:\Users\Admin\AppData\Local\Discord\download\b72e02de5bd91de5a22950a866577a74cebd6c88664c807960d51db481bfd665
| MD5 | 9f86a61691187bf1ac1f8ecb94547a07 |
| SHA1 | 77455aa03efa0c431dc6b013ead3fd554dcce4cc |
| SHA256 | b72e02de5bd91de5a22950a866577a74cebd6c88664c807960d51db481bfd665 |
| SHA512 | 53ab674cc847133bd8998a100913f30233bc41835a1c13f03530cc0ba0c13dfb78d564782c10b4dce0c77b357b85d83b0821aecb720f965999cc43120785d333 |
C:\Users\Admin\AppData\Local\Discord\download\3a7f59ae65b3c1d00e475736431673a42058739ab3b190b949a4c324fc8a1f51
| MD5 | ec6ae27f7ec3893d746ec036a8caf992 |
| SHA1 | e12e8af1515f69fed984f1c96453078de3b2f050 |
| SHA256 | 3a7f59ae65b3c1d00e475736431673a42058739ab3b190b949a4c324fc8a1f51 |
| SHA512 | 03f5843b4e5ea5ee05d02b7eb9a717cc0e47058a07efd935f5b6960eddb9c6f520ef84caed0bee4843e70746fdf0d39ac3b4cbc936a1083a3d04b6170506904f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c0d2a5deeb0b2cf1c7876fdac88a92ef |
| SHA1 | 880fa6b4530cf0d7efacaf35c3938ec047eab929 |
| SHA256 | e4c8ddecc5b3053582130f8f00dd6f2d55e7ce9643a3e10812a12082c0c8eb75 |
| SHA512 | 37a23ca21c9cf704639a769253bd53f92017370554a8360ba6c61c17449a6fd693c768bd834127f0f8ef57173bee116dd16b195ce0ffd8fbb1a3dbfc2dba834d |
C:\Users\Admin\AppData\Local\Discord\packages\RELEASES
| MD5 | e0622464b2263d73178e43dd0cf69a7d |
| SHA1 | dd34559a8716c54c90061c9c76763a8060e24613 |
| SHA256 | 9b0443beb19e5a6ce9d763e1a7a367a7f08437e4c4431a1cf48d9686f9cc5098 |
| SHA512 | c7bb7e6b854d44aa985ee266c2e7cc50c8a2d038383db6ac64d9753e36617db70b7522a190832f34175615c0d2ab1a150748d4edd42bc0b7077d356d2c65942e |
C:\Users\Admin\AppData\Local\Discord\download\695e93c472c5d266d8762f694919796478a99bd8237eacebf74dcf4a8757223f
| MD5 | ead0a28287db0e9cfa987b08b7a3c2e1 |
| SHA1 | 3b4c53cf34b6cd10682f92393826eb3c8bf2c469 |
| SHA256 | 695e93c472c5d266d8762f694919796478a99bd8237eacebf74dcf4a8757223f |
| SHA512 | 08e5999fc509a92e2157815d70e3ec32e6508577d7b5f239933351c40776c108a9f0a0683d89f389eeed4a2729b99813a6d938b8702f5cb7717bb711c06aad84 |
C:\Users\Admin\AppData\Local\Discord\download\802d16dc0f84eb8492d310ff005beece72d3b7283c7b17412a73739a1fa03124
| MD5 | 85f95ea1f67f0530f47e0783a72e9153 |
| SHA1 | 458399216284213211866ce894777d064d957845 |
| SHA256 | 802d16dc0f84eb8492d310ff005beece72d3b7283c7b17412a73739a1fa03124 |
| SHA512 | b9a3c5b6ae13ab812940b719e35e67065535b522443b7b1952e3345b385ee50f336ca8c307d495c07caa41968ff1e5b3f43f690c3453d1353c3906a3e59d888e |
C:\Users\Admin\AppData\Local\Discord\download\b535d4c4e962bf74c2adee1fa43a9096ede785d68efb9fb2f1a336c1489f544f
| MD5 | aadd70c3721f3c4aa028534ad3ff0c56 |
| SHA1 | 996d5a08ffc218f43f4b45b90e9005f0908ac600 |
| SHA256 | b535d4c4e962bf74c2adee1fa43a9096ede785d68efb9fb2f1a336c1489f544f |
| SHA512 | 827354b6fb3e37c21763166652961752b7b45e18cc29922fb3b8771d0098f045f1c4f32bcd8e813e385cc47080f395c5c1c78132cb2ac668ae7d641c4e6195df |
C:\Users\Admin\AppData\Local\Discord\download\7135dc86981262b5463f2781a07a2ccf6d347b81d18a6585db1ca5e18d07f56f
| MD5 | 027c21b569ce819e538b0e1ce20274dd |
| SHA1 | 171323c5460619cb88c0eb32c3a801ce9fd37f14 |
| SHA256 | 7135dc86981262b5463f2781a07a2ccf6d347b81d18a6585db1ca5e18d07f56f |
| SHA512 | 1199cdf05d65dc255cb371cbbb73e5898802f84737b385bffdc900280c59ba9df1b33d55e3dbc2e11966b42147923bf8daa938eed0d5b61eed17cc12ac7b1c20 |
C:\Users\Admin\AppData\Local\Discord\download\4947e8789d12aa99e52189de11cce94c12071e974b19fbf0303cebdd35697cce
| MD5 | ddec8ff93f8cf72ccd37083a6f716b5f |
| SHA1 | 85148db24ba6b18d202381b0dc80547c79ef2c68 |
| SHA256 | 4947e8789d12aa99e52189de11cce94c12071e974b19fbf0303cebdd35697cce |
| SHA512 | fc5626c52064799c3050a73080daa9cacf9ac1ab0ded58ccd079b76e24afb6b8106f531e0553c52168adbbebdd2dde44165fa3ae077a8716d6c5e7552d44cc4f |
C:\Users\Admin\AppData\Local\Discord\download\bb978c1e5a86fe89cd4b93d01d8f9ac8859113e7117aca538e10f6ff15472024
| MD5 | 967a9770f0a950275e45f47389741502 |
| SHA1 | ce9352e62eb36c280770f64fc602fad38218a139 |
| SHA256 | bb978c1e5a86fe89cd4b93d01d8f9ac8859113e7117aca538e10f6ff15472024 |
| SHA512 | e0ec252c275822055b53a2cd80a1213a259a53e4adbfdf81b41141fc75cf41f6a7f9439e4fbd49b2dcedfad7504b3991d2ddc21d636091b9ba3810923d3bf2f3 |
C:\Users\Admin\AppData\Roaming\discord\Preferences
| MD5 | 56dea1c278e20176d73dcf0fc0d29283 |
| SHA1 | c2218e67dfc27804842a2654f61eb1bedfb66644 |
| SHA256 | 2df78323b8220b73b7ef1231335f8c447fb3bcdc7b567e8b316176e2580a2503 |
| SHA512 | 99ca7f7ea1700660d2b05a4c31763843ddcc47577239f350e03abab98c8c505479dc6b200c5f25e9eac9554681e85f5fd364d457d13d9f94fe57e3c0d315e1f3 |
C:\Users\Admin\AppData\Roaming\discord\Local State
| MD5 | 75cfda5e1a099e88297e102fc6d361b2 |
| SHA1 | 4a16a719987de7a109ba458605886d667fa61d6e |
| SHA256 | 5a716bb5ecdfc85e79eb396d5c72a323ff2bfc2e397b84153576bb26c6a7b41e |
| SHA512 | e9a33b645164147a79d4b8992b1db74f1cb1d0ca011751e798c6af22e870b82a329c69c360459d482ac37c2ffe585dc7d5a3a05ac81b6e855b9d254f1e90571e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 86235b5a657c7552bc3756e084e5e446 |
| SHA1 | e1eab22f8110f03152c78e03fa19347b417507e4 |
| SHA256 | 1b850c834606bdc26fa5ec11f0b132231655cf1db24a8bc6e71a98346b3b0d33 |
| SHA512 | a4ecf9d08a29cb372148beff4e4ece969b5a78713d5e36750231862658a5d0f4287cebf1ab67f74d0459f00f95ffed3961762d4fb603462e41d191616e7517eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 01451050468e94373d45a5808a86d6a5 |
| SHA1 | adfe94988a7fb026776d5ed95a8199536a9da911 |
| SHA256 | 30ec92905e2705875ee6668c761f9f0fb4b5e1e67af42fdec513f847b4dfe229 |
| SHA512 | 44a3230da39bfcbd2ddc5de94cdbd97c6249b65720f6f8b2515a3dc4ce142220b0758e8dc490451323569bbf9090fee97157493aa08d8329d7b123c82cdae12f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 844de026da9375ef40dd141ffc66d416 |
| SHA1 | f396d84929bc7e781bb58e43bdd84e2e453ce5b0 |
| SHA256 | 05a4ef0a432c7a83acc642ae5be90ca8846fd114b9d09ab43f26367dcf85b821 |
| SHA512 | 5a4c3690c8814c37b47cff1028dee8a873a67e2c77967a61648ed50e9812ae181c882dbec640c8f723194cc8cb74e2d2f16d6637c925ab021c3c5572cd104782 |
C:\Users\Admin\AppData\Local\Discord\download\e59709e28f2ea558d6062fa3828d6ee5d95c08ca98cfb0ce5966aba9dc37e757
| MD5 | 930ed5b99ee2d0326e3af3c64dc7d20d |
| SHA1 | effc00dce13bbed3c3bcc0f14cd2d40c21afd98f |
| SHA256 | e59709e28f2ea558d6062fa3828d6ee5d95c08ca98cfb0ce5966aba9dc37e757 |
| SHA512 | 1555091f773379d9c52982bf79149c1adf558c7f84268774c97f7f325f704b114cc05d3f2e166fa7f7d266b874f88f20e78f517dbf1d9b356374988f6a3a15c8 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_000006
| MD5 | ff5eccde83f118cea0224ebbb9dc3179 |
| SHA1 | 0ad305614c46bdb6b7bb3445c2430e12aecee879 |
| SHA256 | 13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc |
| SHA512 | 03dc88f429dd72d9433605c7c0f5659ad8d72f222da0bb6bf03b46f4a509b17ec2181af5db180c2f6d11c02f39a871c651be82e28fb5859037e1bbf6a7a20f6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 12101642f71480f78f3ad4cc27f70a99 |
| SHA1 | b1f05f08a9569b12cf9a44b06b333afc6e3b301e |
| SHA256 | edefe79f8a9358ae3b0cb26f99bf14e085051a14ad9f2703decfc11e58c1b3b6 |
| SHA512 | 34e63345c82462afdabb204c21ae36b802b36c37069a9033540719ed23a82e74719e74ac863eae40b693f10ac3e3a6a332c22388249787e70acf8c6afa5beb2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b767e0457860e4eaba7ac3ee402c8055 |
| SHA1 | 81ae9376ec89bff0e673b1847b1363e3787e3e92 |
| SHA256 | 6e2b813a24b8841b309f3f781b5fd8bfbe267feed5b4c66a7773559e3380e097 |
| SHA512 | c18b6fee714ffd6442c6469fa4260628a56bd617138a95786d34ed2f88beaf05d764ef665a1ed8de3af4012f9e3635c8d57d20ce2b2dd63724b0078e7a68162a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3216799698251b873672c3e357dd5250 |
| SHA1 | b185ad2800e4eefc3390d180d3ce6d97063c04d4 |
| SHA256 | c1468c3ed3b84035c15ff773e48a6d5bbcabe5bbf11fb6acbe8b1157948185c7 |
| SHA512 | c1fb78de0495f0cefb4e07984de5d49eb467b86d82eabb566a7b87452d684a467ca78bd1447a897ae8d0e1a5cbf2c2bc0ddf054a28e8666569963b2d7042195a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1ba0e4ee768a0f681f46fa04c596203f |
| SHA1 | 6431819fb8b5c034e7070920c5301405983a5d71 |
| SHA256 | 3875c98f97218fc1f46a6505e2376dab816901b633c48ff3837842688de31c16 |
| SHA512 | 1de726c3d35acf755687525ea4275732b4794cf0972dcba84d1b7b3234b486f751e15e1ca010ff2c3e17e516aba72b4759fb8c04afec8188ad67d3f33674d004 |
C:\Users\Admin\AppData\Roaming\discord\logs\renderer_js.log
| MD5 | c148b802bee604d5fc5018b85683efaa |
| SHA1 | 9e95f8df707a67bfa7f8096159334dba5fd99668 |
| SHA256 | b5741c41a2a03783bb8d1867617fbf9b25c87ca574d1265b547582e4afe5b5cb |
| SHA512 | 69f801e1b1dd2a856fb9fd55831ca65234a7d23e472207a4270038515c197767764182d3e539564bd93cdcc7b9dfc36bf7d0eaf64ae656f404e506c747039b09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ac33e86c196c2f3e644e6cf860d9f9c1 |
| SHA1 | 37e3cb4f1b2aa74f6278bae687a7d0687ad381d2 |
| SHA256 | b6a5c6e6f0f188716868f48bc137cddf73925ce093bb975e9eb205937a55d28a |
| SHA512 | 23614d3b789b170cef3d1ceb2fea576c0c71ffd44f4d370dfc44684374cffe0562c8f9a2959bb21f76948c876edef0cddc21e0bbf2dc3bdd904a15519608a466 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | 1ebdb0a65430e9a055acf1dd4fafe4a0 |
| SHA1 | 62243ce3d6950dbefed8b9cba82f68a174bef846 |
| SHA256 | 7635454a21d045f926b1e91fe81605da69a2c9eb41bbeb25f46c48b11e882a19 |
| SHA512 | e9f46ba1507ff7b692c4f03a5b14579da978184967f06de0f50cd5b8b6326eef5f0a66b2b7cff79023d0805a4796d10bbff3973158c9567217962b00232f0c32 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 47e4df4f422fdf1b950dc7e95914e4eb |
| SHA1 | 98d67579e2c529015815449a93c7e582ad78b288 |
| SHA256 | 5f137d21f93aff082977af81c75dcb88edd6a9a9088e717e604bd5b2d3f7886a |
| SHA512 | a8bb24bb4e2349864858fb751ac0e87d3bd1bff7b428bbef9f38813828729466d044b395d298cb8ccca969d9328d6a3ab2825dff488b0cbec57fcc6bbf0c98cc |
C:\Users\Admin\AppData\Local\Discord\download\a4fd4a4e7ad9396f47ab624e6cc7915776860c14266de4f708199699069b900d
| MD5 | d4ecc95f517683e4b1cf653fa2fea916 |
| SHA1 | a571d39e8a5ef68584eef324f092651ed5359c56 |
| SHA256 | a4fd4a4e7ad9396f47ab624e6cc7915776860c14266de4f708199699069b900d |
| SHA512 | 4d355c0460a67e76710043c575f6fe1434c5e9ed079bf67be1ea7f4a31e9b13839ff80e71ba31a039faf1b71d713a025879a0fc249ed8bc5b82354807c58249f |
C:\Users\Admin\AppData\Local\Discord\download\0023e68388147f7802321cab39d44c1fc4f752f84516112cdbd36baacba1c15b
| MD5 | 4fed8b50f643dbfca0e9e4dd5837d8b2 |
| SHA1 | ea69530829c607223ecadb19533ab9d9adb28ebc |
| SHA256 | 0023e68388147f7802321cab39d44c1fc4f752f84516112cdbd36baacba1c15b |
| SHA512 | d6bc909ded97f3032cd8cc4d8cedce5e4bda3de987ee4d3721c3f3ca9fedc42affa7678eba8710adad2c97f4e233192b7bccba9b1f8c107bb06a03484dc0abea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 419560c837a17ff39f83c4830b5b16e0 |
| SHA1 | 118da4463c55547e7a2d593ce839af7d90fb23cf |
| SHA256 | 06ea98766da2ca4c0c910915d669fbd80eeeedce22d46f5b50a42820be12561e |
| SHA512 | 571725d5f50cb48d8992e4e499f97f89ef59bdd64a2f4ebfbc1ba782de5c145a7d9f3d4b8ac6704e1c800190a74b4456489bc6ef8c30fa09be88bd7113ba9590 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_00000a
| MD5 | 7cf1be7696bf689b97230262eade8ad8 |
| SHA1 | 8eb128f9e3cf364c2fd380eefaa6397f245a1c82 |
| SHA256 | a981989aee5d4479ffadf550d9ecff24a4ac829483e3e55c07da3491f84b12ba |
| SHA512 | 7d7c7dc08001079d93ef447122dee49abd2b7a84d1619a055ff3e7ec0009261ab6add018560bfd82ed22b29c1915bfd059f02cd83fed2e15e9af05a5d0654e06 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | a107c41dc4498f07cdda9ba4d31b276c |
| SHA1 | 1ebae0d88cc1e6cf1a3cf7a8ecc61bf8b4cdaaef |
| SHA256 | 07d5787ff076d68b75923839bf4e1a023cead540d85a1c18df51881bc19edb60 |
| SHA512 | 8e0875ad0cd184b8952af69adfd3c3299628eb6faff71907192a0d4f0f4eb9274b4977eaf2223ef2ebf9fa09de6fe94eec8a65b33ab3a02440aa34a6ab54ac45 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity~RFe65631b.TMP
| MD5 | 0769557501a531fd1e7a85a8b2e6de57 |
| SHA1 | cc1fc093c2ba8f1b61f3405c4f5ae14ead1a9fa9 |
| SHA256 | 0edb54e27305e2daa3abf3e1871f22397e57974a20aa2d188e008e9efc03862c |
| SHA512 | 3e82422a2177c2215c1b6b7e9da851411f9fde87efdeb0f073d86143a475d5f0df0b5daaf9509c4604f60df4f2b834294f6677f339b7ce6dc794d40e90186d17 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | b3783d5fa786364ef584166f1787d949 |
| SHA1 | e355c0c8c1ecc8eadebe5db99ce51ae8148f6041 |
| SHA256 | f6faea19c5289e5b375bdfe8c951a5689d0fe67867c82ff6bb32425ffc71e1c3 |
| SHA512 | 90a0196fd100be10092b73c6d161fe14153d5f25da7aa37d4ab8ab89c9c71d0ad3ee9af2c0eed98d9fb3cccae787f82de8f5428c0907b226a263dfa081a9aebd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 66595a882f61a5b0b19e6d4eda37c9b8 |
| SHA1 | 4e2e4bfa26d4c11aa7f3beec9c0f1a01cc97e0c8 |
| SHA256 | 1c2aed4e5b5e02422cd81e1f88521285577647459bcc1f4d75e4d7347d17be90 |
| SHA512 | 0b18c07622221e34f2711c92c2e00e16458a7976319bfbe63bb1c9819c08cf7ffe005c9dbf4811e4717d4f7bcf3b8b71309b882c9b5259f26e0da72518771e74 |
C:\Users\Admin\AppData\Roaming\discord\Local State
| MD5 | 579ae0812509ac607a0b0978b46958ae |
| SHA1 | ff91e030f10f64b92dc25fd2808fdbacb3a5bae1 |
| SHA256 | 300210dc2ee6977d0c220b8a7f151c175d9e8c568b7e38bc2972fb5d0b33f724 |
| SHA512 | a41cac23a308e17af9868bf5ad81ebe54d3aa2d198930fc2d2fbc6d145c82308a79a4e761dd3aa2dea658b1dcad8fe90a79943f7eab63ac5e2f1daae2841326a |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 3d12c86525b64cff32fe1f02479525e2 |
| SHA1 | 40a4ebea095eef3d65002e68c3e5bfb1a599f409 |
| SHA256 | db668d03d5b3ae768662cdc4e73f1b40e98fce55b66c60c0fc71195aec2574b6 |
| SHA512 | 617398e5c9376b2c99586551c75b4fd46e2b9ae0471a5e7cb882c8448167d01172773134a27928cf77e82479bfdff2c87aa34a1455d61fdc196210bf2a5a77c7 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | aad8f4e777628f9c794ec5e8b1f38098 |
| SHA1 | 3d6ff4d8ad30bae2b01c8c9503c98d0168125877 |
| SHA256 | 5dc204926bc26c42369ae9f3f0867b8dffdec09ff68f0a5672820d03acc80fc2 |
| SHA512 | ddbad5e2ccc177acc81a2479edc496c89ffa47c4309dd0f962a8652e57bdbe773d5ca342880a5b7ba891e3eb105d25a562a65fb51e11c0f76b6b38f79d0ef729 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c1fa97f94ec5fa42b0e5c5629b6a1f65 |
| SHA1 | c3912343e5d510616b53cd5847f16b980e2861bc |
| SHA256 | 646d9f09473c85220745f920ef05cf242bd71098fe9782c936f8b5b3a37a2044 |
| SHA512 | 37cb5129dbb902f9f0c5e5792a5b41e59c4c256e0a84e5cb5cf16da0c332e78fe746164124eab29e4d5abc1f99ebfd37ccf18d1bb278f5078a26e39817e848ff |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | aeda5f249e1d330f9324f0a540cc6859 |
| SHA1 | e4eb81847005637a1c2eba7a028a762b4d68c39f |
| SHA256 | c7aa04362a7707b4b825a232eebd61af1b5273b682ae27f6433d3975128a431f |
| SHA512 | 3f7df4d1930ba7428c0232ccb62a882ce8ef97042b4cf6bf3cd348c5cefd3f55dde777a41f9838c782303d4e7f86fd415fda1a328f02f65389a602b2430a1586 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 920b31b671c0e2146b269f67c15c4775 |
| SHA1 | d3f8eaa7edac2a2b9eabcd64e94d9163d3193b16 |
| SHA256 | fb6fdad1af2b69d4152e513d8a693fb09276403cb474e893a3a4f4994faa6c57 |
| SHA512 | e471fa75481314c0fba9dc2e48b0ce69b37288c031612122a7f19fb101be0e58ec7feaaf4bd56cdd3c4a4a470e1f8aa3c4d7c3b5bfa448a5baa9868c020aa2a5 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 2a45c80cc95ab3248fd5111f1737a907 |
| SHA1 | 7a6f6206a3309ee84df8c1a34a030d4cba2d9310 |
| SHA256 | c2d8beacb1cd41b494f4202a9384c74599bfdb92e1465add46c4e048923524c7 |
| SHA512 | 31c1202ebe6dd3949a416c0811f885c28e31fdf5cb885399a7a8e0cfec32f738efeae471544e4ca4065e9d99f7bca67ef71ca770f7b3fda7f5b9e67cc20eb6dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6f4f86150b585cfc82ec1fdd90d169a5 |
| SHA1 | 05f09c5669f8f6a8a6fbca6611b74014adab377c |
| SHA256 | 384b7f332826ddc4270fbfc01e4eff7f5ade5b5a2b2bb2103709e70263490bed |
| SHA512 | 3572cd9bdf35d5c431c5fb39dad776bfb1d5bbe2f21be3005fcd0dbf370837fd5b562bcfa9356b6786e2bf6e8d1103288bcca5b1e9cf0e5b06a183ab7b8617f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e5f880f670352f674b240a3dcb3154fc |
| SHA1 | f39aedfcc0029030724825d795ba3260b5e0e3b7 |
| SHA256 | f0869c44471f623de361852f7dfd0501a1645139414b11ada90b4b024f824f81 |
| SHA512 | 1d6dbc9b4ee873ecdcee6b7bd432f2ca84ed38fb3fb0f67b7e0f10c4231c16f7efb96c215f490f2311686bf890c74e075692bba77f79a97c8caff149cd99d3ec |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | 3a9c873096ace463e70109e2d3cc412c |
| SHA1 | eb3362bced5e5f643724f5e40b12b9b6df696ae4 |
| SHA256 | 1253eeefffe6e2986ba4fef1e0f06f76a0417239b824a8fd9afa70e63652143e |
| SHA512 | 950e9062841dc72aed3f116958fd877506871f8a1688e736c42a7f038db4756c728d2fce684147e94916bc6a090571d12be555ae68243ac13933c28866d5e182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2811cc86faf41caa331ba7f2027e30c4 |
| SHA1 | a50214480cac21afdd6c9494807f5f83e7c657c9 |
| SHA256 | 872f024276f25e89e7d6549614d075b95d7248371119445ade7c761112134120 |
| SHA512 | 7045b200480cee36e005cb0a341ccfdc8f022ba24ee36504ac45abf462b8e7883feab0ff9aead7d557995f47026efbe18eadf3ecc9026202ed005d3ab9b35369 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9bd0d54c04ff701251a10b8b7fa0e1d0 |
| SHA1 | f5b32e93801902d34235d5b6d664ebbd410078ff |
| SHA256 | 7290266005b98d230a66b9cf9e367052d618c82a539ee1f31eb2d8244131d887 |
| SHA512 | e41c3daf9accdee93ac210e8e01e3d38dc50fa4107ae312d1a52de3c31e029b81ce686dbafe7d4291be581d9d71f9e7fcc4f9627830081be330086edde67b815 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0febac845b098a6afe96287839d575a8 |
| SHA1 | e1dfc6154a0b1a55a7950b0f5859dc75c002175f |
| SHA256 | 80991e40948d6f7a15559d28f1557adbe70b11baee4c070e5cb14a498a54c25e |
| SHA512 | e25dc13787eb1124909f4066ea7e20d4d767fded77f5aba55346e410023450c29ee494d0a0c8abc32524d79974516b84fe703aa03a45e94df82eb65d2dd03ee8 |
C:\Users\Admin\AppData\Roaming\discord\Code Cache\js\index-dir\the-real-index
| MD5 | 1644907515c76b391288c43eec852193 |
| SHA1 | 78fb57e3d079659a746a20d0a392f63442b3a176 |
| SHA256 | d3f2990ef077f3c4ea09f144b7c689e87db90a989decdf0316c10a10b3015644 |
| SHA512 | 5c57a471aa28f216206cbec0018397714d4eeae11b70860de70d3346801ccb8cc8c6743d49e1d3736402fd41c9743a23b6a86f36e57aae578d91daacd63c5151 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e24d71383f6e63c67822ba5ae970c612 |
| SHA1 | 1faf4664d7721a1d9bbc8f6ab37511e54112ae0e |
| SHA256 | 7876037eb1184872a21e92e7eecb6fc319cc1dcc5e13b84c6f8e64659cfd77e6 |
| SHA512 | 02d796fa5a284085f6e507924a394c064e6a408d8736ff5b5aaa22979a969020060e6c8838458df6c208a83fd49a4f0c55ab8868f2edcdd99666e8f3e6bff788 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 97b49331e49bf1a40075bab81c15f5e4 |
| SHA1 | 0c66c823bc73b16d263ac999aa6f917ffa323364 |
| SHA256 | 54c4dddc112a41ebad1384d608d7550f1df69a8f8d58ed678ab80f9d0ee2af31 |
| SHA512 | 2a032d6d1d49ebf8e51da165f6d9f894e996c94b4e5c9593f88c0b35dcf43a88b7207f3d65af0644281c8ae716c264c305ce4c4d465b156e822c51d346b9d172 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0eaf962c15f58c27c27bdb8bdbf33e46 |
| SHA1 | 60dee560745d67e3e4b113b4975dd82525a41b58 |
| SHA256 | a60efe50891baf49e5762fc0560d5f9df1c49cb88ed81f21fed5f8a5e2914fff |
| SHA512 | ca5b1fa964784e31a12ea2896108e308ca9fd1d058c1b6bbb0b8c31c804e3cce4cfc9f7b49bbc43070d8aacb7dc8652c5d28fd9c563ea744c32ed61fb0283b65 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 963ef3cb24198353bf7d38ceabe10f4b |
| SHA1 | de336ca4d5fc5eb19f45723126842f99a4530072 |
| SHA256 | e2e3c43fca67e18139a672fa29936b885d485b6297dff77234006ab4bcb928c3 |
| SHA512 | 625540b64ab1d91c6d3bbdf4148e7be3eaeee612768009df2c3eeeab51633227d16c3bba1125b9f3cbdb6bf8c8dfebb29f7a576b9ff9084131bf80f997392c8e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e4069b1667619fccba5332c00dd465dc |
| SHA1 | a79e84f9abeee4b35305c904bb8ae00e308ce7cb |
| SHA256 | c2d53ee949917b3603570c1de30de19fed580540db630c8979a606baae231131 |
| SHA512 | 870a9eda0a25c1395216c503e3c27334e557e2d6dac2e8ccbb55546accd93b00b29e62004f40091a42c895e368821b515ebf6bacda9f6678e085075e1876bbfb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b8fac67751069646fbf1b4c54f55e67e |
| SHA1 | bb8d1627dcb4b9a0567406ba6716026ac3d1ed69 |
| SHA256 | 70874baec1940c1712efe821e236ba8b0a49c8c392fd6dddd801c5dc9e058806 |
| SHA512 | c673814ea5a993b32d048567b271efd654ee8c48ab1f4e3eec6803b46f8bc2b2add4066af88274968bae90d56389aec5e51e37f75cb09ef1b29f77355e767f13 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | aaba441f2f26d7558a258677c0b03caf |
| SHA1 | bd5bf757041e9defd19d65d7d691dad8f1f07243 |
| SHA256 | 3f493c3f6a3bbdc23ef978ac348894d92d82783be3ebce1d7918eda92858510c |
| SHA512 | 2985c096142273672fc026b5317134f66a0ac83f82b141fba90c566fdf47c9153819ae70c6735c87908d2decbee7db3673e295d4710be7b16d023fc2343fab9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3b1a07085efd7cda2d720d848067757c |
| SHA1 | db43c5718a0646308cfe82a79933058318e23cfa |
| SHA256 | 8a2b3859719988a3f3f2504c3eb9ade103513083d469b102416a0bc2fe92f5fa |
| SHA512 | d5bf18ce2e90233ac14b600b3bd32eeb656f75bb4c39e839cf3c72ff14de02471a90b7b09c8364bf461a178b12dda982f8190aaa9578bd93207426df268638d3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d2a1d5be7f0ef99a0cb848019ee71eca |
| SHA1 | b5f473b4791f2125700d68359536802b6ace61c9 |
| SHA256 | d911cab622008929574cbc70a1e309f3c2f3384551a1ec0c032b9788bae92172 |
| SHA512 | c3e1daf49c52783037990b2e4c517b4a89ccdcfa4060e73921d43ca7249c4b0f6de58815406f1bd9dcc07a60d1e2cdea361af57d358099129f7e9458966097c5 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | fc1e7ffa1eacfecdc46817ed05ee8856 |
| SHA1 | 8aa8ecd42dd3fc38ad5e90c1b3a1af6bb4bc18e6 |
| SHA256 | 1c31cd55a93ea1a870377b98f755badf3ebea80d84cd11e8c95dbc3e80b9c526 |
| SHA512 | c7b60714eaae3ab9770283ce2f9d6001a87efca9927e581d0aaf7102c639a7724b425dcad392c795824d0e185aeef85188d7a3699bfce4cdd45bf2da931692b9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\cd650db5-3ffa-40d7-a969-4939f8ffb401.tmp
| MD5 | e7e15937d5cca575170de91edbceade2 |
| SHA1 | 5c2d4bffa1cfb056374581839d21587be4caa3be |
| SHA256 | 62b7e77718efe337fad754a5f69d3df23f3c16723bd797c8892a6f56d14a9958 |
| SHA512 | 2047a02163b881ac90b3de103b65b7212bcf3b5da944d37c3dc81a6886cd916810716c5181611928e0cf3b79173212a8994fb45cbafc7ec7f8a3003ca3bd8018 |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | 5c2b38f9d846ed630248f3f74c7bced7 |
| SHA1 | a1ae98da1801b760f4692f309ea036eeeb2a1c24 |
| SHA256 | b933f30dd2862b406b4b15c941088cf3793c14ab504e23d8172d98f7c6f27210 |
| SHA512 | 770d1df5dc5bb4023b8a75892e2260d38a484d0541917b46acb9e63bf30e6d88ab1fa8c06e3a2e632138134c2c9a0dbaeed8992be2e40d1e99d985b931c22b17 |
C:\Users\Admin\AppData\Local\Discord\app-1.0.9169\modules\discord_dispatch-1\discord_dispatch\dispatch.log
| MD5 | c675e0307ccaa4c18f93bcb2de8f0bd3 |
| SHA1 | b03c727cd5f1316f9f7dd12195758b161ea86d5d |
| SHA256 | 0a3cad3011fb8cbd327524d33314a8d3faff2bcc67f3a813f9877a4c4812870f |
| SHA512 | d0f8b6ce8c102e557d4214d9332ba56989a9beab1024d6555b6563a048be8e9db53a7e9d493d62c17ab6641315d87d0040fb270facdec77ef4dbce5f324d7556 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_000047
| MD5 | e3b1f2f61bed83b43c457ccddf0b7be0 |
| SHA1 | 3dca7e3e04bfe1404a3a58eb8591129b8c1bf26a |
| SHA256 | 4ca2b17f38c87cccbd681e2ec2972430d94baf93a707d6ba47aae48e6a68e125 |
| SHA512 | a3ebc89c583af026450d0f9acd8c8ab4e3a9303f0da2ff3fd070b9a801312a4a6732b0fb4540997e8c2928dcb072e5dca0f6ae761e0ee60a5fec2506a20ff6f5 |
C:\Users\Admin\AppData\Roaming\discord\Cache\Cache_Data\f_00003c
| MD5 | e71e883cd5c8b602d2561f02aaa84529 |
| SHA1 | 4e6e9feec722f64c844a10e44c94b20bf9fd4fd8 |
| SHA256 | df41c54dff45d59594a2652763b4599b4a61c4e6ff0096afd4389a6a007f9ae4 |
| SHA512 | d30c04f0ac140ba54b6ef9aa6743b6b75a4535e5d96c76d30e0b4a233f76cb0128f5c72d283258cbafa01266d6bfa5eff4ee51849b9cf1b5009efc8e312690f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d70adc1c008ee3041b11b1b18ea2110d |
| SHA1 | da5ba9a23761f7f83c214a643e47d4f9de237b47 |
| SHA256 | a1ec6d537af3f0c1e7314e1529d0e4652bf19148dda8282b45a8fd3a3a391ac6 |
| SHA512 | fe2aa489f41dfcf0db10cf815a418e42c43a718a3594cbb464980473eac0c443f5d6ca40d1c100458f53b56b8fa5da125ff3ada847000ad63142c822d0eaecc6 |
C:\Users\Admin\AppData\Roaming\discord\Network\TransportSecurity
| MD5 | f3ad09c819e39e6b7e0a18486e8708b2 |
| SHA1 | 263f54ec13d41c8c894472aa8ac41ff647c6f47b |
| SHA256 | 6ceabd9a8b9e4953e16ce74f5b0857a4bc3f8dfb305566ee05e066b5e9b01bb5 |
| SHA512 | 3d90a4d0bc93451e6305cc9141b830210eae14b7989599510e201e077ae2bdfec2feced041dcde483a3cb29259c86bd2363a41c4e21b000f3ee7fedb4634e9e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f01fcdb13a3e808d6d9f4ef2234ac646 |
| SHA1 | af86e1689a37a496c2d80b24ddaf91ac0f19d5f2 |
| SHA256 | 4b4a5216660cb3afb3ecc35b68f124ca2aae06d7aee7aca260323f8b4de473b9 |
| SHA512 | 2a5e5ac9f2bb1fc910dd778c606c50a4d4bcf4438266093251ff54cbc4d4fe6cb6986305285db01208ce74d3b4b23ade0ec09f6f4cd86f7b0b6b561a17e294c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f023e5d06eb060ee052e17e4d858e23b |
| SHA1 | f12d0481b030449ba50d44a3ad65a38f5dae731c |
| SHA256 | 55e87c8d753220ce6c019d4e7c17d668793770325e60d34236107cb571bf7819 |
| SHA512 | 6f4915e9e6d7f2f5999e8a2347bfe32002748052f0fbc2e7382d1770e2c1a42ee7697820883256e8ec166a5f435c33b8fb3cd0e03c5624d38f4bd61d230ff23d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5a4b3b10ca05448af33dbd2e9b87eb8e |
| SHA1 | fc49d46e1df8ff22aeffcb2847fac1a49c45ed19 |
| SHA256 | 540795d804745d074e0bf677c70674893ef7603b6b179e6c351317cbbd2aaf2b |
| SHA512 | 5956f7ca880fb8871cbfa69ca371ac0478f73547e6531181ea729651b861e26696646c1131e2c31bbd743b3617df1ea38dae6c5314981f7dba939211b620000d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 52759f19953c01b8baee7afe841c4803 |
| SHA1 | d733f74302ed7e9564781bfacaaaba31147ceb14 |
| SHA256 | 6633fe44d6d6ccaf7d388912a007f401be77e8214e3136e683c080757bafd9f9 |
| SHA512 | 57267654862a11adc9de13526b7656937d4773f76e72845ec32c2733b7c5395dfbb9618ac2e6575b47357be08383c3e20f5418982dfd2cd2f1a5afd3396744df |
C:\Users\Admin\AppData\Roaming\discord\Network\Network Persistent State
| MD5 | cdcfad47dfd2d0508e0b3a5b6ccdfdad |
| SHA1 | 8e9f4704c351d484aac310d5de8680a1c1d7b96f |
| SHA256 | 39c107585bd0b871cb2630925d745a0594e4ccec01c48f74cee9778db112f022 |
| SHA512 | 1a20a761425a0897de43ed5ec5943a6c856661fc78ff7849f7d2e8e160f4201d0cb387dc96031799f2d61a6c91a94d796e91e3971663f3f6bd0eee98df5aae9f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 81084adadd434ab7e5205dfe5f5848ce |
| SHA1 | 76ae09ed649d65441cf657b4d081825f2988e2f2 |
| SHA256 | 0b0b4c31fe2fab1a062b03bfd6068f2948e72ba4755bac9f3cd92df0c6fd0ee4 |
| SHA512 | 964d494011a635d257f4f174c79fbd8582635c47aea25ddf959dc977e77677b30e1ae6b1bcfb03dce4e64facfb88531337e0a3a02fcd4199287a72b7922854c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7b856ad3b73f7b66c27387d1a34bff45 |
| SHA1 | c00f8eebef9a08bd2f245bff9309769da6c745b9 |
| SHA256 | ad488f077fe63557ae594f13dfb261499a1955d52f08b11f84ba0af1cc056349 |
| SHA512 | c8b018793a91223892244ec3e425ee522c5fb7c0008a4d60024017b3124cc4d439fb9de4b1ec7f23e0db0c54f5f4384f5a6963710804f903a6ea895774268f85 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 63b0721527deefdcdbaad558e5b73416 |
| SHA1 | edfc3a652485ce9316f16c60fb23d4bf0e2bd31f |
| SHA256 | e9c58fc289be2a6d151d72c758b18cd00844dfb9d9b72b38a6565b7779ac6839 |
| SHA512 | 54a4574b4be6895768ac78c936ca14d4bb3fa7bc23f62091c22f8569d80a888218a22cb01e9152b7ca181a87be5425a01f1bffd25431ab9b2b0a7b94e9e4b09d |