Analysis Overview
SHA256
0e4eb858a365905513d5a052b94a350f257a968cbb2c33245e18df8f7e36d9e1
Threat Level: Known bad
The file Discord.AIO(1).rar was found to be: Known bad.
Malicious Activity Summary
StormKitty payload
Stormkitty family
StormKitty
Contains code to disable Windows Defender
Downloads MZ/PE file
Reads user/profile data of web browsers
A potential corporate email address has been identified in the URL: i|Q@wizSCql
Executes dropped EXE
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Enumerates connected drives
Looks up external IP address via web service
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Browser Information Discovery
Unsigned PE
Suspicious use of SetWindowsHookEx
Modifies system certificate store
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Modifies registry class
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-25 04:50
Signatures
Contains code to disable Windows Defender
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-25 04:50
Reported
2024-11-25 05:23
Platform
win10v2004-20241007-en
Max time kernel
1811s
Max time network
1158s
Command Line
Signatures
Contains code to disable Windows Defender
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
StormKitty
StormKitty payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Stormkitty family
Downloads MZ/PE file
A potential corporate email address has been identified in the URL: i|Q@wizSCql
Executes dropped EXE
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe | N/A |
Reads user/profile data of web browsers
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\D: | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | checkip.dyndns.org | N/A | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411250505231\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411250505231\assistant\assistant_installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\OperaGXSetup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411250505231\assistant\assistant_installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133769839612990293" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe110000005ca376df9718db019383886ca318db0168e68a6ca318db0114000000 | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\Mode = "4" | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 00000000ffffffff | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000000000002000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 = 200000001a00eebbfe23000010009bee837d4422704eb1f55393042af1e400000000 | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3442511616-637977696-3186306149-1000\{3B63F0B8-A7D9-46E3-BBE4-D321512E4B13} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0000000001000000030000000400000002000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\3\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2\NodeSlot = "3" | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\3\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000030000000400000002000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\3\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1092616257" | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3442511616-637977696-3186306149-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 19000000010000001000000068cb42b035ea773e52ef50ecf50ec529030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae4747e000000010000000800000000c001b39667d6017f000000010000000c000000300a06082b060105050703091d0000000100000010000000918ad43a9475f78bb5243de886d8103c140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb0b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b0601050507030853000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f20000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 0f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f53000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b060105050703080b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df01d0000000100000010000000918ad43a9475f78bb5243de886d8103c7f000000010000000c000000300a06082b060105050703097e000000010000000800000000c001b39667d601030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe
"C:\Users\Admin\AppData\Local\Temp\Discord.AIO(1).exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffaa28fcc40,0x7ffaa28fcc4c,0x7ffaa28fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1896,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1892 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2196,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2236 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1772,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2460 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3156,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3404,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3716,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3732 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4844,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4888 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4532,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4692 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4976,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4900 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3368,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3360 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x414 0x3e4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5304,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4472 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5564,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4700,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3552 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5648,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1180,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5608 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4472,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5216 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4892,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5556 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5192,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5356 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5276,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5584,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4492 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3512,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5876 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffab9dd46f8,0x7ffab9dd4708,0x7ffab9dd4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2328 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3476 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4012 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4012 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,17936030272211464456,10356866665934954355,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5488,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5740 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\zxjkafuw\zxjkafuw.cmdline"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESDB4A.tmp" "c:\Users\Admin\Documents\CSCB3CA1BEDB8E4C48B2B3F776BE2CA8FD.TMP"
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6260,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6180 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5436,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5780 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=3552,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6544,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6388 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=5424,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6580 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\m4oq0oub\m4oq0oub.cmdline"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESED9B.tmp" "c:\Users\Admin\Documents\CSC1D29784815A4F808B9C28591817A3A0.TMP"
C:\Users\Admin\Documents\jjsplot update.exe
"C:\Users\Admin\Documents\jjsplot update.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=3500,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6204 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6468,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6488 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6524,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6604 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=5820,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6792 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6424,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6704 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6708,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6700 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=7108,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6908 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6492,i,4453687374259669434,14778561771419465400,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6656 /prefetch:1
C:\Users\Admin\Downloads\OperaGXSetup.exe
"C:\Users\Admin\Downloads\OperaGXSetup.exe"
C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe --server-tracking-blob=NWEwODA5YzQwODFmNmM3Mzc5ZTYwN2IwZDVlMDFhNDkyZGE3YWVjN2U1Nzk4OTYwNmY4MGE5ODNhOTA3NjA5YTp7ImNvdW50cnkiOiJHQiIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy51cGxvYWQuZWUvIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL2VkaXRpb24vc3RkLTI/dXRtX3NvdXJjZT1QV05nYW1lcyZ1dG1fbWVkaXVtPXBhJnV0bV9jYW1wYWlnbj1QV05fR0JfSFZSX0REXzM1NTMmdXRtX2lkPWQ4ZmUzNWYzMmY4YTRhNWFiNTBiNDAxZDA4YjM3ZjFmJnV0bV9jb250ZW50PTM1NTNfMjIzMzczMl8iLCJ0aW1lc3RhbXAiOiIxNzMyNTExMTE1Ljg2NTYiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIzLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJ1dG0iOnsiY2FtcGFpZ24iOiJQV05fR0JfSFZSX0REXzM1NTMiLCJjb250ZW50IjoiMzU1M18yMjMzNzMyXyIsImlkIjoiZDhmZTM1ZjMyZjhhNGE1YWI1MGI0MDFkMDhiMzdmMWYiLCJtZWRpdW0iOiJwYSIsInNvdXJjZSI6IlBXTmdhbWVzIn0sInV1aWQiOiIzMzM4YmZjMS1mZjU1LTRjZWItOGFkZS00YWM2M2FjNjkzMzkifQ==
C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe
C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.218 --initial-client-data=0x320,0x324,0x328,0x2fc,0x32c,0x74bb8c5c,0x74bb8c68,0x74bb8c74
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411250505231\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411250505231\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411250505231\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411250505231\assistant\assistant_installer.exe" --version
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411250505231\assistant\assistant_installer.exe
"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411250505231\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x288,0x28c,0x290,0x264,0x294,0x894f48,0x894f58,0x894f64
C:\Windows\system32\pcwrun.exe
C:\Windows\system32\pcwrun.exe "C:\Users\Admin\Documents\jjsplot update.exe" ContextMenu
C:\Windows\System32\msdt.exe
C:\Windows\System32\msdt.exe -path C:\Windows\diagnostics\index\PCWDiagnostic.xml -af C:\Users\Admin\AppData\Local\Temp\PCWB655.xml /skip TRUE
C:\Windows\System32\sdiagnhost.exe
C:\Windows\System32\sdiagnhost.exe -Embedding
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\ejclw22q\ejclw22q.cmdline"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESBA9B.tmp" "c:\Users\Admin\AppData\Local\Temp\ejclw22q\CSCFDF42BEC7E4C4A53871BA3AD4564DEC6.TMP"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\olebg02y\olebg02y.cmdline"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESBBC4.tmp" "c:\Users\Admin\AppData\Local\Temp\olebg02y\CSC3FED11172734CA9AD7A869CCBC6106A.TMP"
C:\Users\Admin\Documents\jjsplot update.exe
"C:\Users\Admin\Documents\jjsplot update.exe"
C:\Users\Admin\Documents\jjsplot update.exe
"C:\Users\Admin\Documents\jjsplot update.exe"
C:\Users\Admin\Documents\jjsplot update.exe
"C:\Users\Admin\Documents\jjsplot update.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 104.20.3.235:443 | pastebin.com | tcp |
| US | 8.8.8.8:53 | 235.3.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.133.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | 233.133.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 162.159.138.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | cdn.localizeapi.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 162.159.138.232:443 | discord.com | udp |
| GB | 172.217.169.74:443 | ajax.googleapis.com | tcp |
| US | 104.18.161.117:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.161.117:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.161.117:443 | cdn.prod.website-files.com | tcp |
| US | 172.67.41.53:443 | cdn.localizeapi.com | tcp |
| US | 104.18.161.117:443 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | 232.138.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.161.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.41.67.172.in-addr.arpa | udp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| IE | 3.162.143.129:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 104.18.161.117:443 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | 129.143.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.134.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 40.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | remote-auth-gateway.discord.gg | udp |
| US | 162.159.134.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.134.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | tcp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.180.14:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 22.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 172.217.169.46:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | lens.google.com | udp |
| GB | 172.217.16.238:443 | lens.google.com | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.187.238:443 | google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| GB | 172.217.169.46:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 172.217.169.14:443 | encrypted-tbn3.gstatic.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 14.169.217.172.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.14:443 | encrypted-tbn3.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| GB | 216.58.204.78:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn1.gstatic.com | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn1.gstatic.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.204.78:443 | encrypted-tbn1.gstatic.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.178.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | img.youtube.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.179.238:443 | img.youtube.com | tcp |
| GB | 142.250.179.238:443 | img.youtube.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.178.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.206:443 | img.youtube.com | tcp |
| GB | 142.250.187.206:443 | img.youtube.com | tcp |
| GB | 142.250.187.206:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 9.179.89.13.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | img.youtube.com | udp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| GB | 95.101.143.201:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 201.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 95.101.143.201:443 | th.bing.com | tcp |
| GB | 95.101.143.219:443 | th.bing.com | tcp |
| GB | 95.101.143.219:443 | th.bing.com | tcp |
| GB | 95.101.143.201:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 219.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.68:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | u.clarity.ms | udp |
| US | 4.227.249.197:443 | u.clarity.ms | tcp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.249.227.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rewards.bing.com | udp |
| US | 204.79.197.237:443 | rewards.bing.com | tcp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.238:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | e2c68.gcp.gvt2.com | udp |
| ZA | 34.35.20.64:443 | e2c68.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 64.20.35.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| DE | 142.250.185.99:443 | beacons.gvt2.com | tcp |
| DE | 142.250.185.99:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 99.185.250.142.in-addr.arpa | udp |
| US | 162.159.138.232:443 | discord.com | udp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 162.159.138.232:443 | discord.com | udp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.135.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | 234.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | status.discord.com | udp |
| US | 162.159.135.232:443 | status.discord.com | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| GB | 142.250.200.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 232.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.129.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | media.discordapp.net | udp |
| US | 162.159.130.232:443 | media.discordapp.net | tcp |
| US | 162.159.130.232:443 | media.discordapp.net | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | 232.130.159.162.in-addr.arpa | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 8.8.8.8:53 | 233.128.159.162.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 142.250.179.238:443 | img.youtube.com | udp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 8.8.8.8:53 | discord-attachments-uploads-prd.storage.googleapis.com | udp |
| GB | 142.250.180.27:443 | discord-attachments-uploads-prd.storage.googleapis.com | tcp |
| GB | 142.250.180.27:443 | discord-attachments-uploads-prd.storage.googleapis.com | udp |
| US | 8.8.8.8:53 | 27.180.250.142.in-addr.arpa | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | upload.ee | udp |
| DE | 57.129.39.102:443 | upload.ee | tcp |
| DE | 57.129.39.102:443 | upload.ee | tcp |
| US | 8.8.8.8:53 | www.upload.ee | udp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| US | 8.8.8.8:53 | 102.39.129.57.in-addr.arpa | udp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | udp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 8.8.8.8:53 | checkip.dyndns.org | udp |
| DE | 193.122.6.168:80 | checkip.dyndns.org | tcp |
| US | 8.8.8.8:53 | 168.6.122.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | du0pud0sdlmzf.cloudfront.net | udp |
| FR | 95.101.225.182:443 | s7.addthis.com | tcp |
| FR | 95.101.225.182:443 | s7.addthis.com | tcp |
| IE | 3.162.143.37:443 | du0pud0sdlmzf.cloudfront.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 37.143.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.225.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ukankingwithea.com | udp |
| US | 8.8.8.8:53 | ndtheyeiedm.info | udp |
| US | 8.8.8.8:53 | sinterfumescomy.org | udp |
| US | 8.8.8.8:53 | ghabovethec.info | udp |
| GB | 108.156.46.122:443 | ndtheyeiedm.info | tcp |
| US | 104.21.68.94:443 | ukankingwithea.com | tcp |
| US | 104.21.68.94:443 | ukankingwithea.com | tcp |
| US | 104.21.68.94:443 | ukankingwithea.com | tcp |
| US | 8.8.8.8:53 | edstrastconversity.org | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 172.67.204.90:443 | sinterfumescomy.org | tcp |
| US | 172.67.204.90:443 | sinterfumescomy.org | tcp |
| US | 172.67.204.90:443 | sinterfumescomy.org | tcp |
| GB | 18.244.140.100:443 | ghabovethec.info | tcp |
| US | 8.8.8.8:53 | getrunkhomuto.info | udp |
| GB | 143.204.176.11:443 | getrunkhomuto.info | tcp |
| BE | 142.251.173.84:443 | accounts.google.com | tcp |
| BE | 142.251.173.84:443 | accounts.google.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| GB | 99.86.114.124:443 | edstrastconversity.org | tcp |
| GB | 99.86.114.124:443 | edstrastconversity.org | tcp |
| BE | 142.251.173.84:443 | accounts.google.com | udp |
| IE | 3.162.143.37:443 | du0pud0sdlmzf.cloudfront.net | tcp |
| IE | 3.162.143.37:443 | du0pud0sdlmzf.cloudfront.net | tcp |
| US | 172.67.204.90:443 | sinterfumescomy.org | udp |
| GB | 108.156.46.122:443 | ndtheyeiedm.info | tcp |
| GB | 108.156.46.122:443 | ndtheyeiedm.info | tcp |
| US | 8.8.8.8:53 | 122.46.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.204.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.68.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.140.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.176.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.173.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.114.86.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.trkredtop1.life | udp |
| IE | 54.220.182.27:443 | www.trkredtop1.life | tcp |
| US | 8.8.8.8:53 | sgkaa.com | udp |
| DE | 185.26.99.247:443 | sgkaa.com | tcp |
| US | 8.8.8.8:53 | www.biphic.com | udp |
| US | 104.21.12.132:443 | www.biphic.com | tcp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| NL | 185.26.182.112:443 | net.geo.opera.com | tcp |
| US | 8.8.8.8:53 | 27.182.220.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.99.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.12.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| GB | 172.217.16.226:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | 121.217.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | autoupdate.opera.com | udp |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| NL | 185.26.182.124:443 | autoupdate.geo.opera.com | tcp |
| NL | 185.26.182.123:443 | autoupdate.geo.opera.com | tcp |
| US | 8.8.8.8:53 | features.opera-api2.com | udp |
| NL | 185.26.182.112:443 | features.opera-api2.com | tcp |
| US | 8.8.8.8:53 | api.config.opr.gg | udp |
| US | 104.18.25.17:443 | api.config.opr.gg | tcp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.200.3:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | download.opera.com | udp |
| NL | 185.26.182.117:443 | download.opera.com | tcp |
| US | 8.8.8.8:53 | download5.operacdn.com | udp |
| US | 104.18.11.89:443 | download5.operacdn.com | tcp |
| US | 8.8.8.8:53 | 124.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.25.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.11.18.104.in-addr.arpa | udp |
| US | 104.21.68.94:443 | ukankingwithea.com | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| DE | 193.122.6.168:80 | checkip.dyndns.org | tcp |
| DE | 193.122.6.168:80 | checkip.dyndns.org | tcp |
| DE | 193.122.6.168:80 | checkip.dyndns.org | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| DE | 142.250.185.99:443 | beacons.gcp.gvt2.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
Files
memory/624-0-0x0000000074FFE000-0x0000000074FFF000-memory.dmp
memory/624-1-0x0000000000F40000-0x00000000015BA000-memory.dmp
memory/624-2-0x0000000006670000-0x0000000006C14000-memory.dmp
memory/624-3-0x0000000005FA0000-0x0000000006032000-memory.dmp
memory/624-4-0x0000000006060000-0x000000000606A000-memory.dmp
memory/624-5-0x0000000074FF0000-0x00000000757A0000-memory.dmp
memory/624-6-0x0000000008F80000-0x0000000008F8A000-memory.dmp
memory/624-7-0x00000000090E0000-0x0000000009234000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ScintillaNET\3.6.3\x86\SciLexer.dll
| MD5 | 2ff7acfa80647ee46cc3c0e446327108 |
| SHA1 | c994820d03af722c244b046d1ee0967f1b5bc478 |
| SHA256 | 08f0cbbc5162f236c37166772be2c9b8ffd465d32df17ea9d45626c4ed2c911d |
| SHA512 | 50a9e20c5851d3a50f69651bc770885672ff4f97de32dfda55bf7488abd39a11e990525ec9152d250072acaad0c12a484155c31083d751668eb01addea5570cd |
memory/624-12-0x00000000096E0000-0x00000000096FA000-memory.dmp
memory/624-13-0x0000000009230000-0x00000000092DA000-memory.dmp
memory/624-14-0x0000000074FF0000-0x00000000757A0000-memory.dmp
memory/624-15-0x0000000074FFE000-0x0000000074FFF000-memory.dmp
memory/624-16-0x0000000074FF0000-0x00000000757A0000-memory.dmp
\??\pipe\crashpad_3756_BTFNXTCESTQDZION
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/624-26-0x0000000074FF0000-0x00000000757A0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | c73e987690af13cd368cdb9f2ab04efb |
| SHA1 | 8c30aace645a3b1c4af22db7567c17c95bdd9cf8 |
| SHA256 | ab8d4bdb46b2c0d3ddcac7a6ffa77ccf0a6f527d4d73152d03034a13af8ceb34 |
| SHA512 | 38e2bf8e78040f90505657aa6286d0a272345158b8d66e86eff84e5f8b05d2a0cb2050d3087886e706b08499454365d60c68158ebb6a63f71734f4a8ccfc2f0e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3b5bb2da26ef034d7aa3061fd7026b5f |
| SHA1 | 1899f89477cb35ffccf33048a3fbce14ea253041 |
| SHA256 | 59d206561c12ef4baeac594d3c2328eb9f950306d0a04a7ab25f230284e2f998 |
| SHA512 | 229a0468ffc3e84793ff64e5502e984d3180a553ab4d251434b4831f61af8872ea4a04cde342b58e4a6a2b232ac120c4e63a867ab753120c509e96d2fe892299 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\6df90c5e-c9ed-45ce-8a10-d8718a929df0.tmp
| MD5 | 99426149072d04a521bde5426ee6f4d9 |
| SHA1 | 3e2d462466b67b08a39fb49897e58e3d50006650 |
| SHA256 | 40e01413e421e88ad10824f26cae04c17eff26a1b56938e48896c78885daec0d |
| SHA512 | 971083c43aaf7a94a026c387f0ec6b79dc0f7d9ea6d1385753148ac2e24f60fa956a38fa26c4018a751292a586c3d755bd40ec4463b85dc00540a4fc49f3f776 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1c3ec5e6bad9eaa204624b33fcb34736 |
| SHA1 | 5dd2c74e2562b10d3227657e5783cc397baf35ff |
| SHA256 | 54f3a3fa6de276eb4a6cb94b2eb8b2fa7aaebb0dffd2330c2e75a26317d1fa90 |
| SHA512 | f1a143bb51710665c09553706f80cac84f0d3ca4b128572100d536af5b853ec0095d9192d819b0c8fc73373d4ab0284d4179b9f3f6da11df7504725be676f842 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | d9c6e61bfc76c6f728521bdbba23f37a |
| SHA1 | 2b602d5827a95f684105d56f649eb0cfdff3ca24 |
| SHA256 | 177fb21647809d6f23f91a7a5e8ce8b2c6beef59fca05b268d146821f5deda2a |
| SHA512 | 20fabcc0c5e7bcd5d63fbf24a33055434ba947202bfc9d5066d65130e7580ad7e12d5c628355187dc507ec083347734e6efbe5b5c4940daba5ba97c3e514b646 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 27b57727462d3efbe9e4283d52649cf6 |
| SHA1 | b1e6b90faa0b020e3f45ac8d2c4f9613f2dfbdee |
| SHA256 | 1ef0b07abb27c24d917ac854ff83749c5759865e434e485d56d07171eedb10ac |
| SHA512 | db1c4a1c3e9fe5f19d1ef901d38a263c195e038712b772cebfee3020943068a04cc4d6e52c06320228b052890fd242d5186e31e70f01ae72896c6df5bc4feb19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0287ea2829c4bbcc3fb9b27cc99948cb |
| SHA1 | 62da9bf14d6cb8f4f71a30f3f75a253d118267b3 |
| SHA256 | d73fa9991dc2414aa16d601b825890497b2e3722f964e74aef5dc25e1f0df480 |
| SHA512 | c7c9775980e81eda4a212a9dcf9ff1fdfd28e76abc4cfcef9850793e7732c9cdfce58682dcb31661beb61075eee1b8dbff70251b4313d64714c142e4057767b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000059
| MD5 | 2be38925751dc3580e84c3af3a87f98d |
| SHA1 | 8a390d24e6588bef5da1d3db713784c11ca58921 |
| SHA256 | 1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b |
| SHA512 | 1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c5af6a83eece5188988012c9d9263f65 |
| SHA1 | 8528b7770616f58cfecb5a392d8b0fe1e2a55224 |
| SHA256 | 4e6595cd5257f7342c80689d0195276ec7b91b79a7acf0006cf0a2bb9134828f |
| SHA512 | 99b1ecbe22953201b62d72767ecee7cc741261a930a882cd3cfb3e43d64fd6d1bc4a7f7ad879695bbdb271935e3b0129621f226c36191f50b93f154ea107e18f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2578d9fdccc853a053cdd1a582464494 |
| SHA1 | 59fc2ad4f9a2ad3667f5a7c90a86122a8c185547 |
| SHA256 | 8d19536ad614d506f064f4d794379f5c3a982132445f99e75390b66e6523df73 |
| SHA512 | 963ee12a2418f533e85ba46093accbf21ebebe0cbb2208aca45e41c735929ecf685e193850f76c97f90516075463a763400acaf644882cad488a8cfbe70440ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cf1a2f1edb8bcdc49e38d07de4d6b8f9 |
| SHA1 | 08d75cc4fb83db5f52822f67e47cd1d2d10f03e8 |
| SHA256 | 4b8358f7b7d4ac0d21c19e879009f49006aa2290fbe7ce28a33b712b91567407 |
| SHA512 | ff0d12822c629a8f48616c8ea95a91b0a279608d1a93a2efec6e3770e9bf875d075f91fee14e8910d62698b9f2fd8c1e876ad0ffb33087d913ed4a120d0d2f91 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b49bb31462de495ec771a737b755071a |
| SHA1 | c4f9126f58d05dd9e518d85510e2f2cbae2a965f |
| SHA256 | ef6e6ca96d006cae5fd15655eff1db354ee3fc69630046a266804656b6108dd3 |
| SHA512 | 0416d7173b88dcf774d87f93f41cbc89bda34d59fb0155d3529f78302c7f2a38a147c66b272b2a63badf08b1b0317dc3f97f73a435705954439e615fb3b7aaae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aeef575d8ce20f8536a176ae19d7598d |
| SHA1 | a498ffe9fcb1a1574173252bafb11e5d6a509025 |
| SHA256 | 14643af10f975bdf63d5a7e86c66ef8390d177bca92b5f4b436e7a66c3663f96 |
| SHA512 | cc430be9b820f92556fb9bc3eef1d2e260229d0be123d91420552ab54af624f8f6beb4f2c538bae6eeaf9ec8b705f818ecba4d748f67ae230ee4fd2cdfa27029 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000046
| MD5 | eefb3b7038040a2b45001d9b00e3614c |
| SHA1 | 64f409fcd8dba116aa15366783133833ea2e29e1 |
| SHA256 | d6def6ae11d1cf9bc2c244af00ffe3c6161263c26212e4009c613a02c8a9ea76 |
| SHA512 | d463a84948b07ac2b1c51f471e21e592f84b249f6a0f58853f3e38a357068b8a6e9d33de1146e187bee9c586bbb3525b7397f2f1b4f2a2c66d784e50385bc121 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bb07f7b67b577f13478d4d48df50010d |
| SHA1 | 332b872770f53bf036b5093b01b87eeae1a764d5 |
| SHA256 | cabc4bfacf4d80ca7fdc3652b62d2b4b31c8d83a75863a6eac5e4890c1b1b2ae |
| SHA512 | 1ad49750b364d802d908781428e2461130e58238156c331d8c0ac438b4bb6df97b4758dad36afa11ea4046ca0656b810bbe4a780bc988a591e24f6e7450e9394 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9052d5d001d76f3840694bd17b469fd3 |
| SHA1 | 6016fc369f41ab217c8da9ee2c95b8a8192dd04c |
| SHA256 | 1760e57fe127365744eccc3a650b7be69951e22a2de8b67f5dc0fdeadbe9cdc7 |
| SHA512 | d7a790e554a4465fdb9980cdc54561d20ce68b1ea547ebd2e92f996914308a1a780c9256f0c9ee9c4c8e8137454ec1300bf0e15babfe40fcfccdeaddc4788677 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000053
| MD5 | a6a07c2a700df7a527e32658418cae18 |
| SHA1 | 7457cb6969539f0f171b745301314ca99ba86abd |
| SHA256 | 32a510bbd227d70a8f36396504f7a20d57285d1855263fa464932da2d86adeed |
| SHA512 | 7ef68f57ca6ab9d5a0aaa3f72bf78fe4e7d3ccc044025d8abbc07c9ed55d354dfd85e10ea70a561fceb3c8ddc099fae051ad310944b8f13b3a08c2c3217ce72a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000056
| MD5 | 0f9a3513f312ca2a023bec8075e27771 |
| SHA1 | aa56ea41e99b17e63b03c6643e5b1df4dcb24b7d |
| SHA256 | 2eefdf257186bf4fdf9777404e34f5f1e2f731e12afcfd1a4355418b7027355e |
| SHA512 | 8ade920afcc9e5585b0263f90992765bc548b000633c5bc7962579f00e5e7c6759f32b348372c1bac671b1d5d50e67b3164e4e229517eefd2a6093f92ddceef5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000058
| MD5 | f7bb588e5a2fe2f4c2b725c0795f201d |
| SHA1 | a0886e235318f0eeca1bcba99383997a9ddeed3b |
| SHA256 | dd98fefa0acfc388dd4f30ab6f9028f2a9e13e45b8fe58b10dd37e47f4f79725 |
| SHA512 | 0d06491167d65f63bc67b663233d681771e338d4f9332a30cdd2b6286accd33f4712ef3a541bc66e937b72a4301bb5fcdf1d0d3d673571f90ec49b9276328ec3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2e6dc6c6aed7d061_0
| MD5 | f011682093a8720ff765e0e92b271a68 |
| SHA1 | aa12ee2c4bd63373914a36bcace2d3d14445b150 |
| SHA256 | af39fd1f38898936a0c8b8662f8a857c0fff39559ba27b6b172b9ab6680b8580 |
| SHA512 | 9e68386c4622315b196bee92a5314e1d04c0960fa50e2cfde38f18d7bdb439d9cec3dc4deb8a069dfcf9ac33975a8f2fa94ef9a5a2ef4a2286b52028501bcf9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3545a9e694a7a24c_0
| MD5 | 7bddd6023cf479c20b08b09948a4c09e |
| SHA1 | f327c743d0c0cd0f10230e50886baa4ff9fcc0b4 |
| SHA256 | 556935086fb65f9b9c568cbbdb12dce7485b0a754c2aaab413c2d47a79082aa8 |
| SHA512 | cb6f5ab4e26a8e3dd60416d803196617a17c8441216b9fc0100266336fe61c878de73cfc71af653ebafe59607cf4f245984c10d4fb71a2bc332b6cd8594a2469 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4d8cadf515cd425b26749ab857b81ff9 |
| SHA1 | 9fd0ef01ab1d3185ff921dc7a131ba7dd72ae058 |
| SHA256 | c1280232a887bdf517f55df08580639153ec8c14a96f5341c8c40bc4c2e08afd |
| SHA512 | 3b6be58b2463f513dd335225d3422c046d7e3318490f49bdb46b9e3c292dc51657d3e7fb9814a54866d258e2189a77dfb71ed046b4b2a61c168b521e691f5c64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cc9bb7750a7b3c2217e4be1c8b3e519f |
| SHA1 | 78e42ce51776ad61d5fc9fd3aa80b728f5b73d90 |
| SHA256 | 87498ba6ea487dc6e15cbf3ba507e34e498a0d4045fcf10bca4ca1349ae7a9cb |
| SHA512 | 29785603b3011199946937e554607876bc84379b38a3c99b9742b95b137351937ee1fe9a755375312419afa6aa43e25af001a4f2f68dc16003a0f9fd5eaae998 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | cbc314fb203800e0bfb57371239f7a87 |
| SHA1 | dc5fc7c53b2f56ba09b5a0c99bd5f722e54e1fa6 |
| SHA256 | 0a832ad9ddc094d6196b763296609fed3a8467887eff0f5a22f0fd3aa05595f3 |
| SHA512 | 025048acd42be58a03bd7d632ecacba5a4e136602da0d64db88e3b2b2fda7e9ebdc9b8dcc3d867e4a3f52a718b81c2734b0f50b02a7d94b7b4e07c541599e68b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 901c30fe09028fd11638f65045cec718 |
| SHA1 | 891fd0a631aee6b23c5679db1498a409e12ba0f3 |
| SHA256 | 49ce2b627df1da86237f4478c1717ae6b7ddfa1fbfee7ed67d7558f67122f4eb |
| SHA512 | 800bba85e25fd276d8e90ac1e6217cdc6fa33f450e7c6457b687c2594d22b974fcbb68b0b0641dfd1ffbbe4984919095aaea50197adc802da190ce12cd6e14fb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005a
| MD5 | e319c7af7370ac080fbc66374603ed3a |
| SHA1 | 4f0cd3c48c2e82a167384d967c210bdacc6904f9 |
| SHA256 | 5ad4c276af3ac5349ee9280f8a8144a30d33217542e065864c8b424a08365132 |
| SHA512 | 4681a68a428e15d09010e2b2edba61e22808da1b77856f3ff842ebd022a1b801dfbb7cbb2eb8c1b6c39ae397d20892a3b7af054650f2899d0d16fc12d3d1a011 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fda9279889c1ac9e_0
| MD5 | 5294c856498e7187bf2fb7702cbb8787 |
| SHA1 | b4ef47a0c84c7c8c0c6cbb09870fc07cfcbea940 |
| SHA256 | fac06e73307b6ccb2cde0404a9d84b3848151b04246ddf88796ae345866bc315 |
| SHA512 | fb6d0d80676422f1108e27b2ce111848cdc8d2e3d7e1b3129df25ed90f8e6b28b3f738e8a94611debd8654f5e331643918dc63e9f91938b06025ac1064fd184e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0cfd628fb51c496b_0
| MD5 | ea3a0abe3080c4c93ff7f9e1de960a03 |
| SHA1 | e94c9947c37d54037fe0246f34f3b34d65ce0076 |
| SHA256 | 560ad81ffb95731e261c19c60613fbcf02d55a7955813093f2103536a0b564fe |
| SHA512 | 0225674acfe81342121d39a62d804ca938cbcfd061e37121809936e71e2d686b94a60f4bfde0dc84a6400f35160eaedfa4e274f0d99c27bcbc38a86737472b33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\760a3e03dd30f8ce_0
| MD5 | 6eb941cb59843d29f96538befa20b1da |
| SHA1 | 3d0aee230b5c9ae372ad85d62c4b9e9c243263ae |
| SHA256 | 9f51ea1baf4c5ff8b5ff843e7ee94d2c7708c69985304ba691029781c1ef1daf |
| SHA512 | 045b3e3a8380515510ba46e9e0c78d3fb6cab4086b05b2d1cff3d03ab131908e5e86007a5947fbad7da1bb34cee07d6330ae23b95a7498b10fe8da0bb7bdb082 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f36a7ab18b06e7c3_0
| MD5 | efa81bf85de3560a95c02de3e13ddfb1 |
| SHA1 | d753d0b57eef31e6ff3512f172a1b5a4944885eb |
| SHA256 | 899969afe2df35bac6a1b165c7dfa251411035187c641edadc825714850e4e5c |
| SHA512 | c815f0bc3131a63ffd6e75636fdcee701878aadf19a7dfe1943ba19c8c80ccdbf4eaa6410fe5b1e818bc82486309c69d469ef49ec911f60b3d93c68d8879434c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000064
| MD5 | 5a322b316bc8745d39d83b130a9ef6e6 |
| SHA1 | f2e8ebc252d92722555b6fab8e38fbccbf6003cd |
| SHA256 | b6fe2ea8d85c1ee73bf4e45c34247fec18e2efa340d009e0c2c1b41cc42e3f47 |
| SHA512 | 97fc03ce19046d14f561bd812c4853eebb608185d20b9e8f319098b866e820c09c35d42b4354d0a6ed519408fab7a5ecdcf4b33456561400c8e3acf256846535 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 853d648ebc55295d61610eb30f50a34b |
| SHA1 | 4d537dfc8c586af4762be53b99c416e8ac1500e6 |
| SHA256 | ef3c859004825af87cfdafd1560ba4af9cff1498b7223352fb741a9db0b9ca11 |
| SHA512 | 2f1628d88bf2a3ff2158bbca1bc2d436154f3131fb0c91cc666ee20677a7ef081e550ad46f6318a20ad837055bcee3166e88f97e5081ad2d1facfdc8a608e9b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ada74fe1ff976345b729bd1b6d5cf5d8 |
| SHA1 | 956bd003367f4f92d3cb1b6fc91c074b530b1fcd |
| SHA256 | 78584ac3bd6932b29d255a4c0d84a2d83cc4c6fc2dffc049a54a698b5356b68d |
| SHA512 | b18c33ab4c1cf5f79c99f4c7ea0ed55b503d363b99bee163a63afc94f10a63e3e7fedd43caf668d369dc18a211f17de97ecc658001d4d942fc815017d9cafb2f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0ff6d345ccd2bb6c91b277ec56dc19f4 |
| SHA1 | e1113db38118feb5f47bba6f2ab276f1d1134a7b |
| SHA256 | ece1bcfe5847251dc05958ed967c3dcffc9c322ea69e61c928313a320dbd0cd4 |
| SHA512 | 44bde1f2e61ed0d5abed68fbfcfc77713be47a2c63099239904546150331be800757fddd93f5f7070d0ba3d86a1802d53499a1fe0e01a128703b62c710dfbf39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8852a3b7a301ef534ecd937615e2365e |
| SHA1 | 7768b79a8fd54afa5830aa2dd744133e7ab97169 |
| SHA256 | 5d3a3c1b7d7c962c696453ed2bcfca579581f01f5a13eb88e6b8cd9ed261f632 |
| SHA512 | 7d7ff7bd1a757f58a27cfaf86df7c1f5a816757bb51f92126cc374af651a0772a11dab51892acd2b57edab6f9a47fe8be5c7841ea9f4123c7bc484f7fef5306c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\738184b4bb16e32c_0
| MD5 | 1ae0f68e052e0276390f0fc6a89eaaf9 |
| SHA1 | e73a91fc3b0211dff2ef16a31d16c380ab909592 |
| SHA256 | 12aabe801dbbf8b6640e02046a6511b783f6642a909dc1ce41ad388c88f1cbe3 |
| SHA512 | 192de8a7a64de57ebd46eda4254da3e627c85fbfc3ac8ab4452ace41114ef44c8bcb1e59bc9211543580db323629e80d88becc1efb27b78692148a44bc27617b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt
| MD5 | a7a2f6dbe4e14a9267f786d0d5e06097 |
| SHA1 | 5513aebb0bda58551acacbfc338d903316851a7b |
| SHA256 | dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc |
| SHA512 | aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe597100.TMP
| MD5 | 76415a3a4c4ea1c41c1aff74a8f61fc6 |
| SHA1 | 509e17e3fe441b8f43b872593068bbc3006cc58a |
| SHA256 | 39575bcff5dded3cf2ab2a9ec20e81145a14e190a994433f93229ce7fcf7d028 |
| SHA512 | 44a7e7ec8003f5051ce86e295a7dd38ff1a0540f77fa0d4387d17d0375bbefd0b95cd5411dc22ecd3bc4b1fe19adcb8c4f23abbc91eab55a1e3465c179e01d93 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 737fd97d7be79c4ea63286e365e22112 |
| SHA1 | 6df68b6e85f5202804e5a8511f7df81e74d5a868 |
| SHA256 | d7aae1e7d26852e2eb146eb05344078a9182cce5def43bf43087a13871cef29c |
| SHA512 | c937b8522db54cd308305d3f924a12d0b2803fb07d202aeeb7ce1aaaa52b5dac9f547a28f708ab1941e79bb17ae1153cc3c0ca97f5748bbbbe9df04e26fbf919 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 93dcd917c1dc2a0b24f53185bb86c3bb |
| SHA1 | 1d763983eacccce64eca2dceaf886ffdb38f41c8 |
| SHA256 | 2d5a5c63193f85c81ac3ef566993b81a005da968fb97b39a3d8a47dc1974e483 |
| SHA512 | 6966777ef258afa2598a1274955de78d1534d1d9b1e9d7e753d7368d7cc22d040f1e9cd61652fcfd11648949bd69232eee307734fb13bee4c9929eb29fc66361 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c355e3950903b17a799630398dbaf400 |
| SHA1 | 8352a8991e3ea392d2de364fc4dc611a29fde171 |
| SHA256 | b991f2de62bd68536a20fbab3db36968f84451d0b416bb277538ce2534aec1eb |
| SHA512 | 27fa2f5d6427d96be6f65e8a982fcbd7be60987d472cbb900eed5463f7591e579912963906bb5c8b7dd1b17c5c1d1bc4a165603566469dd2104bd94567a79b30 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6be03bf45d01192efbc07acd6dec0d9b |
| SHA1 | d9c3925c2f03f75065683bec98c750e14066c28d |
| SHA256 | 2f1157f212e9261eafd8192fa22ae0a84e590169e5d8e59523459c00bf0a0a0c |
| SHA512 | 786cf0d371ca2bf1cbb2133fd52c029f723250cb02eb2862803a9b73808621634b9db8d1b38d63d2060ecc985c7de2d286009da45870e1cd9799ceb6b57671e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 366c53aac99370ee4a331b79963f4fd3 |
| SHA1 | ee10ed5aac37f7749c19190896b493ea21f79080 |
| SHA256 | c9af871b2a348ce751d8067012cc6cd35b5b0f073444350545029f0acd832c59 |
| SHA512 | 531dd6105f5109a8d59ae350adf85d4913da31cdee9bcdeb30183e5cefe377e1f5cd3acb14187355af9e18c0b0790eaae6bfe504be72088dc1d3f1d0d79c252d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ba6ef346187b40694d493da98d5da979 |
| SHA1 | 643c15bec043f8673943885199bb06cd1652ee37 |
| SHA256 | d86eec91f295dfda8ed1c5fa99de426f2fe359282c7ebf67e3a40be739475d73 |
| SHA512 | 2e6cc97330be8868d4b9c53be7e12c558f6eb1ac2c4080a611ba6c43561d0c5bb4791b8a11a8c2371599f0ba73ed1d9a7a2ea6dee2ae6a080f1912e0cb1f656c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bb97e0f1f8769fb10baf01403e0c2a97 |
| SHA1 | bd93883b93e3cbc6bb7e5d9f52cee3f4c70cf9d8 |
| SHA256 | 984b1d90df6de669a8257913aa20ccdd9ead6c86666cfc43eb3fc359bcaebebe |
| SHA512 | 68d33063c60ac70323b205019f852b27ae010086d41756b21aaef3e271bd21fdbcbb52a1eb9f92ba973897ba2d328b5549c69effcb5cfeb8f1368fcf6cb78555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | afcbaf079d7282428d3434ee8d948c39 |
| SHA1 | 449e43d57c8c424de1e7d9b7f03c5b83821e3d2a |
| SHA256 | 9b99827ab00eb288cca33ed9403996fa797324accb4d4193bb7ffbeee64e1988 |
| SHA512 | 69ffbe9b305731c4b851a9d672ae000ddc9d9cc9eee62b894f113348fea7e40a8bd25c413f039c1444b7acbe3b333e81cede1cfec256c48c140a880d1570ce3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3b45c77055ba1762ef25dc101a261453 |
| SHA1 | e6b83ceac19e4392d3e7f4f40e65a176946c86d6 |
| SHA256 | 101d3251393c3d29b5f51a47db30dac11ff7e78772a3a8d38ba9bdf55f7bf60b |
| SHA512 | af93aed35f0b67ec0841ba312e2dfb13386bc979f377c894aec811772306ca60cc6343c5306f8c1749ec951d19ac06c8aa0a61c829f183ff061ad974a86081fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4cdd4f257571274e9382921a41fcdae1 |
| SHA1 | 11449100fc0286ffbc00b527a4e0a30692387691 |
| SHA256 | ec294a5856bf892e2833f31ee0cea9ce72e1c8af94419d02d4b1762e09d58385 |
| SHA512 | 766105a28a5210d9d8e73ebd431f743d27a3f1f78da12246a65ff0810feacd14259a1e455154a0f8c09b39a276371c309d7f49960e5dceff957b86649c2a180d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | c813a1b87f1651d642cdcad5fca7a7d8 |
| SHA1 | 0e6628997674a7dfbeb321b59a6e829d0c2f4478 |
| SHA256 | df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3 |
| SHA512 | af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | b275fa8d2d2d768231289d114f48e35f |
| SHA1 | bb96003ff86bd9dedbd2976b1916d87ac6402073 |
| SHA256 | 1b36ed5c122ad5b79b8cc8455e434ce481e2c0faab6a82726910e60807f178a1 |
| SHA512 | d28918346e3fda06cd1e1c5c43d81805b66188a83e8ffcab7c8b19fe695c9ca5e05c7b9808599966df3c4cd81e73728189a131789c94df93c5b2500ce8ec8811 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 226541550a51911c375216f718493f65 |
| SHA1 | f6e608468401f9384cabdef45ca19e2afacc84bd |
| SHA256 | caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5 |
| SHA512 | 2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b8880802fc2bb880a7a869faa01315b0 |
| SHA1 | 51d1a3fa2c272f094515675d82150bfce08ee8d3 |
| SHA256 | 467b8cd4aacac66557712f9843023dcedefcc26efc746f3e44157bc8dac73812 |
| SHA512 | e1c6dba2579357ba70de58968b167d2c529534d24bff70568144270c48ac18a48ee2af2d58d78ae741e5a36958fa78a57955bd2456f1df00b781fc1002e123d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0daebc98d1239fae847ba7bdc7e579e0 |
| SHA1 | e08c880d56cb6a821985d200453f24902e8e3b72 |
| SHA256 | b51facb2541d153f2e5df46a2e118f23bcc7cfdf6d575961b4af8594cac030eb |
| SHA512 | e204c37d7108dd5323febc90c32e50ea3639956208b37cbedca660de3e8bfc4a89a55f54b450c5c52e1cd1ac8cffc16f955358bbfe259c1c284387c1315e3c26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 05a8a606080c0d349c3f8d679eccb9c2 |
| SHA1 | 5630e44941ad2ba8b3bbf354cb9963149386e961 |
| SHA256 | d4a6cb31fac9321180e6e98ebe155655d9da988e978a1ba942c1819049c4859d |
| SHA512 | 9e72cd71f068499aa23ebceb4c44537e05bdd2af70cd4524694492375421da84c42c69da78e30bcc3ed82d636c02c7c5dbc570c9ac1bf5756e5455b2103625d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 519e1cf1344640531b85764789c5c5c5 |
| SHA1 | e39844d2372d9f63c78544815561b122ed11191c |
| SHA256 | 074340b796fef46f5f3ccc8d26550d63542d3392520698cf434eee2ea74b040c |
| SHA512 | b5c0107a9ae2c85796f3a2bc96dae8adb4cfce4f845b8da05132382f649119e12e19482cc47caf3468730a83a0dafa33fa51dab9d4ce8791deb7f976af87a161 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c957e0b87e1fff064d19f00c39fcb404 |
| SHA1 | 274e0d55bd2c38468465faf6cc2ab7de96d03696 |
| SHA256 | bb2a6aa1d0846931ad2455aee9664f73610576b195135828c73aa421058c3a6e |
| SHA512 | e08f970a36df31d4244077a06796f9bb8c008f3f6bdbf1b4adb55315ba86288925d9abc3c5977871a0a3e1df4c84bf0014b08110e42fa22a457755974e822066 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 669d37e15dee5cf8e55fd4ffd07885ea |
| SHA1 | 6e4a3a0c481602f54ebfd17a361cc353cfff0bc4 |
| SHA256 | ce4abd0038353b2a55109765c7653eda0466982c0e4ee80ef41f11169e850f7e |
| SHA512 | 87c0a66b8fa6b88dc667dee84b414ab6eca1a13f3a1f0445d224738a22dfb4b83870648b2209ef2d5d72042513fbec155c815a70bb30abfd3f92bc70cee65236 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b56e9e0ea577c151b3393de8e7badd3b |
| SHA1 | 4ae67cf670dfb4ab2184f9ff54aa2f047f53c850 |
| SHA256 | 537624b667015e4c3272d80f6479fa7dc40ca10a6458627467cf021ecdef653c |
| SHA512 | c6acdeeb4c7b568a79292ef3ce332eb8aac76ca896aa0604cf035b49f6b00011b98076783fa620c65ddefae8831062acf9d8a20705fe7fbb5bcdd97c4a24232d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fb7b60b7aae9d68c565eeb917a382754 |
| SHA1 | de157ffd2f3f6e51fd607c2ba4e288ff5aff6da6 |
| SHA256 | 4b91b5aede0b13dd160dbcceb6847a5eba5bbf78e39a5a35b3f2572c8dbddd85 |
| SHA512 | 7cbb79f0d1eeb3ac8adb9e689bfd58fff0f8e1e98cac845be2dae1cc934586c19b2991c803ede7879a84b219bf43a54dc635296f91af81f080c48e3922ec50fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f7b221f5553049b6f1767266a60861f3 |
| SHA1 | ada26f247a5873f52f7c85b4b4f0944715dc5920 |
| SHA256 | 3b07c969fc272ae5aea506b50f63815f8dd12c9efd2ffedd8e021f40e6651ea3 |
| SHA512 | 12afba9c0254bc9c838ccfd881ccadf79bb1f1f46186e6eab96b102afb5e72b3742b07f9a67daa67eb34ff9120e2450907ea87e9d5bff7f5d41bc0e366285dce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d84c6190d1c60acf514dcf192665aa5a |
| SHA1 | f362db22105570bf71f7fe7bf6062eb302dc12b6 |
| SHA256 | 05da1fb91f3092ab34f20b0a40137aa599c0da7f9ba40b5e41d2f24391cb6dd5 |
| SHA512 | 5e02cc2ff475359e5c5b2f1c00bcec9b0bc3d958fa9801c2279119c7b7023f37d114fd9212e185b556038bcf6a5c9f4155f65eb8d274ec8cd912bf763d2c0e7e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 07d28b86764164ce59d023d437f7ea93 |
| SHA1 | 10e25e079f936e1e5de5338b99b9f2a3ade2948c |
| SHA256 | 1478e8bc688b53e26fa4acf62a935c52fb7b3b36c29583f03fd12fd3bca5d5e6 |
| SHA512 | ad3f3daa7e4ee50618a6a557f6b4dc231344d5febe3b512db6d605babf80aa07004c2ad46b453bcd8e066d89208b582683d8fbbc469fa4f255849590daca26a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7aa6fff8e6b179be964184a7009a779f |
| SHA1 | a82cdd11b4fabeb4ffcb3344d644b22bc2f29465 |
| SHA256 | 09d7a077524d86b60bda802710b52413c7c4534a13d2a4583082ade5a29fcc05 |
| SHA512 | 452cc71c171b1d2f91e080555512ebe019a0783eebe852420c2b00b595571e8f5de4cea0db3c00e2bd2690ccf9105fcf6d0313c16ec93f83780a2132fce923f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | af21390ecda790b9555621f7110a4f78 |
| SHA1 | 078c56d0f262d05ffc34bfbbbcc487f536f546f6 |
| SHA256 | 9feb14ade878eecf1050c9b319b4650aa93fd012844a3d1cfacec3e69bdd7721 |
| SHA512 | 1fbc0714c1c86058d56a6173ea6041e1e78b7a27d39e96f942768ad218537052f3c4eee22ead9ec3deed6fcd85ce44afc3a4b896c5a88680ee32b6cff1c89752 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e47db34a4d00f9b94d034c332c7202e3 |
| SHA1 | c27a46d8c4060d7424144d34b196db4b33d23bdc |
| SHA256 | 451672990ccf52be9ebe23fd9d05f87db4ab8c5db4f0146297d8686d45b64f8c |
| SHA512 | 3530698cfcb0f08ca0a50aa201c1cb8c0ad91d003bdb63838eaae5871dc1ad3904ded9b638b35921c46b29486aafcbad81e7ab867049ea9f15569a09cd04f3cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dafd821a458cead6fdf10c5283dbf7b9 |
| SHA1 | e003abf5af57e7ec1e6d6042ed212c495d78ce0f |
| SHA256 | 39c8ca9c779754dbe9d1226b9776dca43be447f524ef21069492f8be588c7b99 |
| SHA512 | 3c3b53fd54fb00999a96f2f38025f1e65245b2552380d44cc5bc2ecd68eb2c216dda2a08327c044436c90b8547cd5c0e428fcbdbf28430af30a6c43db82b9111 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 242c83d1f46373ad64a94bd3a519c446 |
| SHA1 | c23c1a3109885e0d311d67cd0c1b15c932df3e44 |
| SHA256 | fe62c0e7b4961004725db35f5d15c666f2996333f2acb1eff950196619dc2f6f |
| SHA512 | 95d65be4d799ecd2eb82ceb68c758d4287f2b1c1c0adfc8db767c164690ff1b3e9e8deef13c05cc014ac651c97d10870df4ca1292b129709111a1a445b712e0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cb74e1189b390031501bd4887711d641 |
| SHA1 | 2e4be5988c78be4c49718844a496163704dcfde8 |
| SHA256 | 51b024545b1cd0a8e9c9182ca34bd2c720d8e1fc2f89327054980e8611658ef5 |
| SHA512 | f60fca9c7851b20a697ad41b669fae3132bf264fd92bf027e597b5fddf396bad632cd516bb588a69520900bb520957701ca83a7f009bc3b38b522cc5f814b77b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d87a9a8b91e77ba1765b144cf459d135 |
| SHA1 | 1216c09646d20af4b0e2960a9ea393d0f380bec7 |
| SHA256 | 76ace2db2b8f0c4c8bdc8afeef54ae31ebdf2193b6f7737043eaee311839dfcb |
| SHA512 | 6c09990d6c2ab357f396a76ea0ad913fa658c3777f5ed551650c8d3ea765e70ba720e827b453db648588c670265fdd4022cf7b3a3cf0334996cc5b0f7147daa9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 35463724071582cb440159f357565e53 |
| SHA1 | 8b1712b04b98fd69ec8cc97efc7b92aa2845c525 |
| SHA256 | 11f5cc1e557cb715560e77927a302c1cbc82fe49bb3eb786c77b7c6c2e57c7a8 |
| SHA512 | c454014eae315a90e1af5f9c12f0ed7dd58446721b21fa39add6d36d4259f56319205a88d852c3064efbba14822e5f01ed3eed6585f9f076bfb2fb27e8e1bd5d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 50fc4f56214d6ddce7eadee566294160 |
| SHA1 | 644e747b4ba6f6902d6f939789813bcc78c85b58 |
| SHA256 | 99c10fe87ec27a443684aac3044a9f6a768150a8a49c89547f16837c5375deb6 |
| SHA512 | a633258620828d414f7b9c2614c6f1097de194094e70dbdcf4e50316eb90e18d301e9b556bea191d3591bc8415ec900146aeb519d7fd3cf2cbdcdbc3b9e57785 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 467a175c85548dd8161130433bc44b81 |
| SHA1 | e0524fcf8a99b038e94dd5b878db4ecec81b713c |
| SHA256 | 5b93fe0781071724f25f557bda8937bb4b9328fd57b539258aad0106fbe3e23b |
| SHA512 | f920e7238a066e305ccbc87dd6843f3332bfb6e37d82022b5bbde92cee05841885eccd2e9e7e363396bd3f8512d7c1f2434a364df7e9ff608131df9ca96a1007 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 164d631317893e864c8858494c05c963 |
| SHA1 | 676f4111f26abbc0ac79ddd61ac80d1e645559b5 |
| SHA256 | e4ebd5926988fdafba7bb0602defcef93dcc07e2b3f8f8fd3830b75c2328c610 |
| SHA512 | 8f3278bf93a14f48d0dfb89f27120050768737d61df0f1577828cd1534e7476898c29a8e286c2036159c2fa344d80bebe778f4d7e9dcafa0dd02331182e1136b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3db2b86bb70263694da076501e745e55 |
| SHA1 | 4af4dd5f338626f3ff3c9950e9e5b714f0623f99 |
| SHA256 | 0b632f09a6b4aaeed03376d13788e50851a1f9db5ee44d710037b49586809d4f |
| SHA512 | b9c053f10503d29ee8eec29bc9e1bb9c4307391543c59748199c76624b3a60dd924a2a0e7359c5f7ee85d1557d0d766c37fc8e4bc3e9d945dcd7dbc42d1fc12b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 129cfbf6634de81f6cc4bce1788cd5a6 |
| SHA1 | f216b62ca44b5d0be6eeb319158a387249d97474 |
| SHA256 | 612de9cb34c7af8170bc008b5d800f92ca6838e8024dd13fba8f6c68121cfc19 |
| SHA512 | 31860034417580c45410b434a2edb4d02a196527c6dab7c8f47c49a69c1c5fad2e7d89d0ce2f61d3341e17c396fbbc1ddce2795bdf976626a47702bf150921b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1adc94ea-9b7d-4a53-a517-4f0a5cc1e0e2.tmp
| MD5 | c9898576caf3fcc7596ee16dc2b3ed44 |
| SHA1 | ddef9d44e3fa6d2aeba2584ec6a8a7df968ce0ff |
| SHA256 | 4cb72487e9d20312de51617bbdef1b355510e87a31327c8ae90e1e45f2aaeaae |
| SHA512 | f27afb8e89e39ef5c91bf7bbb266e0999a5eba2724c925e1249b4bdec6d1922c3cb7f1ed46eb39fa5272a705f6a1d30906669f75062d98be8ee78421cc217391 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7063128f1c3055d794e4ae4e21371680 |
| SHA1 | c6562c387a8852374ca0ce7b483ee0e687f0d1b0 |
| SHA256 | d6a3020157b09819f547b6f5ccf1232fc2dd2a609e18b2c95da2074d2f2dd61f |
| SHA512 | 40f9ea019238ef8b39a4fe40a7008e6d67c065de3eeea5da44b962f352def9b776e74951c9ae673f1be7866064ddc7bd2625284cd0c7195a800cc11389edc651 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b34ae8ee7a242d3a3c27bdee7ed05e60 |
| SHA1 | d1a296a0bc5c9be690dc0680390aeabd87e870db |
| SHA256 | 568e4eea8a754e9f951807a6b40e130427c65781982c1fe305e7e36b0ee77e2a |
| SHA512 | cf2bd54cb808d56410c8c10be6f1319e4ffde661ac7a6dae9cb569d0abf2f407bb44e658c3774b761f23f8375b6fd0573073a2dbbf7454e092f811a00ba18935 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7fb6b6a4d32cbfb2cfac0c1726b0de4e |
| SHA1 | 67c75b82b223c03febcfc445586fb0158b85cdd2 |
| SHA256 | a9785951ea27fc6dbbfeb580b4f907a9700926d7b32c5b259e4917af6d1b7aca |
| SHA512 | 57c152ab04bea502287eb991278ea1b997b2228054530565b2884219cccd9c3cc93df883df1dd0fdd4cec621b1e39e52209a774cef534f6ab23492a157a7994e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 258be32521973c4700dd67e242c75ea3 |
| SHA1 | 75e4ab49ed8252af70ad40a6ec7700b70d26fc1a |
| SHA256 | f87cecfe5dd4cccb80a09c2605c19391e520b5755f1c93bfe568b1b0dfc8e81c |
| SHA512 | f1e0df6889bc2ae97eb841ac2076e7058aa68a6a7eb70a9a844d0f3f41157ab4d250c4089f6bd8d7bd8f514bf50d279d4017588a823c2b6bb26f2c03df8f50ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bf936685e100b2cf8a6451c6d0e4c64e |
| SHA1 | a27deed5f26611f54ff01377d8d3ddf3a65b2d93 |
| SHA256 | 804f236d123c7355dbe9af20603277e6c2ae073997c9174fb932f446c6e7fbfb |
| SHA512 | 9cbd11e97819747e6bfcce6fa69cc1ed272b472ea590cf6a5c6e8b65d36969cc0b8c996ec3f1c749a3bc9593c0b0c37a361bebde618882c610c31d31248b0d77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8947c5af4e9d7deed96a55de7298bd45 |
| SHA1 | c6aa0a8b4ab6ddfb791e8bdb7614ac4fce847ab5 |
| SHA256 | 4356dee2e3ee4454f92a45029b3b84d8982299e8432ab1fbed0d9e87f43b0d4b |
| SHA512 | 2e32f01bd06c7fa4634e2d56316a395aceb5468a428bd1f82ca35bc4900a3618a92e7f48607b6d5032d959fc4b0080ec80885da9ac2b3f5f70025f3833ff9391 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2ee8c7f2648d055d1097bddc20fb117a |
| SHA1 | 1d38e45298f8cd1e86105864bd1619cf16ddb235 |
| SHA256 | 681373429f9fe472669b26113d552a8f857a0ba8317a92a3304d01c3e641e3c9 |
| SHA512 | 2cc6ca79327eabf7c504d05f22a857b3112958b344e20ff1f10269182836519a7a91aae9007cc1836578729020f128f3cdd5ff6abe4131f8f8745cdb547b86ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 627afb91938d82d93f40585b4040b564 |
| SHA1 | 00709c5ca5c874e0eac33b6a8fefcc1451aa9f11 |
| SHA256 | a85a88851d91a5773cedc1425effd80f142347fcccc6252d26592f97e94b63b3 |
| SHA512 | 97845a8f3efedde223f65f2e7b6a032dcd8be00561523c4fc3b833640c871d9aba85edf24136bb9e8d6413f6b7dfca9a37f7023eb4b852555aca35ecbdd0ff28 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a3296b15333485008fa27d7c8eb00e2b |
| SHA1 | eb4876a2e484aec1ccee79e901e0e22e3ddd3980 |
| SHA256 | cca2f7332b0b86e74beb373b1d10e62fe3c106996bc164ae958d8958315c8742 |
| SHA512 | 2880235d3289bd4c2ccd2e7723c15dbfa77620625793178097a4982d0fadfe2ff8b2070e922626a683cbf02eafb7d9e9653d197e3c0d4d52a400fbc2022f0792 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5867b9aa69900f2832b5ed967ae78897 |
| SHA1 | c4f2523551fcb2d2b85295089320b46fb59becb8 |
| SHA256 | 69cc80be066b17708f55c72ec60fcdc344d59f461371b20b5c4488d2dddd094b |
| SHA512 | ba5575f7a4acc48922bf1e8c5accea882a480271bc7fa4fd175b4d307765bb85b65f86d6c716fb9848ba6f24d7962b48a331acc0e7bf70487bba34a80655aa65 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 10718d87b184cc1e95bd80df16a94d6d |
| SHA1 | db490633d06cec1f39d16b921fb69f5f44d0806b |
| SHA256 | c56749e684237ecf9150ae9ae585bb8e97393ffac542901c03d8d99b7314b89e |
| SHA512 | 9ada2e6a08807e64beea1b827ec5df872e6492f6f848e3ba3bcb580920b46651860f9d908eaeeb786522ad35df1565ccefca3ecb60570c80a9885925821e01ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 65b23003c15ba42533617c4a71532743 |
| SHA1 | 96fa3345daff2e2db0d6f5b272ccfbda682bea8c |
| SHA256 | 5431e984680f40bb20d4860c24c28995e65ba244af193473688c916017da7deb |
| SHA512 | 9fdd389571436437ebe8e01f217a4f39cbbf6594e0fefe55efd446e333cf05bc0f93527497990d684c83e49a1d51abdc7c7f329b936b288e2631896332a3304b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f9b7a1148dee086189077a3cef0b305c |
| SHA1 | f8d198514447564943b20312240d6355fdb441f6 |
| SHA256 | 96fec03aa476dc99dd25b2dbd3ef0601ce4e8b51733a20d9de4e5259adb55ed7 |
| SHA512 | deb79ffa458d5c9e42d15e58281d0d945d32e3420c799229df0d0cc28308a5586f2268cc7acfc67f1b0c5b9afdf41dbd34b685ecb6aa0b7c741d50877f00a878 |
\??\c:\Users\Admin\AppData\Local\Temp\zxjkafuw\zxjkafuw.cmdline
| MD5 | d4e7e5f1bf3d92e227db18151bc5b41b |
| SHA1 | 054f483c72fb24e3325e5419a11d9e2be91d910d |
| SHA256 | 23f6395d06e3e598eaa7ab3de1078daddc9a4aceb534f4ed8c4b1aa477cbfee6 |
| SHA512 | e2fe2748a1c9acc94e846f3abd8c0ed422fe1aea4e8a86ce2f2fe5e4d2989c2f8fcffee567a33e0c22932fbe895b0ef1777dce27c2bcb83e1d435770ce8b7ba3 |
\??\c:\Users\Admin\AppData\Local\Temp\zxjkafuw\zxjkafuw.0.cs
| MD5 | 7f027c09d4a4506946d0bf52058d5f46 |
| SHA1 | 193725659d898a2d363af57269c4d4ba7f1eece0 |
| SHA256 | 573fe7097b366000ea53065be426bef8c42cfb070065e4e2ee68e96875bf73dc |
| SHA512 | ae3857f0bd176b3fcaecdb812e40d37f7a0a90240bf151caf9c4a82f1df9520475e4a19eb703c1c1c57dc5cef1f45b981bb2d3e767ed2c9db3ab9fb524869e97 |
\??\c:\Users\Admin\Documents\CSCB3CA1BEDB8E4C48B2B3F776BE2CA8FD.TMP
| MD5 | 7bbdbcc70de6f25580bda12314337f16 |
| SHA1 | 925a7b712b7010541fedb228b3611754933e0d7e |
| SHA256 | 3aa6cf6debce3df2fb7e51a328c002256272ae55748a0a15883e3d9e9e8f4721 |
| SHA512 | 2e3dd764d23adab974cac236fa3cf07c4469e980dd4b97c638d44036db7f90b88f2ea4ecff071373125cd657325c26786d59a19d1fa181967c1409d75da14d67 |
C:\Users\Admin\AppData\Local\Temp\RESDB4A.tmp
| MD5 | f6febbd37bdc3841ce47f928bc1412f0 |
| SHA1 | 8f7ba9bdc6db1b3c541e0eeafb9371c15c8de2b0 |
| SHA256 | 6eabbe9c2326c6aaded26320903231a75ff2657f1994c798866284feefae4824 |
| SHA512 | 1d4fd5d5bfee1593bae6f18804ecdbef4d246c251e61b4e89a9198cc8fe16d6260c9549831e7dd640ae75b085f41e52bd33b7ec8f9aca1f684e0ac0ad79dab6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a6
| MD5 | 5098c6ad746b9910d478a999544a8c13 |
| SHA1 | 7b41cbef61ab5dc6bc9a60ee641c6879aa7d9c52 |
| SHA256 | 3e8aec79eb0b30189b134dda40c227b64eb18cc0663e70dd9057c11885eebf4c |
| SHA512 | b8a92de0e115098c2b1825d6dabf5dd7a8505aeab59d214f7e74e10693ff5564a5ac5ebb4c5c2826cc0533359a2181f8ed9072194b122e77c59027fbdd19c586 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3b05dc54dc2a7ffe2fbeb6a1aeec941b |
| SHA1 | 601b47e9816b27e80d2bac220d30797a3b27e315 |
| SHA256 | a4844545a57a882faa1475dac73d35a0e7640c1915f110d90fcf12f419d02dc4 |
| SHA512 | f50dd27c64537b9cefc9dfd92bb05c063a3d2bac09f072e8e37eb78b279068308c8fb4dd4d5bbe54f802810444857221ce43546b7e3d1ed75cdfa253ea33c67b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a7
| MD5 | a5ff4818d0513dfeb36c21006ddd0303 |
| SHA1 | 3a6be74e24789004a50448bcc393cf2f96c125dd |
| SHA256 | e9b2a2e123515d1ec7edd6bf805abae33bb5399f97029ff2ca5321b47000b6c1 |
| SHA512 | bc6642ada442d39ebfbb30cf607c8a44561deaa296838afa79d60caf1084a09acf95579df95851a10709ca3172c76afcfc1b27e33db780c5f1d6183ef1c66de6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2df942f08f74af24b602ce80da192586 |
| SHA1 | e4287b11455616027ba8644d47777b6b0e4e71e8 |
| SHA256 | a222b2d6924a29b36fbe7c1a909c4dbeeb78b7e16ebaa4043783c73ee8ba7d7f |
| SHA512 | 3026c4a3e22ce32ef7ad473ac24bb1cb5153f908ba17e4477c943ade1e19b4bfce23bce9a8f10fd19a32e2063aa06af62cb693403803440a76c86c0b296bf2ea |
C:\Users\Admin\Documents\jjsplot update.exe
| MD5 | 3132175f1368f83ecedd2be7f5cadb5c |
| SHA1 | a1426719b82de0ad6332eb426c9038fff8c76b47 |
| SHA256 | 54624547a2ba00853219b2d372efbe581f747d2f7a91bf3b9172f3ce156b510e |
| SHA512 | 1cf40a83c965119d501db635177d776e1bf7d0c9234413d6b21127062536eb12e191982704acb1a51aa448d482b3032c049756a984e1292df33b8a49878ffa7e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 26b5e6217ef56f8350476eab9c603f04 |
| SHA1 | e64c04299daafc54e21127fa1d5909481bb110ce |
| SHA256 | 92b5f41e2774b51c9d69351fd2d71c74a4d996c1eb2193fe59ad8743301c239b |
| SHA512 | a2a4c94db3cc8cb5d2a554e52dd9c5e4d7242796f6adbdca2826b4e8171cf07b93de3736ee6de3dd3df7de08de4040fda249d0c9cd22863b3878e3f19e18265a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 404b1a55a5683be106271e4116057aef |
| SHA1 | 5b1ee1921eb55f3f924c0cf0670039f05b50e461 |
| SHA256 | c5f6a8ffba9c2586e1bfb6f93653bef9e7ae92c4ddb17dea4f88b3b48fa07868 |
| SHA512 | 958ca64a27a1f82509f8af3ba775c113ef180dd769544ea8bf3a0841c2212f2f428412f77c4b994e249ff013447a4c68dabde646eed6cf364b961204d152960d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db
| MD5 | 8b643afa8f7af8f5a636a27d861e4950 |
| SHA1 | 0a95b4dfe83290f5d67c63ea0955e52cff8722ec |
| SHA256 | a3d1284dda9814c96a7f33f93ccc1319b8011f61f9326ae61d9220daf7f37e26 |
| SHA512 | 6615189acab71503daf9dc3d28d785a21042424a75ec091b298cbbce4a494270d0886f3a1a752273324a23a064805355f615d6f9c16df5121affe2bb778d5a6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ec203f7765ee06ba29a7c0d956a99ffe |
| SHA1 | 253b7c84db0a5e6d8fee71db2969f8f19de0b695 |
| SHA256 | 1592ae7125e68e25e97bde23f9f87753555fa49d427e859ce9db105a6738de26 |
| SHA512 | 56cff5e2c4d3653509ac1b42bf3ae5eddec254558376a2d42b7c7846e4e23347cfe21cbc003daee4eedc4ebda881882157e5f276593a377418d8cf1920d821b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e3d68ec5987b3a2dcfbddb59cbe216ee |
| SHA1 | 022a4e72be1f22f0175116ecab6eddb33e9feaa1 |
| SHA256 | 9a2fa01c00b59aa50b39e64d951a341272cbaa0b60c6d10bebcba07e5f64e238 |
| SHA512 | 983f2f76c2932b94dcc06f0c42248d2967ab759d84b405a4be13760726f87c9ca70b98177dc31e4bffd1462c0679ca8a6850cb8fef9a85ee3bc9d42b7f4cf5b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5151aee5bfd376f10abab7abf1841703 |
| SHA1 | b4569d3ab80549d0771c8b1adaa7039cede6623d |
| SHA256 | 8d80d5198479a7305a068cf6abb88ac959d6c608aaf57a701194eb18c779d1fa |
| SHA512 | 1d817bcb111f5157825c65a9769fb6fee739f9d09c5e598290c65184442f3f0d0c2e980f4f47c2bb63ae75d89a93ee7a0c0d897bad30bba6dbd28aebf7927412 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8cdde5406a7e292643c494a6c9ffa8a9 |
| SHA1 | 97e93f69ee2654e09f8dfe8d44146403b010ffc4 |
| SHA256 | 954c221ce77b4313ada58048056d985e19f9366d12b0c1c6b5a68fb4250be4f0 |
| SHA512 | ec3b23205e9966ce6216adcfc3d1496f3a4e93f8f5bfe560ccc6a7058f02eeb80b88c449a12f290fecbdcdf21008c01eec07532e993665773209ff2b9a0007ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e516f24aec54bcdfe22bf7bd31f67e7d |
| SHA1 | 555a16516cc337e5a45c1219dc9bb958acd2d564 |
| SHA256 | e01f6b1ce5a0eb35d76321aa69e518cd8fbb57f6c487b89101fd3a5b2fbed97f |
| SHA512 | 8eed6970d458a615dfdad097d19586679bb1108052af84adbfaf69fb9c521531fa2624de774e5cd06bbb453e3087d95ca1ca4f3e5c67b10c5f4dba5a1c8ad52c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0254ffaca131ca6e717d7a530d08b2e0 |
| SHA1 | 399c03800acf4d6f57e7bb4d9a92d1b7df28aa1d |
| SHA256 | b39546ee072eda98fe26a04bcb33e3d10b646ee06889bb731b7d2e39e170f370 |
| SHA512 | aa695f66fc3813cc1188673194dbe41b5d2dc6935a2eee6b174c321527bb9baa46ea32c573c57b05199285bd833f5dd8cd17cb32004e02c9a968ac72fa5568a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 97599ae8cdb62034b682525cc2ced2f9 |
| SHA1 | 007dd5eb24a49ee41f2c78ac24ed7cbdfa6d47ac |
| SHA256 | 7c3066136e6659cc39b3d25a61031e3803dc4e84495bb2dd485e4abc33e8fb25 |
| SHA512 | 86aeacdc9cf499e1bd4d23bbd68e481aed34599ed3d7234023029c21162e81f2e0f2664b46dfd4561978215c70ac630f88c7af7b6af50e6bc7e0f934367e7cc6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9f6b662760c800bcaac9a0a584c046b1 |
| SHA1 | 007b6eb1c9b8153682cc4672408bc5fa61c4009e |
| SHA256 | de4e4938e4c8760a9d3f49c8f644ca636d2b11dc3e8b8c36d195f473a35f66aa |
| SHA512 | 56b2ea44bdf0f678efae528b1e22eb6a0a9a599c5783489a4d150acae371e1e64905fab66a243e5157af7059091cf35c6b89d13557af8675beb0ddf94f6b8e30 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | be3238c8e759677ad8cf8058d8d596d5 |
| SHA1 | 4a1a7c83b962d42b5371b760666a911d01df2542 |
| SHA256 | 57b0ad044031f224e686bb7f11fa4b2be9ff57af92e9b2794c9d5294d2647436 |
| SHA512 | bd8e58fad202ebe4c617ffffb715a762cacdca974bde0893532edb77954cfa7c77cce8b2c74191661cbdefff396c5e40dea48b422e43a20fcd3a21b5be4ed710 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e780431273f1036a6f7541dc2ca35a35 |
| SHA1 | 2b2ac104cedf1d273032729a681c9738075869ab |
| SHA256 | 209c0e2aa05b6a728019e208e156863be2e4a6672534b4f7bca05c3b307fa618 |
| SHA512 | 8f7e65b9a9de3a14de58be15bdba6b29d00491718bd4dabeffc98b5bf62d1e7fb28ac50c846a2631d0b82618c98f06fdebd9781c09f14c3dbe68fd43609e4ec4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f2919d2c1f75a3cadf9852778be8642a |
| SHA1 | bedb8185759fb13a6671d4e685b8404e592e1e12 |
| SHA256 | f12f03548ee77369301a950a4e97fad327b9af94a59c20d33dfd1aebc02e663d |
| SHA512 | 4b4d83eb9ac19095c914d897a295a8af85e0945da44dc70738b82db7476ee90704fd9897ca0e306c8704935b647fa9940eae9049a6d77ec09d8f1ca3341d339c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3d127f2d860c97f19700b98acf6e448a |
| SHA1 | ce3a9add014062b2f65ad7078942e76b0f1e0c53 |
| SHA256 | b72997018d1227fcc67a9ace44e4cb52b48f536fc45dc4418b3dfa166d57c084 |
| SHA512 | 34a11a5fb3a8585e0b317b38cd0559b9d8f841c0ecdf75d0579045c707fa3a9dbd53ce1370fcb15e8bfcfbc69819e7e6b58a5a05ef09c829aeee99defeeb6bd9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 875567844ee0025e497b1805c663745d |
| SHA1 | c92783173b941bf630d8bf53026ed66da29e84ec |
| SHA256 | f06d703c9523357cd081855c9d4383e6bad5f7e921fbf0d21b8839381f50e610 |
| SHA512 | ea8e6251da7a65eb98e3a1b34f1de482ee82a6fcc8ea21f582e8c48c9bacee8b536d07b31101638378db4e12cb12b225aebfaadf1ec488e923d0054512e94c4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ae0842019bafb39c5d44c47fb32b5c80 |
| SHA1 | 0ba1deaef5f5721f814bfbfd68b8a211b28fee36 |
| SHA256 | 4e47de9c15c52b7973fee1df5f684f28ae681e3c90a85fdf90893bb8bee22657 |
| SHA512 | e7ceae1e8b1c5a8bde2368d8068059addedc2389869b732394f6d9088001c7d914540cf5bbbc3f92651fc0d8d520f313e433061244380d784c90d707b0681dad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 91d42e215e1ac2c3fffdda1095c74ada |
| SHA1 | 3f7fed7484a66146b494463c6ba583b56cf04f5b |
| SHA256 | 7fdf30853b56a430640b5a06c659e9f94e2a1f3e68c646a208d7829ae509681c |
| SHA512 | 8510c5dedeb130184e3911af5ba565b3f6c304c69830d23624f968a0b98ed83c66602ecf83b96bba7c73b0a6b1747450eb3ac8b9f4db8fab05c6341b38dc0b55 |
\??\c:\Users\Admin\AppData\Local\Temp\m4oq0oub\m4oq0oub.cmdline
| MD5 | 9d9b8697502c8190c452c01d934fb879 |
| SHA1 | 5fedc6a886e29ca4252ec0250c2c867ee97722f2 |
| SHA256 | 9ec0f66c056c3bab516f22def3df72a8656eac74b1f6a8b0850eff7cf5292d16 |
| SHA512 | 72819c8a2092e31a2368bc4f911735a8bf39747f207326caaa5a0e3a44bb77f73e1efb55d098b4bd03e2e6e51e1b8ee990eb627a4a49c1be9e9a94a1d4530876 |
\??\c:\Users\Admin\AppData\Local\Temp\m4oq0oub\m4oq0oub.0.cs
| MD5 | fcb175264a63a5882530445804a61d6b |
| SHA1 | 53c52a0f5c07218e57af16aa25067f026fc4a090 |
| SHA256 | 7c5caad750db132cd5daf27e8a01c05e35f77c5b9e351bc941fc8137c8a1cdca |
| SHA512 | 2c467ae743e815336fd5ac989ea00d2719900ef0b349c74b0370e1abcca35bf10790b157d5961a823e3dbce534061089a96151706a07f5847faaa24813811ab9 |
C:\Users\Admin\AppData\Local\Temp\RESED9B.tmp
| MD5 | 8d28dbed8d1b894e4b72964c08652f94 |
| SHA1 | 31c508778c9c8a524b73f6f552b1f0c794733fa4 |
| SHA256 | 8c72fab0842ddc4e1d80cb60951c81243088f63a332ff3d4c16b3e717bf001a1 |
| SHA512 | 280a6e83d79832bc8aeefe9d5a6a5a3a59ea4be454b57a3d80a930be5b57d5c1b4dd5bb5836223acd5107063d6f23149e199520f8f507467949352a0426492d8 |
memory/624-2158-0x0000000074FF0000-0x00000000757A0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ee7a1dcc2a94e2cc0b6a31abbfaac845 |
| SHA1 | 2a2cfbb731946ecbbc05e0f67f7dd5225465f1f2 |
| SHA256 | 7a805d49b12eaf0d6f0dbaa5fa5187ae7cae6adf2588e730de1f62d440d1a75f |
| SHA512 | 580d45807284c5bb6cfe7c4ea74e8293375ff41bdf5c72ece4a751a43bedbdbc736b435997c51dcebcfcadc5834f9e1f9763140d72dc920b658b65c718bb09d9 |
C:\Users\Admin\Documents\jjsplot update.exe
| MD5 | ebbf4e6a9d857b7ea5de5f0df5f2294d |
| SHA1 | c5f5c1683de596941223ececfe1b0b7f7ce9fe17 |
| SHA256 | 8ba597c5a46765d7069fddee8bd1577bfa20057d74ba196cb66ced0951db10cb |
| SHA512 | 71c1ed3731ab6f17690bf05ca9d3cd8384d2221dd44155888b67aabab0f92e36d5bc820d5822a70cbecd1ea9f01d2208cd14188ccb9e65a467f6b9eb39329b20 |
memory/5060-2170-0x0000000000590000-0x00000000005AA000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 930c8fdf709f6f699fc22b3ad78f5884 |
| SHA1 | 1f82ff2c81e5a55ddb1b9b1faa8cc563ade31915 |
| SHA256 | a2908f1de977dff9351964f3b46404fce062201b8cc8f0e70b15c8f08d6c014f |
| SHA512 | 557e5be029ddcf142117622f2e3cfeb7d192da6d22d356973d413f7441b8b6b7b1b9739784366033b427b6c13912b2a8d58ca2e07936769a5cd7a836c975ad96 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7a801e323c6c95aa9dd529df028feeee |
| SHA1 | 7fbcef43e368466a2698d2fc82b2e3b1ccde0c2d |
| SHA256 | 3dc690ab6481ba377975e36fc30fd0160c8fe998704a2b8ea6d3b33d1f0c727d |
| SHA512 | b51e6d49bb8eb823f18cc0b9a820ddfbc53284a3e7f5b04b7962bc296ebbab71c6b3aaf4525baea5f1b1a3c9b75254a69eb93330b401d2630cd3c9dd4a1ec0c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c0bfe036479e692d1fbe86015e037c6f |
| SHA1 | db193bf667bf95f68388616759ea3fe4ca82aa92 |
| SHA256 | 0376d36e51123626cc05e8a3a3568b1d7494a1c1771f8510c35303c7ab3a1c58 |
| SHA512 | be07eaa3607cf105cecb5922d1faa27f333ee9c3cf92db89cf48658343f0c63d9a58a969f323ea2bdec7089b11a8b3c49f0b40c68e6d9f4a25eb8b5062ca48e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fe27e6cc0dba739cb8005b1882768cd4 |
| SHA1 | d8a6f15288c66edef4326933569053ce754a5730 |
| SHA256 | 63a22c7c26651b997b0e79439f9655f41c89819671ba23b7c286bc415ecb3e7a |
| SHA512 | 15ff24fdf5638ce0dd5c14644e3d83ea1e3cab08881655077f53c00d19aeab4c05c309d346048b3faa0d0ab0a6654bbc6134a28e5eea821b6f450d8937f04159 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ae
| MD5 | 01544cec8ea1384b58d63e4c1955b9ea |
| SHA1 | bda9a87449eee2fd053b56a7844e00b1460eea52 |
| SHA256 | f4d9c14f01e2caa05f3aee0e1c6b4bd282584365271ae8d484bb9c074e6b039a |
| SHA512 | f45d85a0230e51b1942ffc2e133512b622ce0b07e4687e1227a3fb4feff3d269a75d7253add58b158eb03b88972117a38ed38db5bd225d2dab39255e004c713b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 236699bb913624f98f91673c2b6443d6 |
| SHA1 | 211bbdc14289a1db0f8fe058f236f571c189ea52 |
| SHA256 | 9e96fef172aea7326b854dd578c83c5474b19712638521f45445c5fde8dab83c |
| SHA512 | 2aba53d637d78619bac932abaa75121108bf7c458bf400974e1bf7db1c1960d7fdd6958c20ba69c5b9c46989690e33b66b9df757b2cdccf0bc0f266ece401374 |
C:\Users\Admin\Downloads\OperaGXSetup.exe
| MD5 | 2c7416bf2cc1c1659c113311b55b15f9 |
| SHA1 | 5b7af89283a01f0ec0700ac30d20522c21683d51 |
| SHA256 | 7db1355a540f541f8e7ea0f8091f609befec473f25ded05df19839b75fca8add |
| SHA512 | ecc99727f421a1ba2e705da2bf839086065798cb67ca67a9d004e2706d3a429fc7145c25593a0ac59ecab906f439aeba1e9a5c8a220e6f288d5b69a969baea33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 27aa1fb1cff01c7032b20965012b5fda |
| SHA1 | 2739400d71112db1cf81fe9cbd6133000f72f0a7 |
| SHA256 | ac035f5157a432c8f0a11313cfb1e1722bfc4c0443887661af43c965cd92646f |
| SHA512 | f94229c821455bfcd5592da0ef3e9783f4d3c67dedad66b1d8741f8af2cac82bb3e04d9d151daecf6129771d97b3e47d785ebf382d84134262e7e2d799f0ed0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5e13d1f43b4dfd6d07a37b10d4574d4e |
| SHA1 | d30f1027b039fb19e230416dd3e32fa26d36fb12 |
| SHA256 | dce0ece120d89587f17e6d879d8bd96d8048e354659a4fb77a122996e4c8aa40 |
| SHA512 | 6b8dc12b07f8e2a250a3aea9a28259d8ae7eba2a7bbe6a87c63f3d32ea34e5d994d6925f2a162d3915e58509b93c7d02ae98d9cae61367d2cd84425a62f2af27 |
C:\Users\Admin\AppData\Local\Temp\7zSC9258603\setup.exe
| MD5 | 80510ea85c478436f90b927e1730820e |
| SHA1 | 7a54ff150b83061210dfc683aaf113c8ad3abd1f |
| SHA256 | 97fc8eb7503277c0789ae5c7683246b433d8ab5a482ec7fe0ec61e0037c05b30 |
| SHA512 | cacdd3f9107f7fb839c6ae67a4408329caa82d15e1f0f5fbf6721500fbe43b873e7eb4da3f3569ce8ddd5c26e4f47397bc2b4f4133808050e49fd34fff2c53a7 |
C:\Users\Admin\AppData\Local\Temp\Opera_installer_2411250505224311232.dll
| MD5 | 5ec157d8d5e886c43f1adcf45bfa1c71 |
| SHA1 | 4606048ce3a1d74d5a07e5fda2fd2274e1727b45 |
| SHA256 | fcd77e9a357f744ac0eced1f896e23cd875f1c7f8e77b5fff23f86a786842ceb |
| SHA512 | 2255f3c3d7deb1946415125d987ab22a75c9dacda94fc3bbcdb43cf876ec0e0cfdc2e4636216b3c20b2eba740a32062bc12b2d72d113ae5913cc6f81758953c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0462a032765fa9914d99602cd3ad4dc8 |
| SHA1 | 9b433e9db1467492703982165bc132df2560b786 |
| SHA256 | 99619d204fe64c79640a76a71d4f16a59d98afc8ff5657ab64b617d0a423f72f |
| SHA512 | 5a92ca841a6b4a5c61f1559a8d584c4e7810dfafe11c2cee71a26136f66792e712a2c9133512be37df0c20820e54e02d65341c26e04594a201fbb5458215e3cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 315c551e5e430a3e6638b8df7b8d3c70 |
| SHA1 | a511e860ac1d84f0fba6845effe82d61dd850c04 |
| SHA256 | 32d1b6dbaf98ed8165fe47ee0fe17528cec9984f1a03573f5221613d415f9d44 |
| SHA512 | 890b7ff06bf319cc9fe1f9e47ef1b92220b2b6c975637c3f9b28698650be6875d07388c05c8e0e2eecdcc5a74d6baf45847913ff0f5c231d5389b893781ac98c |
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411250505231\additional_file0.tmp
| MD5 | e9a2209b61f4be34f25069a6e54affea |
| SHA1 | 6368b0a81608c701b06b97aeff194ce88fd0e3c0 |
| SHA256 | e950f17f4181009eeafa9f5306e8a9dfd26d88ca63b1838f44ff0efc738e7d1f |
| SHA512 | 59e46277ca79a43ed8b0a25b24eff013e251a75f90587e013b9c12851e5dd7283b6172f7d48583982f6a32069457778ee440025c1c754bf7bb6ce8ae1d2c3fc5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 590075f419ea158a092d92798b364e5d |
| SHA1 | 726cdcf1833349a26a07503b3841023fe388116b |
| SHA256 | 9ac3180f4af128143107cd5e439888e95151e99b96f92cbec1a31e658c1eff91 |
| SHA512 | 7db663a2124365a6a1cd9720e003998fe191d202af53a24704b78bff34164beed3461fd14250c824073d4d6227fe0b92ddc1a8ac36101aa105b0889a1125ea18 |
C:\Windows\Temp\SDIAG_fa7003bd-f6df-4cc0-a797-57ca2c02725a\en-US\DiagPackage.dll.mui
| MD5 | d7309f9b759ccb83b676420b4bde0182 |
| SHA1 | 641ad24a420e2774a75168aaf1e990fca240e348 |
| SHA256 | 51d06affd4db0e4b37d35d0e85b8209d5fab741904e8d03df1a27a0be102324f |
| SHA512 | 7284f2d48e1747bbc97a1dab91fb57ff659ed9a05b3fa78a7def733e809c15834c15912102f03a81019261431e9ed3c110fd96539c9628c55653e7ac21d8478d |
C:\Windows\Temp\SDIAG_fa7003bd-f6df-4cc0-a797-57ca2c02725a\DiagPackage.dll
| MD5 | 79134a74dd0f019af67d9498192f5652 |
| SHA1 | 90235b521e92e600d189d75f7f733c4bda02c027 |
| SHA256 | 9d6e3ed51893661dfe5a98557f5e7e255bbe223e3403a42aa44ea563098c947e |
| SHA512 | 1627d3abe3a54478c131f664f43c8e91dc5d2f2f7ddc049bc30dfa065eee329ed93edd73c9b93cf07bed997f43d58842333b3678e61aceac391fbe171d8461a3 |
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_3krbx4mq.vha.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/5548-2539-0x000001DE2C560000-0x000001DE2C582000-memory.dmp
memory/5548-2548-0x000001DE140C0000-0x000001DE140C8000-memory.dmp
memory/3040-2547-0x0000014846380000-0x0000014846E41000-memory.dmp
memory/5548-2558-0x000001DE2C590000-0x000001DE2C598000-memory.dmp
memory/5828-2557-0x0000018D0F310000-0x0000018D0FDD1000-memory.dmp
C:\Users\Admin\AppData\Local\ElevatedDiagnostics\733862231\2024112505.000\results.xsl
| MD5 | 310e1da2344ba6ca96666fb639840ea9 |
| SHA1 | e8694edf9ee68782aa1de05470b884cc1a0e1ded |
| SHA256 | 67401342192babc27e62d4c1e0940409cc3f2bd28f77399e71d245eae8d3f63c |
| SHA512 | 62ab361ffea1f0b6ff1cc76c74b8e20c2499d72f3eb0c010d47dba7e6d723f9948dba3397ea26241a1a995cffce2a68cd0aaa1bb8d917dd8f4c8f3729fa6d244 |
C:\Users\Admin\AppData\Local\ElevatedDiagnostics\733862231\2024112505.000\PCW.debugreport.xml
| MD5 | 708c84301297ed5fbfed59d9d8256ba3 |
| SHA1 | a179b07a2bd6a6f9d257286d443aa06fd206bea8 |
| SHA256 | c3e098ff17a4eef7bd57bbcc75d4f309fa1a2d52eeadd396628235f4ee769e33 |
| SHA512 | f921de88f8a62615ae7920b62ed7a057ba9a642e8d3a1065ad5ec3b63469130d16959f6e98e14fa7df2d86f5fe58d09894525029e3885088ed3ff4239af7b79f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f2f9f4340bbe962f392ca3804d292aad |
| SHA1 | ca4bf2053a139d4cdc397859e6213af6ef2c622c |
| SHA256 | aed46b2808bf1f503962504960d12054117b6aa875288c903b64d30843d4d795 |
| SHA512 | b490f09c0d5cea05633dc407a0b3009e7dd706cee2032b01736643a2859491b65fc23f69a13aa011adf61b6a0cc0e8e5368329c432db9bb89f9492cd7d232112 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c6b886cdae647dcbdb7e504ad0b5220b |
| SHA1 | 0464a1ab471d59632c8b6fc62ad17d87005241a7 |
| SHA256 | 3586023c8073678b7c4488145d76b769e37cf33aef49d441e0ee0a8790f590e7 |
| SHA512 | 72192a1784572be7d9ceb92339804c2534db46436083c53d21efdb160b9510a5c1a225fbc988418044bcd105ada989d9f9252caa2bed6998be127eda4f9d10d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ca8fca4b-c4d6-4487-a4a2-609e3c4b84d0.tmp
| MD5 | 58c6ad5db0fa00cf72b0588607b4a709 |
| SHA1 | 4493ff1c90dd9ac8e9c08de577e28ffd88d49b61 |
| SHA256 | 81391eef3356f23f18907433aa39a29d4b4dc955cf690a9ac5e56eb0383f0092 |
| SHA512 | 83136a968a24e08742ae8e23b852fa6806ba5e8f85c588e9c68075b7771ef254a29f3e88fee0d1e5b61ff23cc9bfceff401592bcabbb26776868336ad37577fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 52829db8c8c53b0056a22e2f9db52252 |
| SHA1 | 9914b17dfe023ec4425caed2165c4a1eaa7e8b1c |
| SHA256 | 40014ae48d3ede435dd20086516c0ac036e98c9b3b6ed0bca2e72ec74bb14f7d |
| SHA512 | 003d1dc517bc6bd00a4091fc54cd86ea9f5e324c467bde5e0481fb474594e27b0df62db0971373dcdbf6283002d4d6ff9c258ca249e9553ec5adb7225f3ab76e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b8642287bec6d08352d74ae89165232c |
| SHA1 | d429952b61ed44e57cabf4985f96ebdfcbaf62a3 |
| SHA256 | d9edec35d01fb0a5e11b288915edfd9fe37402c3b85ce2a2170f3c215d1af3ba |
| SHA512 | cc33e7d114d92740e78fc4cea932790cc5fd72ceeb65277aed65665435c8f50fa7be711b04679874161879d5a5fcf6df9a1393237fc1552f78d16d89eda1a01c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | 0cc4706b8148d0c1c6497c45299f757b |
| SHA1 | ddfbefe424bd39da23d19b9a40307a4a85a62460 |
| SHA256 | 8fb1eedbdec13713fd539369fa32d118587e364f36f81e5e996a108483d2cd3a |
| SHA512 | ef96793b765f8e224384fe14c2c566a9548fb7d8d4f1d56fce4c1b9abcc6f2fe155155d25d34308947301594cac82f2dd8c91cafb47bbe9996a277e8ab262424 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e591d4b5e6ecea03efa754ed0ad633b4 |
| SHA1 | be84ef5687957aafec2f655274201416e8c2c498 |
| SHA256 | b7ce86de774561a9fa84267c762ddc4e43abff1d17e0a7e2b00e9f040c31bcd8 |
| SHA512 | 63f0b6f0c4aae11ac5116774975cf78b1f4e6cd44ec6d03b16cd911dadcd543d207af2bd3c174e6dc54e3b41fb5f9c72d56a8622fbb0995f88b8a1c6a83c543c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4d5e5a617fe9d19d679e9b26d2f457d8 |
| SHA1 | 23df48250f6e7d7bf9a2374173e6497e521d4f9f |
| SHA256 | 8afbf7461c9a2561ff68b7375f6246e9cda481681cd69fc79e87d63b66366962 |
| SHA512 | 079be99d87ab57bbdfcbaf7b61437b027d6b68c8f033abeb28623cff03e542a9195cfa6f516241f8580e3c0027145460950e147faf3de78f500160dd7097c1e5 |