Analysis Overview
Threat Level: Known bad
The file https://file.io/eAiPQjs6JwmY was found to be: Known bad.
Malicious Activity Summary
Eaglerat family
EagleRat
Executes dropped EXE
A potential corporate email address has been identified in the URL: =@L
Mark of the Web detected: This indicates that the page was originally saved or cloned.
Program crash
Browser Information Discovery
System Location Discovery: System Language Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Checks SCSI registry key(s)
Modifies data under HKEY_USERS
NTFS ADS
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies registry class
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-17 19:37
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-17 19:37
Reported
2024-12-17 19:38
Platform
win10v2004-20241007-en
Max time kernel
101s
Max time network
106s
Command Line
Signatures
EagleRat
Eaglerat family
A potential corporate email address has been identified in the URL: =@L
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\virus.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\virus.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\virus.exe | N/A |
Mark of the Web detected: This indicates that the page was originally saved or cloned.
| Description | Indicator | Process | Target |
| N/A | https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html | N/A | N/A |
Browser Information Discovery
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\virus.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\virus.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\virus.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\virus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\virus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\virus.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133789378380395836" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\)ÿ┤╔╙X.3╥D\ÜhÇr╪╒â⌠o■ä┤}>4V¿â3≈i4╤A┬Äú╝▀2:╩╟Öà╫ε╗5(╡EnV·▌*ïe1╤ù>░I1╞=├dΘe+m╜¼D | C:\Windows\system32\cmd.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\virus.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\virus.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://file.io/eAiPQjs6JwmY
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd5f9ecc40,0x7ffd5f9ecc4c,0x7ffd5f9ecc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1904,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1900 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2396 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3148 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3188 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4596,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4608 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=5020,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4668 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5116,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4920 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5136,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4804 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5252,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5292 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4944,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5092 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5536,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5564 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5720,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5740 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5676,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5700 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5872,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6004 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5240,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5168 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6448,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6548 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6468,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6572 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6476,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6692 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6580,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6816 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6660,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6932 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=7148,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7156 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7288,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7328 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7304,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7436 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7560,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7388 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7664,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7652 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7760,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7924 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=8144,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=8316,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8324 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=8468,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8488 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=8332,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8600 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=8732,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8740 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=8748,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8872 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=8880,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9004 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=9124,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9028 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=9148,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9256 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=5548,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9280 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7424,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8156 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=9700,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9716 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=9852,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9860 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=9892,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9992 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=10112,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10132 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=9400,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8728 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=10576,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10592 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=9160,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9564 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=10836,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10848 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=10852,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10908 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=9848,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10896 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=11280,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11320 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=6360,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10732 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=11512,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11496 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=11680,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11720 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=11304,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11892 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=11864,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11624 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=11140,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9672 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=11876,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8568 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=11904,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11868 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=11912,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11924 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=11292,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8296 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=8504,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11764 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=11164,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11808 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=11136,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8676 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=11960,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11984 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=11976,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7816 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=11312,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7312 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=11712,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9304 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=11700,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9392 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=12020,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9136 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=4640,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8720 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=5712,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4632 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=9184,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=7964,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9260 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=9680,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12068 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=9208,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11508 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=9236,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8100 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=8512,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11484 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=5592,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7752 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=7852,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9332 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=7312,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7912 /prefetch:1
C:\Users\Admin\Downloads\virus.exe
"C:\Users\Admin\Downloads\virus.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4392 -ip 4392
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4392 -s 984
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=8448,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10652 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=10664,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8036 /prefetch:1
C:\Users\Admin\Downloads\virus.exe
"C:\Users\Admin\Downloads\virus.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 3920 -ip 3920
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3920 -s 1040
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8108,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5816 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=6296,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7936 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=11316,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10276 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=10692,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11124 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=10648,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10644 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=10668,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7992 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=5144,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7616 /prefetch:1
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\ShowConfirm.cmd" "
C:\Users\Admin\Downloads\virus.exe
"C:\Users\Admin\Downloads\virus.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 1924 -ip 1924
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1924 -s 1036
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=9028,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=728 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=8296,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9128 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=7592,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9340 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | file.io | udp |
| US | 143.244.215.221:443 | file.io | tcp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.215.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.file.io | udp |
| FR | 3.165.113.125:443 | www.file.io | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | hb.vntsm.com | udp |
| GB | 143.244.38.136:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | 125.113.165.3.in-addr.arpa | udp |
| GB | 143.244.38.136:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | hb.vntsm.io | udp |
| US | 8.8.8.8:53 | hb-vntsm-com.global.ssl.fastly.net | udp |
| US | 151.101.65.194:443 | hb-vntsm-com.global.ssl.fastly.net | tcp |
| US | 104.22.46.142:443 | hb.vntsm.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| FR | 13.249.33.78:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.65.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.46.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.33.249.13.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 143.244.215.221:443 | file.io | tcp |
| FR | 13.249.33.78:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| FR | 52.84.174.6:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| FR | 142.250.179.78:443 | fundingchoicesmessages.google.com | tcp |
| FR | 216.58.214.67:443 | www.google.co.uk | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 23.208.240.151:443 | secure.cdn.fastclick.net | tcp |
| GB | 23.208.240.151:443 | secure.cdn.fastclick.net | tcp |
| US | 104.22.52.173:443 | cdn.hadronid.net | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| FR | 142.250.179.78:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| NL | 89.207.16.146:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.5.69:443 | a.ad.gt | tcp |
| FR | 142.250.179.65:443 | lh3.googleusercontent.com | tcp |
| FR | 142.250.179.78:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.23.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.71.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.33.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.240.208.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.184.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 104.18.29.101:443 | cdn-ima.33across.com | tcp |
| FR | 18.155.129.56:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | ex.ingage.tech | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | hb-api.omnitagjs.com | udp |
| US | 8.8.8.8:53 | ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | exchange.kueezrtb.com | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 172.64.153.78:443 | mp.4dex.io | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| DE | 52.59.238.109:443 | btlr.sharethrough.com | tcp |
| DE | 52.59.238.109:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| IE | 34.243.185.61:443 | ads.yieldmo.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| IE | 34.246.253.169:443 | ap.lijit.com | tcp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| DE | 18.157.230.4:443 | tlx.3lift.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 104.18.26.216:443 | ex.ingage.tech | tcp |
| US | 174.138.124.83:443 | exchange.kueezrtb.com | tcp |
| US | 174.138.124.83:443 | exchange.kueezrtb.com | tcp |
| US | 174.138.124.83:443 | exchange.kueezrtb.com | tcp |
| US | 174.138.124.83:443 | exchange.kueezrtb.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| FR | 149.202.238.97:443 | prg.smartadserver.com | tcp |
| FR | 149.202.238.97:443 | prg.smartadserver.com | tcp |
| FR | 149.202.238.97:443 | prg.smartadserver.com | tcp |
| FR | 149.202.238.97:443 | prg.smartadserver.com | tcp |
| FR | 18.244.28.86:443 | hb.yellowblue.io | tcp |
| FR | 18.245.178.101:443 | aax.amazon-adsystem.com | tcp |
| US | 104.18.26.193:443 | htlb.casalemedia.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 37.252.172.123:443 | ib.adnxs.com | tcp |
| FR | 163.5.194.36:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| IE | 34.246.77.188:443 | bcp.crwdcntrl.net | tcp |
| US | 104.18.26.216:443 | ex.ingage.tech | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| IE | 52.95.125.22:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | tg1.aniview.com | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.29.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.189.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.185.243.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.253.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.26.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 109.238.59.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.230.157.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.26.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.238.202.149.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.178.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| GB | 23.214.142.107:443 | tg1.aniview.com | tcp |
| US | 8.8.8.8:53 | 36.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.172.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.124.138.174.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.77.246.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.125.95.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | feed.avplayer.com | udp |
| US | 8.8.8.8:53 | player.avplayer.com | udp |
| US | 8.8.8.8:53 | track4.aniview.com | udp |
| US | 172.240.45.75:443 | track4.aniview.com | tcp |
| GB | 95.101.143.233:443 | feed.avplayer.com | tcp |
| GB | 2.20.12.106:443 | player.avplayer.com | tcp |
| US | 8.8.8.8:53 | ssp-sync.criteo.com | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | trace-eu.mediago.io | udp |
| US | 8.8.8.8:53 | ms-cookie-sync.presage.io | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 178.250.1.57:443 | ssp-sync.criteo.com | tcp |
| US | 8.8.8.8:53 | 99dc99ef5fa3d3fef06eaf5595033678.safeframe.googlesyndication.com | udp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| FR | 216.58.214.66:443 | ep1.adtrafficquality.google | tcp |
| IE | 99.80.128.60:443 | ms-cookie-sync.presage.io | tcp |
| FR | 216.58.214.65:443 | 99dc99ef5fa3d3fef06eaf5595033678.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | edge.venatusmedia.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | sync.inmobi.com | udp |
| BE | 34.34.170.154:443 | edge.venatusmedia.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 20.33.55.12:443 | sync.inmobi.com | tcp |
| FR | 5.135.209.101:443 | ssbsync.smartadserver.com | tcp |
| GB | 2.20.12.106:443 | player.avplayer.com | tcp |
| US | 8.8.8.8:53 | player.aniview.com | udp |
| US | 8.8.8.8:53 | play.aniview.com | udp |
| GB | 2.20.12.106:443 | player.aniview.com | tcp |
| US | 8.8.8.8:53 | content1.avplayer.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 23.214.142.107:443 | play.aniview.com | tcp |
| FR | 142.250.178.129:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | cdn1.vntsm.com | udp |
| US | 143.244.215.221:443 | file.io | tcp |
| FR | 185.93.2.243:443 | cdn1.vntsm.com | tcp |
| US | 8.8.8.8:53 | 107.142.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.168.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.128.80.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.170.34.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.209.135.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.55.33.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.2.93.185.in-addr.arpa | udp |
| US | 172.240.45.75:443 | track4.aniview.com | udp |
| US | 8.8.8.8:53 | visitor.omnitagjs.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 98.82.157.137:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | scripts.webcontentassessor.com | udp |
| US | 8.8.8.8:53 | go1.aniview.com | udp |
| FR | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| FR | 142.250.178.129:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 172.240.45.81:443 | go1.aniview.com | tcp |
| US | 151.101.66.217:443 | scripts.webcontentassessor.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | cs-tam.yellowblue.io | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | t.adx.opera.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | sync.richaudience.com | udp |
| US | 8.8.8.8:53 | elb.the-ozone-project.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| IE | 52.95.125.22:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| DE | 37.252.172.123:443 | ib.adnxs.com | tcp |
| DE | 37.252.172.123:443 | ib.adnxs.com | tcp |
| GB | 2.20.12.106:443 | content1.avplayer.com | udp |
| FR | 172.217.20.194:443 | cm.g.doubleclick.net | tcp |
| FR | 172.217.20.194:443 | cm.g.doubleclick.net | tcp |
| IE | 54.194.2.39:443 | cs-tam.yellowblue.io | tcp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| GB | 23.214.129.249:443 | secure-assets.rubiconproject.com | tcp |
| US | 172.64.153.66:443 | elb.the-ozone-project.com | tcp |
| GB | 184.25.193.73:443 | eus.rubiconproject.com | tcp |
| GB | 184.25.193.73:443 | eus.rubiconproject.com | tcp |
| US | 50.31.142.95:443 | b1sync.zemanta.com | tcp |
| US | 50.31.142.95:443 | b1sync.zemanta.com | tcp |
| DE | 148.251.40.112:443 | sync.richaudience.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | 137.157.82.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.84.255.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.66.101.151.in-addr.arpa | udp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| US | 8.8.8.8:53 | 81.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | inmobi-match.dotomi.com | udp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| IE | 34.246.253.169:443 | ap.lijit.com | tcp |
| GB | 184.26.56.245:443 | ads.pubmatic.com | tcp |
| GB | 184.26.56.245:443 | ads.pubmatic.com | tcp |
| GB | 184.26.56.245:443 | ads.pubmatic.com | tcp |
| FR | 163.5.194.36:443 | prebid.a-mo.net | tcp |
| US | 8.8.8.8:53 | cs.krushmedia.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 80.77.87.216:443 | cs.krushmedia.com | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| NL | 64.158.223.137:443 | inmobi-match.dotomi.com | tcp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| FR | 172.217.20.194:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | u.openx.net | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| US | 8.8.8.8:53 | s2s.aniview.com | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| US | 8.8.8.8:53 | inv-nets.admixer.net | udp |
| US | 8.8.8.8:53 | optimized-by.rubiconproject.com | udp |
| US | 8.8.8.8:53 | sync.aniview.com | udp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | sync.e-volution.ai | udp |
| US | 8.8.8.8:53 | us.ck-ie.com | udp |
| US | 8.8.8.8:53 | tracker-shr.ortb.net | udp |
| US | 8.8.8.8:53 | venatusmedia-d.openx.net | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 8.8.8.8:53 | cs.ingage.tech | udp |
| US | 8.8.8.8:53 | sync.a-mo.net | udp |
| US | 8.8.8.8:53 | tr.blismedia.com | udp |
| US | 8.8.8.8:53 | cs.pgammedia.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | prebid-server.rubiconproject.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | sid.storygize.net | udp |
| US | 8.8.8.8:53 | 108.136.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.129.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.153.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.193.25.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.2.194.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 245.56.26.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.234.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.169.93.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.142.31.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.40.251.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | triplelift-match.dotomi.com | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| US | 172.240.45.70:443 | s2s.aniview.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| US | 34.98.64.218:443 | venatusmedia-d.openx.net | tcp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| DE | 18.184.223.12:443 | optimized-by.rubiconproject.com | tcp |
| US | 8.2.110.70:443 | us.ck-ie.com | tcp |
| FR | 18.164.52.46:443 | s.ad.smaato.net | tcp |
| NL | 91.227.144.189:443 | sync.e-volution.ai | tcp |
| NL | 89.149.193.120:443 | rtb-csync.smartadserver.com | tcp |
| DE | 116.202.167.133:443 | inv-nets.admixer.net | tcp |
| IE | 34.243.185.61:443 | ads.yieldmo.com | tcp |
| FR | 5.135.209.101:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 150.216.36.34.in-addr.arpa | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | assets.a-mo.net | udp |
| FR | 154.54.250.81:443 | ads.stickyadstv.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 81.250.54.154.in-addr.arpa | udp |
| IE | 52.48.183.31:443 | sync.crwdcntrl.net | tcp |
| IE | 52.48.36.35:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 104.18.27.216:443 | cs.ingage.tech | tcp |
| US | 80.77.87.200:443 | cs.pgammedia.com | tcp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 172.111.38.54:443 | tracker-shr.ortb.net | tcp |
| US | 34.96.105.8:443 | tr.blismedia.com | tcp |
| US | 34.96.105.8:443 | tr.blismedia.com | tcp |
| US | 34.98.64.218:443 | venatusmedia-d.openx.net | tcp |
| US | 8.8.8.8:53 | 137.223.158.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 164.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.87.77.80.in-addr.arpa | udp |
| US | 104.18.24.18:443 | js-sec.indexww.com | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| IE | 52.48.36.35:443 | pr-bh.ybp.yahoo.com | tcp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| NL | 63.215.202.169:443 | triplelift-match.dotomi.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 52.71.40.119:443 | sync.srv.stackadapt.com | tcp |
| US | 52.71.40.119:443 | sync.srv.stackadapt.com | tcp |
| US | 52.71.40.119:443 | sync.srv.stackadapt.com | tcp |
| US | 151.101.193.108:443 | acdn.adnxs.com | tcp |
| US | 143.244.208.184:443 | sid.storygize.net | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| FR | 163.5.194.37:443 | sync.a-mo.net | tcp |
| US | 104.19.159.19:443 | assets.a-mo.net | tcp |
| NL | 89.149.193.120:443 | rtb-csync.smartadserver.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 34.98.64.218:443 | venatusmedia-d.openx.net | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 8.8.8.8:53 | u.ipw.metadsp.co.uk | udp |
| US | 34.98.64.218:443 | venatusmedia-d.openx.net | udp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| US | 172.240.45.96:443 | sync.aniview.com | tcp |
| FR | 172.217.20.194:443 | cm.g.doubleclick.net | tcp |
| FR | 172.217.20.194:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | sync.clearnview.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| DE | 18.195.234.25:443 | match.sharethrough.com | tcp |
| NL | 35.214.132.90:443 | u.ipw.metadsp.co.uk | tcp |
| NL | 35.214.138.30:443 | csync.loopme.me | tcp |
| IE | 52.17.184.74:443 | match.prod.bidr.io | tcp |
| US | 88.214.193.140:443 | sync.clearnview.com | tcp |
| DK | 37.157.5.141:443 | c1.adform.net | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| DK | 37.157.5.141:443 | c1.adform.net | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| NL | 35.214.132.90:443 | u.ipw.metadsp.co.uk | udp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| US | 80.77.87.200:443 | cs.pgammedia.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 50.31.142.95:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | cs-rtb.minutemedia-prebid.com | udp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| US | 50.31.142.95:443 | b1sync.zemanta.com | tcp |
| US | 69.166.1.66:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | cs-server-s2s.yellowblue.io | udp |
| DE | 91.228.74.159:443 | cms.quantserve.com | tcp |
| US | 8.8.8.8:53 | sync.cootlogix.com | udp |
| US | 8.8.8.8:53 | dmp.dexerto.media | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | ssc-cms.33across.com | udp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel-us-east.rubiconproject.com | udp |
| US | 8.8.8.8:53 | dsp-cookie.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 69.166.1.66:443 | sync.go.sonobi.com | tcp |
| US | 69.166.1.66:443 | sync.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 69.173.151.100:443 | pixel-us-east.rubiconproject.com | tcp |
| FR | 216.58.214.66:443 | ep1.adtrafficquality.google | udp |
| US | 44.207.135.17:443 | dmp.dexerto.media | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| DE | 80.82.210.217:443 | dsp-cookie.adfarm1.adition.com | tcp |
| US | 67.202.105.24:443 | ssc-cms.33across.com | tcp |
| US | 159.89.52.195:443 | sync.cootlogix.com | tcp |
| US | 159.89.52.195:443 | sync.cootlogix.com | tcp |
| US | 159.89.52.195:443 | sync.cootlogix.com | tcp |
| US | 159.89.52.195:443 | sync.cootlogix.com | tcp |
| US | 52.203.34.185:443 | cs-server-s2s.yellowblue.io | tcp |
| FR | 18.155.129.13:443 | cs-rtb.minutemedia-prebid.com | tcp |
| US | 8.8.8.8:53 | sync.bedrockplatform.ninja | udp |
| US | 8.8.8.8:53 | 39cc7ff100a67c5789f19546db1c83a4.safeframe.googlesyndication.com | udp |
| US | 159.89.52.195:443 | sync.cootlogix.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 80.77.87.163:443 | cs.admanmedia.com | tcp |
| FR | 172.217.20.194:443 | cm.g.doubleclick.net | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | sync.adotmob.com | udp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| GB | 173.194.76.95:443 | imasdk.googleapis.com | tcp |
| IE | 52.214.88.250:443 | sync.bedrockplatform.ninja | tcp |
| US | 8.8.8.8:53 | sync.ipredictive.com | udp |
| US | 8.8.8.8:53 | 1f2e7.v.fwmrm.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.9.89.51.in-addr.arpa | udp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| US | 8.8.8.8:53 | 12.223.184.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.45.240.172.in-addr.arpa | udp |
| US | 216.200.232.249:443 | sync.mathtag.com | tcp |
| US | 8.8.8.8:53 | 96.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.27.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.105.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.144.227.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.52.164.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.36.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.183.48.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.167.202.116.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.40.71.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.159.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.208.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.184.17.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.132.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.138.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.193.214.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.5.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | track1.avplayer.com | udp |
| US | 8.8.8.8:53 | 200.87.77.80.in-addr.arpa | udp |
| US | 104.18.27.193:443 | ssum-sec.casalemedia.com | udp |
| US | 172.240.45.76:443 | track1.avplayer.com | tcp |
| US | 8.8.8.8:53 | 88.199.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.129.155.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.210.82.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.151.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.52.89.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.135.207.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.34.203.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.76.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.88.214.52.in-addr.arpa | udp |
| US | 54.172.83.147:443 | sync.ipredictive.com | tcp |
| GB | 18.134.84.19:443 | 1f2e7.v.fwmrm.net | tcp |
| GB | 173.194.76.95:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | cacerts.geotrust.com | udp |
| FR | 142.250.201.166:443 | s0.2mdn.net | tcp |
| SE | 192.229.221.95:80 | cacerts.geotrust.com | tcp |
| IE | 52.17.184.74:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| FR | 172.217.20.162:443 | pubads.g.doubleclick.net | tcp |
| FR | 172.217.20.162:443 | pubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | b1sync.outbrain.com | udp |
| US | 70.42.32.255:443 | b1sync.outbrain.com | tcp |
| NL | 35.214.199.88:443 | rtb.mfadsrvr.com | udp |
| US | 8.8.8.8:53 | pool.admedo.com | udp |
| BE | 35.206.140.87:443 | pool.admedo.com | tcp |
| US | 8.8.8.8:53 | 88.176.137.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.27.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.232.200.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.84.134.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.83.172.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| GB | 185.64.190.81:443 | image4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| GB | 184.25.192.27:443 | contextual.media.net | tcp |
| DK | 37.157.6.231:443 | cm.adform.net | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 103.67.200.72:443 | sync.adkernel.com | tcp |
| US | 172.240.45.70:443 | s2s.aniview.com | udp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| US | 216.239.32.3:443 | csi.gstatic.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| FR | 172.217.20.162:443 | pubads.g.doubleclick.net | udp |
| BE | 35.206.140.87:443 | pool.admedo.com | udp |
| US | 8.8.8.8:53 | cs.yellowblue.io | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| US | 216.239.32.3:443 | csi.gstatic.com | udp |
| IE | 54.77.68.100:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 172.64.146.152:443 | capi.connatix.com | tcp |
| US | 8.8.8.8:53 | 27.192.25.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.140.206.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.200.67.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.68.77.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eu-u.openx.net | udp |
| US | 80.77.87.200:443 | cs.pgammedia.com | tcp |
| NL | 35.214.138.30:443 | csync.loopme.me | tcp |
| US | 80.77.87.200:443 | cs.pgammedia.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | ssp.disqus.com | udp |
| US | 34.196.76.47:443 | ssp.disqus.com | tcp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| CA | 148.113.153.94:443 | pixel.onaudience.com | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| US | 104.22.50.98:443 | mwzeom.zeotap.com | tcp |
| NL | 35.204.201.36:443 | um.simpli.fi | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | bc-sync.com | udp |
| US | 8.8.8.8:53 | api-2-0.spot.im | udp |
| NL | 35.214.138.30:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | tracker.open-adsyield.com | udp |
| US | 8.8.8.8:53 | jadserve.postrelease.com | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| US | 18.207.37.71:443 | api-2-0.spot.im | tcp |
| US | 8.8.8.8:53 | gum.aidemsrv.com | udp |
| US | 172.111.38.86:443 | tracker.open-adsyield.com | tcp |
| IE | 34.250.252.102:443 | jadserve.postrelease.com | tcp |
| US | 104.18.6.198:443 | gum.aidemsrv.com | tcp |
| US | 8.8.8.8:53 | ads.avads.net | udp |
| US | 34.128.133.112:443 | ads.avads.net | tcp |
| US | 8.8.8.8:53 | sync-service.net | udp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.76.196.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.50.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.201.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.153.113.148.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.252.250.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.6.18.104.in-addr.arpa | udp |
| US | 204.62.12.209:443 | sync-service.net | tcp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 192.132.33.69:443 | bttrack.com | tcp |
| US | 8.2.108.175:443 | bc-sync.com | tcp |
| GB | 2.20.12.106:443 | content1.avplayer.com | tcp |
| US | 8.8.8.8:53 | 86.38.111.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.133.128.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.12.62.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.37.207.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| DE | 52.57.150.20:443 | ps.eyeota.net | tcp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 104.18.26.193:443 | ssum.casalemedia.com | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 8.8.8.8:53 | pb-am.a-mo.net | udp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| FR | 163.5.194.35:443 | pb-am.a-mo.net | tcp |
| FR | 163.5.194.35:443 | pb-am.a-mo.net | tcp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| GB | 87.248.114.11:443 | ups.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | odr.mookie1.com | udp |
| US | 34.160.236.64:443 | odr.mookie1.com | tcp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| US | 8.8.8.8:53 | id.rtb.mx | udp |
| US | 8.8.8.8:53 | prebid.adnxs.com | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| US | 8.8.8.8:53 | ow.pubmatic.com | udp |
| DE | 79.127.216.47:443 | id.rtb.mx | tcp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| DE | 79.127.216.47:443 | id.rtb.mx | tcp |
| NL | 185.89.208.11:443 | prebid.adnxs.com | tcp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| US | 172.240.45.76:443 | track1.avplayer.com | udp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| US | 8.8.8.8:53 | 47.216.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.194.5.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.114.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.236.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.208.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.150.57.52.in-addr.arpa | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 8.8.8.8:53 | sonata-notifications.taptapnetworks.com | udp |
| US | 8.8.8.8:53 | dsp.360yield.com | udp |
| US | 8.8.8.8:53 | dsp-ap.eskimi.com | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| DE | 3.123.192.166:443 | sonata-notifications.taptapnetworks.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| IE | 34.250.141.206:443 | dsp.360yield.com | tcp |
| NL | 188.42.63.48:443 | dsp-ap.eskimi.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| NL | 64.158.223.140:443 | pubmatic-match.dotomi.com | tcp |
| FR | 142.250.178.129:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 166.192.123.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.141.250.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.63.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.17.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.223.158.64.in-addr.arpa | udp |
| FR | 216.58.214.66:443 | ep1.adtrafficquality.google | udp |
| NL | 35.214.138.30:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | d5p.de17a.com | udp |
| SE | 13.50.192.155:443 | d5p.de17a.com | tcp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | cm-supply-web.gammaplatform.com | udp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| NL | 46.228.174.117:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | cm.adgrx.com | udp |
| US | 8.8.8.8:53 | green.erne.co | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| IE | 52.19.224.221:443 | cm.adgrx.com | tcp |
| FR | 141.94.240.143:443 | green.erne.co | tcp |
| US | 104.18.37.193:443 | a.tribalfusion.com | tcp |
| US | 8.8.8.8:53 | pixel-eu.onaudience.com | udp |
| FR | 54.38.113.4:443 | pixel-eu.onaudience.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | 155.192.50.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.240.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.224.19.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.37.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| CA | 148.113.153.94:443 | pixel.onaudience.com | tcp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.12.20.2.in-addr.arpa | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| FR | 149.202.238.97:443 | prg.smartadserver.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | 901161e0c704cb094bccf1f26d1e50cf.safeframe.googlesyndication.com | udp |
| GB | 173.194.76.95:443 | imasdk.googleapis.com | udp |
| FR | 172.217.20.161:443 | tpc.googlesyndication.com | tcp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 161.20.217.172.in-addr.arpa | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| FR | 149.202.238.97:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 5f8721cafdd11876de18cd5a50209d0b.safeframe.googlesyndication.com | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| FR | 149.202.238.97:443 | prg.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 9c1aec09cb4d5b32bbc4d4208683cbe5.safeframe.googlesyndication.com | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| DE | 142.250.185.227:443 | beacons.gcp.gvt2.com | tcp |
| DE | 142.250.185.227:443 | beacons.gcp.gvt2.com | tcp |
| DE | 142.250.185.227:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 227.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | optimized-by.rubiconproject.com | udp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| FR | 149.202.238.97:443 | prg.smartadserver.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| DE | 142.250.185.227:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 9bf6c846cbaa74cdceef0f9a89456851.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| NL | 46.228.174.115:443 | targeting.unrulymedia.com | tcp |
| FR | 149.202.238.97:443 | prg.smartadserver.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 52205fdaa5ba4fd1f59835d5032cf042.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn1.vntsm.com | udp |
| GB | 173.194.76.95:443 | imasdk.googleapis.com | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| DE | 37.252.172.123:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| US | 174.138.124.83:443 | exchange.kueezrtb.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 174.138.124.83:443 | exchange.kueezrtb.com | tcp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 104.18.26.193:443 | htlb.casalemedia.com | udp |
| FR | 185.255.84.150:443 | hb-api.omnitagjs.com | tcp |
| IE | 52.214.83.243:443 | ap.lijit.com | tcp |
| FR | 163.5.194.36:443 | pb-am.a-mo.net | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | apex.go.sonobi.com | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| IE | 52.19.107.231:443 | ads.yieldmo.com | tcp |
| US | 69.166.1.64:443 | apex.go.sonobi.com | tcp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | 243.83.214.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.107.19.52.in-addr.arpa | udp |
Files
\??\pipe\crashpad_64_VKMJTXBOVPHRVVAO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | ef60b70c0a46acd91d6662f430155f37 |
| SHA1 | 7ebbfae6bac1a944af62c67bccbf052217d10d26 |
| SHA256 | ba5cc968a41cc32e7b8f2798ccfc96c5fa529daa085e62d83ddb23ab6556b68b |
| SHA512 | 55e8208adc1aed30eb71ae9fc8a16113bd2d9546011499aacdee561707fa2601f0b37b344502bc302283d559d14dddd8615ce160ee1a007a67dfc2e62611bb39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ece9a7f4e9ff3a6df438e542234c185f |
| SHA1 | 6e0f1dea9c7c864209686b51813eeb34032f8d92 |
| SHA256 | b94f609fabd86cb026f40871c192f1ef7e6a85f0c56e8d600b7476db0d9296f9 |
| SHA512 | 9955f08cb5ee512f5998f209ec89cc12351f27740e88522ba11345722a1dac1e7df41e4638f83adcd9c305098b99cca7d298f43e232fbc504199e5d749d8549d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a7f00dbc757296b1a196f8b7abcb28de |
| SHA1 | 125b97212818ea05908f03474bf5346ff90b81b7 |
| SHA256 | 51b8e346054b52ff11c633714077fc8e07cf44b759131ce0c19d85a1b5ffafd4 |
| SHA512 | 9a309ab774e1b2ce4009685144b40abb327d7d2239a819e0e7f157221f2abf19fc1b6ef0589bf66312c2dd27ae947725598fb5d9bf270def4f13a7497b639e03 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
| MD5 | 722a5c8e9a28cf3220825f4e555176a3 |
| SHA1 | c662f0371ee534a0e20b1b9e6a5f49e4609fb86d |
| SHA256 | 21b7757220221262068a3943e4c7ac09e690e65c40403f3a20af4f58d1e5cf81 |
| SHA512 | 0a9cc0a324b3bbc7046be76103ea9c909d6bce6017cfb7c409344d7610b8d720be6e115775ff56b4ade6e304e69cdd944482d5f2511865dd30bd60afd0282291 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 553b497668204156035a0f1a1c2d4f2b |
| SHA1 | 49c9477b799bdea4f8aaf2dae4782fbbe10fbf59 |
| SHA256 | 270e0d5f528b298643e62747b263590a5f260f51bbe3e7ab2d2d4b12f0846bbf |
| SHA512 | efd071d089ad6f521a2b4758b813c624a716562cdcb392d9bb044a6c8aaebac3f50b43ec4b2aed4d7a6d124881baee08d8661b2c70b6ade37751f6715340771e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cbcfecad394c98dd18b5e76ba95ebdd2 |
| SHA1 | ccf0c0719a82a4b7297ced5e057e2cb73973386a |
| SHA256 | 9a0fbc1767fd4208f1fd0b58231b0638ba63012630a70e72f7c03bd09ba226b1 |
| SHA512 | 77ac226ecf7dba5af02d72c0c2c291786d312d2629c5bf275754861b58cbaaf4159299f7ae42b6207e1a7197c53c8ac182780b02710e5c90e5e2b1762c8d6766 |
memory/4392-326-0x000000007450E000-0x000000007450F000-memory.dmp
memory/4392-327-0x0000000000950000-0x0000000000966000-memory.dmp
memory/4392-330-0x0000000001020000-0x0000000001032000-memory.dmp
memory/4392-331-0x00000000052A0000-0x00000000052BA000-memory.dmp
memory/4392-332-0x0000000074500000-0x0000000074CB0000-memory.dmp
memory/4392-333-0x0000000005960000-0x0000000005F04000-memory.dmp
memory/4392-334-0x0000000074500000-0x0000000074CB0000-memory.dmp
C:\Users\Admin\AppData\Local\virus.exe
| MD5 | a7189a0ceb12391b5fb08a5daf23c1ce |
| SHA1 | 47a5abd499b046684683222fef28f7fbb2d97b37 |
| SHA256 | ad4e1f833c7c19521ec05df6a40e3fe6402be941b3ac91115c560ff9d97bb3bf |
| SHA512 | d4eaab74bb3aa3d57fbdbabeee3c0ebc3abd0e69a15f78ec525cea9353ff937c98195d447df7d6651d221afeed8c8d9efbb9e9fe8faa0a98ac15400cd7ef67b2 |
memory/4392-337-0x0000000005530000-0x00000000055A6000-memory.dmp
memory/4392-338-0x0000000074500000-0x0000000074CB0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6c11335b750773ddb4b1a1a421bd8bad |
| SHA1 | d232fd4e348fadd933046ce268618b1ff53e783e |
| SHA256 | 655c4fe397c886537adf750b81e84b79b39220c7d734c3454ccd64c760511fb5 |
| SHA512 | 989a52ddecca149dd16a30b3332f6e493353b4bbd4cfecd673d9afb336a8085fc292a93e3d3cce0623ef7315093c9ac252d1d64d6ecb93fe191a95a2dfd6d0c6 |
memory/4392-348-0x0000000074500000-0x0000000074CB0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f5b25d82c94239bf986220d05caac367 |
| SHA1 | ce4fc561755eb1ca99c57a66b52bda0be3435eaa |
| SHA256 | 8f09180408994bf3bb175e5d784120ff9d2caadb2028029cb7dcb1b8a603dd92 |
| SHA512 | f705ce1711fafb269ac2d2097ea10a5f3900ed569b294324d8211723d601f763642ba259a87afa82fd212c860cbba98f744b821eccf42683a4c01428f03ee91c |
memory/3920-365-0x00000000744D0000-0x000000007457B000-memory.dmp
memory/3920-366-0x00000000051F0000-0x0000000005202000-memory.dmp
memory/3920-369-0x0000000005720000-0x00000000057B2000-memory.dmp
memory/3920-370-0x00000000744D0000-0x000000007457B000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | dec1bbf98a92331f77ada4c96ef987d1 |
| SHA1 | ebf1119f325b3976711e1fd92d53829cad677e90 |
| SHA256 | cca51c3a425f8a848d8f62ab0eead382d17f3b7c89888e2d57889c279b742052 |
| SHA512 | ad1bd4e9c2562ecf611e146f3d9d972c60b6440e139b6c2978b142279251b1128ce5aa08612e5d420b6ba6d74214c3dd4e22bbebd86260325ad91de5a70171c9 |
memory/2108-395-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp
memory/2108-394-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp
memory/2108-393-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp
memory/2108-402-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp
memory/2108-405-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp
memory/2108-404-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp
memory/2108-403-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp
memory/2108-401-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp
memory/2108-400-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp
memory/2108-399-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 7e3f6cf5a9fce4231845eebe27d2d06d |
| SHA1 | 36d732ccfe4b28982464de99baceec7deeeb88e1 |
| SHA256 | 3b71cf842a6f20e9324a22401f6117ee6dd3170ee50af36f86a1a2eeda8f6644 |
| SHA512 | fe7375bda4a1591ccab9eb77ee7776ad0f1b8bb79cb8d69e77a56bdc55da2232cfafae9aa7dfbc12d7cab41be38ee39b65589de22a5ee81051bb7489d0c78203 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | 1b2731006f2b2597b02859e501bc2d4c |
| SHA1 | 118d27a703cef3fb083593a56bbc93e62420f30a |
| SHA256 | 59dc184cbc1a318493460d1d78999cfdaaaac9a457b5a3a02c2567dfa17314bd |
| SHA512 | f7452f91afe2fbfcb04f80dc7b051d874224de8790bbc53858678332a6b49f7295a15989a587811e1e8fb58a38625ec3e15657d88a367fd50d5b201d7abbe90c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030
| MD5 | 60dc4c8d075c2f821712c1d627bed9f8 |
| SHA1 | e9a5b07e40ff832ca6ea5647f2ce0c673216b5ed |
| SHA256 | ccac68fb2041f85eed7ed7c6bbcd88de575a5fff4d9e1951c85224582f857fd3 |
| SHA512 | 5f8f1cabdd1c2c42d868bd4e7c8e762c5c8a86034716926f21ecbec0b4a0aa4e6c87eac90febf256eeeb6009a699caa2e252c64ed8c385ef212fc29b28ce9b03 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bd6ff10cb91671a0f8b22e7c4505c6ea |
| SHA1 | 9e3c210a3f9a2fbad2972beec6d13bda4e059e0f |
| SHA256 | da5311474e5bf4d4d855b8e9d350f428b948fd89a1322971bb89f6fa432b91c6 |
| SHA512 | 2407a1aaddbed1638a69b6467c882ea69fafa22d877fa5e3d6a585ab638279c2e4c231cd2b8898b329347621333692636b643d5cf0cde0e52eb54cf2b95af8c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8b1251eec71fae2b93d6c043e1baf02d |
| SHA1 | 95515f5475a95b069232b7af0b58957afe41a5ac |
| SHA256 | 9b95a126657ff657b3cd1a751784ef30967241ec0e99197d8d3d1ed8c0878368 |
| SHA512 | eff1c42cf81facc9d52502fd6e1ea1da236d7e2f6e0e7d17493ce0108e18e68a1350fbf76a96c60ab243acdf9f62b2320599977c4fb7a3b5b24f3a7eb4bffb27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 65a0df799c4bff78238216b323bbd5de |
| SHA1 | 94a3249fc7b2043d3ec0630bcbebb54751000a42 |
| SHA256 | f28b8160581fa580a2a5af7a24b6ddbb1d2ec236aa4ec28254351ef7acda5dcc |
| SHA512 | 21bdecfa9bc896ac7f2a1f02cfe19a7b7d1701740a027f562539b93987520d1be4d9d1d91797da59a8e28750e6288cc27b5692aa6e351bd2dd7b52f323faeb88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 97274729b2090e9c229b722009426440 |
| SHA1 | 9301ef31565e31f2cf6e86af19c6acfa37d7ae08 |
| SHA256 | efacde077e104d729d54825ab58bef4d38dab9d4ae8499b2a2dba329edc00f1f |
| SHA512 | dcb8b68b86aaa29164233f145d549e4349a98f63a728cb36516019d7c8143226ef27405acb15f90b8a6a09bb325205c55d817cadd497f7e0e7760566cb421aca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3fb877939e6ee6222beabc662507088a |
| SHA1 | fa81b1f69a9d2a5af893a92b134f61118e29e4f8 |
| SHA256 | 6330c05e0960856147f3b7efb2eb18d38e8fd03adc8377ecdfba2287ebefe417 |
| SHA512 | 2aece7f26b73bd5173d3e1af9c7b3f82dac1a1322b412d1d459891820357aca3743c4edaa195885595ce23af90a2509f62cebe4391b2455d22b772b029c808c2 |
memory/1924-518-0x00000000030F0000-0x0000000003102000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0ca4572f3dbd7a1a_0
| MD5 | 1a2cb5de98459b9db16fa2ded74f5d28 |
| SHA1 | 2977ca2970e19b777bb1993abdf643beb1508efe |
| SHA256 | 44991430ea95742e384037a05b7e6c39515be5b843939ad926b641ea86f6ad87 |
| SHA512 | ce3868396b1348aaf373b005ea056c68f85d7405fab1f5e8a54f316c4e83256775e3182b4831a899f697e4d04682b1b26367c070e1113e0077a03db23c13cf7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b828986f817ab44b_0
| MD5 | b22b454d9a8c6639bab93ae458c99632 |
| SHA1 | 2152b199bae3dc28d2caceb3b296e1c0fe3b9abc |
| SHA256 | aec03d9087732f598160d68122932366b40ea1f4c9c9ee2f916e708d81733612 |
| SHA512 | 9dc4e0fb999e89caee0baa3d8b21c7f5186a00c429371abd3c13d767e2787afb35bd2a075614ae3f195e283733e47e5b1596df47b6f522e2cdd225ec90047ac9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b1728ee6bb8d5047_0
| MD5 | a3d89a3b74301a244ddb97afdfa82112 |
| SHA1 | 564263c2f0630d111b24f96f463489e00ff528cf |
| SHA256 | 91787e49db8e191db3c1bb757c59935f9c9acdcd97685863d2f597a845bcf5d9 |
| SHA512 | ff95b68435cb74c1f9ebd3d9faf4e5afbe18810c92e41549b606fb17669d6849900f8d747ef5df78f9132c4ace9d3cfacfd0bef1fa1faba2ff04662b059236e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b4e5802bed96785c_0
| MD5 | facfe7632a906a9437c1f63362766137 |
| SHA1 | 94816d54079dfd1620d3026cc4aed36a69de4ff0 |
| SHA256 | 8584b94900fec84a45be9cdf85c950315523ce792abca45cce97c7ff5d0ef4b4 |
| SHA512 | 9b9b81490f88574ea09adebc326ff1df33e2f779f223cb2516c35781d696cbdd4e179e40afab47fb6f903943ce8def1a2ef6dffae4ab1b7fccb6428046a2ad45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\229ca002659213a7_0
| MD5 | 6cdc4cd40e367bfdc70d2005ac426284 |
| SHA1 | 0e7a476264094a51ed3cd97fd0a6594242689094 |
| SHA256 | 473c75d43f487d2b966485b88b13f03d4e2f01ea871a04e5d33af9cf6a5ca2a2 |
| SHA512 | 82a916cf302480f4ef4293a3ffac7c38b3771bb8c4fa66386b89b331a75def341a7b6387150a98a51a27900d76d6bae1785fbea463714d6849b6580c68d25748 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6ad1a5bef090b736_0
| MD5 | c5dfa8389492f18221f61f0f41aa4f91 |
| SHA1 | 8e2969358555bdc017f3d8b9b55e52baad49fac5 |
| SHA256 | 620f1cf8f101d62ef1f1e707f2a21750cdff6f33b6feecd4ad97251beaba5097 |
| SHA512 | 21a83e704fe0b750f6178f13392d6ecfa16fa778a32331d15d24b42ee8f55e510ff0b3aa12333d350a43725ce0169c4d7d1b30e4d465fc1d22532e25c62dcd54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4e76d992ce193c3_0
| MD5 | 93a7aae08153aff0fb7b153019a37ec6 |
| SHA1 | 85024a17adb0774413c6a6f877478e628c4e7e21 |
| SHA256 | c2fc725f361b9ecfc5b102ec63c7a819f36c35f6b50eb89c6558d45965ae9996 |
| SHA512 | f8cb086f9f421e1206cf3ff806444351c520d3351bc3e1d395b5d05915957e13cccadc6a5329ad0a8d357ee43196c912bab100b36749085da987ae620fd110d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\151d0846dc7a7f84_0
| MD5 | bedd73b20843f72954758e19255ea27e |
| SHA1 | 44e23450baf2975de09270323c324dfabab034da |
| SHA256 | 3845519c744408e09966685354ded95f07a036a6541a6a7262458831e3061113 |
| SHA512 | 4c36122b68ffed86789e8e8d2d1271be885f97705c53f5ed8b531c3a869f000f669fd326504077b0222bee1dc340dbba4bf981167654ceaf5bf9d44d3b0009e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3d3183f7a3d245605fc2c01e70f096a7 |
| SHA1 | db0436bf1930191c291c7fa675cad0ac20ba59e2 |
| SHA256 | c062d64bb175b578c533b109cd9513b55fdc0f9b108c91a0c08ba1b7c58de97c |
| SHA512 | 0638117405dc1cb3c3ecef7de5d994a8a161e7f8800c39dea578234836c6a37c8a67b71b7880aad769cbce755cff7e75adf3fdf55f08c5cf6aaa297abbe4f21b |