Analysis Overview
SHA256
7aebd8303daca5d96c4704b8ec51d829ee0fe09f9e86838ddb6a8b2d29cca291
Threat Level: Known bad
The file source_prepared.exe was found to be: Known bad.
Malicious Activity Summary
Detect Pysilon
Pysilon family
Enumerates VirtualBox DLL files
Command and Scripting Interpreter: PowerShell
Sets file to hidden
Executes dropped EXE
Loads dropped DLL
Adds Run key to start application
Legitimate hosting services abused for malware hosting/C2
UPX packed file
Drops file in Program Files directory
Detects Pyinstaller
Browser Information Discovery
Unsigned PE
Views/modifies file attributes
Kills process with taskkill
Uses Task Scheduler COM API
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: LoadsDriver
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: AddClipboardFormatListener
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Checks processor information in registry
Modifies registry class
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-22 22:15
Signatures
Detect Pysilon
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Pysilon family
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-22 22:15
Reported
2024-12-22 22:33
Platform
win10ltsc2021-20241211-en
Max time kernel
1043s
Max time network
832s
Command Line
Signatures
Enumerates VirtualBox DLL files
| Description | Indicator | Process | Target |
| File opened (read-only) | C:\windows\system32\vboxhook.dll | C:\Users\Admin\AppData\Local\Temp\source_prepared.exe | N/A |
| File opened (read-only) | C:\windows\system32\vboxmrxnp.dll | C:\Users\Admin\AppData\Local\Temp\source_prepared.exe | N/A |
| File opened (read-only) | C:\windows\system32\vboxhook.dll | C:\Users\Admin\azsumzarko\PrudnahTeshko.exe | N/A |
| File opened (read-only) | C:\windows\system32\vboxmrxnp.dll | C:\Users\Admin\azsumzarko\PrudnahTeshko.exe | N/A |
Command and Scripting Interpreter: PowerShell
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| N/A | N/A | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Sets file to hidden
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\attrib.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\azsumzarko\PrudnahTeshko.exe | N/A |
| N/A | N/A | C:\Users\Admin\azsumzarko\PrudnahTeshko.exe | N/A |
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sgmaboy = "C:\\Users\\Admin\\azsumzarko\\PrudnahTeshko.exe" | C:\Users\Admin\AppData\Local\Temp\source_prepared.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\6601526c-9c12-41f3-a7d4-b3b020dd13ef.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241222221743.pma | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
Browser Information Discovery
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4084745894-3294430273-2212167662-1000_Classes\Local Settings | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\azsumzarko\PrudnahTeshko.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Views/modifies file attributes
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\attrib.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\source_prepared.exe
"C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"
C:\Users\Admin\AppData\Local\Temp\source_prepared.exe
"C:\Users\Admin\AppData\Local\Temp\source_prepared.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x294 0xbc
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -Command "Add-MpPreference -ExclusionPath \"C:\Users\Admin\azsumzarko\""
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\azsumzarko\activate.bat
C:\Windows\system32\attrib.exe
attrib +s +h .
C:\Users\Admin\azsumzarko\PrudnahTeshko.exe
"PrudnahTeshko.exe"
C:\Windows\system32\taskkill.exe
taskkill /f /im "source_prepared.exe"
C:\Users\Admin\azsumzarko\PrudnahTeshko.exe
"PrudnahTeshko.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "ver"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell -Command "Add-MpPreference -ExclusionPath \"C:\Users\Admin\azsumzarko\""
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\UnpublishOut.mhtml
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x144,0x148,0x14c,0x120,0x150,0x7ffbd34a46f8,0x7ffbd34a4708,0x7ffbd34a4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,6479492872987019231,2562717209403304954,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2224 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,6479492872987019231,2562717209403304954,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,6479492872987019231,2562717209403304954,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2896 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6479492872987019231,2562717209403304954,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,6479492872987019231,2562717209403304954,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,6479492872987019231,2562717209403304954,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5620 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x264,0x268,0x26c,0x16c,0x270,0x7ff6e4f75460,0x7ff6e4f75470,0x7ff6e4f75480
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,6479492872987019231,2562717209403304954,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5620 /prefetch:8
C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
"C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE"
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\Desktop\UnprotectSubmit.xlsx"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1968 -parentBuildID 20240401114208 -prefsHandle 1896 -prefMapHandle 1888 -prefsLen 23839 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {159fa456-1a39-4c92-8ece-eeb358242400} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2376 -parentBuildID 20240401114208 -prefsHandle 2368 -prefMapHandle 2364 -prefsLen 23717 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0f8a1861-ae2f-4011-918b-98e7449dabc2} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2576 -childID 1 -isForBrowser -prefsHandle 2976 -prefMapHandle 3040 -prefsLen 22652 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c1fe1100-475a-4677-9420-87ba9e73fcbe} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4116 -childID 2 -isForBrowser -prefsHandle 4108 -prefMapHandle 4104 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9412fe1-0678-4ada-a26e-55bd57572888} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4832 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4828 -prefMapHandle 4824 -prefsLen 29091 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {67133cc8-a14e-4e2b-b6c2-df57b9abce30} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5156 -childID 3 -isForBrowser -prefsHandle 5136 -prefMapHandle 5160 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {285a3daf-0dab-4ce9-b338-4000715c7b05} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5300 -childID 4 -isForBrowser -prefsHandle 5380 -prefMapHandle 5376 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8ff52097-29b5-4250-b490-69579879ca0f} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5392 -childID 5 -isForBrowser -prefsHandle 5528 -prefMapHandle 5532 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0aaaed97-a401-40b7-acee-8f913ae5e722} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5816 -childID 6 -isForBrowser -prefsHandle 5340 -prefMapHandle 5824 -prefsLen 27211 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b77ad138-5db5-4f15-9f1d-7cca76e7fd09} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6328 -childID 7 -isForBrowser -prefsHandle 6360 -prefMapHandle 6356 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f035f97f-1a15-459d-a89c-f0f5d86c2efa} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6644 -childID 8 -isForBrowser -prefsHandle 4672 -prefMapHandle 4300 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ad8985f2-51c0-4193-b17b-a209bb4d4e19} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7044 -childID 9 -isForBrowser -prefsHandle 7012 -prefMapHandle 6992 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {82ebb6fb-3fc3-478e-9f85-df62ef8df548} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7252 -childID 10 -isForBrowser -prefsHandle 7288 -prefMapHandle 7296 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a79aebfa-16af-4a72-9b05-eacb7f0a5ccb} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6512 -childID 11 -isForBrowser -prefsHandle 7316 -prefMapHandle 7312 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9474a2ec-7394-4027-9924-1d31fc4ca077} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7664 -childID 12 -isForBrowser -prefsHandle 7656 -prefMapHandle 7652 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ac0aebc-c688-42d1-8ae1-0537fe61bc1b} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7796 -childID 13 -isForBrowser -prefsHandle 7784 -prefMapHandle 7780 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {57177794-a7bc-44df-8706-113a72126de2} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7804 -childID 14 -isForBrowser -prefsHandle 6444 -prefMapHandle 7776 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {85f2c0fd-762c-4c36-a9d7-cc4b0e47a9b0} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7812 -childID 15 -isForBrowser -prefsHandle 6356 -prefMapHandle 5976 -prefsLen 27998 -prefMapSize 244658 -jsInitHandle 992 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cacb747e-0781-4591-a6fc-dde61c6bd982} 1520 "\\.\pipe\gecko-crash-server-pipe.1520" tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 8.8.8.8:53 | gateway.discord.gg | udp |
| US | 162.159.136.234:443 | gateway.discord.gg | tcp |
| N/A | 127.0.0.1:52785 | tcp | |
| US | 8.8.8.8:53 | 233.128.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.136.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fd.api.iris.microsoft.com | udp |
| NL | 20.103.156.88:443 | fd.api.iris.microsoft.com | tcp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 51.11.108.188:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 172.165.61.93:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.244.186:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.244.186:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | roaming.officeapps.live.com | udp |
| IE | 52.109.76.243:443 | roaming.officeapps.live.com | tcp |
| US | 8.8.8.8:53 | 243.76.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.76.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.189.79.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.10.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 2.16.153.203:443 | www.bing.com | tcp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| US | 8.8.8.8:53 | 203.153.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.195.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.169.36.23.in-addr.arpa | udp |
| N/A | 127.0.0.1:60593 | tcp | |
| US | 8.8.8.8:53 | www.mozilla.org | udp |
| US | 151.101.131.19:443 | www.mozilla.org | tcp |
| US | 151.101.131.19:443 | www.mozilla.org | tcp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | www-mozilla.fastly-edge.com | udp |
| US | 8.8.8.8:53 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | firefox-api-proxy.cdn.mozilla.net | udp |
| US | 34.117.188.166:443 | spocs.getpocket.com | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.ads.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | 19.131.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.225.228.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| N/A | 127.0.0.1:60600 | tcp | |
| US | 8.8.8.8:53 | support.mozilla.org | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | us-west1.prod.sumo.prod.webservices.mozgcp.net | udp |
| US | 34.149.128.2:443 | us-west1.prod.sumo.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | 2.128.149.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 164.20.217.172.in-addr.arpa | udp |
| FR | 172.217.20.164:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 195.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | location.services.mozilla.com | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | ciscobinary.openh264.org | udp |
| FR | 172.217.20.174:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | a19.dscg10.akamai.net | udp |
| FR | 172.217.20.174:443 | redirector.gvt1.com | udp |
| US | 8.8.8.8:53 | r4---sn-aigzrnsz.gvt1.com | udp |
| GB | 74.125.175.169:443 | r4---sn-aigzrnsz.gvt1.com | tcp |
| US | 8.8.8.8:53 | r4.sn-aigzrnsz.gvt1.com | udp |
| US | 8.8.8.8:53 | r4.sn-aigzrnsz.gvt1.com | udp |
| GB | 74.125.175.169:443 | r4.sn-aigzrnsz.gvt1.com | udp |
| US | 8.8.8.8:53 | 216.72.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.181.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.175.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| FR | 216.58.215.49:443 | csp.withgoogle.com | tcp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| FR | 142.250.179.74:443 | ogads-pa.googleapis.com | tcp |
| FR | 142.250.179.74:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| FR | 216.58.215.49:443 | csp.withgoogle.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| FR | 142.250.179.74:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 49.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 216.58.214.174:443 | play.google.com | tcp |
| FR | 216.58.214.174:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 216.58.214.174:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 174.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| FR | 142.250.75.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| FR | 142.250.75.238:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | 238.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | locate.measurementlab.net | udp |
| FR | 142.250.201.179:443 | locate.measurementlab.net | tcp |
| US | 8.8.8.8:53 | ghs.googlehosted.com | udp |
| US | 8.8.8.8:53 | ghs.googlehosted.com | udp |
| US | 8.8.8.8:53 | 179.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.speedtest.net | udp |
| US | 104.17.148.22:443 | www.speedtest.net | tcp |
| US | 8.8.8.8:53 | www.speedtest.net.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | www.speedtest.net.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | cdn.ziffstatic.com | udp |
| US | 8.8.8.8:53 | b.cdnst.net | udp |
| US | 8.8.8.8:53 | b-code.liadm.com | udp |
| GB | 2.16.153.135:443 | cdn.ziffstatic.com | tcp |
| US | 8.8.8.8:53 | e96286.dsci.akamaiedge.net | udp |
| US | 151.101.2.219:443 | b.cdnst.net | tcp |
| US | 151.101.2.219:443 | b.cdnst.net | tcp |
| US | 151.101.2.219:443 | b.cdnst.net | tcp |
| US | 151.101.2.219:443 | b.cdnst.net | tcp |
| US | 8.8.8.8:53 | dualstack.zd.map.fastly.net | udp |
| US | 8.8.8.8:53 | detgh1asa1dg4.cloudfront.net | udp |
| US | 8.8.8.8:53 | dualstack.zd.map.fastly.net | udp |
| US | 8.8.8.8:53 | detgh1asa1dg4.cloudfront.net | udp |
| US | 8.8.8.8:53 | e96286.dsci.akamaiedge.net | udp |
| GB | 2.16.153.135:443 | e96286.dsci.akamaiedge.net | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 104.18.86.42:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | diffuser-cdn.app-us1.com | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 104.17.31.174:443 | diffuser-cdn.app-us1.com | tcp |
| US | 8.8.8.8:53 | diffuser-cdn.app-us1.com | udp |
| US | 8.8.8.8:53 | d1ykf07e75w7ss.cloudfront.net | udp |
| US | 8.8.8.8:53 | diffuser-cdn.app-us1.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | 22.148.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.86.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.31.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | prism.app-us1.com | udp |
| US | 8.8.8.8:53 | 135.153.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.static.zdbb.net | udp |
| US | 8.8.8.8:53 | prism.app-us1.com | udp |
| US | 104.17.31.174:443 | prism.app-us1.com | tcp |
| GB | 104.77.161.165:443 | cdn.static.zdbb.net | tcp |
| US | 8.8.8.8:53 | e96286.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | prism.app-us1.com | udp |
| US | 8.8.8.8:53 | e96286.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | zdbb.net | udp |
| US | 8.8.8.8:53 | gurgle.speedtest.net | udp |
| US | 8.8.8.8:53 | trackcmp.net | udp |
| IE | 108.128.122.18:443 | zdbb.net | tcp |
| US | 8.8.8.8:53 | zdbb.net | udp |
| US | 35.170.46.96:443 | gurgle.speedtest.net | tcp |
| US | 8.8.8.8:53 | gurgle.zdbb.net | udp |
| US | 104.18.34.214:443 | trackcmp.net | tcp |
| US | 8.8.8.8:53 | trackcmp.net | udp |
| US | 8.8.8.8:53 | trackcmp.net | udp |
| US | 8.8.8.8:53 | zdbb.net | udp |
| US | 8.8.8.8:53 | gurgle.zdbb.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| FR | 13.32.145.94:443 | detgh1asa1dg4.cloudfront.net | tcp |
| FR | 18.245.202.34:443 | d1ykf07e75w7ss.cloudfront.net | tcp |
| FR | 216.58.213.66:443 | securepubads.g.doubleclick.net | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | gurgle.zdbb.net | udp |
| US | 8.8.8.8:53 | 165.161.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.122.128.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.46.170.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.145.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.202.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.213.58.216.in-addr.arpa | udp |
| FR | 216.58.213.66:443 | securepubads.g.doubleclick.net | udp |
| US | 35.170.46.96:443 | gurgle.zdbb.net | tcp |
| FR | 18.245.202.34:443 | d1ykf07e75w7ss.cloudfront.net | tcp |
| US | 8.8.8.8:53 | i.liadm.com | udp |
| US | 8.8.8.8:53 | rp.liadm.com | udp |
| US | 3.218.55.33:443 | i.liadm.com | tcp |
| US | 8.8.8.8:53 | idaas-ext.cph.liveintent.com | udp |
| US | 44.221.168.224:443 | rp.liadm.com | tcp |
| US | 8.8.8.8:53 | livepixel-production.bln.liveintent.com | udp |
| US | 8.8.8.8:53 | st-6.fibrenest.com.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | idaas-ext.cph.liveintent.com | udp |
| US | 8.8.8.8:53 | speedlon.hyperoptic.com | udp |
| US | 8.8.8.8:53 | speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | livepixel-production.bln.liveintent.com | udp |
| US | 8.8.8.8:53 | speedtest.swishfibre.com.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | st-6.fibrenest.com | udp |
| GB | 154.62.164.139:8080 | st-6.fibrenest.com | tcp |
| US | 8.8.8.8:53 | speedlon.hyperoptic.com | udp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| US | 8.8.8.8:53 | speedtest.swishfibre.com | udp |
| GB | 45.92.46.45:8080 | speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | speedtest-1.london.network.youfibre.com | udp |
| GB | 45.10.101.252:8080 | speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | speedtest.boxbroadband.co.uk | udp |
| US | 8.8.8.8:53 | st-6.fibrenest.com | udp |
| GB | 31.22.12.17:8080 | speedtest.swishfibre.com | tcp |
| US | 8.8.8.8:53 | speedlon.hyperoptic.com | udp |
| US | 8.8.8.8:53 | speedtest-1.london.network.youfibre.com | udp |
| US | 8.8.8.8:53 | speedtest.swishfibre.com | udp |
| US | 8.8.8.8:53 | speedtest.boxbroadband.co.uk | udp |
| US | 8.8.8.8:53 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtest02a.web.zen.net.uk | udp |
| US | 8.8.8.8:53 | speedtest-lon.retn.net | udp |
| GB | 51.148.82.21:8080 | speedtest02a.web.zen.net.uk | tcp |
| US | 8.8.8.8:53 | lon.host.speedtest.net | udp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net | tcp |
| US | 8.8.8.8:53 | londres.speedtest.angolacables.co.ao.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtestlon.orbital.net.prod.hosts.ooklaserver.net | udp |
| US | 8.8.8.8:53 | speedtest-lon.retn.net | udp |
| US | 8.8.8.8:53 | live.rezync.com | udp |
| US | 8.8.8.8:53 | speedtest02a.web.zen.net.uk | udp |
| US | 8.8.8.8:53 | lon.host.speedtest.net | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | londres.speedtest.angolacables.co.ao | udp |
| US | 8.8.8.8:53 | speedtestlon.orbital.net | udp |
| US | 8.8.8.8:53 | live.rezync.com | udp |
| GB | 185.82.8.1:8080 | speedtest-lon.retn.net | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | mid.rkdms.com | udp |
| FR | 52.84.174.30:443 | live.rezync.com | tcp |
| IE | 54.155.137.139:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | 139.164.62.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.112.37.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.55.218.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.168.221.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 252.101.10.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.12.22.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.46.92.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.82.148.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.111.87.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ib.adnxs-simple.com | udp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | londres.speedtest.angolacables.co.ao | udp |
| US | 35.153.85.19:443 | sync.srv.stackadapt.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | speedtestlon.orbital.net | udp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | live.rezync.com | udp |
| US | 70.42.32.223:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | nydc1.outbrain.org | udp |
| US | 54.198.45.212:443 | mid.rkdms.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | mid.rkdms.com | udp |
| US | 8.8.8.8:53 | widget.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | nydc1.outbrain.org | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | widget.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | mid.rkdms.com | udp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | c2shb.pubgw.yahoo.com | udp |
| US | 8.8.8.8:53 | tagged-by.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | ams3-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| GB | 185.148.112.227:8080 | londres.speedtest.angolacables.co.ao | tcp |
| US | 8.8.8.8:53 | btlr-eu-central-1.sharethrough.com | udp |
| GB | 94.101.144.102:8080 | speedtestlon.orbital.net | tcp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | in-ftd-65.nl3.vip.prod.criteo.com | udp |
| IE | 54.155.189.248:443 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | tcp |
| IE | 54.155.189.248:443 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | tcp |
| IE | 54.155.189.248:443 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | tcp |
| IE | 54.155.189.248:443 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | tcp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| IE | 54.155.189.248:443 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | tcp |
| US | 8.8.8.8:53 | hbopenbid-lhrc.pubmnet.com | udp |
| US | 8.8.8.8:53 | in-ftd-65.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | udp |
| US | 8.8.8.8:53 | rtb.openx.net | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | a-emea.rfihub.com.akadns.net | udp |
| US | 8.8.8.8:53 | b1sync.outbrain.com | udp |
| US | 8.8.8.8:53 | a-emea.rfihub.com.akadns.net | udp |
| NL | 185.89.210.141:443 | ams3-ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| DE | 3.72.78.234:443 | btlr.sharethrough.com | tcp |
| DE | 3.72.78.234:443 | btlr.sharethrough.com | tcp |
| DE | 3.72.78.234:443 | btlr.sharethrough.com | tcp |
| DE | 3.72.78.234:443 | btlr.sharethrough.com | tcp |
| US | 70.42.32.95:443 | b1sync.outbrain.com | tcp |
| US | 104.18.26.193:443 | htlb.casalemedia.com | tcp |
| NL | 178.250.1.56:443 | in-ftd-65.nl3.vip.prod.criteo.com | tcp |
| DE | 3.72.78.234:443 | btlr.sharethrough.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid-lhrc.pubmnet.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 34.196.82.111:443 | qvdt3feo.com | tcp |
| US | 8.8.8.8:53 | qvdt3feo.com | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 8.8.8.8:53 | 1.8.82.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 30.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.137.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.220.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.85.153.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.112.148.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.45.198.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.189.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.144.101.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.78.72.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.26.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.252.227.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.32.42.70.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 172.64.155.119:443 | privacyportal.onetrust.com | tcp |
| US | 172.64.155.119:443 | privacyportal.onetrust.com | tcp |
| US | 104.18.26.193:443 | htlb.casalemedia.com | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | 111.82.196.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.174.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jogger.zdbb.net | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | 0e72c3fd38dda75b0d34599f8443a02f.safeframe.googlesyndication.com | udp |
| US | 54.204.6.47:443 | jogger.zdbb.net | tcp |
| US | 8.8.8.8:53 | jogger.zdbb.net | udp |
| FR | 142.250.179.66:443 | ep1.adtrafficquality.google | tcp |
| FR | 216.58.214.65:443 | 0e72c3fd38dda75b0d34599f8443a02f.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | jogger.zdbb.net | udp |
| US | 8.8.8.8:53 | pagead-googlehosted.l.google.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| FR | 216.58.214.65:443 | pagead-googlehosted.l.google.com | udp |
| FR | 142.250.179.66:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| FR | 142.250.178.129:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| FR | 142.250.178.129:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | 66.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.6.204.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.nl3.vip.prod.criteo.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 216.58.214.161:443 | tpc.googlesyndication.com | tcp |
| FR | 216.58.214.161:443 | tpc.googlesyndication.com | tcp |
| FR | 216.58.214.161:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.3:443 | static.nl3.vip.prod.criteo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | gum.nl3.vip.prod.criteo.com | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | idx.liadm.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | ookla-d.openx.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| NL | 178.250.1.11:443 | gum.nl3.vip.prod.criteo.com | tcp |
| US | 18.210.235.203:443 | idx.liadm.com | tcp |
| US | 8.8.8.8:53 | idx.cph.liveintent.com | udp |
| US | 104.18.24.18:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 34.98.64.218:443 | ookla-d.openx.net | tcp |
| US | 8.8.8.8:53 | ookla-d.openx.net | udp |
| GB | 23.36.168.202:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| GB | 23.46.73.76:443 | e8960.b.akamaiedge.net | tcp |
| US | 8.8.8.8:53 | idx.cph.liveintent.com | udp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 8.8.8.8:53 | ookla-d.openx.net | udp |
| US | 8.8.8.8:53 | e6603.g.akamaiedge.net | udp |
| US | 8.8.8.8:53 | e8960.b.akamaiedge.net | udp |
| US | 34.98.64.218:443 | ookla-d.openx.net | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.net.akadns.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| FR | 172.217.20.194:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| FR | 172.217.20.194:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 18.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.168.36.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.73.46.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.235.210.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aa.agkn.com | udp |
| DE | 52.29.40.142:443 | aa.agkn.com | tcp |
| US | 8.8.8.8:53 | ActivationEdge-activation-1631408035.eu-central-1.elb.amazonaws.com | udp |
| US | 8.8.8.8:53 | ActivationEdge-activation-1631408035.eu-central-1.elb.amazonaws.com | udp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net | tcp |
| US | 8.8.8.8:53 | lon.host.speedtest.net | udp |
| US | 8.8.8.8:53 | stags.bluekai.com | udp |
| US | 8.8.8.8:53 | 142.40.29.52.in-addr.arpa | udp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net | tcp |
| GB | 185.148.112.227:8080 | londres.speedtest.angolacables.co.ao | tcp |
| GB | 45.10.101.252:8080 | speedtest.boxbroadband.co.uk | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| US | 8.8.8.8:53 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | udp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | tcp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | tcp |
| GB | 185.148.112.227:8080 | londres.speedtest.angolacables.co.ao | tcp |
| GB | 45.10.101.252:8080 | speedtest.boxbroadband.co.uk | tcp |
| GB | 152.37.112.6:8080 | speedlon.hyperoptic.com | tcp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | 11.179.89.13.in-addr.arpa | udp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | tcp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | tcp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | tcp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | tcp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | lon.host.speedtest.net | udp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | tcp |
| GB | 95.87.111.74:8080 | lon.host.speedtest.net.prod.hosts.ooklaserver.net | tcp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.balrog.prod.cloudops.mozgcp.net | udp |
| US | 8.8.8.8:53 | www.speedtest.net | udp |
| US | 8.8.8.8:53 | www.speedtest.net.cdn.cloudflare.net | udp |
| US | 104.17.147.22:443 | www.speedtest.net | tcp |
| US | 8.8.8.8:53 | 22.147.17.104.in-addr.arpa | udp |
| IE | 108.128.122.18:443 | zdbb.net | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | b.cdnst.net | udp |
| US | 151.101.2.219:443 | b.cdnst.net | tcp |
| US | 8.8.8.8:53 | dualstack.zd.map.fastly.net | udp |
| IE | 54.155.189.248:443 | dtp-gateway-prod-global.dsp-plus-backend.aws.oath.cloud | tcp |
| US | 104.18.26.193:443 | htlb.casalemedia.com | udp |
| NL | 178.250.1.56:443 | in-ftd-65.nl3.vip.prod.criteo.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid-lhrc.pubmnet.com | tcp |
| DE | 3.72.78.234:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs-simple.com | udp |
| US | 35.227.252.103:443 | rtb.openx.net | udp |
| NL | 185.89.210.141:443 | ams3-ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | tagged-by.rubiconproject.net.akadns.net | tcp |
| US | 8.8.8.8:53 | fra1-ib.adnxs.com | udp |
| US | 8.8.8.8:53 | fra1-ib.adnxs.com | udp |
| FR | 216.58.214.161:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
Files
C:\Users\Admin\AppData\Local\Temp\_MEI35082\python311.dll
| MD5 | 87b5d21226d74f069b5ae8fb74743236 |
| SHA1 | 153651a542db095d0f9088a97351b90d02b307ac |
| SHA256 | 3cac88119657daef7f79844aeb9da79b45c1f3bb2ea3468b0d4ed26067852194 |
| SHA512 | 788bb26b3f4ce99a2b49eef2742972fe843bdd97d361a6e67237f29376648ea6f874f1f6ba6dd53c74ef51a29e650a02fb99dfc30b5badfa9d2e05491f81d7d6 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\VCRUNTIME140.dll
| MD5 | f12681a472b9dd04a812e16096514974 |
| SHA1 | 6fd102eb3e0b0e6eef08118d71f28702d1a9067c |
| SHA256 | d66c3b47091ceb3f8d3cc165a43d285ae919211a0c0fcb74491ee574d8d464f8 |
| SHA512 | 7d3accbf84de73fb0c5c0de812a9ed600d39cd7ed0f99527ca86a57ce63f48765a370e913e3a46ffc2ccd48ee07d823dafdd157710eef9e7cc1eb7505dc323a2 |
memory/3748-1268-0x00007FFBD2900000-0x00007FFBD2EE8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI35082\base_library.zip
| MD5 | 2a138e2ee499d3ba2fc4afaef93b7caa |
| SHA1 | 508c733341845e94fce7c24b901fc683108df2a8 |
| SHA256 | 130e506ead01b91b60d6d56072c468aeb5457dd0f2ecd6ce17dfcbb7d51a1f8c |
| SHA512 | 1f61a0fda5676e8ed8d10dfee78267f6d785f9c131f5caf2dd984e18ca9e5866b7658ab7edb2ffd74920a40ffea5cd55c0419f5e9ee57a043105e729e10d820b |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_ctypes.pyd
| MD5 | e7ec734581f37a065e54b55515222897 |
| SHA1 | 9205e3030ea43027cba202b4c968447927d3dc0d |
| SHA256 | 9e619adf436228c1c87e7909ca58575a02ef069d71045785b102e2a0f833b6a3 |
| SHA512 | 281a16075a10ab4465ff1ab49c5639e982961b5029dc36f4b9657f32b9c29ff1bd39c2d6a3f793d7f93fd10802f5d1356bee9e54fa6eb67780a6275094e4fef3 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\python3.DLL
| MD5 | 34e49bb1dfddf6037f0001d9aefe7d61 |
| SHA1 | a25a39dca11cdc195c9ecd49e95657a3e4fe3215 |
| SHA256 | 4055d1b9e553b78c244143ab6b48151604003b39a9bf54879dee9175455c1281 |
| SHA512 | edb715654baaf499cf788bcacd5657adcf9f20b37b02671abe71bda334629344415ed3a7e95cb51164e66a7aa3ed4bf84acb05649ccd55e3f64036f3178b7856 |
memory/3748-1276-0x00007FFBE1CB0000-0x00007FFBE1CD4000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libffi-8.dll
| MD5 | 77199701fe2d585080e44c70ea5aed4c |
| SHA1 | 34c8b0ce03a945351e30fb704a00d5257e2a6132 |
| SHA256 | 4eb41bcf5e54017c4d8c6a7184f4633d9e6c10ca8f52ad21e3b752edd745d4ee |
| SHA512 | d325f517a3eb831f3f5853c5471295244716a666507aa4e4b262e0842f1bfad0c9648a6711fbce514193e411cfcdbb9afe86764e740355cd06895dfcc623fe34 |
memory/3748-1278-0x00007FFBEB8B0000-0x00007FFBEB8BF000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_bz2.pyd
| MD5 | c33370fc6631725aec3102b955b5e4bf |
| SHA1 | 0fce43642e54cd9db1eb48bbfd7661b8a4613e0d |
| SHA256 | 6c41a618b4dec812f5cd434375f33052daada9f49c6d472e82bdec27c407cfc5 |
| SHA512 | 1de939ccb2b6349eaefcf12f37fb00b2b5dafff07930d52bfededcdfe6a234c0da75030596f544adfea09c786dc576fc5a88056ec614d2059a1a9e182925a021 |
memory/3748-1282-0x00007FFBE1E80000-0x00007FFBE1E99000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_lzma.pyd
| MD5 | 49a6a6127ad0a70a2d60f193254ba710 |
| SHA1 | eb9f1f5a0b264d6c2c477562b9331a798b9a1909 |
| SHA256 | 4ad51dac78f9192831ee9c6959ad3d67e0f66869bded3a91688b08c4ff2103f7 |
| SHA512 | e5064d0536361fd193b1855fcb4173cace51094d8c8827dfca893d49734200156847987124ded14d75aa0c61f1204cc00eaf4ee81d84406e17ad216bf17003ca |
memory/3748-1284-0x00007FFBE1C80000-0x00007FFBE1CAD000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI35082\freetype.dll
| MD5 | 04a9825dc286549ee3fa29e2b06ca944 |
| SHA1 | 5bed779bf591752bb7aa9428189ec7f3c1137461 |
| SHA256 | 50249f68b4faf85e7cd8d1220b7626a86bc507af9ae400d08c8e365f9ab97cde |
| SHA512 | 0e937e4de6cbc9d40035b94c289c2798c77c44fc1dc7097201f9fab97c7ff9e56113c06c51693f09908283eda92945b36de67351f893d4e3162e67c078cff4ec |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_uuid.pyd
| MD5 | 4c8ffc5c3b8bb6e969e8c80a132a1cf7 |
| SHA1 | fef1d1a9b17571fb885aa7f224cc9473b0b9adfe |
| SHA256 | b73fd8206c709f352dd26850d181a8ba8b14bad3b3494f61038f45044a3a2d85 |
| SHA512 | 6eca26f968f124f0bac60dd2a184be56cee4f8e74e4fef20c5f3e920d50651f7772d49ed43d4024da6aed11b25be0018ccdb87506ac96e3346ce2d72c4cb223e |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_hashlib.pyd
| MD5 | d27d3f54914b9b3b4dbf947a216b0e11 |
| SHA1 | 36a4905e2ca457f241d6f2fc61d11c2a7986e802 |
| SHA256 | ed5433134675839cf0ac3d55006e87c3e8b74bb622168d83fa7e00c9dec1b844 |
| SHA512 | e3bf3df3c0202eb19830985ae5e9f6d4d03bedbc0b8371dcefa6d08bf2ce47dce211957c9c36bee8c57889d29084a08ff3d3fe2cd643e3420ca0c030585adef9 |
memory/3748-1325-0x00007FFBE1670000-0x00007FFBE1684000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libcrypto-1_1.dll
| MD5 | 8e7025186c1c6f3f61198c027ff38627 |
| SHA1 | 79c6f11358c38bda0c12ee1e3ab90a21f4651fa1 |
| SHA256 | f393f54886674e42bb7667087c92af67bd46e542c44ddff11c5061481261c90e |
| SHA512 | 4bbbf7d0a51aec361779d7735c6a91f1bdd468da0aaa3626c3cb52128c998d6454be8c473c8743172ffcea9dc66403a5a81ff5535d9baf87fa6ab990a35add41 |
memory/3748-1327-0x00007FFBD2580000-0x00007FFBD28F5000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_tkinter.pyd
| MD5 | a7d7c6f515f5b49b1204d1376f7621cc |
| SHA1 | 42000eee9d23ac678103ad3067edfccd5043219f |
| SHA256 | 3b816042f0c47279b39a2d04347e115404fffbb01de35134fd7db279f55296bc |
| SHA512 | f54a3d79ac6a1f0bf88562c7cd004055d29f6bc05beb408e856fc5305f59f061b7a17556e008a549dd12aa9399c99e7fe2321cd5ec7324ab7ce3151b0454e9b8 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_ssl.pyd
| MD5 | e77ee0cd7cab90dabbaea0f8abd7e1c8 |
| SHA1 | 8b7f712eac536e9932c2bfde828624c34870e4d5 |
| SHA256 | c8359a4e0991f6604666004bac39b9c290195d64af47b263a85f663d89822b11 |
| SHA512 | 4f0461b803d214e798be061829103fe20d12a14d88e365c186b3081b695138ae68b64083626431c9105d5609f36193fd8891f6e8968392b42709e6c198bd9c2f |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_sqlite3.pyd
| MD5 | 0b71fb4c0dba8beca2b950b5d0df24e9 |
| SHA1 | af710f7604da0777b35fde62115214f029e0db26 |
| SHA256 | 8ecf7eabe204218b672660e52b539040183cf346ca630ff3de552a22111ecb3d |
| SHA512 | 784ff22dd62b398378bba276b386280d7e0930bf5611a5ca7fcdf894c352be5aaeabec2f419092cfa17791f61b725f37b44bb6e861dba2e5322b87078952c660 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_socket.pyd
| MD5 | 38c567e91d5bd0ea66f57528319e6487 |
| SHA1 | 98029c6c35886b9ab94c5bbaa4fbb54de9f45dc2 |
| SHA256 | 502212dbed204b73f8b18b9b13c0ea158c9dd2cfffae2d7cafedf7b042264fbb |
| SHA512 | d2f03faf7faaa1b82dd14130a85b203e86de96777209d47ec459c5a1efbbbd0ac6754d53ff9618744ad57c3b800b6fa6f8850c716dacce3828264eef265543b0 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_queue.pyd
| MD5 | 3b901ff0137dc2460d2f90b0a43a9482 |
| SHA1 | bd89b85b8ca525b9370fc105b5009e45ab95131a |
| SHA256 | 9982fad71df27eaeaac9521e25a300dfe5810aa723fafd56667b09a9bef26594 |
| SHA512 | c1fa7d0b4af3421f288cb2773fa35bbe6efe86160de48787da998f155f6880df535f075bbec531a5c5a9c210c239d4e926d86b486bc68f41a7e1ef97ac095dcd |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_overlapped.pyd
| MD5 | 96d75944d280f39eb0f8e435511f3222 |
| SHA1 | 0d74eefaf62c80c969bfe2f5e32fc269073527f3 |
| SHA256 | bfac2d1b1c5b948f6cd70de2e2edbe85f535ace879dbbaa04a71065ea11ef280 |
| SHA512 | 724be702596604d173a542526b2049f268f611c204f03ef642ccf5e946441973704dca6e601bc5fd6dc3cc9a35b8cfd392571fe3228c59e277259097f53b2bf3 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_multiprocessing.pyd
| MD5 | b5979368da73ffe9213dd49c0e5d6270 |
| SHA1 | 5cf6ab2e801899cde24f3b356f8c1bff9d935528 |
| SHA256 | 020602164b9891cb1c304d9f70dd8083c7e1a9a42caa9cfd67a5bbc0728029b9 |
| SHA512 | 191823e56c4a3ea8bd211745111861d140899263ebed9b1988d2be37e1ba073195b55548266d6c536793edf49ef82b19064be96992b7bea9171424e789c83352 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_elementtree.pyd
| MD5 | dda8f0cc660c5e8170e37f37394f53ad |
| SHA1 | 6fea7006e44d0ee320499034e61f0cd99247abda |
| SHA256 | 58fc4868d87f7e05a387fb39646110307b993757b3e23e52d4489e7cea653dcc |
| SHA512 | 13cda3936c3b7eace74aed66282a13aa3d63e9da9b761a7fc8d6d0f215b61fc44ef4c4d60bbb0cb8d52689ed1ac05993965f5498da41ee95d6299d4f9a4bf4f5 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_decimal.pyd
| MD5 | c21d61753b2a62fe70311aaa50e75a64 |
| SHA1 | 39cc382ae3fbcb6b80974ece0e020cdcbec8f57a |
| SHA256 | 0ef0b881c15d88a443a1bfc898d0011dab50500ee4a86e0f35c3076ed70cce49 |
| SHA512 | 059c7c7f35c939ab615b4dc1d3e9da69a66b0ed4a30931115971898c63f24ff960bb544f2ff9db7ce990c36a4d1e6307864d0f1ec5fbf354983473268c9500e4 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_cffi_backend.cp311-win_amd64.pyd
| MD5 | c4a0ceacd79d2c06956d24bf1c028a35 |
| SHA1 | 1dfc5c777435a46a69c984411d4dfb717b47c537 |
| SHA256 | 1ec4cd20853191e91e36556c6fe1a8bb14d162ee9904acc897cd8f694089f0e7 |
| SHA512 | da57381043a500a5bc826215d9c253e22139dd3e9e28a870b03d2d7d486aa8eb1a78a45ba45ee9c86b3a9bb264f20a9a776e5e3ab1e921ea6d0747275410746d |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\_asyncio.pyd
| MD5 | e6307d02076151c6fc9b78b1f346068f |
| SHA1 | 336cb5b3fc88ff4d9cc021f858ff33b0eb96c881 |
| SHA256 | fdb2a227d646b420de9877bb569b96369b6175e322f6ef81bc3f372eed08c10b |
| SHA512 | 7a22e2c293a067502a0d1e4ccc9fcb81dd7bd7faf56a1fd4a6cebc56c5ce4e8bf6c7157e19fe779ed70722d559da61ab5ca1f9b1e1b3df8a2b83728fbac2564c |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\zlib1.dll
| MD5 | ee06185c239216ad4c70f74e7c011aa6 |
| SHA1 | 40e66b92ff38c9b1216511d5b1119fe9da6c2703 |
| SHA256 | 0391066f3e6385a9c0fe7218c38f7bd0b3e0da0f15a98ebb07f1ac38d6175466 |
| SHA512 | baae562a53d491e19dbf7ee2cff4c13d42de6833036bfdaed9ed441bcbf004b68e4088bd453b7413d60faaf1b334aee71241ba468437d49050b8ccfa9232425d |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\VCRUNTIME140_1.dll
| MD5 | 75e78e4bf561031d39f86143753400ff |
| SHA1 | 324c2a99e39f8992459495182677e91656a05206 |
| SHA256 | 1758085a61527b427c4380f0c976d29a8bee889f2ac480c356a3f166433bf70e |
| SHA512 | ce4daf46bce44a89d21308c63e2de8b757a23be2630360209c4a25eb13f1f66a04fbb0a124761a33bbf34496f2f2a02b8df159b4b62f1b6241e1dbfb0e5d9756 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\unicodedata.pyd
| MD5 | 5c05df2afd90a54d6378ff869d774b33 |
| SHA1 | 38e2d685cd131ef1fff235ed180016c083bf2965 |
| SHA256 | 0f631b1f12c8b0aded13ee5a50ff11eb2bcf9c47b535270a8a88fdfee4709ac6 |
| SHA512 | 7d4712cdf0d27f66f33070ec4d1b4e6c51d3857edf01c4db94ce71eb8ed5b7780f5e3e05593e53d1dd51bc00d14dacdb234f02d391569b5e7ec136c00c10b145 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\tk86t.dll
| MD5 | 7d85f7480f2d8389f562723090be1370 |
| SHA1 | edfa05dc669a8486977e983173ec61cc5097bbb0 |
| SHA256 | aaeda7b65e1e33c74a807109360435a6b63a2994243c437e0cdaa69d2b8c6ac5 |
| SHA512 | a886475aeea6c4003dd35e518a0833574742b62cdbbbe5b098a5c0f74e89795ebddac31c4107dae6edee8fc476addaa34253af560d33bed8b9df9192c3e7f084 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\tcl86t.dll
| MD5 | 755bec8838059147b46f8e297d05fba2 |
| SHA1 | 9ff0665cddcf1eb7ff8de015b10cc9fcceb49753 |
| SHA256 | 744a13c384e136f373f9dc7f7c2eb2536591ec89304e3fa064cac0f0bf135130 |
| SHA512 | e61dc700975d28b2257da99b81d135aa7d284c6084877fe81b3cc7b42ac180728f79f4c1663e375680a26f5194ab641c4a40e09f8dbdeb99e1dfa1a57d6f9b34 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\sqlite3.dll
| MD5 | aa2a7bd0e84498719405008b996a38ec |
| SHA1 | 0cb0962b02324067a715559c64fcbe3c1e798d03 |
| SHA256 | cacbebf5a19a14d3aaf59fd71a79ed38638c61f80994a292f16193d52d91832a |
| SHA512 | d39f093eb5ad7ed489e10f6db405eaf0d0844a5e3eed1deff4202f1cf316293535e46d87d5aff1d210bacf53a65a08c397eacc919787da8133614951d77d85e6 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\select.pyd
| MD5 | 5159aab3342e8e811454849c5543d0fe |
| SHA1 | 992b1aa55aa3a9ddc12857ec576c3d85ba5176d8 |
| SHA256 | 2051c44e5704b8800145905058425b9fd829c1be6106ef632ef78fd574f513c1 |
| SHA512 | 36437f1f4b6431c35074c13f9c791be5e041a8c4861878c254115398f5f3249afef1548a554eb7b06fc9de5271d6a98a0c026b951fa04ad312aa3f56b20774d0 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\SDL2_ttf.dll
| MD5 | eb0ce62f775f8bd6209bde245a8d0b93 |
| SHA1 | 5a5d039e0c2a9d763bb65082e09f64c8f3696a71 |
| SHA256 | 74591aab94bb87fc9a2c45264930439bbc0d1525bf2571025cd9804e5a1cd11a |
| SHA512 | 34993240f14a89179ac95c461353b102ea74e4180f52c206250bb42c4c8427a019ea804b09a6903674ac00ab2a3c4c686a86334e483110e79733696aa17f4eb6 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\SDL2_mixer.dll
| MD5 | b7b45f61e3bb00ccd4ca92b2a003e3a3 |
| SHA1 | 5018a7c95dc6d01ba6e3a7e77dd26c2c74fd69bc |
| SHA256 | 1327f84e3509f3ccefeef1c12578faf04e9921c145233687710253bf903ba095 |
| SHA512 | d3449019824124f3edbda57b3b578713e9c9915e173d31566cd8e4d18f307ac0f710250fe6a906dd53e748db14bfa76ec1b58a6aef7d074c913679a47c5fdbe7 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\SDL2_image.dll
| MD5 | 25e2a737dcda9b99666da75e945227ea |
| SHA1 | d38e086a6a0bacbce095db79411c50739f3acea4 |
| SHA256 | 22b27380d4f1f217f0e5d5c767e5c244256386cd9d87f8ddf303baaf9239fc4c |
| SHA512 | 63de988387047c17fd028a894465286fd8f6f8bd3a1321b104c0ceb5473e3e0b923153b4999143efbdd28684329a33a5b468e43f25214037f6cddd4d1884adb8 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\SDL2.dll
| MD5 | ec3c1d17b379968a4890be9eaab73548 |
| SHA1 | 7dbc6acee3b9860b46c0290a9b94a344d1927578 |
| SHA256 | aaa11e97c3621ed680ff2388b91acb394173b96a6e8ffbf3b656079cd00a0b9f |
| SHA512 | 06a7880ec80174b48156acd6614ab42fb4422cd89c62d11a7723a3c872f213bfc6c1006df8bdc918bb79009943d2b65c6a5c5e89ad824d1a940ddd41b88a1edb |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\pyexpat.pyd
| MD5 | a655fa42e31e30cf60f452b70c01a1a4 |
| SHA1 | e38b435347a65d39dd2ff8518b75070e6038fb47 |
| SHA256 | 83feb05e74d002110bf8d032c3ad2ffb636ae0ba4300e1ba84ce4add8f0554ec |
| SHA512 | e54b38011ea94565ddf88120b8a3718b9cfcb79ca4b4900da1f9338b59795162534dbd2d5bfd67a81d9a29a6675ffdb2dc8772f583ee5bf2de547136334c8831 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\portmidi.dll
| MD5 | 0df0699727e9d2179f7fd85a61c58bdf |
| SHA1 | 82397ee85472c355725955257c0da207fa19bf59 |
| SHA256 | 97a53e8de3f1b2512f0295b5de98fa7a23023a0e4c4008ae534acdba54110c61 |
| SHA512 | 196e41a34a60de83cb24caa5fc95820fd36371719487350bc2768354edf39eeb6c7860ff3fd9ecf570abb4288523d7ab934e86e85202b9753b135d07180678cd |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libwebp-7.dll
| MD5 | b0dd211ec05b441767ea7f65a6f87235 |
| SHA1 | 280f45a676c40bd85ed5541ceb4bafc94d7895f3 |
| SHA256 | fc06b8f92e86b848a17eaf7ed93464f54ed1f129a869868a74a75105ff8ce56e |
| SHA512 | eaeb83e46c8ca261e79b3432ec2199f163c44f180eb483d66a71ad530ba488eb4cdbd911633e34696a4ccc035e238bc250a8247f318aa2f0cd9759cad4f90fff |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libtiff-5.dll
| MD5 | ebad1fa14342d14a6b30e01ebc6d23c1 |
| SHA1 | 9c4718e98e90f176c57648fa4ed5476f438b80a7 |
| SHA256 | 4f50820827ac76042752809479c357063fe5653188654a6ba4df639da2fbf3ca |
| SHA512 | 91872eaa1f3f45232ab2d753585e650ded24c6cc8cc1d2a476fa98a61210177bd83570c52594b5ad562fc27cb76e034122f16a922c6910e4ed486da1d3c45c24 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libssl-1_1.dll
| MD5 | 0bfdc638fbe4135514de3aebf59fa410 |
| SHA1 | 963addfdadf918339dfcab33e07bb6c48c86099e |
| SHA256 | 77affb7e88ab70fa04e382e29bf04a94ddf36c5cbd88b29ff33e15912d83ed01 |
| SHA512 | 768abcc391eea4a3b34b0aade99932cd9befb922dcf9e720edf4c4719938214236e8668eca67026bd07567fbd10bbba98d63f47d63a81c7be1adce3bdd1973e4 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libpng16-16.dll
| MD5 | 55009dd953f500022c102cfb3f6a8a6c |
| SHA1 | 07af9f4d456ddf86a51da1e4e4c5b54b0cf06ddb |
| SHA256 | 20391787cba331cfbe32fbf22f328a0fd48924e944e80de20ba32886bf4b6fd2 |
| SHA512 | 4423d3ec8fef29782f3d4a21feeac9ba24c9c765d770b2920d47b4fb847a96ff5c793b20373833b4ff8bc3d8fa422159c64beffb78ce5768ed22742740a8c6c6 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libopusfile-0.dll
| MD5 | 2d5274bea7ef82f6158716d392b1be52 |
| SHA1 | ce2ff6e211450352eec7417a195b74fbd736eb24 |
| SHA256 | 6dea07c27c0cc5763347357e10c3b17af318268f0f17c7b165325ce524a0e8d5 |
| SHA512 | 9973d68b23396b3aa09d2079d18f2c463e807c9c1fdf4b1a5f29d561e8d5e62153e0c7be23b63975ad179b9599ff6b0cf08ebdbe843d194483e7ec3e7aeb232a |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libopus-0.x64.dll
| MD5 | e56f1b8c782d39fd19b5c9ade735b51b |
| SHA1 | 3d1dc7e70a655ba9058958a17efabe76953a00b4 |
| SHA256 | fa8715dd0df84fdedbe4aa17763b2ab0db8941fa33421b6d42e25e59c4ae8732 |
| SHA512 | b7702e48b20a8991a5c537f5ba22834de8bb4ba55862b75024eace299263963b953606ee29e64d68b438bb0904273c4c20e71f22ccef3f93552c36fb2d1b2c46 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libopus-0.dll
| MD5 | 3fb9d9e8daa2326aad43a5fc5ddab689 |
| SHA1 | 55523c665414233863356d14452146a760747165 |
| SHA256 | fd8de9169ccf53c5968eec0c90e9ff3a66fb451a5bf063868f3e82007106b491 |
| SHA512 | f263ea6e0fab84a65fe3a9b6c0fe860919eee828c84b888a5aa52dea540434248d1e810a883a2aff273cd9f22c607db966dd8776e965be6d2cfe1b50a1af1f57 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libogg-0.dll
| MD5 | 0d65168162287df89af79bb9be79f65b |
| SHA1 | 3e5af700b8c3e1a558105284ecd21b73b765a6dc |
| SHA256 | 2ec2322aec756b795c2e614dab467ef02c3d67d527ad117f905b3ab0968ccf24 |
| SHA512 | 69af81fd2293c31f456b3c78588bb6a372fe4a449244d74bfe5bfaa3134a0709a685725fa05055cfd261c51a96df4b7ebd8b9e143f0e9312c374e54392f8a2c2 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libmodplug-1.dll
| MD5 | 2bb2e7fa60884113f23dcb4fd266c4a6 |
| SHA1 | 36bbd1e8f7ee1747c7007a3c297d429500183d73 |
| SHA256 | 9319bf867ed6007f3c61da139c2ab8b74a4cb68bf56265a101e79396941f6d3b |
| SHA512 | 1ddd4b9b9238c1744e0a1fe403f136a1def8df94814b405e7b01dd871b3f22a2afe819a26e08752142f127c3efe4ebae8bfd1bd63563d5eb98b4644426f576b2 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\libjpeg-9.dll
| MD5 | c22b781bb21bffbea478b76ad6ed1a28 |
| SHA1 | 66cc6495ba5e531b0fe22731875250c720262db1 |
| SHA256 | 1eed2385030348c84bbdb75d41d64891be910c27fab8d20fc9e85485fcb569dd |
| SHA512 | 9b42cad4a715680a27cd79f466fd2913649b80657ff042528cba2946631387ed9fb027014d215e1baf05839509ca5915d533b91aa958ae0525dea6e2a869b9e4 |
C:\Users\Admin\AppData\Local\Temp\_MEI35082\crypto_clipper.json
| MD5 | 8bff94a9573315a9d1820d9bb710d97f |
| SHA1 | e69a43d343794524b771d0a07fd4cb263e5464d5 |
| SHA256 | 3f7446866f42bcbeb8426324d3ea58f386f3171abe94279ea7ec773a4adde7d7 |
| SHA512 | d5ece1ea9630488245c578cb22d6d9d902839e53b4550c6232b4fb9389ef6c5d5392426ea4a9e3c461979d6d6aa94ddf3b2755f48e9988864788b530cdfcf80f |
memory/3748-1333-0x00007FFBE1380000-0x00007FFBE13AE000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI35082\charset_normalizer\md.cp311-win_amd64.pyd
| MD5 | ecfbd9b49ae51f8e3374e17aff3aec1e |
| SHA1 | 3e66e0f757d0f18afd546d158a96fd1707b35a5f |
| SHA256 | 1237b21174cd4aee97aa4d80ee953dd4ce91b2e1beb4788a55cb25a0213521aa |
| SHA512 | 9c9f682b55a589f1c10c99b89cc2620ce3d89d96c17096feb7e0ddfd6ac2f2b279885084b131080a57a6a324a9bce928e618348545c2b0af06c0ec4c267362c8 |
memory/3748-1355-0x00007FFBD8F70000-0x00007FFBD8F7C000-memory.dmp
memory/3748-1359-0x00007FFBE1250000-0x00007FFBE125C000-memory.dmp
memory/3748-1358-0x00007FFBE6770000-0x00007FFBE677D000-memory.dmp
memory/3748-1357-0x00007FFBE1CB0000-0x00007FFBE1CD4000-memory.dmp
memory/3748-1356-0x00007FFBD8A20000-0x00007FFBD8A2B000-memory.dmp
memory/3748-1354-0x00007FFBD8F80000-0x00007FFBD8F8B000-memory.dmp
memory/3748-1353-0x00007FFBD8F90000-0x00007FFBD8F9B000-memory.dmp
memory/3748-1352-0x00007FFBD95E0000-0x00007FFBD95EC000-memory.dmp
memory/3748-1351-0x00007FFBDB5F0000-0x00007FFBDB5FE000-memory.dmp
memory/3748-1350-0x00007FFBDDAF0000-0x00007FFBDDAFD000-memory.dmp
memory/3748-1349-0x00007FFBE05B0000-0x00007FFBE05BC000-memory.dmp
memory/3748-1348-0x00007FFBE05C0000-0x00007FFBE05CB000-memory.dmp
memory/3748-1347-0x00007FFBE1260000-0x00007FFBE126B000-memory.dmp
memory/3748-1346-0x00007FFBE1370000-0x00007FFBE137C000-memory.dmp
memory/3748-1345-0x00007FFBE1640000-0x00007FFBE164B000-memory.dmp
memory/3748-1344-0x00007FFBE1A30000-0x00007FFBE1A3B000-memory.dmp
memory/3748-1343-0x00007FFBD8FA0000-0x00007FFBD8FD7000-memory.dmp
memory/3748-1342-0x00007FFBD2460000-0x00007FFBD257C000-memory.dmp
memory/3748-1341-0x00007FFBDDB00000-0x00007FFBDDB27000-memory.dmp
memory/3748-1340-0x00007FFBE1BA0000-0x00007FFBE1BAB000-memory.dmp
memory/3748-1339-0x00007FFBD35D0000-0x00007FFBD3688000-memory.dmp
memory/3748-1335-0x00007FFBD2900000-0x00007FFBD2EE8000-memory.dmp
memory/3748-1331-0x00007FFBE7020000-0x00007FFBE702D000-memory.dmp
memory/3748-1329-0x00007FFBE1650000-0x00007FFBE1669000-memory.dmp
memory/3748-1364-0x00007FFBD3560000-0x00007FFBD3572000-memory.dmp
memory/3748-1363-0x00007FFBD3580000-0x00007FFBD3595000-memory.dmp
memory/3748-1362-0x00007FFBD35A0000-0x00007FFBD35AC000-memory.dmp
memory/3748-1361-0x00007FFBD35B0000-0x00007FFBD35C2000-memory.dmp
memory/3748-1360-0x00007FFBD8A10000-0x00007FFBD8A1D000-memory.dmp
memory/3748-1370-0x00007FFBD34F0000-0x00007FFBD350B000-memory.dmp
memory/3748-1369-0x00007FFBD2580000-0x00007FFBD28F5000-memory.dmp
memory/3748-1368-0x00007FFBE1670000-0x00007FFBE1684000-memory.dmp
memory/3748-1367-0x00007FFBD3510000-0x00007FFBD3532000-memory.dmp
memory/3748-1366-0x00007FFBD3540000-0x00007FFBD3554000-memory.dmp
memory/3748-1365-0x00007FFBE1C80000-0x00007FFBE1CAD000-memory.dmp
memory/3748-1372-0x00007FFBD34C0000-0x00007FFBD34D9000-memory.dmp
memory/3748-1371-0x00007FFBE1650000-0x00007FFBE1669000-memory.dmp
memory/3748-1373-0x00007FFBD1DE0000-0x00007FFBD1E2D000-memory.dmp
memory/3748-1375-0x00007FFBD1DC0000-0x00007FFBD1DD1000-memory.dmp
memory/3748-1374-0x00007FFBE1380000-0x00007FFBE13AE000-memory.dmp
memory/3748-1376-0x00007FFBD8A20000-0x00007FFBD8A2B000-memory.dmp
memory/3748-1379-0x00007FFBD1C70000-0x00007FFBD1C8E000-memory.dmp
memory/3748-1378-0x00007FFBD1C90000-0x00007FFBD1C9A000-memory.dmp
memory/3748-1377-0x00007FFBD1D80000-0x00007FFBD1DB2000-memory.dmp
memory/3748-1380-0x00007FFBD1C10000-0x00007FFBD1C6D000-memory.dmp
memory/3748-1381-0x00007FFBD1BE0000-0x00007FFBD1C09000-memory.dmp
memory/3748-1383-0x00007FFBD1BA0000-0x00007FFBD1BCE000-memory.dmp
memory/3748-1382-0x00007FFBD3510000-0x00007FFBD3532000-memory.dmp
memory/3748-1384-0x00007FFBD1B70000-0x00007FFBD1B93000-memory.dmp
memory/3748-1385-0x00007FFBD34F0000-0x00007FFBD350B000-memory.dmp
memory/3748-1386-0x00007FFBD19F0000-0x00007FFBD1B63000-memory.dmp
memory/3748-1388-0x00007FFBD19D0000-0x00007FFBD19E8000-memory.dmp
memory/3748-1387-0x00007FFBD1DE0000-0x00007FFBD1E2D000-memory.dmp
memory/3748-1389-0x00007FFBD19C0000-0x00007FFBD19CB000-memory.dmp
memory/3748-1390-0x00007FFBD19B0000-0x00007FFBD19BB000-memory.dmp
memory/3748-1392-0x00007FFBD19A0000-0x00007FFBD19AC000-memory.dmp
memory/3748-1391-0x00007FFBD1D80000-0x00007FFBD1DB2000-memory.dmp
memory/3748-1393-0x00007FFBD1990000-0x00007FFBD199B000-memory.dmp
memory/3748-1397-0x00007FFBD1970000-0x00007FFBD197B000-memory.dmp
memory/3748-1399-0x00007FFBD1960000-0x00007FFBD196C000-memory.dmp
memory/3748-1398-0x00007FFBD1BA0000-0x00007FFBD1BCE000-memory.dmp
memory/3748-1396-0x00007FFBD1BE0000-0x00007FFBD1C09000-memory.dmp
memory/3748-1395-0x00007FFBD1980000-0x00007FFBD198C000-memory.dmp
memory/3748-1394-0x00007FFBD1C10000-0x00007FFBD1C6D000-memory.dmp
memory/3748-1401-0x00007FFBD1950000-0x00007FFBD195D000-memory.dmp
memory/3748-1400-0x00007FFBD1B70000-0x00007FFBD1B93000-memory.dmp
memory/3748-1406-0x00007FFBD19D0000-0x00007FFBD19E8000-memory.dmp
memory/3748-1405-0x00007FFBD1930000-0x00007FFBD193C000-memory.dmp
memory/3748-1404-0x00007FFBD1920000-0x00007FFBD192B000-memory.dmp
memory/3748-1403-0x00007FFBD1940000-0x00007FFBD194E000-memory.dmp
memory/3748-1402-0x00007FFBD19F0000-0x00007FFBD1B63000-memory.dmp
memory/3748-1414-0x00007FFBD17B0000-0x00007FFBD186C000-memory.dmp
memory/3748-1413-0x00007FFBD1870000-0x00007FFBD18A5000-memory.dmp
memory/3748-1412-0x00007FFBD18B0000-0x00007FFBD18BC000-memory.dmp
memory/3748-1411-0x00007FFBD18C0000-0x00007FFBD18D2000-memory.dmp
memory/3748-1410-0x00007FFBD18E0000-0x00007FFBD18ED000-memory.dmp
memory/3748-1409-0x00007FFBD18F0000-0x00007FFBD18FB000-memory.dmp
memory/3748-1408-0x00007FFBD1900000-0x00007FFBD190C000-memory.dmp
memory/3748-1407-0x00007FFBD1910000-0x00007FFBD191B000-memory.dmp
memory/3748-1415-0x00007FFBD1780000-0x00007FFBD17AB000-memory.dmp
memory/3748-1416-0x00007FFBD1530000-0x00007FFBD1779000-memory.dmp
memory/3748-1417-0x00007FFBD0D30000-0x00007FFBD152B000-memory.dmp
memory/3748-1418-0x00007FFBD1950000-0x00007FFBD195D000-memory.dmp
memory/3748-1419-0x00007FFBD0CD0000-0x00007FFBD0D25000-memory.dmp
memory/3748-1420-0x00007FFBD09F0000-0x00007FFBD0CCF000-memory.dmp
memory/3748-1421-0x00007FFBCE8F0000-0x00007FFBD09E3000-memory.dmp
memory/3748-1423-0x00007FFBCE8A0000-0x00007FFBCE8C1000-memory.dmp
memory/3748-1422-0x00007FFBCE8D0000-0x00007FFBCE8E7000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_oxeyuvkw.3ao.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/3748-1477-0x00007FFBD3580000-0x00007FFBD3595000-memory.dmp
memory/3748-1467-0x00007FFBD2580000-0x00007FFBD28F5000-memory.dmp
memory/3748-1485-0x00007FFBD1D80000-0x00007FFBD1DB2000-memory.dmp
memory/3748-1484-0x00007FFBD1DC0000-0x00007FFBD1DD1000-memory.dmp
memory/3748-1483-0x00007FFBD1DE0000-0x00007FFBD1E2D000-memory.dmp
memory/3748-1482-0x00007FFBD34C0000-0x00007FFBD34D9000-memory.dmp
memory/3748-1481-0x00007FFBD34F0000-0x00007FFBD350B000-memory.dmp
memory/3748-1480-0x00007FFBD3510000-0x00007FFBD3532000-memory.dmp
memory/3748-1479-0x00007FFBD3540000-0x00007FFBD3554000-memory.dmp
memory/3748-1478-0x00007FFBD3560000-0x00007FFBD3572000-memory.dmp
memory/3748-1476-0x00007FFBD8FA0000-0x00007FFBD8FD7000-memory.dmp
memory/3748-1475-0x00007FFBD2460000-0x00007FFBD257C000-memory.dmp
memory/3748-1474-0x00007FFBDDB00000-0x00007FFBDDB27000-memory.dmp
memory/3748-1473-0x00007FFBE1BA0000-0x00007FFBE1BAB000-memory.dmp
memory/3748-1472-0x00007FFBE6770000-0x00007FFBE677D000-memory.dmp
memory/3748-1471-0x00007FFBD35D0000-0x00007FFBD3688000-memory.dmp
memory/3748-1470-0x00007FFBE1380000-0x00007FFBE13AE000-memory.dmp
memory/3748-1469-0x00007FFBE7020000-0x00007FFBE702D000-memory.dmp
memory/3748-1466-0x00007FFBE1670000-0x00007FFBE1684000-memory.dmp
memory/3748-1465-0x00007FFBE1C80000-0x00007FFBE1CAD000-memory.dmp
memory/3748-1463-0x00007FFBEB8B0000-0x00007FFBEB8BF000-memory.dmp
memory/3748-1462-0x00007FFBE1CB0000-0x00007FFBE1CD4000-memory.dmp
memory/3748-1461-0x00007FFBD2900000-0x00007FFBD2EE8000-memory.dmp
memory/3748-1468-0x00007FFBE1650000-0x00007FFBE1669000-memory.dmp
memory/3748-1464-0x00007FFBE1E80000-0x00007FFBE1E99000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_MEI40082\cryptography-44.0.0.dist-info\INSTALLER
| MD5 | 365c9bfeb7d89244f2ce01c1de44cb85 |
| SHA1 | d7a03141d5d6b1e88b6b59ef08b6681df212c599 |
| SHA256 | ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508 |
| SHA512 | d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1 |
memory/4752-3053-0x00007FFBD2460000-0x00007FFBD257C000-memory.dmp
memory/4752-3077-0x00007FFBD34C0000-0x00007FFBD34D9000-memory.dmp
memory/4752-3076-0x00007FFBD34F0000-0x00007FFBD350B000-memory.dmp
memory/4752-3075-0x00007FFBD3510000-0x00007FFBD3532000-memory.dmp
memory/4752-3074-0x00007FFBD3540000-0x00007FFBD3554000-memory.dmp
memory/4752-3073-0x00007FFBD3560000-0x00007FFBD3572000-memory.dmp
memory/4752-3072-0x00007FFBD3580000-0x00007FFBD3595000-memory.dmp
memory/4752-3071-0x00007FFBD35A0000-0x00007FFBD35AC000-memory.dmp
memory/4752-3070-0x00007FFBD35B0000-0x00007FFBD35C2000-memory.dmp
memory/4752-3069-0x00007FFBD8A10000-0x00007FFBD8A1D000-memory.dmp
memory/4752-3068-0x00007FFBD8A20000-0x00007FFBD8A2B000-memory.dmp
memory/4752-3067-0x00007FFBD8F70000-0x00007FFBD8F7C000-memory.dmp
memory/4752-3066-0x00007FFBD8F80000-0x00007FFBD8F8B000-memory.dmp
memory/4752-3065-0x00007FFBD8F90000-0x00007FFBD8F9B000-memory.dmp
memory/4752-3064-0x00007FFBD95E0000-0x00007FFBD95EC000-memory.dmp
memory/4752-3063-0x00007FFBDB5F0000-0x00007FFBDB5FE000-memory.dmp
memory/4752-3062-0x00007FFBDDAF0000-0x00007FFBDDAFD000-memory.dmp
memory/4752-3061-0x00007FFBE05B0000-0x00007FFBE05BC000-memory.dmp
memory/4752-3060-0x00007FFBE05C0000-0x00007FFBE05CB000-memory.dmp
memory/4752-3059-0x00007FFBE1250000-0x00007FFBE125C000-memory.dmp
memory/4752-3058-0x00007FFBE1260000-0x00007FFBE126B000-memory.dmp
memory/4752-3057-0x00007FFBE1370000-0x00007FFBE137C000-memory.dmp
memory/4752-3056-0x00007FFBE1640000-0x00007FFBE164B000-memory.dmp
memory/4752-3055-0x00007FFBE1A30000-0x00007FFBE1A3B000-memory.dmp
memory/4752-3054-0x00007FFBD8FA0000-0x00007FFBD8FD7000-memory.dmp
memory/4752-3052-0x00007FFBDDB00000-0x00007FFBDDB27000-memory.dmp
memory/4752-3051-0x00007FFBE1BA0000-0x00007FFBE1BAB000-memory.dmp
memory/4752-3049-0x00007FFBD35D0000-0x00007FFBD3688000-memory.dmp
memory/4752-3048-0x00007FFBE1380000-0x00007FFBE13AE000-memory.dmp
memory/4752-3047-0x00007FFBE7020000-0x00007FFBE702D000-memory.dmp
memory/4752-3045-0x00007FFBD2580000-0x00007FFBD28F5000-memory.dmp
memory/4752-3044-0x00007FFBE1670000-0x00007FFBE1684000-memory.dmp
memory/4752-3039-0x00007FFBD2900000-0x00007FFBD2EE8000-memory.dmp
memory/4752-3050-0x00007FFBE6770000-0x00007FFBE677D000-memory.dmp
memory/4752-3046-0x00007FFBE1650000-0x00007FFBE1669000-memory.dmp
memory/4752-3043-0x00007FFBE1C80000-0x00007FFBE1CAD000-memory.dmp
memory/4752-3042-0x00007FFBE1E80000-0x00007FFBE1E99000-memory.dmp
memory/4752-3041-0x00007FFBEB8B0000-0x00007FFBEB8BF000-memory.dmp
memory/4752-3040-0x00007FFBE1CB0000-0x00007FFBE1CD4000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 821b1728a915eae981ab4a4a3e4ce0d1 |
| SHA1 | 8ba13520c913e33462c653614aece1b6e3c660a2 |
| SHA256 | 36c38bde1e74c5ee75878f275a411e528c00eaa3091e7c4adfa65b8b7d28fb3b |
| SHA512 | b8fd54808711878ed567f474f174db662e2457b6c246f625e148944532c70d94d87e96ef6febfb657895dd0eadc25906c9106fa75c6b2d3bd37ca6786f03a8b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aee441ff140ecb5de1df316f0a7338cd |
| SHA1 | 82f998907a111d858c67644e9f61d3b32b4cd009 |
| SHA256 | 5944b21c8bdfb7c6cb0da452f8904a164cc951c6a4bb3a306eaebcad2d611d67 |
| SHA512 | 54a2c1d4c8791ebc6324c1be052b7b73cbd74057d0ea46400cfd8e60f9a884ade60d838777eba7001cf44c924f63cba1a9708a6c71bf966f63f988c49ca70d31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 40054cb73dd68fcf513186a36e7b28b1 |
| SHA1 | 782f64c46affe72bd6b334c69aae88aa32216b2d |
| SHA256 | 136f61f0d620207ec049ca6889378a9e89d998a6ef15fbd2a8095482d8d88118 |
| SHA512 | 8689097b5b94b64af0be6b51f176041b25f5464bae229b7344df07a29893d5f13498c3f88f6448b956baa7accb460e31f5ffec6eda35f31b0587b5b0a1e63c76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fc63e31d2b8685e141497eb2d3200293 |
| SHA1 | 361cd64316a78dc9f649b44cc1d1ab99e7f727c7 |
| SHA256 | 0f89d7184647080a5321c6ae05809c4653fa836489af39b6be8a659d616ace41 |
| SHA512 | 551353ad2c48d0c5d24ece84262a314ccac3e68dda4e12b8d4bcde72c9129d099720844b1054bceb19e83507efb703e58c0f13a0da9ee6cc0fababd1f078c142 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | fb361603fc5f0d0744d0ab8c0a14808e |
| SHA1 | 8923ecea853047f3bef985cda8ec7e1d49eb340d |
| SHA256 | 94f4a35d32e3d0b102996be302a8e001605b01fa6b64a67c9d3065b5952caf37 |
| SHA512 | f30df6ecb43f3299a741f7e86910f4dc5141961fbed4fa5c1ec769437033a1598942b3f5f13824caac3831e942fd1cd9f253e59f31ab0226514d1fde4f8fcaca |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | be31cdf1eebc065bcb624ca96ae09220 |
| SHA1 | 090899da286c2e48d9e4fe45258b524894bf1fcb |
| SHA256 | 6618d22e069aa5b0aef8c48362250fba972e288113ea0e04b7f126a87ec06325 |
| SHA512 | a086611e0c1c33d66c429f4753f5ca4ef6d0995ffe214de4e9455c5b9931e70b54df3addb0331b0bf75b3c473e0be7490f9f6783faabb3e8beba676545d49dc9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 78a049c86f502df9dff4f392a47ae9d5 |
| SHA1 | 00e13560f0aff8f8ea98807bf738c29069c6e2b2 |
| SHA256 | 1631cf0116d6e624299e855acfcad683d276efd7fbe152c89c5944e3630b10a9 |
| SHA512 | 64bd581d4a60d40fb00538e80402e0e986ee239f5e15c7bf1085f5a6b91634d3f8a1257e417c0f2185b87e3cc5f503f2274d014e0ee42efb22711bc34cb234ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 777d1179e3c007647c294aa9a82f1619 |
| SHA1 | 812d5daae860d95759214e9447d8ce3f08b8497d |
| SHA256 | 68459126a56458d26195122842f98553edb8fb5faf9a6032ec2f8e16e2d2440f |
| SHA512 | 6842012600a6423dcfcc99dbab34d3a427fb1bfefbfba999bcd42a1199fcd4feaa38b5f2589c42de42ec0ef45cfbfa7723b4a5d858260d2dd73c0ea0097f6d63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c02c014cc706c4dab7981d93a53826fd |
| SHA1 | 3f34f6c035d3b50b17aa5cfbd04cd65c8f76d36a |
| SHA256 | 1c0ea82c76a25007634dcfe2f44cb146f8c47b06f4e50864e98a1910bd4f5762 |
| SHA512 | cfda4b9ea687eb0dd0979e8789bcd7c5c5e8166a41ae3b88ed525e920684b7456fc488dbc5b73ab2aa0fe9d37eefec1f1cc100ed235923ad384e4a8015bb5e9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b8ab77100df80ab2.customDestinations-ms
| MD5 | c0a1881ae749ed7b4b9c778fe1e73474 |
| SHA1 | 84c89bd9a9615d6a7c80b330a8f798193080d4e1 |
| SHA256 | 04a16a4b9a93b7c42a55e518b724c156546b783c08a978ba984aeb5472374c7f |
| SHA512 | fd8da4bad862c3f8f1ae6be9f80fb12d61295921ed321494d757da728d6fb7729e3f27321a252f431f59de776f2f77e86c1b1166a745d16a5bcd97d6c0580911 |
C:\Users\Admin\AppData\Roaming\Microsoft\Office\Recent\index.dat
| MD5 | 428972259d73ea1bd613e3ead0443cad |
| SHA1 | 04b6f496688e62001c95ede6939f6c57a7877476 |
| SHA256 | 9dc99a84034b6c70f1d7e197e09221b3288928eaecedb0921c78aa7d8b2e032c |
| SHA512 | bf207d3a9c0c37855c3dfac9b2e610e25022114d426786edcf09c4d0d18dcdf34212c186a5c1cc910a080d21b500f3be30960558767c07114aaa313fb518ea28 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b8ab77100df80ab2.customDestinations-ms
| MD5 | 9929c6f68711a286db7758b03c2f945f |
| SHA1 | de8b9fa7acdfb9ad0456f8336bb47aea72f18281 |
| SHA256 | 72bca315342f97c695db80d0392173d29ded07b2d28fcf9ab6876fa098f719ea |
| SHA512 | 374df730935860b170528ac496d33ae483b153e8926c91631164b1c959ab1a955963a5c64a3f44e8021470ce19e7292391c64dc8726f9c70dab3178f5afeb22e |
C:\Users\Admin\Desktop\F97A5E00
| MD5 | 375b69d08f5dcbae0b665b05894d8bdb |
| SHA1 | ee64bb8f4ea26c25e6ae502790085ec29ae4e601 |
| SHA256 | 9ea055659ae19afe84d3da1c15c0db0f6195b47444e84cc99fe422f9f7be8e7f |
| SHA512 | 3d55ea490f6d5b683b8404fd9561fb77ee3787a69b43e1cb5fad02e6eb063edcf6b4421a5815e5b6efb6227dcf7a29ae9b89d7aea6dda1fc512bf095b972aa32 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\datareporting\glean\pending_pings\bf15f234-e552-4240-b3fa-cdfec069cb28
| MD5 | 13bd07e90e9ad343c77a134232a06e21 |
| SHA1 | 9238a552fa28c5f862d058e2500192de4048e652 |
| SHA256 | 0dfa57efac9f1e8be527aa1fb4dc9a5904907005bcb573826950375e266a85e2 |
| SHA512 | f5d552b81de6ae7c8c638d35eb4b544ffb4a673182b7076879fa9415d02a3bd1984899fd67472056d188d80a4f0a6ffe818156682d4447891c6ed812adbc21f6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\datareporting\glean\pending_pings\abdb42b4-ecd1-4a6f-bdf4-76ab5b9b6cde
| MD5 | 53049b7241cd711c380deed75b7ec327 |
| SHA1 | 4b592b88ce124faf0137751daff00f87fdac5117 |
| SHA256 | 16a48c52886b7864887a28e9c40a4134040e5c621df5cec5604601e4fe49eb89 |
| SHA512 | f95f49a3aaec05e57eabfcca9e5e8425891866f7c414450f0b09ac63d368331c5cd4132a8a51e13b42cd3f4ef983c0950e7bd387c878148bfc4519988e7a18ec |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\datareporting\glean\pending_pings\8cb432d6-4f3d-4eb7-b62a-6f6834db1610
| MD5 | 0a491ac99ddaa58b8eb1e851077653b3 |
| SHA1 | cb2dedf28b3dc9af1c0b27b77a49805848645a4b |
| SHA256 | f5896722c3ababe1baf0fdc50cdbdbca99a9f9f1fa4c069d4cb5cdbd5421c609 |
| SHA512 | bf52f56f53f8bc1d34d5fd00e82b7a79913a54ea1cbd6fc165058484dad8bbbb3c757d70db0ed3e68f1f36e09f46051aa66002db6690e5f7c67852ca69149ad4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 11eedb3c4de31d62323a2dbaa385234b |
| SHA1 | 1c1aad13862df61047e4e85005e02f25dd35ea1e |
| SHA256 | 0c19fa856f5f2eeee622633847dd0b15bec1daf134b3fb74665eefbd816dc993 |
| SHA512 | 22b8880fab3f6ba1fafa8334e280e8e8ef415a13a1bfd5d9daab51f220be248a10c8d81773c2d9d0db1945c0ee60a830cadf55c0d47968c41dff31212f7d6f0e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | e555dbc4d45a2624f6285beb54ba6a09 |
| SHA1 | e67d563d652746bfae6662a77330dc2cbdb252e7 |
| SHA256 | d43928ff3834927bf97c43626a012c9644471440106f38324ab9aa6d9564f880 |
| SHA512 | cb2a6b3f0c870b8e5c52e85a35ddc5c8acc186c5c6eec11bc887a5fc9c54f55db6198309ecad7f256eeaa16d54aa04362105be7e2fad6e1d079fdac9c1edc5c2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k0aifmy2.default-release\activity-stream.discovery_stream.json
| MD5 | ac6e52b0bee09ce9d9e785a03811a96a |
| SHA1 | de0f8c63fbc8c058d4b91d28d70bc5fc10b00e0e |
| SHA256 | 513b81e8b42435334a2e8a4b7889e81d7841a6c4809f338ce3706d4c7d339e87 |
| SHA512 | 36362eccf82612b903fb5382ccf38e81b3bbd2b1a26ea3627b686f0e8883dc2637ddfb884a0abbb5b4a2663afffc928a8b18c40a270013db66ee3f21cc052b51 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 41ec20f536c273cd1136004476d21615 |
| SHA1 | 478f1e3338600dd5ad04f307c219426add7e6a2e |
| SHA256 | b5d5c594feac5e4395af9ca4da8099287a825f60df6e738846a9af3f0ce14bbd |
| SHA512 | fef2f7e0be7f7df4c24fc80d09108c0a8dc1ffd40d7effe14b86b8fd12dd5bb08b896f8bcf1b1a10ffba35fe1dee223218e91761541337cdcab06c3966420593 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\prefs.js
| MD5 | 91e9c731be2742ece704a55443186194 |
| SHA1 | 5b3f0b7afeebfa890fb056fd2094d4a99750c38f |
| SHA256 | 47cd8851f903de8f65decf828c1ce4d6f8abfca033e9a07a3204d44e664e562d |
| SHA512 | 0dc2f5bda8e73b073e1bc4294db9be073d9ae7b5defc00e5ad5a0423a042111a0f621f99cc3f6a2862a6bc8bf8e2a04422c0212617c0cc31d63a2d89fd8ae23e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\prefs-1.js
| MD5 | 26151ea1d19b54914c0d5e873224faec |
| SHA1 | 30b8a86b20ab585951b6456672cf4dfd44f2f889 |
| SHA256 | 3ac875dd7988bd2377f7768f9647c9ba4dd6d3d8e41b570cc2d2762f6246f910 |
| SHA512 | fa1d57c288e00449f422c4b09ada56956f72fe9e131cc6532a391844b3abb42e2f53c017a30e0e74cb2a451ab5259e44e5c8bfd68814246672d4b7c985b48237 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\AlternateServices.bin
| MD5 | 0910ba0211bcd838e9e62c1ad2228afa |
| SHA1 | f1949d56141cd315698dd391b200808ba03e5d0e |
| SHA256 | d2709827981d378a5dfb4e72e88c26f29419849b0c29b7c0154e9e55c2951b91 |
| SHA512 | e6c65c6f70e0122c1fbe6fa93dbfcf7864b49cc92e74f9daad3fcbfc23b444144ae79617272febd8921d5da7df654c55a73d4947366f840426efc7875ab6cf3b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\sessionstore-backups\recovery.baklz4
| MD5 | de22ba8732cc2ae103b1849ebfea3107 |
| SHA1 | ec3588697704868de829761942f6b22cf16d1d7c |
| SHA256 | 54a9fa1742a489056ebc835dfa0d67bb0c755e82d47e1e3ce4b6f88421fe8d50 |
| SHA512 | 4312ce9665ba324db5689cff0c74ec0d3ec05043bf10e99981642c2ff8eeeb41b48a49ad830035e974b57a41582f70f2a5893ba48f8cc91fb37e31ba653b61b2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 4bddb020aa685be544f3ee471548ded3 |
| SHA1 | d72ba00aeb3308e098816784abf0062bcae98941 |
| SHA256 | 819c775617322451933838c596aa3f4d649f86177e59817a73796641725534ed |
| SHA512 | 7b581e645c3ad083fff91b910f4752ce4e1356e6ed0ab9ff2cd410d32312f6772de296fe22eea201177b8dd258dcae8b42c1624cd215bc05d868aa467e73c4f9 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\AlternateServices.bin
| MD5 | ab672be86abfc028d76e2f16c16f5563 |
| SHA1 | 62b7167972f4aadcf366de00c6e5937546742add |
| SHA256 | eb18cb6ac9b10e925f79963ab8a0e3ae6d3c8a3ce983911b69192e72e7a57f63 |
| SHA512 | 48d2b3898ffef7fe48526aa3c763d0a0439cbafa87cd8b15579a7d9fddb0604e9358c239c17daa6c7359e24c766efa16a21043a4288e5101d074faa578b35b32 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\prefs-1.js
| MD5 | aee13dc5c3a2a03d68da32ca7011413a |
| SHA1 | dd9c64fe9406d486ed0d081f9115ac16cd3ab9f5 |
| SHA256 | aca9cb08fee265e4a8637e25b5230fab28b60d6777b8ef495d2f95a9eafda097 |
| SHA512 | e18586d69600534842e7c3d79f263182baa1eb37f18f8c524ae7412cd29ff7b92dd3fb854a56a7fc2d4349a36c2035c99730d4d47e7ff98b0d46a93cb25661db |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 568cc84070702476ff1326b499fcecb9 |
| SHA1 | 71050b888687661fe293b49bcbfc122a0bc5b04b |
| SHA256 | 687fda4f1c809574f35e0f19155edd84851acfc28e6c1db17ad2d354eca88984 |
| SHA512 | 3a7c262daa1e5dc9eca747e8ae79abe4297c86553b7dee60c7179573cac8379d7d1fcc466e13bb1f0ab8ddcc7a76f1fe29e81dc3e49ffb509607552891ab4fae |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\sessionstore-backups\recovery.baklz4
| MD5 | e2d04afa877c52de5db2f42da02d919b |
| SHA1 | 1eacef29000315f4a282f88f64b407e4f4fb0da5 |
| SHA256 | 7fb789369037716b805188852dbbd633ca7084426ef6f6fd6cccc043eae183c2 |
| SHA512 | 143e1156a28c41ed6966524ffd74950b7b62a558016dece625ad7b7ab4cd8c17d09256ccf18d326f18e34e430055a7d98f3f8fda53edf1529c137f3caeb3b1e3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 3975842e442d82fc6885710fd2839ceb |
| SHA1 | 4e5dbbef714d211769fa0efbd66b894a254c7dc9 |
| SHA256 | 08fb54c610af9c08f448ce860ec34ed83e2d77df89c6025bf14fbe2ef31e41fe |
| SHA512 | d47c2a1ecf1540ee1e35c82667fe78cd9ba01fbd39cc48bba984ce43a7750efe40055d5caf112a40a90757d9c52993bb170eddbe93ef3e1cad4effd30b818a2a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k0aifmy2.default-release\cache2\entries\F2429E488C0501B11AE94E0CC664752BF083117A
| MD5 | 7771016b1a0c92d8788e7caaccb7e5d2 |
| SHA1 | 392ce109cdd63641e24d9805834c797591623be4 |
| SHA256 | 658e16b58a2acf7908d41a26536d4f85b8b239d8e4537e2359c7843435f4c67f |
| SHA512 | 79545bfb0c28c488f5d61754f213fe284e29ceef37628af1c19e8e0d8bc0ba0ce87d6c1d44ed7ea133c53fc81f7eaab331c05ba26c757be4b6db948731f1f72d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\sessionstore-backups\recovery.baklz4
| MD5 | f0b075ec463693a1624ee0c0091934af |
| SHA1 | 4f77c97bb396ea59842b3f13f99e8f88cfc328c2 |
| SHA256 | 26a3c04adee6e0b59b536aa0bb6e3ce2ea68ec6e1b12465e667ecbeeccb29cd3 |
| SHA512 | 20bdda8979df662891c303768170b41c4b6c222d4dc691d7bf3668628a7f564277e095aa823a5111a5a72609e8ac8311d53ac8c1d4039d69dd69ad85a9559389 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k0aifmy2.default-release\cache2\doomed\11861
| MD5 | 46b1187a990a421fc18ea23c7f70bdd2 |
| SHA1 | ae9a13c63797340f4e6dbe3c13bf53fce2f33fdf |
| SHA256 | 2b0b66c68a298faa7513f587940c6c4d4989f31cce90a94514232467b2ede4cb |
| SHA512 | 8fb175936ba4d82cfb4531c4041ef5dea1ce5513e0731762920429d3a74f3538868d03db120221d361d8df1d16e14fea5745316e4ef12264c83b553e84b012b4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 92b7510919acc23149d55f175af3f3b5 |
| SHA1 | a832eda91cda5bec015914df5ddae733c508beba |
| SHA256 | e85048397a2ed15084f8166aa89bdaeee518fee798c004b770c499c12983a45e |
| SHA512 | 90a68e0cb7893fd5b8ba52c4b52de95d5fa0463f5739e7c2d032a05e1d4fdc00e2317b7dc9f58833593dfa241f25df4340fa7031f12073353ead51eda285cf40 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\prefs-1.js
| MD5 | 99830730f580b4317f7967f8991660c9 |
| SHA1 | dfd87b2a34e5e5ed811466d0cb5a396b2fd5f48c |
| SHA256 | dacf56722acdac11c72b75433109c57e309191fa866b00dd37c66f0d9d08f545 |
| SHA512 | cee46cf2b7b284e5a2dd4d5022a7b55d324eee320a4e5f6043e10539595fee61f454fca181a9fb05bd8885c557c77d4e5758a884195cfa89bf1061b6e7a4180f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k0aifmy2.default-release\cache2\entries\7D3068195A30D049CC263CE0A0641E65E92E39CF
| MD5 | b028dcc621baf8c298cbc60ef5cc76b7 |
| SHA1 | ddc3a5b2bd2ca11e48d8055a5b56d24f1b5f5bd3 |
| SHA256 | 0c7e872d49c9b8099d0eead11b591873887517a8f47a7d0c53ade07a909aa92a |
| SHA512 | dbc876ac31441aeda68838c44da020e943b2a2652f824cc76f1534cd441dff77aa4b31e5beaf600e383ce3be2f4ed37bdc7adf1d39b954eff2080b10af87367b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k0aifmy2.default-release\cache2\entries\B3E209C0A977414244AD29090033C0BF9F4E8BA3
| MD5 | 71d035c8174ad4c72836e554850ceeeb |
| SHA1 | 4c90bcdffa8fe3682fed22a8d17c27daa4814036 |
| SHA256 | 24548061a3a464186fb21578f8b5e41e090262e89578cf6cbc82ded4205fcecc |
| SHA512 | 1cf389f30bddcb2824cf9874b715a085da3dc3525f282b6e169c4228ec2fcedc615b998685192c5c00826bebb1a3ae616fe7d7d9beba3718fd84e08a43eff7a2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k0aifmy2.default-release\cache2\entries\677B80A25A006EDCC273545819E7C8B9A97E5201
| MD5 | e10565fbd87e2598ca373ca7c3b131d7 |
| SHA1 | 95f3d32e4ea7f953b2e4f0a47e9c7a2a94d922b4 |
| SHA256 | 5309880b192b6144c8d97e34a83c369569eaad3402a87bd100ea91b7d69799e9 |
| SHA512 | 852db0aa985d6652feef0a94bee08674e5470234fae6b89ff77b9e9aa0fb9c122ff42fa66802290452638d9c50df808e23b7c8d5020812bab895446b8efdb555 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\k0aifmy2.default-release\cache2\entries\2FAC8294461765A1D81BB47B466686C6D67287C3
| MD5 | 26614803ad7d6c153614fbba8fc2fdf3 |
| SHA1 | 000690aa9dcddbdefb29fb2773ff4078d197cba6 |
| SHA256 | 1cc137d2611662f9ce63313a674e00ee607c0f0201b602516068c169b22d582a |
| SHA512 | 9a5848a602e477e9f84e72fa73ce799988272bff682dfcc7a1a02886ce7cead78bcbf93ba41354ccc7741d9d3a3d04bcacedee77af47866374490fd39f3b890c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\JL83CFABEKBAKS9LIY06.temp
| MD5 | 6b0b75adedc67d8581821b8d35390f4e |
| SHA1 | f54351d3404af95ae3e1868478de37e75084786d |
| SHA256 | 9230347b0ac199ce4b4f74578d7d2477cd50433e61187602dfd10acdd939baa6 |
| SHA512 | c4e430124b89766bab6736673569aa1dc8793019588f055faf91f4fe856c3829e47000f62ff12116009cbedec5623cf0d822f0a05245eeb83edffbf12c82ad84 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 137d53485f043b1e2f65b68515e794c1 |
| SHA1 | e047f822a1c8d64a727228e6d93fbaec724a5b4e |
| SHA256 | ef154b83a6c226f7b2f531a90e981af8f207745df231795eede149a40813ef98 |
| SHA512 | 820f0d140e4731f89f31f37c7528d76e9a86ecb09de302f82659be2eef298a5832de997df0d402d8260dd0ae90ec684018457aa5af90e67fb120b52b7383b638 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 2a994cdf2f1c988b0911668fe01ca58f |
| SHA1 | 94c30fa670173c409ee7d92824b6f4ce6a2ff1ca |
| SHA256 | 02fbe0a62df3176bcaa380298887ffc3ff53ab8ce4943ba1bae733322861d8a3 |
| SHA512 | 3f83fb5a706d5ed3fde1de247cb5ef956ed5d213f05f9594167bfe54c421784be418a49f83b82a6f9c382e3f0222f3374b5bd586b104f5715aae5910133ebc5b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | d376b9242ed6f320699c9dc01e64c0df |
| SHA1 | aaae880b13816ddad698d208d382d86a02c1cb8c |
| SHA256 | 97fef5e860f1b1bffae6b6fff18b577c1a7a29b8694bcef600b59fe39497e298 |
| SHA512 | 479f64f4c6dec82ab0a6f876112f1a4666fa29082dfdd3b042ddd2eaa20dd7448d128795a88162e5bb642473b083af8b45a749a510e99c8ba113cf9a75a8bef2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0aifmy2.default-release\bookmarkbackups\bookmarks-2024-12-22_11_lyxg1hw4T5jXURaRXgX5wQ==.jsonlz4
| MD5 | 2e7447b0bbbd6748865b8f7ae490107f |
| SHA1 | e8078861912e9cb3de68989ec14365e61cc514a0 |
| SHA256 | e2284d8562675accf56af50a74d81b00e2cd9b6ed932a3401157c33b43b8eb26 |
| SHA512 | 7093a29ebb1bb5b44dceca71f96f6a5d5a4f359facb1a1cd4d8dbcfab4f7ed8773189cf44bf892d50b29fe0796c127c7f35095f556e3e45893dbbdf1809f117b |