Malware Analysis Report

2025-03-14 21:53

Sample ID 250118-l7b1xszpfw
Target https://capcutpro.download/
Tags
discovery google phishing evasion
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file https://capcutpro.download/ was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery google phishing evasion

Reads AppArmor ptrace settings

Detected potential entity reuse from brand GOOGLE.

Changes its process name

Resource Forking

Enumerates kernel/hardware configuration

Reads runtime system information

Browser Information Discovery

Enumerates system info in registry

NTFS ADS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Checks memory information

Checks CPU information

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-01-18 10:10

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-01-18 10:10

Reported

2025-01-18 10:15

Platform

win11-20241007-en

Max time kernel

232s

Max time network

234s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://capcutpro.download/

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\capcut-pro.apk:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2912 wrote to memory of 3316 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 3316 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 2796 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 3708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2912 wrote to memory of 1588 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://capcutpro.download/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc687a3cb8,0x7ffc687a3cc8,0x7ffc687a3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1884 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5788 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5428 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4104 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1904 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5644 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1872,5658131088913299849,10189544173657381929,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3664 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 capcutpro.download udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 95.100.153.153:443 th.bing.com tcp
N/A 224.0.0.251:5353 udp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
GB 2.16.153.224:443 www.bing.com tcp
US 95.100.153.134:443 th.bing.com tcp
US 95.100.153.158:443 th.bing.com tcp
US 95.100.153.158:443 th.bing.com tcp
US 95.100.153.134:443 th.bing.com tcp
NL 40.126.32.140:443 login.microsoftonline.com tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 cb557349d7af9d6754aed39b4ace5bee
SHA1 04de2ac30defbb36508a41872ddb475effe2d793
SHA256 cfc24ed7d1c2e2c6585f53db7b39aa2447bf9212487b0a3c8c2a7d8e7e5572ee
SHA512 f0cf51f42d975d720d613d09f201435bf98c6283ae5bc033207f4ada93b15e49743a235a1cfb1b761bde268e2f7f8561aa57619b99bff67a36820bc1a4d0ec4a

\??\pipe\LOCAL\crashpad_2912_NPKCYDDADXFFMFES

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aad1d98ca9748cc4c31aa3b5abfe0fed
SHA1 32e8d4d9447b13bc00ec3eb15a88c55c29489495
SHA256 2a07cac05ffcf140a9ad32e58ef51b32ecccf1e3ab5ef4e656770df813a8944e
SHA512 150ebf7e37d20f88b21ab7ea0793afe1d40b00611ed36f0cf1ac1371b656d26f11b08a84dbb958891c79776fae04c9c616e45e2e211d292988a5709857a3bf72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fb49be86fdd5736065cd1c8ca4a269b9
SHA1 1fe145542bd0b7e97bdc9903b1cb7b00b09b6fd6
SHA256 1b43ae459466fad28c0691f6a21929c7a0afb1ed6081b6f09b73370fcfe2d634
SHA512 580f356fdf75e3c3850ed5c9e543e6c13e66023fc8ebbee0d9bae1fca68edb3a16ec9c9c3abb275672e66e20f23be028516161efc641423388f850ba4fee5c23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4f81ffc3bfbe9a2fc3a5fa73ab9b3ea0
SHA1 f0849057e878bfc6130045cd3c528d7129d0ac93
SHA256 53c50fb4f6ea4be0cd42ca3bfbf74fade2c7002c200f973f2661b71340482616
SHA512 38a993f232f3ce4ac08891d19ac8f3e03889487dba1a1dc239e7f2d3822e71475600ca3b7d99fbbd159ad861efd7c29ced8cffa297995ca9d4d8d1f0d45c265b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c55c8cddab4968e062f076242fa83b8a
SHA1 7c10b3389578472a3cded34dc311d3f4236dc704
SHA256 e44e8d08f40433b6432eea369e4eb599848d9b0e31244d2ab66b90e9a5c3adb9
SHA512 81c3d5007332aa6b53a3d5bd08aa87e8383725b972ce5584a3185bfdc6ffe9b37626b785f830ceceb617abed7e32af099f7201a7ba2e580301ad448cea313481

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 be62d0d0d0e0129a54fb467e5689c97d
SHA1 3b71dd8c709873e29254ff521c78207ab28e1a86
SHA256 d81dc19cf2dac465b7d0a05947436982d5c024ea04d6456785ad6c394fb8bea8
SHA512 0e60ccfca9ce63ff9fe3ea34d8b37b75f042bd510dee3062b3f07ecacdd67948fa7c724dae3f014b2f622b841404aff827402df09aeec724811f09fd7b33d7fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b9de5aad530273907cfa76bcda38a805
SHA1 106fc5898aa89b48175eb318c8d34c80778f627f
SHA256 5c4e0bd4dee8de646970928e6cf68d8b382d6d5e74a70511ee277684f35934d2
SHA512 d390fc4ffe6d5497675a6eeb59e8abb8fc96cdb77b20f2710d87f78a2a73e16cfe2d96f9c78feb09e7a9829169b664699e4427d0ee2b9f5bd042978c45769c80

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3537375f44cb4b5064f4f4bee313d59d
SHA1 b45ceb8744160fc2652856f034edd2b691530be8
SHA256 824a5255233c6e9e1c3b23315227562a1a55a10271f449c912bd4232e2898f3a
SHA512 8e75fe9f7c0c4e8fd21676d9aff1ba411ba4ab59ea2da41de58a8c24cf62dbf52103688d7fbde79fe3b26e0a48ce2c966366676ed5c2212fa8995e7e01889ba6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c4603a040a35ca6f1a84c305d139ca59
SHA1 cce9e797302a469232c0e4abc5308f46fa9198ce
SHA256 1bf193d14ecff9749d97ab4564146feb9d1274ddc515982048ee63c5168ecd3c
SHA512 cce76eacfeba752a07d4304b22019430af936fcac77d7d430d0550683ed269762082d905255b7c1c085d8d0cad73b43b0c22d421de462fd1d238ad8fd82b276f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 6f34ea8227031aa900cfd6cf5dab1f2e
SHA1 221753240a3ea53d08d77f22bfa09edf7985fb03
SHA256 8360eb7616a34dcec9f47e7548e974bdf4147699ad3e27a802f5c2b0e514dd4b
SHA512 b844e87034f458ac4c4be8b70b6610113d1056296b310fc3b643304b4570e5c53a6fe52eed25e31dac7b4773b1ce9be79dbe9a26d6116585d21f986e167e6b19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4747d21e5f70e04ae569d86aa49759ca
SHA1 526b51bfe737da16229f526db2377a4c4466d48a
SHA256 d571d8945a3eb2f10f21e3d1bf788f90a14e8984a700f47e700c5975b17b1698
SHA512 d3532add24a786ad25eef84a6645e0e336f2525ad6370d4af68dd3a89cf30b1647b599c0ef762395d03797a8fa79bbcbbd638152cebc34a4ba7d7668750a0e5e

C:\Users\Admin\Downloads\capcut-pro.apk:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c78d691141f1e701cb7a48c3185e7e1b
SHA1 9501bcbe7ef9f9bf59d13975dcd69e359ebab2ba
SHA256 fc4d3e6cf7381d21b6f13ad2f374cf53ef4b2532de1476a5e2d458ecc68c943f
SHA512 652ace380e2039f382f7943f63944c3d6e1be7c6f87fe88caa013f0bb8c4d890175fb3d0f36046e04e6b2da5b309957d06c049412fc60b3e8ca9b48fa96eac4f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 99a66d8faf738f5eec9ec3eac0a8d0c3
SHA1 28d893cae11094e91bca66805e1ce7242e594293
SHA256 dcecb962e53c55072b1b8679c2877d95c7375c1b4f6a3cbc11852158f6db0813
SHA512 b43d3f53dfbef5b4a8e1e7cac22eb9f09acab1fdf2c1d127d3be259dab355b5e7a8ae68dc7332e6d952cc372f40e3f97f0820ff3db65553076f0e412e0126e1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 325110db81b1d8db0332448d05d5abc0
SHA1 ae75cd24b47ae49d38006f749eadd039f07ddd34
SHA256 278a8d60ba021f6885b63b945fddd9a42ad8654fe98da38f47ae55ece6aff6be
SHA512 3a79d18a7a23b817b16d96d4faf26951c25c3081ef83e36f889a5f937d385f92492b3f592dfff98829fe764fcd685f2b933a3c72937e3486cb7ff10c296e4542

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d188a0e6cab892c8a4ad985fe170798c
SHA1 97b520d4f548d6cd17266ce4f2b98abe630677da
SHA256 13ef6cea50e5475be84a52901937e18686ac034cab6816ab9772962fdcde575e
SHA512 19928336d8ba66ad94cff5452e3bf72986da4eb7879fe1215c62add451268f1f44866305f0d66ee1bfe752dc0a47f90653d333b62c983ec991268a6943a716e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5b25f3.TMP

MD5 9f9103819fb8ad3de6b79ea9e9fb7d1b
SHA1 3ba27f4dbd66cf12a4cd9e06c824f34ab5f47289
SHA256 470602ffe290ec2f0f63a75a941a8c71000bc7886b866c1a064f1db9861e8a1c
SHA512 7147dbffde3a8e4f57fe81287eef04458aba0986f8a62bc4c859ca43bcc05d8ad072798595cc090cdaf2d016d922eb1982c3bc07a7ecc973bba39ebc61193666

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\5a56a445-cbdf-41f9-b67a-c7dffaa6c40d.tmp

MD5 aed653b6b78c4cffd054fab92c07813f
SHA1 e665c54b820f55ddba440a195e12c05897005a7f
SHA256 b9f7e3d9e2516ff3f08a371e07de773d7bd42f19aa81737628250354719fe409
SHA512 ffe1e5b158d97b39b886a16a2221971705fca87817e7fcdb24a50755b8d8ab4e655eff68b52446193b07fdfe7fab3ac8cb9f022eda42db271c37ee18db7bf8ad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 0c7a6931992257ee6b06b4a05f2fe46c
SHA1 5507d484fb210e48be2683538e913f4f84c33dbc
SHA256 d5307a8ee9c9c09add4099415085417bffc15d75459704685720a278d5486dbd
SHA512 a13216009e106167985d3d9227ff4cc2aa610b6b8846b9c18d0faee7f3ec5bdd3bf55b228fb24ea46114966aa9e5664ad7d8e529cc0859686619ddf9da3be57a

Analysis: behavioral2

Detonation Overview

Submitted

2025-01-18 10:10

Reported

2025-01-18 10:26

Platform

android-x64-arm64-20240624-en

Max time kernel

897s

Max time network

906s

Command Line

com.android.chrome

Signatures

Detected potential entity reuse from brand GOOGLE.

phishing google

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.187.206:443 tcp
GB 142.250.187.206:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.187.238:443 android.apis.google.com tcp
US 1.1.1.1:53 capcutpro.download udp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 capcutpro.download udp
BE 108.177.15.84:443 accounts.google.com tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.179.227:443 update.googleapis.com tcp
GB 142.250.187.228:443 tcp
GB 142.250.187.228:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.179.227:443 update.googleapis.com tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
GB 142.250.200.2:443 tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
GB 142.250.180.14:443 tcp
GB 142.250.180.10:443 digitalassetlinks.googleapis.com tcp
US 1.1.1.1:53 capcutpro.download udp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 accounts.google.com udp
GB 64.233.166.84:443 accounts.google.com tcp
US 1.1.1.1:53 capcutpro.download udp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 lh5.googleusercontent.com udp
US 1.1.1.1:53 encrypted-tbn0.gstatic.com udp
GB 142.250.179.225:443 lh5.googleusercontent.com tcp
GB 172.217.16.238:443 encrypted-tbn0.gstatic.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
GB 142.250.179.228:443 www.google.com tcp
GB 172.217.16.238:443 encrypted-tbn0.gstatic.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 clients1.google.com udp
GB 142.250.187.238:443 clients1.google.com tcp
US 1.1.1.1:53 lh5.googleusercontent.com udp
GB 142.250.178.1:443 lh5.googleusercontent.com tcp
US 1.1.1.1:53 mycapcutapks.com udp
US 172.67.207.27:80 mycapcutapks.com tcp
US 172.67.207.27:80 mycapcutapks.com tcp
US 172.67.207.27:443 mycapcutapks.com tcp
US 1.1.1.1:53 img.mycapcutapks.com udp
US 1.1.1.1:53 d2w9cdu84xc4eq.cloudfront.net udp
US 1.1.1.1:53 sdki.truepush.com udp
US 1.1.1.1:53 avads.live udp
US 1.1.1.1:53 dx.tetheryplagues.com udp
US 1.1.1.1:53 sdki.truepush.com udp
US 172.67.145.61:443 avads.live tcp
GB 13.224.246.58:443 d2w9cdu84xc4eq.cloudfront.net tcp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
NL 23.109.170.72:443 dx.tetheryplagues.com tcp
NL 23.109.170.72:443 dx.tetheryplagues.com tcp
US 1.1.1.1:53 ukankingwithea.com udp
US 1.1.1.1:53 getrunkhomuto.info udp
US 1.1.1.1:53 ukuleqasforsale.com udp
US 1.1.1.1:53 ghabovethec.info udp
US 104.21.16.1:443 ukankingwithea.com tcp
US 104.21.16.1:443 ukankingwithea.com tcp
US 1.1.1.1:53 www.facebook.com udp
GB 64.233.166.84:443 accounts.google.com tcp
US 172.67.167.115:443 ukuleqasforsale.com tcp
US 172.67.167.115:443 ukuleqasforsale.com tcp
GB 143.204.176.70:443 getrunkhomuto.info tcp
GB 18.244.140.110:443 ghabovethec.info tcp
US 1.1.1.1:53 www.clarity.ms udp
GB 157.240.214.35:443 www.facebook.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 1.1.1.1:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 1.1.1.1:53 www.googletagservices.com udp
GB 216.58.201.98:443 www.googletagservices.com tcp
US 1.1.1.1:53 c.clarity.ms udp
IE 13.74.129.1:443 c.clarity.ms tcp
US 1.1.1.1:53 fundingchoicesmessages.google.com udp
GB 216.58.212.206:443 fundingchoicesmessages.google.com tcp
US 1.1.1.1:53 c.bing.com udp
US 204.79.197.237:443 c.bing.com tcp
US 1.1.1.1:53 securepubads.g.doubleclick.net udp
US 1.1.1.1:53 u.clarity.ms udp
GB 142.250.178.2:443 securepubads.g.doubleclick.net tcp
US 4.227.249.197:443 u.clarity.ms tcp
US 1.1.1.1:53 lh3.googleusercontent.com udp
GB 216.58.212.193:443 lh3.googleusercontent.com tcp
GB 216.58.212.206:443 fundingchoicesmessages.google.com tcp
US 1.1.1.1:53 ep1.adtrafficquality.google udp
GB 142.250.178.2:443 ep1.adtrafficquality.google tcp
US 1.1.1.1:53 2c1b96ee19892aa18db389f88b802558.safeframe.googlesyndication.com udp
GB 216.58.201.97:443 2c1b96ee19892aa18db389f88b802558.safeframe.googlesyndication.com tcp
US 1.1.1.1:53 ep2.adtrafficquality.google udp
GB 142.250.200.33:443 ep2.adtrafficquality.google tcp
GB 142.250.178.2:443 ep1.adtrafficquality.google tcp
US 1.1.1.1:53 redirector.gvt1.com udp
GB 216.58.212.238:443 redirector.gvt1.com tcp
US 1.1.1.1:53 r3---sn-aigzrn76.gvt1.com udp
GB 173.194.137.72:443 r3---sn-aigzrn76.gvt1.com tcp
US 1.1.1.1:53 digitalassetlinks.googleapis.com udp
US 1.1.1.1:53 r1---sn-aigzrn7k.gvt1.com udp
GB 173.194.139.6:443 r1---sn-aigzrn7k.gvt1.com tcp
US 1.1.1.1:53 r1---sn-aigzrnsz.gvt1.com udp
GB 74.125.175.166:443 r1---sn-aigzrnsz.gvt1.com tcp
US 1.1.1.1:53 r3---sn-aigzrn7z.gvt1.com udp
GB 173.194.135.104:443 r3---sn-aigzrn7z.gvt1.com tcp
US 1.1.1.1:53 r5---sn-aigzrnse.gvt1.com udp
GB 74.125.168.202:443 r5---sn-aigzrnse.gvt1.com tcp
US 1.1.1.1:53 r3---sn-aigzrn7s.gvt1.com udp
GB 173.194.129.200:443 r3---sn-aigzrn7s.gvt1.com tcp
US 1.1.1.1:53 r3---sn-aigzrnsl.gvt1.com udp
GB 74.125.168.232:443 r3---sn-aigzrnsl.gvt1.com tcp
US 1.1.1.1:53 r5---sn-aigzrnsl.gvt1.com udp
GB 74.125.168.234:443 r5---sn-aigzrnsl.gvt1.com tcp
US 1.1.1.1:53 r5---sn-aigzrnze.gvt1.com udp
GB 74.125.175.234:443 r5---sn-aigzrnze.gvt1.com tcp
US 1.1.1.1:53 r4---sn-aigzrn7d.gvt1.com udp
GB 173.194.138.201:443 r4---sn-aigzrn7d.gvt1.com tcp
GB 143.204.176.70:443 getrunkhomuto.info tcp
US 1.1.1.1:53 dyrdi.developedseve.com udp
US 34.195.224.242:443 dyrdi.developedseve.com tcp
US 34.195.224.242:443 dyrdi.developedseve.com tcp
US 1.1.1.1:53 trk.bent-memory-strip-dear.run udp
US 104.21.32.1:443 trk.bent-memory-strip-dear.run tcp
US 1.1.1.1:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 1.1.1.1:53 www.safesuperiorprotectdownload.top udp
US 104.21.32.135:443 www.safesuperiorprotectdownload.top tcp
US 104.21.32.135:443 www.safesuperiorprotectdownload.top tcp
US 1.1.1.1:53 cdn.safesuperiorprotectdownload.top udp
US 104.21.32.1:80 trk.bent-memory-strip-dear.run tcp
US 104.21.32.1:80 trk.bent-memory-strip-dear.run tcp
US 1.1.1.1:53 c.ftblltrck.com udp
US 52.71.222.132:443 c.ftblltrck.com tcp
US 52.71.222.132:443 c.ftblltrck.com tcp
US 1.1.1.1:53 ftblltrck.com udp
US 35.168.201.31:443 ftblltrck.com tcp
US 1.1.1.1:53 nationalconsumerscenter.co.uk udp
US 104.18.21.83:443 nationalconsumerscenter.co.uk tcp
US 1.1.1.1:53 www.cdn925.com udp
US 104.16.247.135:443 www.cdn925.com tcp
US 104.16.247.135:443 www.cdn925.com tcp
US 1.1.1.1:53 www.clicken.us udp
US 104.16.242.248:443 www.clicken.us tcp
US 1.1.1.1:53 fqtag.com udp
US 35.190.72.161:443 fqtag.com tcp
US 35.190.36.172:443 cdn.fqtag.com tcp
US 1.1.1.1:53 u.clarity.ms udp
US 1.1.1.1:53 stun.2talk.com udp
US 1.1.1.1:53 stun.botonakis.com udp
US 1.1.1.1:53 stun.budgetphone.nl udp
US 1.1.1.1:53 stun.counterpath.com udp
US 1.1.1.1:53 stun.gradwell.com udp
US 35.190.72.161:443 fqtag.com tcp
US 1.1.1.1:53 stun.jumblo.com udp
US 4.227.249.197:443 u.clarity.ms tcp
US 1.1.1.1:53 stun.2talk.com udp
US 1.1.1.1:53 stun.botonakis.com udp
US 1.1.1.1:53 stun.nas.net udp
US 1.1.1.1:53 stun.gradwell.com udp
US 216.93.246.18:3478 stun.counterpath.com udp
US 1.1.1.1:53 stun.node4.co.uk udp
US 1.1.1.1:53 stun.veoh.com udp
US 1.1.1.1:53 stun.voip.aebc.com udp
US 1.1.1.1:53 stun.voipzoom.com udp
US 1.1.1.1:53 stun.voxox.com udp
DE 77.72.169.211:3478 stun.voipzoom.com udp
CA 216.145.109.98:3478 stun.nas.net udp
US 1.1.1.1:53 stun.budgetphone.nl udp
US 1.1.1.1:53 stun.wwdl.net udp
CA 66.51.128.11:3478 stun.voip.aebc.com udp
US 1.1.1.1:53 stun.voxox.com udp
US 1.1.1.1:53 stun.veoh.com udp
DE 77.72.169.212:3478 stun.voipzoom.com udp
US 1.1.1.1:53 aux.fqtag.com udp
US 1.1.1.1:53 stun.node4.co.uk udp
US 35.190.13.203:443 aux.fqtag.com tcp
US 70.85.220.74:3478 stun.wwdl.net udp
US 1.1.1.1:53 api.trustedform.com udp
US 1.1.1.1:53 create.lidstatic.com udp
US 104.22.39.182:443 create.lidstatic.com tcp
US 3.219.25.130:443 api.trustedform.com tcp
US 1.1.1.1:53 create.leadid.com udp
US 54.82.103.157:443 create.leadid.com tcp
US 1.1.1.1:53 udp
US 3.166.65.108:443 cdn.trustedform.com tcp
US 1.1.1.1:53 d2m2wsoho8qq12.cloudfront.net udp
GB 18.165.196.58:443 d2m2wsoho8qq12.cloudfront.net tcp
US 1.1.1.1:53 deviceid.trueleadid.com udp
US 45.223.19.68:443 deviceid.trueleadid.com tcp
US 54.82.103.157:443 create.leadid.com tcp
US 3.219.25.130:443 api.trustedform.com tcp
US 1.1.1.1:53 u.clarity.ms udp
US 4.227.249.197:443 u.clarity.ms tcp
US 1.1.1.1:53 u.clarity.ms udp
US 4.227.249.197:443 u.clarity.ms tcp
US 1.1.1.1:53 maxcdn.bootstrapcdn.com udp
US 1.1.1.1:53 maxcdn.bootstrapcdn.com udp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
US 1.1.1.1:53 sc-static.net udp
US 1.1.1.1:53 ftblltrck.com udp
US 1.1.1.1:53 connect.facebook.net udp
GB 163.70.147.23:443 connect.facebook.net tcp
US 104.16.242.248:443 www.clicken.us tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 googleads.g.doubleclick.net udp
GB 172.217.169.4:443 www.google.com tcp
US 1.1.1.1:53 www.google.co.uk udp
US 1.1.1.1:53 sc-static.net udp
US 1.1.1.1:53 ftblltrck.com udp
US 3.163.248.4:443 sc-static.net tcp
US 35.168.201.31:443 ftblltrck.com tcp
US 35.168.201.31:443 ftblltrck.com tcp
US 1.1.1.1:53 www.facebook.com udp
US 1.1.1.1:53 tr.snapchat.com udp
US 35.190.43.134:443 tr.snapchat.com tcp
US 35.190.43.134:443 tr.snapchat.com tcp
US 35.190.43.134:443 tr.snapchat.com tcp
US 35.190.43.134:443 tr.snapchat.com tcp
US 1.1.1.1:53 tr6.snapchat.com udp
US 35.168.201.31:443 ftblltrck.com tcp
US 1.1.1.1:53 www.facebook.com udp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 1.1.1.1:53 securepaths.com udp
US 35.190.72.161:443 securepaths.com tcp
US 1.1.1.1:53 www.cdn925.com udp
US 35.168.201.31:443 ftblltrck.com tcp
US 35.168.201.31:443 ftblltrck.com tcp
US 35.168.201.31:443 ftblltrck.com tcp

Files

files/dom-0.html

MD5 fed74773ab71c649379966cb2281bd35
SHA1 457adc9ee2022374c8ba0ca2e88709677cbc6dbf
SHA256 2562b33dac0fcde5c759155c3f05179e881dc7a9b5b03d436a7a36a13ad8a862
SHA512 a69eb64efdf609d2fd049d4c96c9293b6fdf13d6adaa18db0789898defd3248e3c8d6dcc986f99579cda5b1fc4070e6ade24fdf5a01f70b27b29b0e8081dc94f

/storage/emulated/0/Download/.pending-1737800136-capcut-pro.apk (deleted)

MD5 62bd327730413d3ef256a20bfe9a0ee3
SHA1 41646dba1e408fe977d4fc811a180b53b1fc1c2a
SHA256 a52d2aecb306912db39ab88f17bc483f735776bc969c123408dd2543c39067e2
SHA512 a744110e11affcbf951d61408a3004795aa79117a42d05cf87c471aeef1239b16dc9525dc87b7b245b14f33d2b6c4b707e88bc704d677aa54b0a7fc361e16e31

/storage/emulated/0/Download/.pending-1737800136-capcut-pro.apk

MD5 f6b9879d03f7c7e54a79627384fd3d33
SHA1 5abb4048c0e017ea52be0c944bf3144e601d271a
SHA256 be57fd89da055cd7128a224e4138613c34521570724ff9300656810c961359b5
SHA512 c2dd08a45836b599e9214b10c30ec306a46294e2d21d1356cbf0ce6f02a529275866cf94e07ca3ba040a83d77c05d074bddcf12cf6e52a092c4c60b6c22ec859

Analysis: behavioral3

Detonation Overview

Submitted

2025-01-18 10:10

Reported

2025-01-18 10:26

Platform

macos-20241101-en

Max time kernel

601s

Max time network

851s

Command Line

[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://capcutpro.download/"]

Signatures

Resource Forking

evasion
Description Indicator Process Target
N/A "/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall" "--install=/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz" N/A N/A
N/A /usr/bin/tar -Oxjf "/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz" GoogleSoftwareUpdate.bundle/Contents/Info.plist N/A N/A

Processes

/bin/sh

[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://capcutpro.download/"]

/bin/bash

[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://capcutpro.download/"]

/usr/bin/sudo

[sudo /bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://capcutpro.download/]

/bin/zsh

[/bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://capcutpro.download/]

/Applications/Google Chrome.app/Contents/MacOS/Google Chrome

[/Applications/Google Chrome.app/Contents/MacOS/Google Chrome --simulate-outdated-no-au=Tue, 31 Dec 2099 --new-window https://capcutpro.download/]

/usr/libexec/xpcproxy

[xpcproxy com.apple.GameController.gamecontrollerd]

/usr/libexec/gamecontrollerd

[/usr/libexec/gamecontrollerd]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler --monitor-self-annotation=ptype=crashpad-handler --database=/var/root/Library/Application Support/Google/Chrome/Crashpad --metrics-dir=/var/root/Library/Application Support/Google/Chrome --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=OS X --annotation=prod=Chrome_Mac --annotation=ver=101.0.4951.54 --handshake-fd=5]

/usr/bin/profiles

[/usr/bin/profiles status -type enrollment]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall --install=/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize com.google.Chrome]

/usr/bin/tar

[/usr/bin/tar -Oxjf /Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz GoogleSoftwareUpdate.bundle/Contents/Info.plist]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU) --type=gpu-process --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --gpu-preferences=UAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgEAAAAAAAAmAQAAAAAAACIAQAAMAAAAIABAAAAAAAAiAEAAAAAAACQAQAAAAAAAJgBAAAAAAAAoAEAAAAAAACoAQAAAAAAALABAAAAAAAAuAEAAAAAAADAAQAAAAAAAMgBAAAAAAAA0AEAAAAAAADYAQAAAAAAAOABAAAAAAAA6AEAAAAAAADwAQAAAAAAAPgBAAAAAAAAAAIAAAAAAAAIAgAAAAAAABACAAAAAAAAGAIAAAAAAAAgAgAAAAAAACgCAAAAAAAAMAIAAAAAAAA4AgAAAAAAAEACAAAAAAAASAIAAAAAAABQAgAAAAAAAFgCAAAAAAAAYAIAAAAAAABoAgAAAAAAAHACAAAAAAAAeAIAAAAAAACAAgAAAAAAAIgCAAAAAAAAkAIAAAAAAACYAgAAAAAAAKACAAAAAAAAqAIAAAAAAACwAgAAAAAAALgCAAAAAAAAwAIAAAAAAADIAgAAAAAAANACAAAAAAAA2AIAAAAAAADgAgAAAAAAAOgCAAAAAAAA8AIAAAAAAAD4AgAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAHAAAAEAAAAAAAAAAAAAAACAAAABAAAAAAAAAAAAAAAAkAAAAQAAAAAAAAAAAAAAALAAAAEAAAAAAAAAAAAAAADAAAABAAAAAAAAAAAAAAAA4AAAAQAAAAAAAAAAAAAAAPAAAAEAAAAAAAAAABAAAAAAAAABAAAAAAAAAAAQAAAAcAAAAQAAAAAAAAAAEAAAAIAAAAEAAAAAAAAAABAAAACQAAABAAAAAAAAAAAQAAAAsAAAAQAAAAAAAAAAEAAAAMAAAAEAAAAAAAAAABAAAADgAAABAAAAAAAAAAAQAAAA8AAAAQAAAAAAAAAAQAAAAAAAAAEAAAAAAAAAAEAAAABwAAABAAAAAAAAAABAAAAAgAAAAQAAAAAAAAAAQAAAAJAAAAEAAAAAAAAAAEAAAACwAAABAAAAAAAAAABAAAAAwAAAAQAAAAAAAAAAQAAAAOAAAAEAAAAAAAAAAEAAAADwAAABAAAAAAAAAABwAAAAAAAAAQAAAAAAAAAAcAAAAHAAAAEAAAAAAAAAAHAAAACAAAABAAAAAAAAAABwAAAAkAAAAQAAAAAAAAAAcAAAALAAAAEAAAAAAAAAAHAAAADAAAABAAAAAAAAAABwAAAA4AAAAQAAAAAAAAAAcAAAAPAAAAEAAAAAAAAAAIAAAAAAAAABAAAAAAAAAACAAAAAcAAAAQAAAAAAAAAAgAAAAIAAAAEAAAAAAAAAAIAAAACQAAABAAAAAAAAAACAAAAAsAAAAQAAAAAAAAAAgAAAAMAAAAEAAAAAAAAAAIAAAADgAAABAAAAAAAAAACAAAAA8AAAAQAAAAAAAAAAoAAAAAAAAAEAAAAAAAAAAKAAAABwAAABAAAAAAAAAACgAAAAgAAAAQAAAAAAAAAAoAAAAJAAAAEAAAAAAAAAAKAAAACwAAABAAAAAAAAAACgAAAAwAAAAQAAAAAAAAAAoAAAAOAAAAEAAAAAAAAAAKAAAADwAAAAgAAAAAAAAACAAAAAAAAAA= --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=29]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=network --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=21]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=55]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts) --type=utility --utility-sub-type=mac_notifications.mojom.MacNotificationProvider --lang=en-GB --service-sandbox-type=none --message-loop-type-ui --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=7 --launch-time-ticks=289150034 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=58]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=6 --launch-time-ticks=289193572 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=58]

/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin

[/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin --productid com.google.Chrome --print-tickets --store /Library/Google/GoogleSoftwareUpdate/TicketStore/Keystone.ticketstore]

/usr/libexec/xpcproxy

[xpcproxy com.apple.SafariLaunchAgent]

/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent

[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=8 --launch-time-ticks=292266644 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=73]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=12 --launch-time-ticks=292556335 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=77]

/Library/Application Support/Google/GoogleUpdater/Current/GoogleUpdater.app/Contents/Helpers/launcher

[/Library/Application Support/Google/GoogleUpdater/Current/GoogleUpdater.app/Contents/Helpers/launcher]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=10 --launch-time-ticks=293029885 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=77]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=11 --launch-time-ticks=293245775 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=77]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=86]

/Library/Application Support/Google/GoogleUpdater/128.0.6597.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater

[GoogleUpdater --server --service=update --system]

/Library/Application Support/Google/GoogleUpdater/128.0.6597.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater

[/Library/Application Support/Google/GoogleUpdater/128.0.6597.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater --crash-handler --system --database=/Library/Application Support/Google/GoogleUpdater/128.0.6597.0/Crashpad --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=128.0.6597.0 --handshake-fd=5]

/usr/bin/profiles

[/usr/bin/profiles status -type enrollment]

/usr/sbin/system_profiler

[/usr/sbin/system_profiler SPConfigurationProfileDataType -detailLevel mini -timeout 15 -xml]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=108]

/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin

[/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin -P com.google.Chrome --delete --user-store]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=111]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=114]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=111]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=19 --launch-time-ticks=303394217 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=116]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=124]

/usr/libexec/xpcproxy

[xpcproxy com.apple.nsurlstoraged]

/usr/libexec/nsurlstoraged

[/usr/libexec/nsurlstoraged --privileged]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=117]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=117]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=120]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=120]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=120]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=120]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=120]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=119]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=120]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,6649500847306125308,12651436700664199475,131072 --seatbelt-client=122]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump]

/usr/sbin/spindump

[/usr/sbin/spindump]

/usr/libexec/xpcproxy

[xpcproxy com.apple.diagnosticd]

/usr/libexec/diagnosticd

[/usr/libexec/diagnosticd]

Network

Country Destination Domain Proto
US 8.8.8.8:53 7-courier.push.apple.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com tcp
US 8.8.8.8:53 capcutpro.download udp
US 149.18.18.217:443 capcutpro.download tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google udp
GB 142.250.180.14:80 redirector.gvt1.com tcp
GB 173.194.5.40:80 r3---sn-aigzrn7e.gvt1.com tcp
NL 173.194.69.84:443 accounts.google.com tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
GB 142.250.187.202:443 optimizationguide-pa.googleapis.com tcp
US 8.8.4.4:443 dns.google udp
GB 216.58.204.67:443 update.googleapis.com tcp
US 8.8.4.4:443 dns.google udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 lb._dns-sd._udp.0.0.127.10.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.4.4:443 dns.google udp
GB 172.217.169.74:443 safebrowsing.googleapis.com tcp

Files

/tmp/com.google.Keystone/.keystone_system_install_lock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/Users/run/Library/Keychains/login.keychain-db

MD5 3cce08ff0b379de399c04ff5014bae35
SHA1 b40f0c133bf37125917ba2ac2fe301f3f6b31c35
SHA256 99d98ccefcc9e79091866e724af32e9006222faebc913c105569705b3be22e9f
SHA512 3cea2af364a43ac0093eb6574611d33fb203a156dff14e8cf0eb4dced93b2bc6658b68acf74421c00fd999dfbee327a4c3b51c1345fd0f90f042b11dcb3d0a71

/Users/run/Library/Keychains/login.keychain-db

MD5 9adc7f09dcb1fffb4b55ed98fc5d0082
SHA1 ae344e5a7acd7d555bc33210d1e09a097fd058b0
SHA256 c43fe8861b454a58b72915b6442b8a1c7bbb85f9f8060b740ffbe7131753ac42
SHA512 24684847ca6270c31e679e874dd3c71491cff16b53f3281d6430c309c76c477c5e3199ce046c0896cae5c7a459bcc4cbfcaff27172ce772fe84a77a7b1588430

/Users/run/Library/Keychains/login.keychain-db

MD5 5a2755bbc91d03f8cdaa9bfe92858a2d
SHA1 937f136dac55ab1d6b4bf0da5854c5e5156d3e92
SHA256 eef51c2689cc5d18714153a35d8af7f68f0fd1d3fe2594029461a280b2620302
SHA512 31656526437977ce88416e895149a599fb076ef37c5231bed27d35a965c472c034f0502f9c4795993c72eb3a289b81f648bafed1dd6c53144bc326fe099ebd2a

/Users/run/Library/Keychains/login.keychain-db

MD5 0de65d473591203a2494116eddbb2f93
SHA1 b455676e1dac4351d2f0df8a5891c2ad464d74b6
SHA256 781e062f9dd99ee54e8457104fa49fcf3c6b04980c125773aaf84554978d8b22
SHA512 89b108246b48bd0e3b8ab6926ab3e2f787a30cdc10671883c82809ca633418600c7d5bea8ac6963155292c273b74206d892e34a41c3500cb99f4c45bce7cb543

/Users/run/Library/Keychains/login.keychain-db

MD5 14396ae7dae0ccf7b99df009153f838c
SHA1 31a205714110d45fab22952976b716626f96b4a9
SHA256 61e03994a5e267d957180651fd24eb601ae03a50e7d33be7389b8a2f0a67b031
SHA512 d7795194a5aac29b08c357ae71e469f0ff0bcd1caaf016348c544d6b7bc1db9ce58ea783cb2c5fee1cb88000cff63d3c430187fd9903d3e7e4a7742630d066ae

/var/root/Library/Application Support/Google/Chrome/Crashpad/settings.dat

MD5 c6db1caaee0095f017c09113d53ed054
SHA1 cc37e2b3948325a0eeb51080f45b17ebf52a7035
SHA256 ca3252b297284a87de2ee1688585f7c37d26b98c05d7ed04bd7d6df10c0d1476
SHA512 3013340ee4157dfef7dcacd690b840f12b876e8241d4e8bc419016d5336810ab77023cdbbeaa896544e4c29f386d21296649542ef2b0fc6b58c49e2ad0337d85

/Users/run/Library/Keychains/login.keychain-db

MD5 788a67d27ad15ed33cf8f654c1fe294b
SHA1 8e350cac15a5577de2e297a6aaf77ff42a06daef
SHA256 5d6c138c3e81abf8c999d3a2b9f353fab161a1072d4d53073fd8c7ae5eaaf3b9
SHA512 75e0da34d582eb8ce311e6d26f5e4cbea9cf85c8eb77b6d31bc51eee6ab2163e0aa7c6ea5b3389b1a3d30a31ee741795f6cc42dc910903a7c96cdd2afaeb19c7

/var/root/Library/Application Support/Google/Chrome/Default/Sync Data/LevelDB/000003.ldb

MD5 fe382e791274914bee5950777e4f1fd3
SHA1 53b523b5fc87e66f2520a0b5f9ea080072668f4d
SHA256 935d36c021d0e08a5648c622f3f6fde376e3310013680ae598c0e22dc943d132
SHA512 a5f608fb4f0a1dbc4c5d1b739b1a5b6f50cac1d6a61312b19abf9f601882a291d73524ac55bbe183e4e64db8dcc203d4bf3cedc734fd04bd448cb825d98d1e67

/var/root/Library/Application Support/Google/Chrome/Default/Site Characteristics Database/000003.ldb

MD5 5c4e7ade5753ab7de2c42c04111fa42e
SHA1 fb577b8c07d9617f507a3f2950df0a6dcfebe4e2
SHA256 d3979fd2d9ecfdb05498d79d1f24998c38cfd107e321f6810d8b7f9f12affd82
SHA512 7a7452bcd22e66190e36ff0036f21d854fa57bdcbaebf637aa3a6d932a385a7c90525ede0c124853c218445d583c0edcf45d12159ca452732f31d16c3901929b

/var/root/Library/Application Support/Google/Chrome/Default/Extension Scripts/CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

/var/root/Library/Application Support/Google/Chrome/Default/Extension Scripts/MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

/var/root/Library/Application Support/Google/Chrome/Default/Session Storage/000003.ldb

MD5 38fc535a8f11d7e955ef58cc63158eff
SHA1 c45ad3ee106dbfb65dce7c09b53140f34454cd0e
SHA256 085c44dfa11e65ac3548c4d0fe1ae641570f90c7caaa2881c3990efcf555e6a8
SHA512 26e70000f77c1b6388dd470f9d7ec6bedc4fc3c43e48efcc853812eb076108bcdd9f50f7a89265e431d33df96e71755ca242dfd0aac16a51d99dea50a5a1e505

/var/root/Library/Application Support/Google/Chrome/Default/shared_proto_db/metadata/000003.ldb

MD5 17a2dc5826aeb539547f00f52eccccd5
SHA1 fd36ad6db84312792cffac0267f6329b21727d66
SHA256 746da9cf33c3e4d29907dfdf1065f06ae16dcb5c2e9a34cfb5dd0dae9130f151
SHA512 6bca3e308d0446211570021c1f1dc6d8e9704a2a68a90c5c8daf26b20cb2702bccfae8ddfeb6f16c8bfea83e1b648810054a25a7967bb9539feb241f2950ea73

/var/root/Library/Application Support/Google/Chrome/Default/shared_proto_db/000003.ldb

MD5 ea517aa120c972c602673d331dfa35bc
SHA1 7ff539eec544cf306b80137bc182fb544e58aad5
SHA256 0c53b2ef8ec9bd6c3b81955b45cd9fc69705e7b435ad747b50c150c7e341f8da
SHA512 e2bc6f26b0db61af3b7f1648e890be2b748aa886ff3ab51e207a915432c6d9a426b188fe9c979b443e8fe8aad248442b20b2e6cd38f494264cb7cdbcaa88eecd

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.smEVf0

MD5 541f52e24fe1ef9f8e12377a6ccae0c0
SHA1 189898bb2dcae7d5a6057bc2d98b8b450afaebb6
SHA256 81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82
SHA512 d779d78a15c5efca51ebd6b96a7ccb6d718741bdf7d9a37f53b2eb4b98aa1a78bc4cfa57d6e763aab97276c8f9088940ac0476690d4d46023ff4bf52f3326c88

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/scoped_dirTWEpJZ/CRX_INSTALL/images/icon_128.png

MD5 30899b6c4e4a757b8ec6dd2208acdfb4
SHA1 f2c5880a724c6d75cce1b5191e0d82c3bc7de768
SHA256 4f17efbd974a41d88cb36567aab6bf4586579e78780f00b1826676819e14bff4
SHA512 58539e3f0ad7fef30792efcdbbd955599e11e4261c9946e7c3dff6267e01747354ea3b901c46fc8329f81c68afbeb2d05fe3fcb266bc5948de8befa5b8d040ee

/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/scoped_dirTWEpJZ/CRX_INSTALL/images/icon_16.png

MD5 344554d96e418120bd80ef5de5194697
SHA1 23e141c3a6ce368acc1c299f062ab85914bcb17e
SHA256 0a4bd08db6422f8e7a8a218ef39c1b99a5a675f12697f26be88f9afc2e1f9378
SHA512 7ae38853e5acca479d7fd81d48bb88c671cf4dce63342209bcff045ac581a04b7b0ed48f6c58253db950935c0522caaa4fbc6cf5a25151a8960ba56fc804569e

/var/root/Library/Application Support/Google/Chrome/Default/Download Service/Files/Unconfirmed 548892.crdownload

MD5 adca00ca3122d0a277c2844fffbbf353
SHA1 16e6914c69c7742bc963739a7ab41a3002d2bfe0
SHA256 088863cfb485451b110c5a1a7e247aae98fdc649bbaba24d974c9ded42ccef4f
SHA512 6628fb481b073cc4ef4d0416b82e2f487b9754f6080d4a8fdd60e9aec58a946ce505454b28a07668853e07d61018ecf59c4b041f5c2b9672058d0d974ab53986

/private/var/root/Library/Application Support/Google/Chrome/Default/Extensions/nmmhkkegccagdldgiimedpiccmgmieda/1.0.0.6_1/craw_background.js

MD5 6eebed29e6a6301e92a9b8b347807f5f
SHA1 65dfb69b650560551110b33dcba50b25e5b876de
SHA256 04cd9494b0ed83924dad12202630b20d053d9e2819c8e826a386c814cc0a1697
SHA512 fede6db31f2ad242e7bc7b52a8859ba7f466a0b920a8dadcb32dcfb5b2a2742e98b767ff22e0c5bc5c11fec021240aa9e458486c9039eb4ebe5cf6af7be97bf2

/var/root/Library/Application Support/Google/Chrome/Default/Download Service/Files/c88e600a-40c2-411d-8e63-15a75e0a6753

MD5 5adf364735dcbe6bf26ebe3f705c9dbc
SHA1 a891521fea2f61a2fd16ea9f0a3fc3c2c5fb3a46
SHA256 8d21fe1bd251856bfaeaedd6a72ab78f153a047b6042e0fc614f57a32b56d340
SHA512 5f77f8923ab3800ab754f4c60095077b529c5f5f230c6a0b6803dc28597f42ed682921267ed344e190d0f08e0a23eceace7bccbc9d22432029a3e6f4838420e0

/var/root/Library/Application Support/Google/Chrome/OptimizationGuidePredictionModels/d8589dcc-d7f6-4c89-9b35-d441c43cf25d/model.tflite

MD5 6d7c2f9e94664539dec99b3233301b01
SHA1 85812b004742cc1c211c92911131ce270f8ba769
SHA256 a0956386dc64fd9f4883c8741f950cd60a56859616b159c9e4251c9eb0ac5534
SHA512 4d06917f30651c3bf13c509aae79793b3f1ec93de12179464b18fd9fd16c7bf466884b1c70e425d7e937adde341cf24bd08f19a132bbb9683e804f29b4ed0c33

/var/db/nsurlstoraged/dafsaData.bin

MD5 64f469698e53d0c828b7f90acd306082
SHA1 bcc041b3849e1b0b4104ffeb46002207eeac54f3
SHA256 d74d0e429343f5e1b3e0b9437e048917c4343a30cff068739ea898bad8e37ffd
SHA512 a8334d1304f2fbd32cfd0ca35c289a45c450746cf3be57170cbbe87b723b1910c2e950a73c1fb82de9dc5ed623166d339a05fec3d78b861a9254dc2cb51fab5f

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.J4Yk2p/gcmjkmgdlgnkkcocmoeiminaijmmjnii_9.54.0_all_fjvhh4h55icwcaan3v3j6mksxa.crx3

MD5 752271ec15a0b25688bb8d746969005d
SHA1 cab8295af0fc9a0fbb9912b0b9d55f98566296aa
SHA256 4927ba841546599b3eaa6e1643a5fd15babbb30be00f0f419a7f148a40a71a12
SHA512 eafb2777ff128a98b20506b04ffcd763f33d4b6dfb3c9034af795b2e6f2b62971cdff60e63060a2df0fd4fe26d39de2c5a3b777227f62aed41600d3e73a4e67a

/var/root/Library/Application Support/Google/Chrome/Subresource Filter/Unindexed Rules/9.54.0/Filtering Rules

MD5 7c91e14b081c346267e1b1761c029f1c
SHA1 40d2665fd0042a5aaa3b8c7c451813d6c7005ead
SHA256 fd3ade759bd847f845fe201167de1f53e53a2275631303952f1ac4d7ab5b19dc
SHA512 89a269667034fc15e7ecdc3aec70375949c1ae65a944cb3d762909152c8db1c4b163aa2162698a0345889154e248b5a70b7c93182f5a853529eefd889926233d

/var/root/Library/Application Support/Google/Chrome/Subresource Filter/Indexed Rules/35/9.54.0/Ruleset Data

MD5 e0e9dc258b41b455d6738438fb75951c
SHA1 9157e9203640da5fa4ba50b071ef466a7625a980
SHA256 019bc9a0eaed44ceb6852c73f06656d252ecb3800174e21e71df2772c7d214cd
SHA512 1706ec2f7109165ac6d43b3786b372ec9a57dc4fbc58e067c41313dd0f3ed3cb7d1ced4badc00eefaa05deb6574d9101966f2e0c5da584018fec67c9d7b48fbc

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.o6pc4j/obedbbhbpmojnkanicioggnmelmoomoc_20250110.715577970.14_all_ENGB500000_nquqj33kmd6ams2sypyztaijga.crx3

MD5 24614cb3b7990f194b37be450987a4d5
SHA1 2651364770f5ea9b23822adb12f7dd1b5ffe29d5
SHA256 1128a6b548b2827b17a47f3c8e4cb2ea72d070d8f51ce9fbeaccaf4a5d244b31
SHA512 1b421fdb8fc14aea1c82263180295cbd321d399beda3e83916cd14f93c33d2f69c2dbe30ca855ccdda6ca8c98cf99577ab3fef0068a6fc6cc6763e72623fab03

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.rWVkjv/lmelglejhemejginpboagddgdfbepgmp_478_all_ZZ_ad6vrhy6zq7b6ivmfrod5c34z7lq.crx3

MD5 03919a718c31c05f74dfdc1b297a128a
SHA1 4359368d464c085422a6d67aa8109a470cef8dce
SHA256 e4065f9e03bc622eaa95860382f7a490486ca92328a82ca2139ca301f6362c48
SHA512 794a3d6f247561768dcdc35bfeda8d04ef9c622773012925cc6d63cbd63825a9357b5bca5faea5d3fb537601cd4f17d1f0ff0f4a14718ad87bb335a4948b138b

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.PNGGG2/7_all_sslErrorAssistant.crx3

MD5 636c653ec2c30bb767533901a18669b2
SHA1 4b5a01cfea4c5deb62f3aafa01ef24265613b844
SHA256 3eb16d6c28b502ac4cfee8f4a148df05f4d93229fa36a71db8b08d06329ff18a
SHA512 a4128fb20a5df9e573e92b45f5bc18dcdf4be6e7e39172d08847882f17361320141e89b35deef337e40c365d6f1ccdd1b991eb4593d805dfa2e39a5257c335ee

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.Psv7Tx/khaoiebndkojlmppeemjhbpbandiljpe_67_mac_acu6btsbkzo3kci4lca6ycyxgf6q.crx3

MD5 ad5f0e2e0d28d5d98e60740b2b8cf229
SHA1 ef82f4cc02295203059dd86af8a3661457bb2d1c
SHA256 384af3480fb8ea633d366fe372178bc4d9cc717858995d3deabc32500c4de51c
SHA512 fd865778fc0f602f577d75a50fde6a4449f6dd129b93f90ad711059b7f566362c742cc22fd9917971a79688dd4cf55c7e5180dd943ee2b0c61ae0de0f2588d2e

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.vYqclP/1.0.0.17_llkgjffcdpffmhiakmfcdcblohccpfmo.crx

MD5 72326a22c279498851ae0331f64c001d
SHA1 ed2e9811491e6dcb047cdc5ff8c20f75091c1f99
SHA256 2638e3c2d1fa1d417bfdc31dd21bc938f106d3b436a6488b41b014ca9e2b7541
SHA512 c5aa42964046f225db517a0d90ea73fb5503aa090ce54911df4519938d44cec0fe9ae55d0fb71d50124e11c77e212a7a766889ad775305beb6f8701663f4bcf8

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.5gyx7z/hfnkpimlhhgieaddgfemjhofmfblmnib_9495_all_adbq73ak6b6o7vm274dmglbgo53a.crx3

MD5 aae41630c145d208bab8f1ad444b954e
SHA1 552b2f063ba00fe760e6299717a74780b197d5e3
SHA256 3c66f4f63fb5c9a396794ed00d2f68f7e1a8d3641a9fe03d644e96476e882820
SHA512 6b3bfcaedd9e7bf6f3d7409f0396c802bbe61b4873b883f83e3187fd754b5778c2c127d2dbc5dfded8747312f765c82e9e45e6ee4c298d5a1b97954ed612b1dc

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.z3LfVj/efniojlnjndmcbiieegkicadnoecjjef_1194_all_acn3s6x6jqixlit4cgflz4qgh6ta.crx3

MD5 00c7cb9daf021bcb6f6ea00878a1cbfd
SHA1 1035712ab0c7b57755b361f86d7d3ff4ff9aa307
SHA256 883561cf17ba8ee650d401840a04dc776311a2ec15de889d0dea2e79b33d5019
SHA512 49f8186c41212e126e6d580ec9cabd4afed367283fdd6b34190bc06a1a9b71e160943dab9ea1468fbb643e5e5d19baf0449eb60899dfdb653ebbde09ad689d57

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.rp2zMj/jflookgnkcckhobaglndicnbbgbonegd_3058_all_aczk4nvyzcvpiqa4j4f6y7sra4za.crx3

MD5 f6d763deb52065a1e989ba71294ec923
SHA1 e8b992cfd955d6047d0f49695431257a3efb9e92
SHA256 dd7633c0a3f938350e3d5777455ef21cc9a85acbf27316b4e295bf9888c515d9
SHA512 2f5e8e159d767d8777b460b6a7a51276bece5c5f655a4faabe267b2059c6472e1024fa13ab065a0a6094dab680370122454ad49612ed762590246c6194cf4be0

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.lTVCil/laoigpblnllgcgjnjnllmfolckpjlhki_1.0.7.1652906823_all_jtggsagwbg7dhs53nvq4e53lva.crx3

MD5 91e1255f92fc76b16509bbd174a992b5
SHA1 44cbc6b7b60470149850d375f2e2ae95cf1c012b
SHA256 29661be65c8fb50d3d4df2fe040a1cc6dd525f50a95850aae6a191301c3de744
SHA512 ac1588c003c345aaf9a7c4b5f2d338fdaba041dacd65db567ff8cc588b47e372863e44a4a87f611c1530fb42fdb1388814d3caccf8bb3498c7efe78fc321d9cf

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.GaNDdA/ggkkehgbnfjpeggfpleeakpidbkibbmn_2022.10.19.1145_all_ac7cecrzrmfngskhgmtk6zmhfjoa.crx3

MD5 cb79d407a4d6d8526b42060b9210b5c2
SHA1 331e3d66e82e130042897faf86dcbd05d7b227f1
SHA256 e3a7322843834a5270a01c56533a34a24b1a253e3bda6f14046e10d818446165
SHA512 0ea283f2077ff874e1f2518565497864b11fd8a65f03d65e2b2996048bdba19849fcab81d9a8220cd51d4a09741b9cf222b1393f6ea4fde6db76dfe0590efdf9

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.XAzAb3/dhlpobdgcjafebgbbhjdnapejmpkgiie_20220505_all_adfdqqtvlhuhhtrt6irlkpynghca.crx3

MD5 667e9eec04509aa9e2b318f580addd8c
SHA1 346267ecad10c54de52a3aeb766ea72449500326
SHA256 0c24e9bd976adffa987e08fc54dc0950c84cf18f9cdb4c5caabc6acf24887c4f
SHA512 a9d22d49290c164abf36dd7e887063ccdd2bf508eb2d16bbac6de749e5152805ecb38ca39352706150de29a76839fa6a56c084ea4f2757b61887b3a7912be917

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.o8Rdb3/ojhpjlocmbogdgmfpkhlaaeamibhnphh_3_all_gplutbkdljxxbjolk3siq7kive.crx3

MD5 a40c655b337e082c76b6ab04042b7ae0
SHA1 3cc2a2b7178a29fd2d246cbc532684d6ae45bea8
SHA256 545666a4efd056351597bb386aea1368105ededc976ed5650d8682daab9f37ff
SHA512 fb4d54b573eb2275d8a3580fff138ecd7bded27ec58086b909b12c03c8005e35105c354a4a1ff76ada608ee8bbabeaafe208bb9e557661bb74e4ca39ee5eee56

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.UWT28F/eeigpngbgcognadeebkilcpcaedhellh_2024.07.12.235938_all_a6r64uyugl6fjh3lupjqo6w7ai.crx3

MD5 5e35055aa7583eb7c42b10833763abab
SHA1 a8285a121e4cceb3cfb6b53827bd1cd3682af862
SHA256 8814cb6cab024b119ab991ad7acd74f4df7bc68bbf86c0903c8be9852a5baa55
SHA512 79006925696ac264d2801fd41fe632e5c2c9261a285d4e7a4368782f682cfadc6cac2b83835904a28c4734544b2b4230d720f81b7a2ee4c4782562a53858d952

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.EXTtzm/pdafiollngonhoadbmdoemagnfpdphbe_2021.08.17.1300_all_acatmzocbizfck6xlj6bync6egba.crx3

MD5 49ead9b7d2b2ec477daba795de846db0
SHA1 95c030a130b9171e8ba4dd35ba3ee93ea5fb2ddc
SHA256 54b93e249d02a0f9061e8f70866d4668a0260db9ae43483810ab78f97f3eaa2a
SHA512 661000c35e25564c6d76219a5fd327edff7287a29dae54b677a7399eb136d0c93f099eb00ea9d0b3c965d068ea505335bcd580931662aeea2c796588ba8ce049

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.hdEfDU/imefjhfbkmcmebodilednhmaccmincoa_29.0_mac_bfqwqczv2chgncq7qnwqjby3my.crx3

MD5 0fa505d26fd906c645e60aa05f12af36
SHA1 ecb1def63dba6d475dcd61c4d3a6938855e6f24a
SHA256 9738a550f51cdfb80146b1620b40a37d58c5136254ee1f0f03c20a864fab89d2
SHA512 6c49784a21465a2b7348720003f072a279a7aaeb88783b98cdb968a54cb1ce6771122a6f1bbbfb8dd36507576c81d6caa000166f2dc0f81a3feca4e8d5131a00

/var/root/Library/Application Support/Google/Chrome/ClientSidePhishing/29.0/visual_model.tflite

MD5 a9803d560544e4d1fe551b2c113c5370
SHA1 a998fdb1e80dbca61267db112812a7ee34b82dce
SHA256 d38a4cda8912f9598b8701dac7d5ee90eff324ed1fb9d277b9784fe45a4e6c72
SHA512 65b8b6ecfea2aeae95a39581c39476a54721e07ee7c296650ccddea29a09b29a11cab15fdc89f97295bd61423dc13a66666faca371200bcb459dc1f25b6c89fd

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.OqqUG6/npdjjkjlcidkjlamlmmdelcjbcpdjocm_1.3.19.240_mac_adygwryqqyfdwvvjh32xxi6rilea.crx3

MD5 91a8d56c19e60520cf00b78a506b87f0
SHA1 a794be44a680983ac0f87b1faedf064a65016623
SHA256 b158d145928f6c80d855f1fcc5b6813e73b7e14327d65fa9abb26c438e56bf29
SHA512 efe8b3be1ff7c30596230e091a5109b1328b3f603a4f3cad134ad99cf648b8b3a0dbdd79413f854a53dae4e1316862c6b6798660dd9f37283a97115905c65d06

/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.oBPOES/gonpemdgkjcecdgbnaabipppbmgfggbe_2024.11.08.00_all_ol2ffdgccopns43rnwvf6yhqoi.crx3

MD5 674314f5514d6f7ee43338ac4c765bff
SHA1 475bdcf05a8640634d82b60767100cda5953396d
SHA256 03cccbb22b17080279ea1707c9ab093c59f4f4dd09580c841cfa794cb372228d
SHA512 3731724ac6ea813251c12868c4fd6ce1e0e742d6655a9cdf638387a05330374129a261f73f93d06595fcf8a0dd558ce191a2d6d7b21f76fc54fba2674573355f

Analysis: behavioral4

Detonation Overview

Submitted

2025-01-18 10:10

Reported

2025-01-18 10:11

Platform

debian12-armhf-20240221-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2025-01-18 10:10

Reported

2025-01-18 10:11

Platform

debian12-mipsel-20240729-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2025-01-18 10:10

Reported

2025-01-18 10:26

Platform

ubuntu2404-amd64-20240523-en

Max time kernel

0s

Max time network

897s

Command Line

[xdg-open https://capcutpro.download/]

Signatures

Reads AppArmor ptrace settings

discovery
Description Indicator Process Target
File opened for reading /sys/kernel/security/apparmor/features/ptrace /snap/bin/firefox N/A

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself pool-spawner /usr/bin/gsettings N/A
Changes the process name, possibly in an attempt to hide itself gmain /usr/bin/gsettings N/A
Changes the process name, possibly in an attempt to hide itself dconf worker /usr/bin/gsettings N/A

Enumerates kernel/hardware configuration

discovery
Description Indicator Process Target
File opened for reading /sys/kernel/security/apparmor/features/policy /snap/bin/firefox N/A
File opened for reading /sys/module/apparmor/parameters/enabled /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features/caps /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/file /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/network /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/network_v8 /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/domain /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/namespaces /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/query /snap/bin/firefox N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /usr/lib/snapd/snap-seccomp N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/ipc /snap/bin/firefox N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/io_uring /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/mount /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/rlimit /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/signal /snap/bin/firefox N/A

Reads runtime system information

discovery
Description Indicator Process Target
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/sys/kernel/seccomp/actions_avail /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-launch N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/2483/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/2488/status /usr/bin/dbus-daemon N/A
File opened for reading /proc/2562/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/cgroups /snap/bin/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/cmdline /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/2572/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/2560/cgroup /snap/bin/firefox N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/sys/kernel/random/uuid /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/2488/attr/apparmor/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/mountinfo /snap/bin/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/2504/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/mounts /snap/bin/firefox N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A

Processes

/usr/bin/xdg-open

[xdg-open https://capcutpro.download/]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/https; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser https://capcutpro.download/]

/usr/bin/xdg-settings

[xdg-settings get default-web-browser]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/http; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/gsettings

[gsettings get org.gnome.shell favorite-apps]

/usr/bin/grep

[grep -q 'firefox.desktop']

/usr/bin/gsettings

[gsettings get com.canonical.Unity.Launcher favorites]

/usr/bin/grep

[grep -q 'application://firefox.desktop']

/usr/bin/gsettings

[gsettings get org.mate.panel object-id-list]

/usr/bin/which

[which qdbus]

/snap/bin/firefox

[/snap/bin/firefox https://capcutpro.download/]

/usr/lib/snapd/snap-seccomp

[/usr/lib/snapd/snap-seccomp version-info]

/usr/lib/snapd/snap-confine

[/usr/lib/snapd/snap-confine --base core22 snap.firefox.firefox /usr/lib/snapd/snap-exec firefox https://capcutpro.download/]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 r11.o.lencr.org udp
US 8.8.8.8:53 r11.o.lencr.org udp
GB 2.18.190.211:80 r11.o.lencr.org tcp
GB 2.18.190.211:80 r11.o.lencr.org tcp
US 8.8.8.8:53 capcutpro.download udp
US 8.8.8.8:53 capcutpro.download udp
US 149.18.18.217:443 capcutpro.download tcp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozilla.org udp
US 151.101.3.19:443 www.mozilla.org tcp
US 149.18.18.217:443 capcutpro.download tcp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 151.101.3.19:443 www.mozilla.org tcp
US 8.8.8.8:53 r10.o.lencr.org udp
US 8.8.8.8:53 r10.o.lencr.org udp
GB 2.17.113.9:80 r10.o.lencr.org tcp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com udp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
GB 142.250.178.3:80 o.pki.goog tcp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 getpocket.cdn.mozilla.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 8.8.8.8:53 img-getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 img-getpocket.cdn.mozilla.net udp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
GB 142.250.178.3:80 o.pki.goog tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
GB 142.250.178.3:80 o.pki.goog tcp
US 149.18.18.217:443 capcutpro.download tcp
US 149.18.18.217:443 capcutpro.download tcp
GB 142.250.178.3:80 o.pki.goog tcp
US 8.8.8.8:53 ads-img.mozilla.org udp
US 8.8.8.8:53 ads-img.mozilla.org udp
US 34.36.54.80:443 ads-img.mozilla.org tcp
US 34.36.54.80:443 ads-img.mozilla.org tcp
US 34.36.54.80:443 ads-img.mozilla.org udp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 normandy-cdn.services.mozilla.com udp
US 35.201.103.21:443 normandy.cdn.mozilla.net tcp
US 8.8.8.8:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 8.8.8.8:53 getpocket.com udp
US 8.8.8.8:53 getpocket.com udp
US 8.8.8.8:53 lifehacker.com udp
US 8.8.8.8:53 lifehacker.com udp
US 8.8.8.8:53 www.theatlantic.com udp
US 8.8.8.8:53 www.theatlantic.com udp
US 8.8.8.8:53 www.amazon.co.uk udp
US 8.8.8.8:53 www.amazon.co.uk udp
US 8.8.8.8:53 www.tui.co.uk udp
US 8.8.8.8:53 www.tui.co.uk udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 na-eu.atlanticmedia.map.fastly.net udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.reddit.com udp
US 8.8.8.8:53 www.reddit.com udp
US 8.8.8.8:53 www.bbc.co.uk udp
US 8.8.8.8:53 www.bbc.co.uk udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.ebay.co.uk udp
US 8.8.8.8:53 www.ebay.co.uk udp
US 8.8.8.8:53 classify-client.services.mozilla.com udp
US 8.8.8.8:53 classify-client.services.mozilla.com udp
US 8.8.8.8:53 reddit.map.fastly.net udp
US 8.8.8.8:53 e11847.a.akamaiedge.net udp
US 8.8.8.8:53 bbc.map.fastly.net udp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 e3913.cd.akamaiedge.net udp
US 35.190.72.216:443 classify-client.services.mozilla.com tcp
GB 2.17.113.66:80 r10.o.lencr.org tcp
US 35.190.72.216:443 classify-client.services.mozilla.com udp
US 8.8.8.8:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 www.theguardian.com udp
US 8.8.8.8:53 www.theguardian.com udp
US 8.8.8.8:53 www.independent.co.uk udp
US 8.8.8.8:53 www.independent.co.uk udp
US 8.8.8.8:53 www.smithsonianmag.com udp
US 8.8.8.8:53 www.smithsonianmag.com udp
US 8.8.8.8:53 www.standard.co.uk udp
US 8.8.8.8:53 www.standard.co.uk udp
US 8.8.8.8:53 inews.co.uk udp
US 8.8.8.8:53 inews.co.uk udp
US 8.8.8.8:53 www.quantamagazine.org udp
US 8.8.8.8:53 www.quantamagazine.org udp
US 8.8.8.8:53 www.menshealth.com udp
US 8.8.8.8:53 www.menshealth.com udp
US 8.8.8.8:53 www.refinery29.com udp
US 8.8.8.8:53 www.refinery29.com udp
US 8.8.8.8:53 hearst-hdm.map.fastly.net udp
US 8.8.8.8:53 m.sni.global.fastly.net udp
US 8.8.8.8:53 theconversation.com udp
US 8.8.8.8:53 theconversation.com udp
US 8.8.8.8:53 www.self.com udp
US 8.8.8.8:53 www.self.com udp
US 8.8.8.8:53 www.cnbc.com udp
US 8.8.8.8:53 www.cnbc.com udp
US 8.8.8.8:53 www.businessinsider.com udp
US 8.8.8.8:53 www.businessinsider.com udp
US 8.8.8.8:53 e3365.e12.akamaiedge.net udp
US 8.8.8.8:53 f.shared.global.fastly.net udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 e3913.cd.akamaiedge.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 8.8.8.8:53 www.fitandwell.com udp
US 8.8.8.8:53 www.fitandwell.com udp
US 8.8.8.8:53 www.marieclaire.co.uk udp
US 8.8.8.8:53 www.marieclaire.co.uk udp
US 8.8.8.8:53 g.sni.global.fastly.net udp
US 8.8.8.8:53 www.womenshealthmag.com udp
US 8.8.8.8:53 www.womenshealthmag.com udp
US 8.8.8.8:53 hearst-hdm.map.fastly.net udp
US 35.190.72.216:443 classify-client.services.mozilla.com udp
US 8.8.8.8:53 services.addons.mozilla.org udp
US 8.8.8.8:53 services.addons.mozilla.org udp
US 151.101.129.91:443 services.addons.mozilla.org tcp
US 8.8.8.8:53 versioncheck-bg.addons.mozilla.org udp
US 8.8.8.8:53 versioncheck-bg.addons.mozilla.org udp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org tcp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org udp
US 8.8.8.8:53 addons.mozilla.org udp
US 8.8.8.8:53 addons.mozilla.org udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 151.101.65.91:443 addons.mozilla.org tcp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 safebrowsing.googleapis.com udp
US 8.8.8.8:53 safebrowsing.googleapis.com udp
GB 172.217.169.74:443 safebrowsing.googleapis.com tcp
US 8.8.8.8:53 pki-goog.l.google.com udp
GB 142.250.178.3:80 pki-goog.l.google.com tcp
GB 172.217.169.74:443 safebrowsing.googleapis.com udp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.55:443 api.snapcraft.io tcp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.59:443 api.snapcraft.io tcp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
GB 185.125.190.28:443 canonical-lgw01.cdn.snapcraftcontent.com tcp
GB 185.125.188.58:443 api.snapcraft.io tcp
GB 185.125.188.55:443 api.snapcraft.io tcp
US 8.8.8.8:53 canonical-lgw01.cdn.snapcraftcontent.com udp
GB 185.125.190.28:443 canonical-lgw01.cdn.snapcraftcontent.com tcp
GB 185.125.188.59:443 api.snapcraft.io tcp
US 8.8.8.8:53 _http._tcp.security.ubuntu.com udp
US 8.8.8.8:53 _http._tcp.se.archive.ubuntu.com udp
US 8.8.8.8:53 security.ubuntu.com udp
US 8.8.8.8:53 security.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
GB 185.125.190.82:80 security.ubuntu.com tcp
SE 194.71.11.163:80 se.archive.ubuntu.com tcp

Files

N/A