Analysis Overview
SHA256
67b7a84a56a488b56d59a6e990729796fc88105d1edad46d587641e5e490e3af
Threat Level: Known bad
The file zhopa-siski-pidar was found to be: Known bad.
Malicious Activity Summary
Suspicious use of NtCreateUserProcessOtherParentProcess
Executes dropped EXE
Looks up external IP address via web service
Legitimate hosting services abused for malware hosting/C2
Enumerates processes with tasklist
Drops file in Windows directory
Program crash
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious behavior: GetForegroundWindowSpam
Checks processor information in registry
Suspicious use of FindShellTrayWindow
Opens file in notepad (likely ransom note)
Checks SCSI registry key(s)
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies data under HKEY_USERS
Modifies registry class
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-06-30 20:18
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-06-30 20:18
Reported
2025-06-30 20:30
Platform
win10v2004-20250610-en
Max time kernel
699s
Max time network
703s
Command Line
Signatures
Suspicious use of NtCreateUserProcessOtherParentProcess
| Description | Indicator | Process | Target |
| PID 3352 created 2520 | N/A | C:\Users\Admin\AppData\Local\Temp\208195\Rendered.com | C:\Windows\system32\sihost.exe |
| PID 5896 created 2520 | N/A | C:\Users\Admin\AppData\Local\Temp\208195\Rendered.com | C:\Windows\system32\sihost.exe |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\208195\Rendered.com | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\208195\Rendered.com | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | sites.google.com | N/A | N/A |
| N/A | sites.google.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Enumerates processes with tasklist
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
Drops file in Windows directory
Browser Information Discovery
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\208195\Rendered.com |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\208195\Rendered.com |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\Temp1_DropCheats.zip\DropCheats\DropCheats.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\findstr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\extrac32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\findstr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\tasklist.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\findstr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\tasklist.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\choice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\findstr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\choice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\openwith.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\DropCheats\DropCheats\DropCheats.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\findstr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\extrac32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\openwith.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\findstr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\tasklist.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\208195\Rendered.com | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\tasklist.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\208195\Rendered.com | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133957883171489400" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3001560346-2020497773-4190896137-1000\{DA508BD1-33D2-4708-A9D0-3C8A8677A530} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0 = 5600310000000000cb5ae423100057696e646f777300400009000400efbe874f7748de5aa8a22e00000000060000000001000000000000000000000000000000c408d100570069006e0064006f0077007300000016000000 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\DisplayName = "Chrome Sandbox" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = 00000000ffffffff | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\0 = 5a00310000000000de5a50a2100053797374656d33320000420009000400efbe874f7748de5a50a22e000000b90c0000000001000000000000000000000000000000bd384500530079007300740065006d0033003200000018000000 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\0 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\MRUListEx = 00000000ffffffff | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Moniker = "cr.sb.odm3E4D1A088C1F6D498C84F3C86DE73CE49F82A104" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Children | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 = 19002f433a5c000000000000000000000000000000000000000000 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\0\NodeSlot = "4" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\0\MRUListEx = ffffffff | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\system32\NOTEPAD.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001560346-2020497773-4190896137-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell | C:\Windows\system32\NOTEPAD.EXE | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\sihost.exe
sihost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\zhopa-siski-pidar.html
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe6225dcf8,0x7ffe6225dd04,0x7ffe6225dd10
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe6225dcf8,0x7ffe6225dd04,0x7ffe6225dd10
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1844,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=1904 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=2060,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=2084 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2252,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=2260 /prefetch:8
C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3204,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=3208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3212,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=3236 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe6225dcf8,0x7ffe6225dd04,0x7ffe6225dd10
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4072,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4088 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4720,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4744 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4892,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4944 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4920,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5052 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5124,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5144 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5820,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5748 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=6128,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6188 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=6172,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3196,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4940 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=6416,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6424 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6208,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6160 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6572,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=3840 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4708,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4176 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6140,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=3232 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=4748,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4868 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3220,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4152 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6288,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6892 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6256,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6852 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6656,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=3348 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6804,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6772 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6460,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5116 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6508,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4896 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6884,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6816 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6944,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6368 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4836,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6684 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6796,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6828 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6428,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4804 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1000,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6332 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6316,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4192 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6624,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6708 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=5060,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6364 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f4 0x31c
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5828,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4644 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=6448,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6280 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=2956,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6312 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=4964,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4944 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=6432,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4180 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=6788,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6384 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=6704,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=6936,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6488 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=on_device_model.mojom.OnDeviceModelService --lang=en-US --service-sandbox-type=on_device_model_execution --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=7916,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6524 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=6820,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8084 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=7468,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7284 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=7516,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7876 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=7276,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7264 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=7820,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7848 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=6792,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7612 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=8280,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7636 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=8464,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8492 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=8260,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8616 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=4188,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8964 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=3356,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7648 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=6608,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6864 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=6980,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8664 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=7452,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6076 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=7992,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7348 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=4676,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7520 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=7248,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4828 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=7104,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7256 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=8020,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7412 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=7680,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=9184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=8292,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7800 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=7144,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8924 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=7416,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7932 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=7732,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6640 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=4148,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8900 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=6116,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7088 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=7524,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4128 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=7308,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=9160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=7212,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7536 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=9120,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7620 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=8112,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4060 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=8836,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7056 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=6372,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=7740 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=9144,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=9044 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=7408,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4784 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=7636,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8128 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=4100,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=9132 /prefetch:1
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Attention Required Read This Document!.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=6276,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=7744,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=9056 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=7540,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8504 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=7220,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8080 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=8544,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6056 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=8992,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8552 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=7176,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6436 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=8396,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8388 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=8356,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6928 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_DropCheats.zip\DropCheats\ReadMe.txt
C:\Windows\System32\fontview.exe
"C:\Windows\System32\fontview.exe" C:\Users\Admin\AppData\Local\Temp\Temp1_DropCheats.zip\DropCheats\assets\csgo_icons.ttf
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=9204,i,11205287834763451824,17381754471159300097,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=8360 /prefetch:8
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_DropCheats.zip\DropCheats\assets\lib\SystemAdministration
C:\Users\Admin\AppData\Local\Temp\Temp1_DropCheats.zip\DropCheats\DropCheats.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_DropCheats.zip\DropCheats\DropCheats.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c copy Clone.mid Clone.mid.bat & Clone.mid.bat
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "opssvc wrsa"
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr "nsWscSvc ekrn bdservicehost SophosHealth AvastUI AVGUI & if not errorlevel 1 Set zVLVXJghluLhaBDiPVCH=AutoIt3.exe & Set dynOQVsFAhUZjPmsHiBVxRQIBbvMrJx=.a3x & Set CPZdmxtcmbCvcsQov=300
C:\Windows\SysWOW64\extrac32.exe
extrac32 /Y Thinkpad.mid *.*
C:\Windows\SysWOW64\findstr.exe
findstr /V "Sides" Maximize
C:\Users\Admin\AppData\Local\Temp\208195\Rendered.com
Rendered.com h
C:\Windows\SysWOW64\choice.exe
choice /d n /t 5
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
C:\Windows\SysWOW64\openwith.exe
"C:\Windows\system32\openwith.exe"
C:\Users\Admin\Downloads\DropCheats\DropCheats\DropCheats.exe
"C:\Users\Admin\Downloads\DropCheats\DropCheats\DropCheats.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 3352 -ip 3352
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3352 -s 960
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c copy Clone.mid Clone.mid.bat & Clone.mid.bat
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "opssvc wrsa"
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr "nsWscSvc ekrn bdservicehost SophosHealth AvastUI AVGUI & if not errorlevel 1 Set zVLVXJghluLhaBDiPVCH=AutoIt3.exe & Set dynOQVsFAhUZjPmsHiBVxRQIBbvMrJx=.a3x & Set CPZdmxtcmbCvcsQov=300
C:\Windows\SysWOW64\extrac32.exe
extrac32 /Y Thinkpad.mid *.*
C:\Windows\SysWOW64\findstr.exe
findstr /V "Sides" Maximize
C:\Users\Admin\AppData\Local\Temp\208195\Rendered.com
Rendered.com h
C:\Windows\SysWOW64\choice.exe
choice /d n /t 5
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd8,0x104,0x7ffe6225dcf8,0x7ffe6225dd04,0x7ffe6225dd10
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2064,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=2060 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1964,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2252,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=2716 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=3152 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=3164 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4432,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4456 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5132,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5152 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5384,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5392 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5492,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5584,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=3316 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5476,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5604 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6020,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5640 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6084,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6080 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=6244,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6252 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=212,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=3500 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3540,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=3188 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3524,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=3528 /prefetch:8
C:\Windows\SysWOW64\openwith.exe
"C:\Windows\system32\openwith.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 5896 -ip 5896
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5896 -s 928
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3144,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=4408 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5868,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5828 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5620,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5416 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6624,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6168 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5932,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5916 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=3544,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=5828 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6584,i,3191639668360266539,14128130653320585732,262144 --variations-seed-version=20250610-050053.594000 --mojo-platform-channel-handle=6160 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.204.68:443 | www.google.com | tcp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | dwt.soundcloud.com | udp |
| US | 8.8.8.8:53 | style.sndcdn.com | udp |
| US | 8.8.8.8:53 | a-v2.sndcdn.com | udp |
| GB | 18.245.253.49:443 | dwt.soundcloud.com | tcp |
| GB | 13.224.222.121:443 | style.sndcdn.com | tcp |
| GB | 143.204.68.27:443 | a-v2.sndcdn.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.179.234:443 | ogads-pa.clients6.google.com | tcp |
| GB | 142.250.179.234:443 | ogads-pa.clients6.google.com | tcp |
| GB | 143.204.68.27:443 | a-v2.sndcdn.com | tcp |
| GB | 142.250.178.14:443 | apis.google.com | tcp |
| GB | 142.250.179.234:443 | ogads-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| GB | 18.245.253.49:443 | dwt.soundcloud.com | tcp |
| US | 8.8.8.8:53 | api-auth.soundcloud.com | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| GB | 108.138.233.21:443 | api-auth.soundcloud.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | api-v2.soundcloud.com | udp |
| GB | 13.224.132.38:443 | api-v2.soundcloud.com | tcp |
| GB | 142.250.151.94:445 | www.gstatic.com | tcp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| GB | 18.165.242.8:443 | sb.scorecardresearch.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | htlbid.com | udp |
| GB | 18.164.68.2:443 | htlbid.com | tcp |
| US | 8.8.8.8:53 | featureassets.org | udp |
| US | 34.128.128.0:443 | featureassets.org | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | dn0qt3r0xannq.cloudfront.net | udp |
| GB | 18.244.140.65:443 | dn0qt3r0xannq.cloudfront.net | tcp |
| GB | 18.244.140.65:443 | dn0qt3r0xannq.cloudfront.net | tcp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | raven-edge.aditude.io | udp |
| US | 8.8.8.8:53 | edge.aditude.io | udp |
| US | 8.8.8.8:53 | geo-location.prebid.cloud | udp |
| US | 104.22.60.119:443 | edge.aditude.io | tcp |
| US | 104.22.60.119:443 | edge.aditude.io | tcp |
| GB | 18.172.153.127:443 | geo-location.prebid.cloud | tcp |
| US | 8.8.8.8:53 | raven-static.aditude.io | udp |
| US | 8.8.8.8:53 | geo.aditude.io | udp |
| US | 104.22.61.119:443 | geo.aditude.io | tcp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| US | 104.22.60.119:443 | geo.aditude.io | tcp |
| US | 8.8.8.8:53 | getsolara.dev | udp |
| US | 172.67.203.125:443 | getsolara.dev | tcp |
| US | 172.67.203.125:80 | getsolara.dev | tcp |
| US | 172.67.203.125:80 | getsolara.dev | tcp |
| US | 8.8.8.8:53 | events.framer.com | udp |
| US | 8.8.8.8:53 | framerusercontent.com | udp |
| GB | 13.224.222.120:443 | events.framer.com | tcp |
| GB | 18.244.164.92:443 | framerusercontent.com | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | framer.com | udp |
| GB | 18.244.164.92:443 | framerusercontent.com | udp |
| GB | 18.244.164.125:443 | framer.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | tcp |
| GB | 18.244.164.92:443 | framerusercontent.com | udp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | event-ingestor.judy.pnap.aditude.cloud | udp |
| US | 131.153.232.250:443 | event-ingestor.judy.pnap.aditude.cloud | tcp |
| US | 8.8.8.8:53 | prodregistryv2.org | udp |
| US | 34.128.128.0:443 | prodregistryv2.org | tcp |
| US | 8.8.8.8:53 | link-hub.net | udp |
| US | 104.21.80.1:443 | link-hub.net | tcp |
| US | 104.21.80.1:443 | link-hub.net | tcp |
| US | 8.8.8.8:53 | linkvertise.com | udp |
| US | 104.18.1.75:443 | linkvertise.com | tcp |
| US | 8.8.8.8:53 | cdn.exmarketplace.com | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | tcp |
| IT | 95.110.206.108:443 | cdn.exmarketplace.com | tcp |
| US | 104.18.1.75:443 | linkvertise.com | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 104.18.41.30:445 | cadmus.script.ac | tcp |
| US | 172.64.146.226:445 | cadmus.script.ac | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | maxst.icons8.com | udp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| US | 8.8.8.8:53 | js.chargebee.com | udp |
| GB | 2.19.117.36:443 | use.typekit.net | tcp |
| GB | 18.244.179.5:443 | js.chargebee.com | tcp |
| GB | 2.19.117.43:443 | p.typekit.net | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 89.187.167.39:443 | maxst.icons8.com | tcp |
| US | 8.8.8.8:53 | exmarketplace.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | assets.churnkey.co | udp |
| US | 104.26.10.238:443 | assets.churnkey.co | tcp |
| GB | 23.37.196.30:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | publisher.linkvertise.com | udp |
| US | 104.18.0.75:443 | publisher.linkvertise.com | tcp |
| US | 104.18.0.75:443 | publisher.linkvertise.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 104.26.13.205:443 | api.ipify.org | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 104.18.0.75:443 | publisher.linkvertise.com | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| GB | 172.217.169.35:443 | www.google.co.uk | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| GB | 216.58.201.97:443 | ep2.adtrafficquality.google | tcp |
| US | 150.171.27.10:443 | c.bing.com | tcp |
| GB | 216.58.201.97:443 | ep2.adtrafficquality.google | tcp |
| GB | 216.58.201.97:443 | ep2.adtrafficquality.google | udp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 104.21.80.1:443 | link-hub.net | udp |
| US | 8.8.8.8:53 | euob.bizseasky.com | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| GB | 18.245.253.98:443 | euob.bizseasky.com | tcp |
| GB | 18.244.124.99:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| GB | 18.244.124.99:443 | cmp.inmobi.com | tcp |
| IE | 3.248.162.96:443 | obseu.bizseasky.com | tcp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | visit-server.inmobi-choice.io | udp |
| DE | 3.69.162.228:443 | visit-server.inmobi-choice.io | tcp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 3.122.202.58:443 | api.cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| GB | 18.244.140.65:443 | dn0qt3r0xannq.cloudfront.net | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| GB | 13.224.225.87:445 | c.amazon-adsystem.com | tcp |
| GB | 13.224.225.87:139 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | fid.agkn.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 34.160.46.1:443 | fid.agkn.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | ams-pageview-public.s3.amazonaws.com | udp |
| US | 3.5.27.136:445 | ams-pageview-public.s3.amazonaws.com | tcp |
| US | 8.8.8.8:53 | malwarewatch.org | udp |
| US | 104.21.48.1:443 | malwarewatch.org | tcp |
| US | 104.21.48.1:80 | malwarewatch.org | tcp |
| US | 104.21.48.1:80 | malwarewatch.org | tcp |
| US | 104.21.48.1:443 | malwarewatch.org | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 104.18.1.22:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | use.fontawesome.com | udp |
| US | 172.67.142.245:443 | use.fontawesome.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.251.30.91:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| GB | 142.251.30.91:443 | www.youtube.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 142.250.178.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.204.68:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.1:443 | yt3.ggpht.com | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.179.227:80 | c.pki.goog | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 104.18.1.22:443 | unpkg.com | udp |
| US | 172.67.142.245:443 | use.fontawesome.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | private-user-images.githubusercontent.com | udp |
| US | 185.199.110.133:443 | private-user-images.githubusercontent.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.111.133:443 | user-images.githubusercontent.com | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 216.58.201.110:80 | youtube.com | tcp |
| GB | 216.58.201.110:80 | youtube.com | tcp |
| GB | 216.58.201.110:443 | youtube.com | tcp |
| GB | 142.251.30.91:443 | www.youtube.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| GB | 216.58.204.68:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | rr2---sn-aigl6nze.googlevideo.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| GB | 74.125.168.135:443 | rr2---sn-aigl6nze.googlevideo.com | tcp |
| GB | 74.125.168.135:443 | rr2---sn-aigl6nze.googlevideo.com | tcp |
| GB | 74.125.168.135:443 | rr2---sn-aigl6nze.googlevideo.com | tcp |
| GB | 74.125.168.135:443 | rr2---sn-aigl6nze.googlevideo.com | tcp |
| GB | 216.58.201.110:443 | youtube.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| GB | 74.125.168.135:443 | rr2---sn-aigl6nze.googlevideo.com | tcp |
| GB | 74.125.168.135:443 | rr2---sn-aigl6nze.googlevideo.com | tcp |
| GB | 74.125.168.135:443 | rr2---sn-aigl6nze.googlevideo.com | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | consent.youtube.com | udp |
| GB | 142.250.180.14:443 | consent.youtube.com | tcp |
| US | 8.8.8.8:53 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.16.238:443 | suggestqueries-clients6.youtube.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | lh6.googleusercontent.com | udp |
| GB | 142.250.200.1:443 | lh6.googleusercontent.com | tcp |
| GB | 142.250.200.1:443 | lh6.googleusercontent.com | tcp |
| GB | 142.250.200.1:443 | lh6.googleusercontent.com | udp |
| GB | 142.250.200.1:443 | lh6.googleusercontent.com | udp |
| US | 8.8.8.8:53 | rr1---sn-aigl6nsk.googlevideo.com | udp |
| GB | 74.125.105.102:443 | rr1---sn-aigl6nsk.googlevideo.com | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 142.250.200.33:443 | lh3.googleusercontent.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 74.125.168.135:443 | rr2---sn-aigl6nze.googlevideo.com | tcp |
| US | 8.8.8.8:53 | rr1---sn-5hne6nzy.googlevideo.com | udp |
| NL | 172.217.132.166:443 | rr1---sn-5hne6nzy.googlevideo.com | udp |
| GB | 74.125.105.102:443 | rr1---sn-aigl6nsk.googlevideo.com | udp |
| GB | 216.58.201.110:443 | youtube.com | udp |
| US | 8.8.8.8:53 | rr3---sn-aigl6ns6.googlevideo.com | udp |
| GB | 74.125.105.8:443 | rr3---sn-aigl6ns6.googlevideo.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| GB | 74.125.168.135:443 | rr2---sn-aigl6nze.googlevideo.com | udp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | rr1---sn-ntqe6nee.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr3---sn-aigl6nsk.googlevideo.com | udp |
| AU | 74.125.109.102:443 | rr1---sn-ntqe6nee.googlevideo.com | udp |
| GB | 74.125.105.104:443 | rr3---sn-aigl6nsk.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr1---sn-aigl6nzl.googlevideo.com | udp |
| GB | 74.125.168.166:443 | rr1---sn-aigl6nzl.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr3---sn-aigl6nzk.googlevideo.com | udp |
| GB | 74.125.175.104:443 | rr3---sn-aigl6nzk.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr3---sn-5hnednss.googlevideo.com | udp |
| NL | 172.217.132.200:443 | rr3---sn-5hnednss.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr2---sn-aigzrn7d.googlevideo.com | udp |
| GB | 173.194.138.199:443 | rr2---sn-aigzrn7d.googlevideo.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | rr2---sn-aigl6nsk.googlevideo.com | udp |
| GB | 74.125.105.103:443 | rr2---sn-aigl6nsk.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr4---sn-oj5hn5-55.googlevideo.com | udp |
| NL | 74.125.8.4:443 | rr4---sn-oj5hn5-55.googlevideo.com | udp |
| US | 8.8.8.8:53 | rr3---sn-q4flrnlz.googlevideo.com | udp |
| US | 74.125.3.136:443 | rr3---sn-q4flrnlz.googlevideo.com | udp |
| US | 8.8.8.8:53 | dropcheats.net | udp |
| US | 104.21.6.136:443 | dropcheats.net | tcp |
| US | 8.8.8.8:53 | i.imgur.com | udp |
| US | 104.21.6.136:443 | dropcheats.net | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.21.6.136:443 | dropcheats.net | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.17.150.117:443 | www.mediafire.com | tcp |
| US | 104.17.150.117:443 | www.mediafire.com | tcp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | tcp |
| US | 104.17.150.117:443 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 104.16.79.73:443 | cloudflareinsights.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 172.67.170.144:443 | www.ezojs.com | tcp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| GB | 18.154.84.84:443 | cdn.amplitude.com | tcp |
| GB | 142.250.179.238:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.21.96.1:443 | cdn.otnolatrnup.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 172.67.170.144:443 | www.ezojs.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 104.21.87.79:443 | go.ezodn.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 52.27.124.50:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 34.36.200.111:443 | ag.dns-finder.com | tcp |
| US | 104.22.4.65:443 | ad-delivery.net | tcp |
| US | 104.22.4.65:443 | ad-delivery.net | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| GB | 216.58.201.106:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| GB | 172.217.169.10:443 | translate-pa.googleapis.com | tcp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.16.79.73:443 | cloudflareinsights.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | link.rubiconproject.com | udp |
| GB | 172.217.169.35:443 | www.google.co.uk | tcp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| GB | 2.21.185.233:443 | link.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | carbon-cdn.ccgateway.net | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| US | 52.91.215.149:443 | carbon-cdn.ccgateway.net | tcp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| IE | 52.17.73.210:443 | id.crwdcntrl.net | tcp |
| GB | 87.248.114.12:443 | ups.analytics.yahoo.com | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | connectid.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| NL | 178.250.1.39:443 | static.criteo.net | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | 1edef2fcc15942e2c091814fd8f8af48.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | lbs.eu-1-id5-sync.com | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| GB | 18.165.159.204:443 | cdn.prod.uidapi.com | tcp |
| GB | 18.245.143.58:443 | tags.crwdcntrl.net | tcp |
| GB | 18.245.162.51:443 | connectid.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| GB | 216.58.201.97:443 | ep2.adtrafficquality.google | tcp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| GB | 142.250.200.1:443 | 1edef2fcc15942e2c091814fd8f8af48.safeframe.googlesyndication.com | tcp |
| DE | 57.129.32.74:443 | lbs.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | script-api.ccgateway.net | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.201.97:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.251.30.132:443 | tpc.googlesyndication.com | tcp |
| GB | 142.251.30.132:443 | tpc.googlesyndication.com | tcp |
| GB | 142.251.30.132:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | download2359.mediafire.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 104.21.96.1:443 | otnolatrnup.com | tcp |
| US | 104.21.96.1:443 | otnolatrnup.com | tcp |
| US | 199.91.155.100:443 | download2359.mediafire.com | tcp |
| US | 199.91.155.100:443 | download2359.mediafire.com | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | ingestion-router-api.ccgateway.net | udp |
| US | 104.21.96.1:443 | otnolatrnup.com | tcp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| US | 199.91.155.100:443 | download2359.mediafire.com | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| GB | 142.251.30.132:443 | tpc.googlesyndication.com | udp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| US | 104.21.96.1:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | ice.360yield.com | udp |
| IE | 52.214.235.195:443 | ice.360yield.com | tcp |
| US | 104.21.96.1:80 | otnolatrnup.com | tcp |
| US | 104.21.96.1:80 | otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| GB | 18.165.227.106:443 | woreppercomming.com | tcp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| DE | 91.228.74.159:443 | secure.quantserve.com | tcp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| GB | 18.245.187.38:443 | rules.quantcount.com | tcp |
| US | 8.8.8.8:53 | pixel.quantserve.com | udp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 99.80.100.79:443 | ce.lijit.com | tcp |
| US | 8.8.8.8:53 | dis.eu.criteo.com | udp |
| NL | 178.250.1.9:443 | dis.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| N/A | 127.0.0.1:443 | tcp | |
| NL | 172.217.132.166:443 | rr1---sn-5hne6nzy.googlevideo.com | udp |
| GB | 142.250.180.22:443 | i.ytimg.com | udp |
| GB | 142.250.200.1:443 | 1edef2fcc15942e2c091814fd8f8af48.safeframe.googlesyndication.com | udp |
| N/A | 127.0.0.1:443 | tcp | |
| US | 8.8.8.8:53 | endorphinic.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| US | 172.67.205.187:443 | endorphinic.com | tcp |
| US | 172.67.205.187:443 | endorphinic.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c60.gcp.gvt2.com | udp |
| NL | 172.217.132.200:443 | rr3---sn-5hnednss.googlevideo.com | udp |
| GB | 142.250.200.1:443 | 1edef2fcc15942e2c091814fd8f8af48.safeframe.googlesyndication.com | udp |
| US | 34.174.255.69:443 | e2c60.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c3.gcp.gvt2.com | udp |
| JP | 34.84.111.50:443 | e2c3.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| US | 216.239.32.3:443 | beacons2.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c10.gcp.gvt2.com | udp |
| AU | 34.116.74.210:443 | e2c10.gcp.gvt2.com | tcp |
| AU | 34.116.74.210:443 | e2c10.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 142.250.187.195:443 | beacons3.gvt2.com | tcp |
| US | 8.8.8.8:53 | sites.google.com | udp |
| GB | 142.250.180.14:443 | sites.google.com | tcp |
| GB | 142.250.178.14:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | lh4.googleusercontent.com | udp |
| GB | 142.250.200.1:443 | lh4.googleusercontent.com | tcp |
| GB | 142.250.200.1:443 | lh4.googleusercontent.com | tcp |
| GB | 142.250.178.14:443 | www.youtube.com | udp |
| GB | 216.58.201.106:443 | translate-pa.googleapis.com | tcp |
| GB | 142.250.180.14:443 | sites.google.com | udp |
| GB | 142.250.179.238:443 | translate.google.com | tcp |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 104.17.150.117:443 | static.mediafire.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.187.202:443 | ajax.googleapis.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| GB | 216.58.201.106:443 | translate-pa.googleapis.com | udp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | udp |
| GB | 172.217.169.10:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 74.125.133.84:443 | accounts.google.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.202:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 104.21.96.1:443 | otnolatrnup.com | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 172.217.169.35:443 | www.google.co.uk | udp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 79.127.216.47:443 | c3.a-mo.net | tcp |
| US | 8.8.8.8:53 | privacy-location-edge.ccgateway.net | udp |
| US | 52.91.215.149:443 | privacy-location-edge.ccgateway.net | tcp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | dbe04f8518e79b3f8808d8610633776b.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| DE | 57.129.32.74:443 | lbs.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| GB | 172.217.169.1:443 | dbe04f8518e79b3f8808d8610633776b.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | ingestion-router-api.ccgateway.net | udp |
| US | 3.237.175.195:443 | ingestion-router-api.ccgateway.net | tcp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | udp |
| NL | 185.89.210.122:443 | ib.adnxs.com | tcp |
| GB | 142.251.30.132:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | rtb.gumgum.com | udp |
| IE | 63.32.69.213:443 | rtb.gumgum.com | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| IE | 52.209.108.49:443 | sync.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | ce.lijit.com | udp |
| IE | 54.77.108.145:443 | ce.lijit.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | rtd-tm.everesttech.net | udp |
| US | 151.101.194.49:443 | rtd-tm.everesttech.net | tcp |
| N/A | 127.0.0.1:443 | tcp | |
| N/A | 127.0.0.1:443 | tcp | |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | d7e5f01fb5c8c2f541f6147f85dec95e.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | d7e5f01fb5c8c2f541f6147f85dec95e.safeframe.googlesyndication.com | tcp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.140.132:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | download2292.mediafire.com | udp |
| US | 199.91.155.33:443 | download2292.mediafire.com | tcp |
| US | 199.91.155.33:443 | download2292.mediafire.com | tcp |
| US | 104.21.96.1:443 | otnolatrnup.com | udp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | rr.tracker.mobiletracking.ru | udp |
| DE | 94.130.70.44:443 | rr.tracker.mobiletracking.ru | tcp |
| DE | 94.130.70.44:443 | rr.tracker.mobiletracking.ru | tcp |
| US | 8.8.8.8:53 | main.exoclick.com | udp |
| US | 8.8.8.8:53 | main.exdynsrv.com | udp |
| US | 8.8.8.8:53 | main.exosrv.com | udp |
| US | 8.8.8.8:53 | my.rtmark.net | udp |
| NL | 95.211.229.247:443 | main.exdynsrv.com | tcp |
| NL | 95.211.229.246:443 | main.exosrv.com | tcp |
| NL | 95.211.229.246:443 | main.exosrv.com | tcp |
| US | 172.64.146.234:443 | my.rtmark.net | tcp |
| US | 172.64.146.234:443 | my.rtmark.net | tcp |
| BE | 74.125.133.84:443 | accounts.google.com | tcp |
| BE | 74.125.133.84:443 | accounts.google.com | tcp |
| US | 172.64.146.234:443 | my.rtmark.net | tcp |
| NL | 95.211.229.246:443 | main.exosrv.com | tcp |
| NL | 95.211.229.247:443 | main.exdynsrv.com | tcp |
| NL | 95.211.229.246:443 | main.exosrv.com | tcp |
| US | 8.8.8.8:53 | www.jeroud.com | udp |
| US | 104.21.51.57:443 | www.jeroud.com | tcp |
| DE | 94.130.70.44:443 | rr.tracker.mobiletracking.ru | tcp |
| DE | 94.130.70.44:443 | rr.tracker.mobiletracking.ru | tcp |
| BE | 74.125.133.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | fragpunk.go.link | udp |
| DE | 185.151.204.203:443 | fragpunk.go.link | tcp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 172.67.170.144:443 | www.ezojs.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| US | 104.16.79.73:443 | cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | link.rubiconproject.com | udp |
| US | 8.8.8.8:53 | carbon-cdn.ccgateway.net | udp |
| GB | 18.154.84.124:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | script-api.ccgateway.net | udp |
| US | 52.91.215.149:443 | script-api.ccgateway.net | tcp |
| US | 3.237.175.195:443 | script-api.ccgateway.net | tcp |
| US | 8.8.8.8:53 | 58ef301d59a001779bdd16374153b8fb.safeframe.googlesyndication.com | udp |
| GB | 216.58.213.1:443 | 58ef301d59a001779bdd16374153b8fb.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | download2293.mediafire.com | udp |
| US | 199.91.155.34:443 | download2293.mediafire.com | tcp |
| US | 199.91.155.34:443 | download2293.mediafire.com | tcp |
| US | 8.8.8.8:53 | track.wargaming-aff.com | udp |
| NL | 35.204.100.195:443 | track.wargaming-aff.com | tcp |
| NL | 35.204.100.195:443 | track.wargaming-aff.com | tcp |
| US | 8.8.8.8:53 | track.wg-aff.com | udp |
| NL | 35.204.100.195:443 | track.wg-aff.com | tcp |
| US | 8.8.8.8:53 | trck.wargaming.net | udp |
| LU | 92.223.23.230:443 | trck.wargaming.net | tcp |
| US | 8.8.8.8:53 | join.worldoftanks.eu | udp |
| LU | 92.223.51.163:443 | join.worldoftanks.eu | tcp |
| US | 8.8.8.8:53 | lms-static.wgcdn.co | udp |
| US | 8.8.8.8:53 | cdn2wotcom.gcdn.co | udp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| NL | 93.123.17.254:443 | cdn2wotcom.gcdn.co | tcp |
| NL | 93.123.17.254:443 | cdn2wotcom.gcdn.co | tcp |
| NL | 93.123.17.254:443 | cdn2wotcom.gcdn.co | tcp |
| NL | 93.123.17.254:443 | cdn2wotcom.gcdn.co | tcp |
| NL | 93.123.17.254:443 | cdn2wotcom.gcdn.co | tcp |
| NL | 93.123.17.254:443 | cdn2wotcom.gcdn.co | tcp |
| NL | 93.123.17.254:443 | cdn2wotcom.gcdn.co | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| GB | 142.250.180.14:443 | sites.google.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| GB | 216.58.201.106:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | wargaming-privacy.my.onetrust.com | udp |
| US | 172.64.155.119:443 | wargaming-privacy.my.onetrust.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 172.67.170.144:443 | www.ezojs.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.96.1:443 | otnolatrnup.com | udp |
| GB | 2.21.185.233:443 | link.rubiconproject.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.187.206:443 | google.com | tcp |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| US | 8.8.8.8:53 | eeb53eafc1706ca1621c070aaaf2d1c6.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.10:443 | translate-pa.googleapis.com | udp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | udp |
| GB | 142.250.140.132:443 | ep2.adtrafficquality.google | udp |
| US | 104.21.96.1:443 | otnolatrnup.com | udp |
| US | 199.91.155.33:443 | download2292.mediafire.com | tcp |
| GB | 142.251.30.132:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| IN | 172.217.166.3:443 | csi.gstatic.com | tcp |
| GB | 172.217.169.2:443 | ep1.adtrafficquality.google | udp |
| IN | 172.217.166.3:443 | csi.gstatic.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | r.v2i8b.com | udp |
| US | 50.19.250.22:443 | r.v2i8b.com | tcp |
| US | 50.19.250.22:443 | r.v2i8b.com | tcp |
| US | 8.8.8.8:53 | www.awin1.com | udp |
| GB | 23.214.146.189:443 | www.awin1.com | tcp |
| GB | 23.214.146.189:443 | www.awin1.com | tcp |
| US | 8.8.8.8:53 | www.trivago.co.uk | udp |
| US | 23.214.208.98:443 | www.trivago.co.uk | tcp |
| US | 8.8.8.8:53 | imgcy.trivago.com | udp |
| US | 8.8.8.8:53 | app.usercentrics.eu | udp |
| US | 8.8.8.8:53 | api.usercentrics.eu | udp |
| US | 35.241.3.184:443 | api.usercentrics.eu | tcp |
| US | 35.190.14.188:443 | app.usercentrics.eu | tcp |
| US | 23.214.208.10:443 | imgcy.trivago.com | tcp |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.206:443 | google.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.206:443 | google.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.187.202:443 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | soundcloud-privacy.my.onetrust.com | udp |
| US | 8.8.8.8:53 | dwt.soundcloud.com | udp |
| US | 8.8.8.8:53 | cxlyyYHVLjCQsBBc.cxlyyYHVLjCQsBBc | udp |
| US | 8.8.8.8:53 | cxlyyYHVLjCQsBBc.cxlyyYHVLjCQsBBc | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.204.68:443 | www.google.com | tcp |
| GB | 216.58.204.68:443 | www.google.com | tcp |
| GB | 216.58.204.68:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.clients6.google.com | udp |
| GB | 142.250.200.42:443 | ogads-pa.clients6.google.com | udp |
| GB | 142.250.200.42:443 | ogads-pa.clients6.google.com | tcp |
| GB | 142.250.200.42:443 | ogads-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 172.217.16.238:443 | clients2.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| GB | 142.250.200.1:443 | clients2.googleusercontent.com | udp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.200.42:443 | ogads-pa.clients6.google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.200.42:443 | ogads-pa.clients6.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.200.46:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.autoitscript.com | udp |
| DE | 212.227.91.231:443 | www.autoitscript.com | tcp |
| DE | 212.227.91.231:443 | www.autoitscript.com | tcp |
| DE | 212.227.91.231:443 | www.autoitscript.com | tcp |
| DE | 212.227.91.231:443 | www.autoitscript.com | tcp |
| DE | 212.227.91.231:443 | www.autoitscript.com | tcp |
| DE | 212.227.91.231:443 | www.autoitscript.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 216.58.204.66:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.140.132:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.140.132:443 | ep2.adtrafficquality.google | tcp |
| GB | 216.58.204.68:443 | www.google.com | tcp |
| GB | 142.250.140.132:443 | ep2.adtrafficquality.google | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| IE | 176.34.219.234:443 | pr-bh.ybp.yahoo.com | tcp |
| IE | 176.34.219.234:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 3.210.249.249:443 | sync.srv.stackadapt.com | tcp |
| US | 3.210.249.249:443 | sync.srv.stackadapt.com | tcp |
| NL | 35.214.168.80:443 | gtrace.mediago.io | tcp |
| NL | 35.214.168.80:443 | gtrace.mediago.io | tcp |
| US | 104.18.37.193:443 | a.tribalfusion.com | tcp |
| IE | 34.252.75.134:443 | match.prod.bidr.io | tcp |
| IE | 34.252.75.134:443 | match.prod.bidr.io | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| NL | 35.214.136.108:443 | x.bidswitch.net | tcp |
| GB | 216.58.204.66:443 | ep1.adtrafficquality.google | tcp |
| GB | 216.58.204.66:443 | ep1.adtrafficquality.google | tcp |
| NL | 35.214.168.80:443 | gtrace.mediago.io | tcp |
| GB | 216.58.204.66:443 | ep1.adtrafficquality.google | udp |
| NL | 35.214.136.108:443 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| GB | 216.58.204.66:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.213.14:443 | play.google.com | udp |
| GB | 216.58.213.14:443 | play.google.com | udp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 2bb4c3b21816f514d2b86bdaf6363b95 |
| SHA1 | 3812eb9a6c2e3099f38ff40afd5dc399eb0849ec |
| SHA256 | 4b729ca6603bcafa890547b4c0b0cf16e7dc22c552b9ce059e53b02cc2443bee |
| SHA512 | 3eadb1007b7423570776c38fc36733c925a99f08296e8b2f41e10b88948170e5c9a73f6b441cdaf806ca249b0ad2ac7db5684560cf071f43f0b553025d18c494 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c5781c2170d55130c3c9e871db42ab8a |
| SHA1 | 1df92f89dadab80035a85d9c8340a75189f10c21 |
| SHA256 | 88f53bb01a9456de7bc069c9931cc00131c170c5ff4175fc0863cab9861c2274 |
| SHA512 | 4df276fe61d2ed1a311571fe2c4dd4aced8de56fa746f60ad22dcab5b6fff9b38557b2b1d4b3881f8f3c060106c35ecadda18ec6b151b594f03b8f75e8633aef |
\??\pipe\crashpad_5404_MBLZMFBIFMRCTZUF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 35e31225ae959c82889c1e05dd7c1909 |
| SHA1 | bbe106368d1914ea085099f0216cc43e97e65f53 |
| SHA256 | 1bf94d8908338d36a9ae0217b732f918125466060e90f733305007b53013d817 |
| SHA512 | f9303eed53002f8a009594918cb983d38c9d1becbbc54e0ab76f70379e461b1f1b86485812b035d03bd8e57a790c802815984967dbed0928c1b8d4c59f0493b9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | eaa652febe6356ce48b89e743c7cdee6 |
| SHA1 | 58013cc9912dd826427fa0e794d195ce2ac1f57e |
| SHA256 | 5377d0233e37f1aca4ffff84e0d914dd89f271b69acf31229ffd3e2093b7ca89 |
| SHA512 | bc318c8249ef5e554d83877464a039316fc89ff33c1da9da0c0b25fed02e759e6aaf024128007ab220f84aaec23121b60f0ba31f518d8772ef5f2c13ffcc9f0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6826c038b33245833cf5d75959962ba8 |
| SHA1 | 49102af18121e3e9cf891ac37caab4e90afb3d79 |
| SHA256 | 8421c1ca6e3ae5b4bd725d7b0ea656c345481ccbe85d4d9b13953e0336a1e651 |
| SHA512 | f82f54600fb1ae0fa7f0fec218f0c778d3d4ac4a7af5b1af6111ff0362ffe290ee56dc9283cbebc969219e87c6b6fa093d7d9a1a86184a50ca7d7af42e0b1bf5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 291da78c60bd57407cf75153e2dda11a |
| SHA1 | d18e9dcbda53068823a8eda65cdae77346ee9397 |
| SHA256 | 78fba93e03f7887da335c434adbff9b8814b3f03adf3cc221f76ad08eb06a161 |
| SHA512 | 82f75c0b4347bfd16d77a476ac9b2296b78b300c90e937909d44d4458444ce8ec962b274ff5fb2c7ca9c2ca773d338609f9a469ded4fc7532496239717dda665 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025
| MD5 | b7262c2b543c235b5b9aead7b89a264a |
| SHA1 | 5eb72ea23d014cd3c1d01463a42974e6b2dc433e |
| SHA256 | 6f060713603c341cf7a5f4a4a4b2c604b89769b15aba82cd9481cd835fbcb9dc |
| SHA512 | 0335b65bdc7719e9cd593189775b1ae10de6334a0514c26a23279be41d3c736b6ba5f80fe0feae482b3ecee731962646db139359bd77646d2b02230a825eb478 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7ebe05b5856c81610987cae1b3cfa1f1 |
| SHA1 | 4729e0ed317cc55d40b59a91f64a01cf66df5c44 |
| SHA256 | c4bf751372aa5c0f30d0bfb71534f981faec3376a324936b95584dde0e339866 |
| SHA512 | dd25b6b804c803e82a1d7f9e519ca9dd1d313c47ccbc14307119366732855696a2d24b098c9e6710848715219c50311c66b653a003643953eef28a4614d31572 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d931473b732c3bdedc937956d7d49242 |
| SHA1 | fe7f2af1765b6c9a67c3696d5f88e4f1f76e9225 |
| SHA256 | 946d3be4c485d9af76c87cd85eb610e58f69d3d02f5d8af3d5a3afa5ca9d7b37 |
| SHA512 | e604463a08908d36093acbfabf8cb06d84bf30c6f21cdc90ef6962bd84469ef3ccaadf94d6dab681ca990dccbc18d75adbadc4973d15ff4dda0f910c3c2764cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57db3d.TMP
| MD5 | 67fa0935b900941cebd1e06f915ebfe6 |
| SHA1 | 361b7be54ff19fc2330cac5777d4fda220217008 |
| SHA256 | ea01b022b7255bd5d872a792eb6157a954a7b8d736e3a1cc36608ef26953367c |
| SHA512 | c17c2a183ab94e3b04aed94498c1e6eda5e728b69ed00053671a69896ebeb8ddc6e2d830d7759e83b0305c082728b587042de17de2168c4d0d119d52fd682e93 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index
| MD5 | c3dac78eb84e4a30c50a5a55815b184d |
| SHA1 | 3a967eca886d281a6cccb3dadff6bff4adcc9147 |
| SHA256 | 3d0ab7a1c5a2d6e79e5bc2e75e893f866895c3bed5ffb083d01db3da66244a3d |
| SHA512 | 4f5df7428e5186d894fc5a70a80860c436486535d03451823cb38fdcddd72c4d0e7375dd178aecccdfcb9241fa00b49cc84c4b42d9101102fe3099937ac9b396 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f
| MD5 | 8f84c43113255551cf3efa06a29dd82f |
| SHA1 | e86e106e4007aa5b5631194cd7f4812744a0ee34 |
| SHA256 | bdeb43ef75017e7492015a5b46534c66fb2323084f2d65e62e46a5fe8f21b86d |
| SHA512 | 14f0e224cc6d7af89f951edda679b2942ea2784e817c425411c5b105ec81487805d89950e514b0c55d9901a2b89fb255797742ab4ba47a0cce0e998d901fab98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3f36452dbc160d2be81b4cfbd6460b96 |
| SHA1 | f69d66856bc84f3893e0bd8e4584872b00f01efd |
| SHA256 | 4cdd6732e20194c098ec93296e235d3bec48e98bec023a077d87cc9b9e242603 |
| SHA512 | 71dfe38aebb67ada0e99f302082793e1f22c30daaf4a61260357f01d161914f051df0599f6c6c8dd0a73c550a4bb90405378545e3dcabc4f3ce16694caf0c2cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\bda06727-ce91-4330-990f-6bfbec237437.tmp
| MD5 | 0ebd3ef8fa183e1a969e2ffd48a6178e |
| SHA1 | d8201c00d4af9fc21c3536ed091fad8b893b4268 |
| SHA256 | dbd2f6c30935e4d647e982ba892bc93591dfe3a5c220cd4710493cfe7b998a7b |
| SHA512 | 5f7336cf6fefc56345cb03d164726133ca0b78c01e91bcdb2c50030bd263203a15150c20a6425f8d43ee69275b0fa673537327f6f461c071afde84bcc913ea35 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | dc2dba38759fd48b358e8a528473eb6c |
| SHA1 | f244f26258dbe47f1661e08cf51495ec6a184d72 |
| SHA256 | 60b76f90bbea8604a0a0c034b0dd7ea9ec67672770605a46199b3d1ded3ad75a |
| SHA512 | fd10b0af08af6a68191f1f07c1dc0ee3cbdeeae65cc05f457ff953f1fea54a046c968ed343b77071cd3b5edc8f8ec5aba57017d8b5c56b8f77cc08f488a229e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 35a4ecb6f1c1b2af025466fc21911684 |
| SHA1 | 8f91f8f81c28f870901f62934abcdf887456c476 |
| SHA256 | 00a04761f871e16220f9af8d8c23ac3c43628b02d402d0d35fd3d7cd546acfe6 |
| SHA512 | 8493588cd782ce81084a5d958d28cf81914c399f66cdc6a3b431aa21c5562669d84e0c11b1c1498d330bc2fa80bfda647125a227029876ab868fff6f9711c43d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 17d84298f603100dacbc11c2bc9f315e |
| SHA1 | 2b72425f39c4a50c5cd39662f1e91265fa60ffa8 |
| SHA256 | d0be9240a1acf9c73024121fb1446d7888a5d571f508871c82def9197b15ddfb |
| SHA512 | 17ce9dfe1a72d8e54338c2135cc97b18d2474de10a856f3f2a5b4812a642ded3ff4548238084476d26afb47afbdaa3a2250244dedd312272e48b9062704d811f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | aa6bb2db7a76603a11b12f0c4b73f1b0 |
| SHA1 | 4e04d44c2cedc2b665f156c35048a2c69ccec0ba |
| SHA256 | 609eafb3c3eb6648d085f7c27c7cc045a0d4d20de5861108ab5a196b50cd66a2 |
| SHA512 | 24b9348a2dfdb11a435b85ec00ba9ec2c91beb580e76c2ea2c2ab4905c7c6a6c842bad074677464236cfaebf17d8f38e8c857a84b010d8658c8ecba2a0371812 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 84ca118b89982d74a8a81b5bc24ebbe7 |
| SHA1 | e31530803048321c2354f51af9ab33560af40bba |
| SHA256 | 5f74f244c82acff2de0c6a46561404b44635cc30ef5156954f9cb5bd4679f5a2 |
| SHA512 | 5b8a3121fc5f705b5c72d8d769daeeb321cc845018a268d2440b57f24f1c11985727450a0af2df80c58a2c853ee303cf04a7d2e6b4541e1c46bd0bb57e0baf48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt~RFe58c6e5.TMP
| MD5 | 1700ff44dff095b800b2e77100b71ca1 |
| SHA1 | afc6688a2c3f22aa75a747738bf3908bf062e636 |
| SHA256 | 4c9f923447962d3e65ab17a3e05e5b9a401646a91b758fb5610afcdebd4e991e |
| SHA512 | e55ef042f0768aef14c2446ffa2768266948628af3804ed5618e592f1aaa9ad5629f3efd110ec1f68e6f9ea872de2c7a28fd82b3901a3131c06bd4f922eee26b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt
| MD5 | 2ff1ac7d3be5cbc8391108dcdfaa02a1 |
| SHA1 | 78ff5a5538335c3e87ac72878922f5ecfef193e9 |
| SHA256 | b7dd564d443059d96530e58e2c6685472cea90e67c29e76fafa761d85455e6ba |
| SHA512 | a20a08af8fbab8e109417df491bef7ac3cd1dd905383ccae7ec80d9b337eb595f1c24b23680b16289d635349af6ef01e269c4f39f65cc898705697878e6292b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4eb46088494e82e1efe38a8852436417 |
| SHA1 | d98fe184f2c681fbf93298d9e1eaf1ed4ff6e08d |
| SHA256 | fa16df9c48299852704bab6f5c1dfbdb3a7651dec470d691961d93cfd2ce43e5 |
| SHA512 | 3689147b15e203f2d7c36268afb73848976f4957316a71c8e5798521e3b947af5a167a277638fabee9f2bdcbfe2b1b421f682ee1d3f7f9d64d5dbc44981c371d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1a50a69ae821fa8f19f2863ec0f834de |
| SHA1 | bf611967908cc95101259da25a47e445a0965a26 |
| SHA256 | 2f4754418ce52c07cd3f71661fd18d3c6e9ea0f6db6a41aeedba8f329aa89b39 |
| SHA512 | 67c2176f0f42fadef3b50f9c880fd0e3b9b39fdbdd9c1af01f17442e5ac1a4e0e3ca8d9594c9a082e43e8f45282ff2a1aef588e954870c6c6000963e7c219f3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003
| MD5 | ef6149c4d718567a934b6b8ff0dd5704 |
| SHA1 | 33ca83265fc6e75cc87d91eb4e0bf033951bc533 |
| SHA256 | 0355748bc156228790874ffb3bd637b4d951bed2fdb4b01f2ef46ed89a39ed71 |
| SHA512 | 697618502df23d777a7b531eef5174ad7d2bf7508634fff73f3400617d8dacda56e228c140fbd846ac59d10234c964ae78cead1b2dfc4f7426c7bff4ec8c60a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | ed81ae6e321fbfbc6cb3dff94779e4be |
| SHA1 | 1f0c0cae6cf9366424323db0b0739facd69afdfb |
| SHA256 | d22632c84b8b935a2451ed89ef446356ab024bb761c52cf8ace17068a655be0a |
| SHA512 | 60dde1068dca1305c488fb5bc43bcd77d8da22ca0b7d61515c777510cae0045d054094b5c52e27b7d9f2b536342f18e9358b806e9bd67f15ca4da0702b3b985f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 31a479c422db145c78d737f43dba34f3 |
| SHA1 | 68a63091df29a1acfccc84cfdd01059b683e5b4e |
| SHA256 | 2b3059e91b7227a27ba0e21f26076ae20ef019600b9d339c6575abcd32bf7a00 |
| SHA512 | 5c4457cc18281e916677d6244c06a0761eb4e8a8f8e35ae5ffddb411e82ccbfdd672ad58b76bf2fda335895cb852970c7914f9a513f142a6ca0480adb00c1b00 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | ec5a10b3fcba5cf692bdf7daa35f51c3 |
| SHA1 | 55d0abdb8f04cabd02c39f37adfc2628009fb663 |
| SHA256 | eec98bd207bd76fbfe78ea77e9a054c74c5d18fea8d4154ee6273846a2358137 |
| SHA512 | 8f0415aace0d5a5d8993125b5998dac3030b2000af720ada1b12c0002ab01e903ba3dbe1c1d41f53f9abd85b9bf7ee1dd32a417216602064eee06206d26f62b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2fce63856c821b96ae928962596a5019 |
| SHA1 | 794846002bda150cfcbf6b2a4064b7b0fb0c1d0e |
| SHA256 | d98c72d53b9df4bb0dbcc60f479d7739d266e8cd2c77994c338fbc6beb1a0942 |
| SHA512 | 6f77f2ecf98eff2ad40cba981c81a74d80b35ca34b6c2e855d6014e030d9f9b9989294b4491408f4f6574ad151c6e7df9f15c9c3296c96b55dd90af8724cfffd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d
| MD5 | 9a01b69183a9604ab3a439e388b30501 |
| SHA1 | 8ed1d59003d0dbe6360481017b44665153665fbe |
| SHA256 | 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2 |
| SHA512 | 0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 083686be07ef45ea5051fda338aaa055 |
| SHA1 | 14e8c7adc988e68fa8831156278dc002b6f17251 |
| SHA256 | b9fff09abef9ce44429cfe5d81530672fdab4afe5aaeb2b71c209f1f245558cb |
| SHA512 | c142aaeb4ca7e5ddca51e71363fd29cdf725d02dbcde04e160a538f72363e86921fae8f54ba42b7a6d39b2ec533f5df3c155948d84b5b9b64ed4489d771aed28 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | f6f35e83b11c257a2d41055b27a5e03f |
| SHA1 | e85951916778e9007852a031544dd15ebfd188be |
| SHA256 | 06dfa564f6c16102d5f3e72490e9732fc698804f037b6233766634266e49fca4 |
| SHA512 | ad8385bb9f9c94e0c7b96717d677e73d4d454cf0bec526e19d97d9e7a6e718861878c334b5a59da112c3fcbb909e2e3085548ee9dd62962c320628d037587dac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe596056.TMP
| MD5 | 89372e1d557a62d02cac7e3a957420f8 |
| SHA1 | e2edd9a8bdf277408d8f13e4d68924b6345add19 |
| SHA256 | f53eaf8d5d920925ba16df2204b6d3d2f8d95e35d6f4a4ef044dd115d70fda5f |
| SHA512 | 07b95a667ba16bc56808a988cb3be52acb0aab72e011b6a3dfb17029ff06d339e0f1ffd1646940a195c01443afc5ef99a1768a6ef8783a7f690b741eda00f6d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG
| MD5 | 5eb8a7d10b4de07c27b5406e06ac28fd |
| SHA1 | 2b7471fe408bb8a1510682d69ecdbfa2d52a4ec8 |
| SHA256 | a46b1a0f27add74e18646d75898d35367d2e2990b3a668ff103a82b56bd33d20 |
| SHA512 | 88f81df19b447cfeff461bd80a02dbf27c748bfa6fa5fce0a1ccd785e30a22ecacdd9e1d80e758a4e4fe6332eb5062818b3b76027bd2a54d29d0b2ac73031d83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log
| MD5 | 3e74be255b87c7aeb4a9a85720bdd7b7 |
| SHA1 | 7588998db1df565bd6380eea4eca242b0b7fb3e8 |
| SHA256 | 641b17a89cadaf37fdf2d205b1cf63ad28e148875bc980fcab56ae02addf4e15 |
| SHA512 | b84e718dfee34fd0b3bece79a265b5faaddb1b76c1d67569c968ff3b578bb11192b59b8108abf8c9e7f10855c960a267a5c718a26f6d2cf26b9b4de7ffa2157e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir5404_38778248\Icons Monochrome\16.png
| MD5 | 1b3a4d1adc56ac66cd8b46c98f33e41b |
| SHA1 | de87dc114f12e1865922f89ebc127966b0b9a1b7 |
| SHA256 | 0fb35eacb91ab06f09431370f330ba290725119417f166facaf5f134499978bd |
| SHA512 | ce89a67b088bae8dcd763f9a9b3655ed90485b24646d93de44533744dfcf947c96571e252d1ad80bdec1530ff2b72b012e8fff7178f1b4e957090f0f4c959e0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 43f39ec8ce21be1da0d60bb6389048e3 |
| SHA1 | 2a2472db32518561cad2511b0e1950d312ad298f |
| SHA256 | 90fe69e6603fec7022e33a5acbbd5347da3285ec397cb2d4ea81fce3a7a522f6 |
| SHA512 | 342118fee0d4f83097bdbae44b19ea57412ba35c7efd25f76ab7a8d3436a302c47c762179d884e0ca36135b16b6afb3444973e097116ac48490c910795dfc319 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\0\512.png
| MD5 | 206fd9669027c437a36fbf7d73657db7 |
| SHA1 | 8dee68de4deac72e86bbb28b8e5a915df3b5f3a5 |
| SHA256 | 0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18 |
| SHA512 | 2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir5404_794146626\Shortcuts Menu Icons\Monochrome\1\512.png
| MD5 | 529a0ad2f85dff6370e98e206ecb6ef9 |
| SHA1 | 7a4ff97f02962afeca94f1815168f41ba54b0691 |
| SHA256 | 31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6 |
| SHA512 | d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 69a63cf02113889d9fc96ea0ae728f9a |
| SHA1 | cd57e20b6c1ffbc37099d66045ad92c4f37cc9a3 |
| SHA256 | e809fc6c9ff4e09302ebd88a82f20035ed6b17efb92cd259177cd3c01ed20ca2 |
| SHA512 | 04e5040ed49a46f8eeb744099f0a6b7cd5e64869d665134a87b3cc014df0ab77413351ac53618718fb8ab280365ee7db2e09908ebde47e5b9d5647b6fc9fa500 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 092ef663d3e2ead6ae7c1b0b06141bcc |
| SHA1 | acfb9265bd961586cb691cc0ae4bdaf00bcd59b9 |
| SHA256 | ae1263e1c50088b5008368acb8df5394d525b73ceb760a9fd0abdb55a6e26f11 |
| SHA512 | c0a1b2463f38cfcb07df1b6e3e922ca73ec72783fa018ead04ab69e56842a8f7445910ebaea9344f385c373989c061f868fbc4de1593710addef9546d0a76d81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 90b4098df0d9c90e05d22e5740c33404 |
| SHA1 | 9c4de365e05c2b4909407a0f690acc4e79de46bd |
| SHA256 | 7506458a536219b167411651becc6062d6f25a1d0b71a4005fae815eec71fc3e |
| SHA512 | 23cd2e6b05f73327d1fed0eeb0f0869bcf451073a6814bffce6992d9adc09190318b91c01ee13f62540fa60c1c06d60160900cc643648be777bf3a23275f7b11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | cf68b87d64150299a4935ca0bad95dfc |
| SHA1 | 04eda9b46973d6502cc92942d46195b04c4b4daf |
| SHA256 | a79199616b386515153abf9308510d3b517fe4c880882a517708a0ec9f9449e0 |
| SHA512 | 4d41ef6dbcb1c5f2c4837179dded1445b85ebd25109fe5d787fa2d4d98c906bbb2f9fd48f52ec8b9d9e63e90b63f5533f4b914fac28a33a3c7b3c200740ce169 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | ee14b88307203e62dfba58bb065ef882 |
| SHA1 | 8b7b28fb5008de7af5402043e53450570c0a4b18 |
| SHA256 | 6ac2f49fbdb5fb2c9c8d97281d6d3efc1552befc6001f61f2d49581bdbdd9265 |
| SHA512 | 0e2a40a92dfc46836b03c725cfe1f1ce28765c721ca069efc77211c5800795f17844ecde0ff6c7d4059b3f6f997e597066062052059d3d8c0b76b9597a457518 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5eede099405c6ee04f20d564879f8afa |
| SHA1 | 319fa492e7a58bfbe6169aaf4ac9ed8824bb673a |
| SHA256 | 3a84a72c661c965928435b40c8c053aa1dcefb890725bbd4d1bfa7c99493897f |
| SHA512 | 77238f19d831ab7c1feaba283a469c5d8a14b67ba8cb25346ee0435359b402a7f72d0f74d9f5c64c35d2b4c9c1af558e5b4a65613e88d99c6f901b84b3e4a75f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000071
| MD5 | 1679752e6b185e43aa45d51937486172 |
| SHA1 | 7738cba4ecb76dee3b8a8224a9ff178edf8df163 |
| SHA256 | 876b3b9dbf916ac8511a492e6428259529dc759cc7acf246d41269f484820a98 |
| SHA512 | e394c2f9cd62a175c5e59134a6de4fb297fe0d0d1d89482fdd0aa1e47dd0d3864fb3f5bd453caec434c99785fcb6d54da7722315e44e591f3272558cc11be10b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000070
| MD5 | 437937c6537d871116850226ea943c73 |
| SHA1 | af97f13487e46c0ab69aad1be629206014912d6b |
| SHA256 | 886fc04594ae2c059cd39657986e280b64a2fc73cd2cfe996c8955a9de6ca273 |
| SHA512 | c5e734d1d6d06b8bf02bbde0578ceb42db23291d88093d9d6df7dc0b2d55cf3304204b4887235603fe50558d1cfc0a1c25e5aece38318b05c681acb08825384f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000072
| MD5 | ed42c05ec2287b3a3f46e2bf75669872 |
| SHA1 | ed9c3a8f46c95211cb01f7aba625c8d61c8be58a |
| SHA256 | db9e48a53540cf589944b0eec98862be0ed5580015e5df6b775ae3488fc687cc |
| SHA512 | a9a7711125667cbe8c2a9ba39597eda0a33f7a21e93f7e7a0230a49991382fd14c5029209bc2809c686b67a3ce4f5165ab5614519bf410d2129d8682c898bd6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006b
| MD5 | 950e5db09cce1c15b7b7c2c2d3378abd |
| SHA1 | c89a76875aada2e0f2efdecf69456e0fa78a1758 |
| SHA256 | ac19ed36b7f59818d24401b792d98dd53eeabe1d4211fec1c645bbdeeffa76ad |
| SHA512 | 36f31cd15930ed27e97b5c87f3fc96a50d61fe8acc3ce30f709ba597ac843fe497970b22f726d56350d25cac03681fcf9538e968c2314bef3cda3b55c1e73217 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a
| MD5 | d57fa5d1eb4acf3686bd350c7edbe20d |
| SHA1 | 06257ec9276f48a3c7e6815f5fd0b46549c81def |
| SHA256 | aa03f69d06628b46d0ade9914fc80281535b581086c3c6ccba83b76ab29dcf45 |
| SHA512 | 572cb8e3e2022c9cbb2464d488ee05e828a3d4099365ab1e2c95699ce1e8af480bc484d9526a0927ca2cfc56bb4e01cee5592105ae8b90127e316a40a8d4a6d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006c
| MD5 | 20e956425fa1ec752185077543e0ffc3 |
| SHA1 | c2e662781defcdf33761284f6311687ad74b9eb7 |
| SHA256 | 1992fc905b38585863da2ccec7bba59840e8d10fe1b18cb84b0a72e6de3611b7 |
| SHA512 | 103c404526702be73520a47db4c6e6edfea6bd7499e146450506f220c28c5f4594485cb94e8473d85f424f38611e173666bdc0f9da1d95e04d1d56d7c91a7793 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000073
| MD5 | 1bfb2fec665189e3c7096a0c74d04f6f |
| SHA1 | de7bfe3960205db7cbc1cbdcd7caf7f5c32347c1 |
| SHA256 | c664f395ad83102f38be051dd1fd55e09475ac7d04b5ff45595f8208210ba1ad |
| SHA512 | 184322c50f5d12547ad49512b037c0c76a95c4e600d89de4f629ed02211c9fa8e2c35fd205266e177c4fee1093f5f69ad438e27722c0909e847feba61dbcbcac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 96d40051acae25f04a404c53a0943b9e |
| SHA1 | 6e2e6f8c99abf9e48a59356e28c5709dd5e54e8a |
| SHA256 | bd10d18695f2f16b3cb34a2836c326d01bc03d2f534397261a99b67ce082569f |
| SHA512 | 0088ccbaae2da7c0d1124eeba8b10b36335e37d1fb631aaf639134df9a9a2d59869d324004461eb93c94668df6de951e09cdc4dcb557b07bd8034b5c1e1ac92d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\454f60c2-9b70-4672-b119-90e39472b3ab\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 3ee15e79df56f2da920ad88c8cd31e7e |
| SHA1 | 740420900d25fd151d575d0a2eabe65cc1253f46 |
| SHA256 | 61d7c595943590957da2bb8ff25567b717161e490d7b1a03a584a97b69716899 |
| SHA512 | c6909e0e78a68286be864c1b650561a4152f7ed0d6498fd2c6740156ad10c5e71e6b58e85a3e0128f4b6a6af8bd303178b49173e1ab6db6139332afb20a5df85 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000085
| MD5 | 56f5508bbda61328cd8cfbb548f8cf34 |
| SHA1 | bc0c6928a59adf542dc9a5f72f862ab4a761fd68 |
| SHA256 | 0f70282e8b827fd72539b8bbe1b170069f6c1d13e13b83b6360a54f5b7267abe |
| SHA512 | 548411abd212d1aea4e29a101faecf36a902de3a2976e236b0912771beb9febc80828381978367c8ecb024eadeab8aeb687200dcc79e63d48fc48ce9a1ed991c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 3a953c0f07d076eee34c20784a8709f1 |
| SHA1 | ceb59f98f3b3426836c454c4d07173fbcd88be4f |
| SHA256 | 6abb0474e8437f01dd0ca769a3409d4b7b245f969ca0b8cfd25e1d0e0fcef100 |
| SHA512 | 8b48582089ceb92cb574741b893dd8a5ec3178d78a3b7089b3d0b2b163fa8af55bd4afc7e0c117b9954dcf76cc220da83ade21d6db46b25eaf29c7d6bbdf6755 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006f
| MD5 | aeb1a662d760ad6b94027c2743ab8347 |
| SHA1 | f70a1d9de7e8a32ec0ed72e261725183ccaa3056 |
| SHA256 | 9cc1a70e9272a9bbecfbd23237be267dacb4044ffe12b0bf4372b8b6a9104994 |
| SHA512 | 583941acb00399f55e54dab9999c9a96715c39b798a891d87fa210d085d22630feb418666dcb6228195b8e31458dd20f9b8cc9e49893ef2bfa37e23918c3fe2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 490678e5209c7ddfa1472be460709e92 |
| SHA1 | 475d82dd1f17b47471eeea2304b198e08a609a1f |
| SHA256 | d21a03a5252c9e8065565cfc28f01426d9980913b1e7bc90903959a3890a6d25 |
| SHA512 | b370d4b22658ac4e8ff131338136c503d664aa5b23578b848a962131b4d9bf2387df934b6d382d4fcff24828becb7d945d58219484cc12a8cae6337be94dcd3b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000078
| MD5 | e8730678d4610fa908d3cba1ef0b4ddf |
| SHA1 | 1efcbee909ce74bf04878d74867f12a1e41ae7a4 |
| SHA256 | e921785496ed2d98c2257c88a6f838afa6acbee05cb8467048501bfe2a301461 |
| SHA512 | d7c3f81ad11ac5b3e6f454fbbb9be0940b3e8da93cde0b80f9a91a8259966be466b4d6a0fd5527fcc6c8f218aad8ffd0124bb29dfa08f6ca658ce49fe9e37e6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007f
| MD5 | d52d5a288d8d72ecdb3b346788ac75bc |
| SHA1 | 3c9a5c0762b56319ba9c77f8142f11524f4b64d1 |
| SHA256 | 25ba1672390c5477de11d115faa8d23fcf660232940c0835d593130781d04fa2 |
| SHA512 | d23c1bbc70fa241e7f80989b6d912294453003d1764a17c9576204045ac3a16d17fb826a241ea78794c01dc7c22dc851d6bb39cca110735a84a0d8bbabc91163 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | e75741cdcd5054e7b64b9d4907406e46 |
| SHA1 | b683347f0be39a59b98624946786278747445036 |
| SHA256 | d1eb8b0425f0482c015479e36ab5b791b2e0404c6e87127efa30052ab8bdd45f |
| SHA512 | 31cd12d42ec98317a5262bfc06b78ab8467d1ad32a5a4adf69c8a623afe523ec7412000dccddd4697473c33f2471b8c4ac595e184214a1e53bfddd84d37e11fb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 21f5f9ee8d9db886b105ffedfddb1573 |
| SHA1 | 74e6d98f3476c1cbfe0ac7c57e7501c2f37c81b5 |
| SHA256 | 1d388f0046a218d9c97c7110f10d93b0a152752e058a4d7cef7ec42f6f004c9c |
| SHA512 | 50f744b96048cd513fc558c60572cd1cb061b625d2891400d4cbba9790035641103d6412ab45f11abb50c0861176b0e90036eab29bf9efc03fbe65421993b789 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008b
| MD5 | 95d9243d40baed87f3d8dd61a2e1bddd |
| SHA1 | a6a16983fcf3515a64b9f01a41988a5ca59d1644 |
| SHA256 | ace690bf81223c42de5d023761a04800135ac7bd566af1b84d648a173a65c9bc |
| SHA512 | 3a4c6437f8ce28ac1e8ead8913208c966bc6b36c6ba74d243db3ebf7a9e263941924fae867d257852d5e5df86dc7e0f2640fe82447a8bf436e436d11a7f3bdb8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | be72f88c6044fdf28335194ab9ce50b4 |
| SHA1 | 5c94b4857c9ca6fc41883ed34588a31194cf09ce |
| SHA256 | 79f6f3b896ae87fb7d124c5872e6967b7469cb669cf994b74962f068e3952410 |
| SHA512 | 64901905f3fb8f267977f4d6ccb5591870806196daf407cb1fa7500d94bfacfce90215645fc61bdb267f9ffe90837eaedde6ff54c441fea5aea6e7f7065055a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b1d72ed959c85a251cc054cd3a640bbe |
| SHA1 | e73f7a3f029494d1a515cea8e7438fc103435e29 |
| SHA256 | 051b0c8591e28e3a748d8f356e7939f0e3af53fe034a312aaffbf3d1a8e34a1d |
| SHA512 | babbd56344e7a2cd4a431278bf5c54a7062a86c1c07d1b5ee778861df7776204a7f11522915bfe698fb73158b5471770d0d034d8461740d0bf036da21e29479b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5d98f475b40b89ae22a8d81ba7d01883 |
| SHA1 | b726b95be18197a9f79146369d88bb02e51f7978 |
| SHA256 | 70949daec760aae95ca4930ab96790628a7a5e8ec87abf35f67e35d7a06c62d6 |
| SHA512 | 4e39ab9337b4638bc3e4620a82f3488a0a137f9e66e9990a18971dcd259de715381a1165363e252e593ac9de421659211b9893bd1c578869469c657af6d2a672 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\63c20a23-6142-45d9-9d1b-bf000a9c1865\index-dir\the-real-index
| MD5 | 981bfff70d36a456374f3e7c8da0ae71 |
| SHA1 | 682529f813dcabfa0072628a64d3e9150de75061 |
| SHA256 | d61df73e06549ab8445380f0313360bedc62707dd05476a46ccc5a5a9a6cae02 |
| SHA512 | 7ed7ef1a55a78ae23c9ba37247f6707e4783a0f134076ff2f8c6f4881cb400d586001fc2ee4fe67b8c7b0475a32fe1ec00cf6e61c1ee373c75d0c7d2cc7105c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\63c20a23-6142-45d9-9d1b-bf000a9c1865\index-dir\the-real-index~RFe5a5286.TMP
| MD5 | b7f9051155799547b1d5928de1999ed5 |
| SHA1 | 4648001c8f5b3712ad9f69ae691095dbfe6c4459 |
| SHA256 | 9c16f246e1ad98e5b7faa1e23e866c06b8bf61487c42878a3f44f475b32e0d60 |
| SHA512 | d1048b24fceaea4eea0ff8e9c42c7fed364f11d491c40be8970d1d786bee8509a09c904277625228698ff31c19b7cd124f30496d8931286f0220e3c5511b095a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6db9dab4359e5b8814cf3c39f567aa6c |
| SHA1 | dc49cce3a7abc8ca8cc3d94547fb76183e962bc4 |
| SHA256 | e7b077fb5afcf4c95c7932d397e11ce9b475f707e75f5e31c1758ad81a7897b8 |
| SHA512 | c0854e360e17e4ff77ffed9acaa808127d08be2128b0f18ce08948ee5d56e810749ecec029664714bdbfde7d7b0074c6b75b6e24325f2a57028c3844fa598666 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 520dfa0fae8a43736b0dced2678b9ce4 |
| SHA1 | 6f50d7d6d088b409d3cdad0d6a7974c48d2534d0 |
| SHA256 | 8bdd945c58690cb19e9ffad7d1718716d67c9d6b0bd741d8c072cb9ac047db58 |
| SHA512 | e80fcb7ea7200f44f060ee87746ef0f2c50d5febcf1153c4ce937e06f9d09b3e9ff4afb6445f9171ee675d1973c94576b0c7b9250206fc635e3bd32de8d8659f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | f536af018f66b891b620cbd853ac0e70 |
| SHA1 | 7a689f4b73c69738edd2dc4a102688046d97a285 |
| SHA256 | 51af0bf4a3f53eaeaeade395f32b333d0b18f427482d24ac620f178c4bfb5f87 |
| SHA512 | 83906c5c3cdb97bcbfc6c6c798fe7d2809430a1e0df730004caa17264ee20dd8094bd2b3e5ce3ff71e4809bbfbd844a2f37cfc3fe4a4cc3cf5018e7d88238689 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\63c20a23-6142-45d9-9d1b-bf000a9c1865\9fd5f62bf71b3d75_0
| MD5 | 6885e28ebae390b2bceb3ca705d4365f |
| SHA1 | 86f1b44e0895ba8c9c653ce193878dfcd7cc4ad5 |
| SHA256 | db84c192bfc82254ce53b702ba159c10461fdaa9cc51b4df2ab0d8b039d48a2b |
| SHA512 | 18af7838a34b2ce1f75a1cc5bf01212481a9325d49513553c2c7042b0074833ae2a3ae752868afe4d1dde9893cf07fa6ae41083c5471a852459fce206be7a64f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 63a11eaea0d0c64a805a2fdbb4125799 |
| SHA1 | 93e2eeb25926c5c65bdd23aaadfc94ede7a0a175 |
| SHA256 | 53e681213ac0ae7b8a3d2e99fd656ef213bc340cdc161788d75ab374ffef6695 |
| SHA512 | 24792f2b938f99c391648ee2e34fbd2a1f5a9195ed7c206b7af5d86d55b5eb3f9d9336f5b02214891d6f611191823dd3e56c04a9f43b22f7697015177562a8dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8182d1a57b58e343c4a9948436c5016e |
| SHA1 | 72f83fe2c229862994a0ff65099f44abad219da9 |
| SHA256 | 30b6fa014130667f2dc58bca25e08ccccaf04394550c37434b7b07e89e3ce313 |
| SHA512 | 0e627b8942afbfd951263fc2e8451032052a2e4ac1414244bfeabcf1092d5b1bd115c6d4bb3093557bbead6461d58936294a2727c4ce100de5fcf10ae3482a27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index
| MD5 | 8bda2a6c338520f8ae163574dc8d6250 |
| SHA1 | 078c73c01cf36ba9bb0fe83d5ba93d9c6175fa8b |
| SHA256 | c89f333cef594dff9022fee4d81c875aead1bc69efa798303895bf741d53068b |
| SHA512 | 39908f52973693365bb318e70ca337c2183df75c80ed8578bb8c27dece580975c27b76ba59d5fe501cec1a0d1d59188fd3e4a6ab72acd65c614f6835eda2c51e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7fd5c7a4e10794a038dc27e2823b8495 |
| SHA1 | decb15919547a99d2cbc1272656f5919373e6d12 |
| SHA256 | a22643f469d401ab8b8d2b3de629c690ca5c8415209ec49840d276644044d770 |
| SHA512 | bbbbbfb64135d2a651d36d5b9f131c42048b5c3ba0c411d4aa3489e104c703c192d021a2b0ac16d22adef2ddde07a9734653af2c528f40ae17cc30bffac4e65a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5b0926859defd91bdeecc9d76bbe6c39 |
| SHA1 | 0083c7f265da50b52096cc98926d41a5a28499bf |
| SHA256 | cf6db6531e6d323f8985af61c434ecece1fda6f2257c2f015efa983be453ed92 |
| SHA512 | ec5a76cbecc9a9aa8f7b81912234b9f4984028638e68cde6826d3f1a59719169f1dd9ebb809c9671aa251adb9083e9576ccd55fc21ff3d388adaa27470200c4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4735e89f-c9cf-482b-ad97-f2d83dd2a2c9.tmp
| MD5 | 52dfb56c461be3205c6116abe2324a0c |
| SHA1 | b8051acdbfbbd2770adf790dc06628ce61983e7a |
| SHA256 | 5908962b7518e90fa421dc81c87d747a3c233ea3715c02ebc30386994a7f5c34 |
| SHA512 | 668bc95c7b376d8271f07ef70480aedee8ec41611e988c561d7f371f42d63dcf4ee9277432930563394d4461244cc037ce0cc4acfdbc1be7c7f6f602b89aa9a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9bb93d86ec5d9924380a6f8c2f6c215c |
| SHA1 | 99c13d70b51ad2787ef1056fc2330e5a33e10df3 |
| SHA256 | b180529e5a26dc9fafad8301f2fc8bf94449fae31843e943fa2eece32a63c08d |
| SHA512 | e98c8374467168e9f12125eb3a1619e8e707467ac20e9578248bf0ffbd6502f0415b295f5c094f639d8a3c3b19f81a82f5cc3537e672a1934f31cf63ec6f1004 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0
| MD5 | d4c23b6be1ae4aab92aa892c8f825e5e |
| SHA1 | 6a329dcdd78d4858b363b71d8ce6faae46e05a60 |
| SHA256 | fd6c283a6ebcbea84fb9eabc793b78cfc6f0c74def843ecb2001df4917697b05 |
| SHA512 | 77ed5878da55e4883070076628209a48a392eb817b6d5d875037bdca2eb3133ece87d354898299b7d95fdd0a35a1144658294e063836fd235d843bfff1717d95 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 51977c2bf0a5e775cfe155409684a9f7 |
| SHA1 | b532b001a7292457d9c277eac7d8819e1e9578ad |
| SHA256 | 00b71f16b657ba6d254ab19cba66821f17d1be0e997fe656a5407cd04ab725ca |
| SHA512 | 634113369a386236f678d713cf51299a0d398cd02ed13833776c903632a05561cc6bafdad2f60133d375f486aa3906b1a2efaf97ef053d405d7a37b5f3a8f58b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008e
| MD5 | c2cbb38ef5d99970f0f57a980c56c52d |
| SHA1 | 96cff3fd944c87a9abfd54fa36c43a6d48dac9cc |
| SHA256 | 85369a1cf6e7ff57fe2587323c440ed24488b5ed26d82ba0cd52c86c42eec4a7 |
| SHA512 | 50371320c29f0a682b9ae3703ef16c08f5c036e84d5056e658f5d9be7607e852adf72c13bf2d0b63fc492f5c26d330bdeb2ba38bfd8b0d4567f0cc6b0c0f7bd9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d2d7190860da83e24a6a71360d73f5da |
| SHA1 | 9072705513ee6ee0eb866d50c711c730058e099b |
| SHA256 | 960e9d826c9a886417aaddada13574e66f555039b2cfcea0f9c0bfc66384d7b1 |
| SHA512 | ff3f6a4739516728a37f5f2b3062c8f060e2313b08db450a11a0f819b7550a3561380eb67f69f20987a819ca8743caf1c7837a6f30054b5a9755a6b296e33450 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7941cd7c83471dfddf2e12681e838483 |
| SHA1 | beedd0cfe1b13b0ab3c462b4290e96a36a874219 |
| SHA256 | f6c3e2840a48f45d607703eee96d8c89790eafcfac143df04ac67195ffcfe039 |
| SHA512 | cded4dac95b257d984f99d67a1aa469cbb27079680bfb042e27306108b39da9f03b374d6300fdb13e233477aa90fdf84c68cf8e60e686e041478554f9eeaf58e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3a8a74e9bba17c1fcb32fcf2e8bee022 |
| SHA1 | 44a309910cb2a39af999bcb04cc6c0e78234bd1d |
| SHA256 | b8e87538e0bd1109d06f3468e3dd364d80210c7bc0e60c88fa7683ed4f9d4596 |
| SHA512 | 452df479830ad5a518dd2edcbd6038552441c0d41813100662226f8038e6cf92cde073858ed6621ba99bb6e9236705205cd7a9e041c90bd128571bb338c5a6ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a7
| MD5 | bc045e41540439b3a98a368a4c8868e5 |
| SHA1 | 04bf55dae49feb4cae5dba34137e3b7998be1d11 |
| SHA256 | 9bd1d90cf5c2baca327f34fe841dddd6636c73819b4bb79263d0558b06793b2c |
| SHA512 | 23a2ce036527f9d4ec64d01d19d0220651430bc7b4e495c2f98bfccfb7057880ecbd4eaecfcbc3bb2304f8ede544501731e6fc25370f27f249458248edbd380e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a6
| MD5 | 7ac8c70f0e96ae113eafc6717269462b |
| SHA1 | 3adaa5cb295538e6a4e5917ff4511144f8b5804a |
| SHA256 | aa8ec048eccd7dee8fb1f6bd9ce4b04295131aa1a9487dced4e143bb28fb6d68 |
| SHA512 | fde8611965916d0607fdb492f4f1fecc1921b662e9075db29921bf7e84edfc3395f2fff8dd5caf19919f1d8fb97f520c987d49c1c2358f4a1ce43ca7fdcf9f3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\ef2604fec2d065a1_0
| MD5 | 04c26bf5a132d12329841a67d5a546c0 |
| SHA1 | fc6aa3f6ed13caa90603473403cd0a8be400ce60 |
| SHA256 | dbcf6f3d1b2d68741b4755693cab36bf2fcf01065042fc1b938519472fb22588 |
| SHA512 | 18f313ae3e73c2986415ed3a117e04fa96d1f16fe14ca5a428f57420b83ec3b09e1b9ab9085278791c2d62e6349a177d25faf441bc9c1f6bcc4b371d4fafa728 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 68f3bf0df7a7e38988dfcbdaec73779c |
| SHA1 | 8d7ca59105d363e4f79764004c11b109a4cc190a |
| SHA256 | 314cfeabf453ec90ba8f2dfc8a9416ae079c0e1f17f6d61666b74d7d952abfb5 |
| SHA512 | d34b687df91551bdfe7507de7d1ee132cf258fc861b808d9fd1f1eecf12317ab68389de51bbec5d59fb03de2bc01a71a6e568cb9cd4c84d74dc1120bb1748059 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 83103a0841f7579fbb1e70b58c7ca48c |
| SHA1 | b06c06d08c360481e17ed26f01a5d31fff616cea |
| SHA256 | cc342f5630b6115164df1a6a1da50b57bfaa8be7f7f83b54047f4b70ddb3e742 |
| SHA512 | 7e6b4fc72df0fd4bfc814f5cd34ad10a14ff19ec62f4529e0a32574a025527ebe61e3a1c81a63b3b44c961ffc778a555f75d2465f31fe8d2458c87fff510a928 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8552602bb2ea304b99a16a215c9cee8f |
| SHA1 | e66991541fc5619c9037ca53574956815bfcdc2d |
| SHA256 | 6adf7034aee76e93c0fbbefbc845094c9b424990a4b69fd19f4eb91064b08588 |
| SHA512 | 9982c5b619f015ffbf93a52cb58762b6e215204fd9c2a8b3d1c9095f5f78d4d6a3f5724650ee566a0b0e973584fc5d74edfb1ae122da2f192af24a0504824f44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a0
| MD5 | 9871be9864d9f8748d5b5466c1cccb10 |
| SHA1 | eb73773243b85aebad9963a694eb203fb9261c05 |
| SHA256 | b9bdc3060833a831a74254057cc74a488505f9b5ec7655a80ee1aa83700d5fb3 |
| SHA512 | 6fb10b30f091a94afce9248866c23e0f60a11905bd5363243400a782eb8ea59ccd1e6d8331839689502c5aec730556dfc11f3fe84cf3fd3cfa87dd84fbada6bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ab
| MD5 | 1bf4ca63d97a7667eb3528ed2ccbd71a |
| SHA1 | 8cbfff0227b1e1d53ebc1e338bd3c85418051747 |
| SHA256 | a5305b0e370b4177bfd5f11abe9eb20eef7f65f52b23f7a89edb9a04d4158889 |
| SHA512 | 202b3411bf32e6548c1f5352ecae00fd8c5c6aae5b6144b22c86b308986dc16b6f0c9828f740a488f70e07653187814d971685eb5ed6d05516e3dccca63d381b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000df
| MD5 | fcf61b9cc1af4fdbd8177ec75c3cc4a4 |
| SHA1 | d68a70670bd3cc6f2d694704f00f6f5f0b75dcb9 |
| SHA256 | 79c1a60b72bf2eef9cf59aec041b8b63b628fb95ab891347fac0128d31e13d13 |
| SHA512 | 410f4009fd10f7549d854a751ddb9de43e55d60791453c84a5032d808d37fc9458fa0771416d2e32d0b90380d14aa2cc08f575b4c38c47c984b64c5177e82926 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 2b49a585aa55fce2c29d484147d85a70 |
| SHA1 | 89e707f1985c35bebd8e8aed6e2b8eef0b7cfcdf |
| SHA256 | ec74c599977c75763a58496ff70ffdfa582448519f564a2a21bdbe7ecdbf4cfd |
| SHA512 | 961ce9c85c4c2b275a46fa0237f575bc5147828402d7afbf8b24e2b7696d02b96fb96ed178ee7bcbbc0d7a82c5c6a7659176eb72ad0120a21cd03b5fe4596624 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d1ba8aa5ebf24597ba1b267be4d3be79 |
| SHA1 | 5b752f7ff371d0321ed013138fb37d13510505e7 |
| SHA256 | 43455641e7637b4d8d22a0846fbd3e1152c622ebea20737c19e36b68110c5f93 |
| SHA512 | e0193cca3a815c92ad5f6a1e6e20ce5ea8823c797e6508b02af305a43b2f98635fa62bf1d4eba068df6c91f466f1416a04468d9b6603ab1210b83b7d85bc541c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2c7429f8eb2a4fce9d61501965582aea |
| SHA1 | 5b4e64b642622744f283a3df5f6ae4b96150f04f |
| SHA256 | 75faa9a38905277d3ea9b6a14a1c1d066c7a2e10b01a9ee3513ae950eac5734f |
| SHA512 | 89277a6916ee32575b8f406ceb539362811823a972099536ae756d4e10883ad8d609636d188d8f77d4342838407df90caf38c713f1f6394397a6136056a04fe7 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | caea84e784507450fa75e8bd51b1e955 |
| SHA1 | 4184e3f12e76075de476bb11d8ed7dca97bf57e9 |
| SHA256 | 670c94336c9bb09180491dbae669e8d949ac7fa7fc8d16472a4fbe6088e01124 |
| SHA512 | ffbdce85b916ee331652fcbd3375f7a0a6f2565e1afee4648908f64e2dbe290b3bc81c2801742b47b110f65ef5eecb18c855682f0a248e86cdefc1d93b1b9939 |
C:\Users\Admin\Downloads\Attention Required Read This Document!.txt
| MD5 | 6c5a5efd9e22f8509d5164d0289e07cf |
| SHA1 | 8590757f6f52b660b6619fb81d7628773ae3fca5 |
| SHA256 | fd11fd86c9a9a26af46756ef2ad986528084f5bc18f0a2bdc251399c9113c656 |
| SHA512 | e6606932b611e05bad058513f037200c04ec47ff3af52b7d2b8d04d672e80aed65feef3cb406a851c69c3724dd9b0e4d67ccdb1ca5bae139513b680b7fa047da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d6c64df40fec402efa997e762c3601ad |
| SHA1 | f71d85ecf0e119357684c0758a98fe3301bf7035 |
| SHA256 | b6b2323fc8ff4d6bf909181c5493e6aabd6d641ee2ab0cd74fdd44a83186eabe |
| SHA512 | d49b1349d2c209f469e83f1225c0e4b531d6b3936cb3da8960b0a9d0c93198926707a20d8043f8c78343d745be496ffbb4eef0194bea0c926280e448e528916c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 539aaf154857a61a168888982ddbc4b8 |
| SHA1 | 08a7b671ad01c148b5de659db4d5c7e0b7dac313 |
| SHA256 | b04c0b38ceaa609a9b361f0a69a93bfb6dccdaad25b885e14107fcffcf8bdfe5 |
| SHA512 | 7b2dda309a6e2cacf275bcfdc7d19295d808af5754161df9de6b7329e5d831eeff98208818e4f52d5d5e16ca9465096d6de4722e8d0391b9b91024389d150a25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d0edbcfa0a676719f9457317af92355f |
| SHA1 | 1dbe6ad2805d468a0efc583ff06531467f82952d |
| SHA256 | ef4549a4d3aad529d6bf0cc8368672601b55115079dd7f1c00ec8d48f8178bce |
| SHA512 | 4162f7240581c3cdb44440018c78985ede332b6688a7849825136bb486c218cb709b1919ccd48ff09f55cc8184ef4627ff986b79723d92211fb8763adfcd1a82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0f1be18fbef41af77a1e34c6f64faca7 |
| SHA1 | 03dd546e8776aa1eae33dfb6c0444f1c4527e445 |
| SHA256 | 7b46b8c099363a502b9cc70952bfee463d5fa8c8f6369e3a7c01c22c085c5a8a |
| SHA512 | 4720aad66f9363c9fdf2385d44734b097f4c0c503f24194e49ee77ae7b8939dd437cc7c98488b97556330d1ee8348c5af4dd63a437f84f24d3ca2a8f789a04fb |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 0f03b12e0000b4f20d0659c37ded1f82 |
| SHA1 | 596e696c01195ea0f61b4ed6b4faa5eaf25af257 |
| SHA256 | 95c91f45f17edfa94aa8699de454c48ee402aec4bf5353fb9393bf2191917b34 |
| SHA512 | 519b7adb9b95706eab0e515eb1dfbce0083bd0c86555937d8ffa5560733f12f138873c74f91e33d2110ba428a0bb07f219060dcc8c384c60fae9d582fa5a9c6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 93a506b87f2f8c2bccbdf54e1b3dfd03 |
| SHA1 | 886d33e17324a1a5d2cf158dfc0b216d10778d70 |
| SHA256 | b977834a35fae3006167991b7ab14e91bad380ca68004b6c8c6f178796315936 |
| SHA512 | 8791a81bb4e9e4c2531e6c512f7197b21729c1ae39a67d993f307d95d1beea6a59cde299139d89477e4759810e0fe20acc01951ab5ff0b89ac658e89ee439f60 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5d4f14db2d1a6fd39329881a364a9416 |
| SHA1 | 219bd21d952db11d5aebef3ae7a520a15f71989d |
| SHA256 | 982a3b1b1af05f25639c3a79e33476dbf143ef5ee4b3652dccf42d3da9aee8cb |
| SHA512 | 1f20a589f4df075ec24bcd01b6d23df8fe464b9786e0479c82a3f6e4ae077ce6e08e1c5524e24ea68603673cd3010ba7728d47812a0e11a5e68cd0956d2cea45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 524ab8a9a36977af39f288faa0fa664d |
| SHA1 | e1ffbdbcf50eef11d439214c826c2358e2205dc7 |
| SHA256 | 0d56ff13c8e0db0d537939f1d144202de62516a00d242c6a2769c1b20a260f24 |
| SHA512 | 6801b3f6ba772b51312dcc2179ecc4f4a114b0342baf6ed8a0480b276eeae6a95879295986f69cb9182db597abf2258ea3c2e41694135c4e872b767507062117 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2337c500f5a7c8289c421fdbc5ee0b07 |
| SHA1 | 3eaa97df97c72574a21e6b022e9987fc1e213ab7 |
| SHA256 | 5ef2486345d53deafe48b6e4a92b759f8b19d5ba0e02af456bb7826757d4c37d |
| SHA512 | b1b40173737152fab6c5cec64c7113f401434423f0cbe123e7183af0a62f8adacebc4c976a33f1b9dc7f112e2cfea3ba9822164a64ad1a31a0a467df19474150 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fe79148ab2be0a4ee1688c9c0714de08 |
| SHA1 | 3010a341e1ba13ee0146cfbd7dc26a2b13e656df |
| SHA256 | ee31126d34dca95ba8d57f3dd0dbe7beeb04742bc7bd633a3884c77f3b2183c1 |
| SHA512 | b15a0a56623b2daf8a4e7e8d454bd07d15f0c9bf9020de0fbc66feec80a5c65f187caffec0846ad4cd6723495bf3eb2a5c39119cec59b3485d398ce13d5b121a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7af949d817b6fafc51ac92e2a372d74f |
| SHA1 | d9460e2efe495a6a1a7f452c628c01846bf4d80b |
| SHA256 | 6cdb26fe0a6e463fdffe054131f606908e8f075188d10b78a1c88741a72012a1 |
| SHA512 | 5d71da886de3a855e9d16ebde8db17488534580bf8becbb4d6dac28a534e433be743e4999ff877968f8044170a416b553bed0f1c322ac511e6680bbe0a3a1d83 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | ffff0729c99d12694f737e712cf28fed |
| SHA1 | 4550e936f5cef1ab48bb15e4b7de7b08650c21cf |
| SHA256 | 55cf9f8b522050cdf843f8759c9f136b09a21a1580ad086eee0a4af3010f73b9 |
| SHA512 | 1da0f3eeeaed7295bfcba116cf5c99eacda1e1772d51f91d70bae3d2976e8e9e2b4b923bb9e7709552ba68798ab8515cb0fb78b3da925481e183fffbc3ef005a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnGraphiteCache\data_1
| MD5 | eac2f12ba0d7809228f32b8fc38e4761 |
| SHA1 | 53399466d5608e212d81160a5b228af1a740a518 |
| SHA256 | cb49fec5d58d30f35e56f5d8595589cc8cd724342fc572c8254ce07ee3a19310 |
| SHA512 | 5d8c14581cb1a9179d05bd123a67d54053dcc0c6bbbbf7044a82302df46c1f5b1046774ac41d10adec59258d88a719785669c7b9155214958b621165ec111d0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 288c6031c6b7236ea634d1eaa205f668 |
| SHA1 | 7db106b7670af430894764e91258df116319da73 |
| SHA256 | e4af48dc4c48b19109468a1286b039ee540343eed2066f40123840da5e9d5196 |
| SHA512 | 586ad0d0d70cbbea23b2162bc02591f741a6bd4546a73657ad63a18dbcc2758d0e06aefccfaa928ace4bf907696771a7977c8229c7ac8f10123a04f39dbc2135 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a88f952be05465696d390f85dc25f12a |
| SHA1 | b07d4ab774c5940bb9b1e044decb872fb718c404 |
| SHA256 | f99b10fed4f050a7a91f43c84a36a154fc04fb18900341260a2ff0b41ecb5552 |
| SHA512 | 920ec069e64f23209daaddfe808ae28feccd0071d734bb8ef007e9e6763d24c9f10d7d2ad2dc62b11ed5a3035dc7971d443c5737fac5a02f94439c4248ae420e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fb78d0ea3b401cecac18a15ef3c64e5a |
| SHA1 | c5540e8a3c7b39de31df78d86963393f93738678 |
| SHA256 | 814726b3624e7cec4b795cd25b2a834849a4450b936a7c8e6418e510fa3efa07 |
| SHA512 | 1cf7eecac2234b011f116a058281c85322651d1c00e6abf8836f0d8328a2bd763dfdfeab6fd353eac41bce6e7d12ee51970a5c6b3f57b0d6a9beb2d609f3a3e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | da24ce4268b3933dc1929baae2a75985 |
| SHA1 | c0839e5dc00f5fafd7c237fcbc303fd0acd715db |
| SHA256 | c8c351f2e9a043e1e802cdb314afff5edb2835f3c210d4631de2a94819cb5f75 |
| SHA512 | 93d66e4a126ad18cd2b4fb5413d2f63b7a734f0910f5553e13ff51497b3c97dee1dabb42a595ceb097d63f0bb776addb819c26f590af74d5bb9a2cdf5fe3f813 |
C:\Users\Admin\AppData\Local\Temp\Clone.mid.bat
| MD5 | 14c2a45b4f52455dc38132c4f671a033 |
| SHA1 | 102d2166192b511ce679936d139c9a67187dbc88 |
| SHA256 | 359bbb6a04918ccae415e59c24e6f90a7e7323c342f82f03daafaa44c7ae03f1 |
| SHA512 | 1e426c54786e4ca8163a86ac6943d3fa24a7143bdafc5f43a4b1b403915601e14c868492e08131d84e4216210f498a52e7820a79970c0f4cfd573fdef9e55299 |
memory/1712-4072-0x0000028A96E00000-0x0000028A96E01000-memory.dmp
memory/1712-4074-0x0000028A96E00000-0x0000028A96E01000-memory.dmp
memory/1712-4073-0x0000028A96E00000-0x0000028A96E01000-memory.dmp
memory/1712-4084-0x0000028A96E00000-0x0000028A96E01000-memory.dmp
memory/1712-4083-0x0000028A96E00000-0x0000028A96E01000-memory.dmp
memory/1712-4082-0x0000028A96E00000-0x0000028A96E01000-memory.dmp
memory/1712-4081-0x0000028A96E00000-0x0000028A96E01000-memory.dmp
memory/1712-4080-0x0000028A96E00000-0x0000028A96E01000-memory.dmp
memory/1712-4079-0x0000028A96E00000-0x0000028A96E01000-memory.dmp
memory/1712-4078-0x0000028A96E00000-0x0000028A96E01000-memory.dmp
memory/3352-4085-0x00000000045B0000-0x0000000004628000-memory.dmp
memory/3352-4087-0x00000000045B0000-0x0000000004628000-memory.dmp
memory/3352-4086-0x00000000045B0000-0x0000000004628000-memory.dmp
memory/3352-4088-0x00000000045B0000-0x0000000004628000-memory.dmp
memory/3352-4090-0x00000000045B0000-0x0000000004628000-memory.dmp
memory/3352-4091-0x0000000005010000-0x0000000005410000-memory.dmp
memory/3352-4092-0x0000000005010000-0x0000000005410000-memory.dmp
memory/3352-4093-0x00007FFE70B30000-0x00007FFE70D25000-memory.dmp
memory/3352-4095-0x0000000076850000-0x0000000076A65000-memory.dmp
memory/1636-4096-0x0000000000510000-0x000000000051A000-memory.dmp
memory/1636-4098-0x0000000002560000-0x0000000002960000-memory.dmp
memory/1636-4111-0x00007FFE70B30000-0x00007FFE70D25000-memory.dmp
memory/1636-4130-0x0000000076850000-0x0000000076A65000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Towns
| MD5 | e35e0630f09a4a3653bab4b0dc9538a5 |
| SHA1 | 6649e637d1aef194cc773c9cd9f346e085248c36 |
| SHA256 | e0cc43f9a9b5ac2391538d6ba3a5849eea647a7b068b4e78fb1cbad001d0facb |
| SHA512 | 1a781a55b0d778b74a59568928400e6c09654323575338e1b29065f42cade6cf5112bbdbb505bb797e3edb3aa70c9ec48fff590cf601326bb92bbdfb0d42d71b |
C:\Users\Admin\AppData\Local\Temp\Culture
| MD5 | 935740017cc2ef545a183e99bfdb0d13 |
| SHA1 | 31fe7af6821d6e934bd2494efbbef5d0d4a6b541 |
| SHA256 | f27281cbb1162942241f9a02ae3f4a7b3bffa340c11e486695af0029ed428097 |
| SHA512 | 3b455381102b28b39b666aa40019990ac420fb5ca5ead0e071640a8742cfbe2a1e8706dcdf7281d71bf826efd482bf7f40d0518fcb5aa6999e4103d789e85b76 |
C:\Users\Admin\AppData\Local\Temp\Special
| MD5 | 8d277297be6297ea8ef90f88d34fe131 |
| SHA1 | b5ac57930882009e0e941c24582e1daf87dc12fa |
| SHA256 | 814870438cfc0aad7d13c1c6ad184bbf7c05ad33ecf785ebdf8b898c933e6965 |
| SHA512 | 9e474ee6a2db6f35074be7aab5e1068bf1fb78b3fd4f413c789858edf25c0b9b1b172afd59d15394922ef5c707f46b92cf23ee2a05c63ccd7c2299af098d7a45 |
C:\Users\Admin\AppData\Local\Temp\Mounts
| MD5 | 6b46ddd252d6f6b86ee0cad3f4e5bb38 |
| SHA1 | d0147b715e959910db09683b4b808379267c80e5 |
| SHA256 | 12741c7bec4e52416ba1eac4ddd84612af25c5c07fef28b472f9c504d9016684 |
| SHA512 | 4094b517c14bef833e60ad0e6ffe49d092bf5f7e4fb265c389b212610f464ffda7bcd8db39f4a7054902a5f14b864ceda0ed492c02d57042547bd2dd2c3cc123 |
C:\Users\Admin\AppData\Local\Temp\Nut
| MD5 | 6f13c9ae30e300d9d47efbb1abcfedac |
| SHA1 | 121c90c881e1456cd85601877f5810e36af324a7 |
| SHA256 | f3877e5dcd9c96c3d9377cbbd42cf0cada1295bf1b9cca0ccd83fea2806e6aba |
| SHA512 | 5b4bdcec0e9195753ed8a817e3de7fab1d00db90ae7cdfe9686ef2bc92cceffee38e96fe325384d0997b49fcc5dfb00ba35f4b8d79542abd69e7a81cc784f65f |
C:\Users\Admin\AppData\Local\Temp\Malta
| MD5 | 56c14125cd6f9a2da80c29ebe92f4c12 |
| SHA1 | cfaca1f1915b596a00b58da539abb3b4cfedc776 |
| SHA256 | 0982f92ef4c14783558d3cc2d093ee3707814ac747f91b7b74b96dd490d4c5e1 |
| SHA512 | 70a2feac8e0b87c0ff70a2e1976dd5bdbadcdcb5c87c8eff8756bb001c05049467ad9204daa65ac2b7d8ea5b5bd5b5acb527cdd849a767c433b8aad64912001b |
C:\Users\Admin\AppData\Local\Temp\Begun
| MD5 | 312ee8f7b53703232f08e41586c4c34a |
| SHA1 | 368e36c694a829b940bded283c580865b7afdb85 |
| SHA256 | ad44ad6a0f0eb5f3fd407b8e2d82021b1831f21deb0853ac4361a555fb5b246f |
| SHA512 | b39e03a10228256aee5287c580ce8c1876752f342ae13a41658418009e82ad217e0a714f9b138887e8f6b861044653a4ac7c5ba3861a4c33c771821c6ce2229f |
C:\Users\Admin\AppData\Local\Temp\Demonstration
| MD5 | c3f99e91d771e0fba3cb317fbecd4605 |
| SHA1 | e3e64f161f4c2b94c1c25218bddc9d7e6666e6fa |
| SHA256 | d3bae4ed7e3edff315b47dddf88984a084e8e76eb1d74c544ca40696280dec78 |
| SHA512 | 3575f7ce9a694f7d0f09641a04738dcf904cd8ac2e60df3a6a435b7e834a1e595cc46e1d6f3b9c7affe092ec2ccdb68a5c5f11fbd10e1d78c5f32af701394c29 |
C:\Users\Admin\AppData\Local\Temp\Maximize
| MD5 | 27d1a335452a3cffa39467097dd8d63e |
| SHA1 | 2cfc85bb4308f0e2eb226742979ffbe417d5fee0 |
| SHA256 | 362cd32617503d475a14ec4f5878452b65f70b93b9177aea5ad8f76a3a8d8df2 |
| SHA512 | 7c577f6eec764f754767898477464102a61e60f77ed0e8692b3429cf439dfbe3d20d5da1e40dfe7e68322c7a1d659ed1de23fc62db80970c7c9a06c2dd12a4fb |
C:\Users\Admin\AppData\Local\Temp\Coupled
| MD5 | 11e26a39fef4575948bc5e85f956aa21 |
| SHA1 | 64eb2502d64aebf1a2e32c7fc233d151d5784c6f |
| SHA256 | 9c05d5d848cf3b46a0c9255eaa29656815c542edcc4a515a9ec31f4ffd91bf57 |
| SHA512 | 96b766aea493151b6fe4f92ddc8c9dba0c7f87480c10c79f0713ca2d625929bcd5211e3c03fe9076a329125813fa6bb1eca60587a3c5336c6e9a2bbc517f6960 |
C:\Users\Admin\AppData\Local\Temp\Fuzzy
| MD5 | d71fa578c87b6f3eee407206df010d6d |
| SHA1 | daa2e34d7e949ab7be50b94d2f381087539cf11a |
| SHA256 | 63d0869ea7e3a81ce39bb1b102c8632b0f52420ffd8a09bfdea63390602b89ef |
| SHA512 | 417ee1c518fbfb98968b9096f4bb52a76074de3b9c5ed97b98d8fd725cb7aea706ad2f4716ecb7d3dd15863ecf8f89a8af77735807124fd4fde8eb066542b848 |
memory/4496-4496-0x000002200E6B0000-0x000002200E6B1000-memory.dmp
memory/4496-4495-0x000002200E6B0000-0x000002200E6B1000-memory.dmp
memory/4496-4494-0x000002200E6B0000-0x000002200E6B1000-memory.dmp
memory/4496-4498-0x000002200E6B0000-0x000002200E6B1000-memory.dmp
memory/4496-4503-0x000002200E6B0000-0x000002200E6B1000-memory.dmp
memory/4496-4502-0x000002200E6B0000-0x000002200E6B1000-memory.dmp
memory/4496-4501-0x000002200E6B0000-0x000002200E6B1000-memory.dmp
memory/4496-4500-0x000002200E6B0000-0x000002200E6B1000-memory.dmp
memory/4496-4499-0x000002200E6B0000-0x000002200E6B1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ec7aa083-19e2-4784-91d0-ae0ab7fc2829.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir2900_2038322753\eea590f4-8ab6-4022-8509-b020057fb117.tmp
| MD5 | b384b2c8acf11d0ca778ea05a710bc01 |
| SHA1 | 4d3e01b65ed401b19e9d05e2218eeb01a0a65972 |
| SHA256 | 0a6b11a5b642bf6c1938189707e109a1f48eb02018cfb146f09e74a753567d1b |
| SHA512 | 272dd92a3efbf6cefe4b13127e09a9bd6455f5fc4913e7477c6712e4c3fd67efe87bd0d5bf1ec6b1e65f8d3aa0ac99d5bcf88d8a44d3f3116527253a01dde3be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4d41b61ad1efe783331e6ea7aab24351 |
| SHA1 | b49887a7f930a30e51d791ff8c9733a57b07f70f |
| SHA256 | ed246f5a609d068815256a6d23c330434f1fcca53a6f8d4fd1fa139e90451dd3 |
| SHA512 | 4c286d0bb910c1d43de62808c6b45f72724c2e9fa848844f3d8029507b99f1f6e291363fb78e5fe66599de816aba82ecd1e32559e8e7adac3cbb0d49e64272f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 54a424421a7d26e236c7c6fcf435e759 |
| SHA1 | 103f85304081ca7fd0221ae6956b9beaa2bde537 |
| SHA256 | c686da75e158ad823a9f5ab6a68e14f8b228a946868b23cc5fecf59e7f9fcbd5 |
| SHA512 | e7869016e85ed8c158ca134ac333111a280164a2b2cd55f6a24562c1f14f55631d14c9a88b77f2930829f58fb12dbe9332e0cc7b79c0f9e8a61f5da6a9911f11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.93.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 9fbbf78eebefb16c40f38be8ae0ea431 |
| SHA1 | d96eaecfcd300427b9038d7e2c0231521580d707 |
| SHA256 | 906c92658111d63e1a53adaf13c1e75e76dc70b0d78d524f3c8d76861465ade4 |
| SHA512 | 890be27ddb814e790eddd1622595524072032b89bc13f2959ee5d122a695c8a2c749dd12dc4efd1182b2d803190f281e01d9d1d0048a23f6f4e2457925ec8b39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 64b6cd6becbb0a1684a0bc414510e1ae |
| SHA1 | 101387743631f2318172e0ae476590e522737bbe |
| SHA256 | 10d61fb7f7793a305179f0cbac673bf4ee433128c035d32a60978fc7e2ea9259 |
| SHA512 | 095e8aae3351e902f1ef24e2f48855b67fbe16bf4dd7be447c4b1a91a9ceff7865a652dd657d860a8ab6e9813db049c7135f812dcd10f67fbdd2f7b3772bef55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 917978246276ad76cafbc146afbaf365 |
| SHA1 | d60dcc81452669d00882c65db691f80a2db4740d |
| SHA256 | 39c16513b6d89db34114984fa6e1d3aaded4f22581b1ec153470642feec6ef0d |
| SHA512 | f6ea96558a3faabfd6c588c31aa417fa26b9b108323a502234350e295948c514d1528f2f424eba9bd36ca4562a1f3fd50a6e2d82b8f64076a065622b1c3c22ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ec97c7811802b74439b5d106fa02668b |
| SHA1 | f41ba5d20bf9d81cf870ab7abe7468e0d46449ea |
| SHA256 | 290c2e67311d88b84e3f5550ba4b5259a183f2270ec1bb1a4e7f70846d28d45c |
| SHA512 | f5f898a9a977e24fac7119163ef711a727610dfe2c5d6aedbf1ffce6263cd6fe4edd899bfd6725abaa4c2ac47a9876c6f6aad83f4794a12e5fd7a85d12d605be |
memory/5896-5076-0x00000000043B0000-0x00000000047B0000-memory.dmp
memory/5896-5077-0x00007FFE70B30000-0x00007FFE70D25000-memory.dmp
memory/5896-5079-0x0000000076850000-0x0000000076A65000-memory.dmp
memory/5996-5082-0x0000000002BD0000-0x0000000002FD0000-memory.dmp
memory/5996-5083-0x00007FFE70B30000-0x00007FFE70D25000-memory.dmp
memory/5996-5085-0x0000000076850000-0x0000000076A65000-memory.dmp
memory/4496-5093-0x000002200CB30000-0x000002200CB40000-memory.dmp
memory/4496-5087-0x000002200CAD0000-0x000002200CAE0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000123
| MD5 | 5734e133a619a6ae6ee21a6c00a95eba |
| SHA1 | 57c0ac17302d07bd4f968240098afe5ed53d4ad2 |
| SHA256 | d7a547581722aa055a7fb5b9912aebf3f3e928e1db3e5af9e54cf158cb4c4c4a |
| SHA512 | a881b689d0990693ef7feb11d55155a8fa63f94e870bfeb5c61edbb9a7891990bb920147b05d371d302f91c0562fb87f46d334afd70d1cba36228e41dcd5ec55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 582886083c22e43675b4985e95a86b05 |
| SHA1 | 6a200b67d0aeb5f52ce1e8a68fbe0868494b2387 |
| SHA256 | 1bcdf31b18ff88de2a1c086a9f906f8339054f05a91b3c263ed1eb909d1a7f2f |
| SHA512 | e35e290bf637c284c67ea2d98b059824d51fd48167bda64be324eed1364f2e3f82970245b4522434f79d8d4f4d2b5a10032acce4553c38f421a07c66a2b2a196 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | e1962f2d7066f13b8c17847565146280 |
| SHA1 | 88c58a9fca3a65d3123124f5b586304383a478f7 |
| SHA256 | 59fb45a64dcde329f4cc081431a27bf8201271baa886de27542274ea13d75030 |
| SHA512 | 3fab28f3f8293fbeb15831e14c898bfc86dd153e5e5f6c75e340750ee2ef2627e9f46f0bd10af26ea47327e920108508cb309fe2c04ef8c4631cf434392cfe34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 10a047141a63b215fb6b836daa2faf48 |
| SHA1 | b6c49aea55d5fb3519d63004f74bad727658f85b |
| SHA256 | 72aa0a0012a025b6964c0b2f162f14e8e48bb034c3bb3330ed461f1da8dfd30e |
| SHA512 | 36ff70dcfa9768951b1e5e2e593bab74ff578eb365d78b3943966a73f4aece5dccdaf36e8dd4753e95309bd6acf991f0d9c23be92b71c6defd26c55b766dd798 |