Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'MicrosoftFixDrive' = '%LOCALAPPDATA%\Packages\Adobe.Photoshop_pLF9FvKMBF7Qk\AppData\AdobeARM.exe'
- %LOCALAPPDATA%\packages\adobe.photoshop_plf9fvkmbf7qk\appdata\adobearm.exe
- nul
- %LOCALAPPDATA%\packages\adobe.photoshop_plf9fvkmbf7qk\appdata\adobearm.exe
- '17#.#32.7.102':443
- '10.##4.1.188':30294
- 'localhost':30294
- '13#.#8.46.71':30294
- '22#.#3.27.175':38233
- '46.#7.96.99':33457
- '46.#7.96.99':30602
- '10#.#9.95.146':33348
- '10#.#9.95.146':24603
- '10#.#9.95.125':39386
- '10#.#9.95.146':57817
- 'microsoft.com':80
- '11#.#82.225.81':38233
- '11#.#82.251.114':38233
- 'localhost':51399
- '22#.#6.84.55':51399
- '96.#.1.245':35506
- '<LOCALNET>.56.1':4001
- '<LOCALNET>.0.27':4001
- '16#.#54.57.70':4001
- '16#.#54.130.11':4001
- '22#.#3.27.204':38233
- '11#.#82.225.107':38233
- '11#.#82.227.138':38233
- '22#.#3.28.114':38233
- 'localhost':52286
- '<LOCALNET>.0.128':41857
- '46.##9.21.179':37989
- '22#.#8.174.181':37112
- '13#.#81.1.95':4001
- '13#.#81.1.95':7920
- 'localhost':57628
- '61.##.44.134':57628
- 'localhost':34374
- '10#.#2.232.98':34374
- '18#.#63.95.161':35766
- '17#.17.0.3':4001
- '14#.#5.84.162':1025
- 'localhost':39713
- '21#.#02.66.209':39713
- 'localhost':59078
- '21#.#3.103.81':59078
- 'localhost':52923
- '42.#.65.24':52923
- '10.#44.4.71':30530
- 'localhost':30530
- '13#.#8.47.189':30530
- 'localhost':58308
- '18#.#55.84.74':58308
- 'localhost':35945
- '<LOCALNET>.0.101':35945
- '92.##.246.21':35945
- '11#.#82.250.170':38233
- '22#.#3.27.143':38233
- '11#.#53.194.223':52286
- '22#.#3.24.156':38233
- 'localhost':38233
- '11#.#82.226.95':38233
- '11#.#46.123.20':41584
- '22#.#8.64.223':33535
- 'localhost':48661
- '<LOCALNET>.10.2':48661
- '84.##2.12.186':48661
- 'localhost':46513
- '75.##8.244.78':46513
- '18#.#7.145.55':4001
- '10.##3.108.25':4001
- '15#.#15.57.115':4001
- 'localhost':41584
- 'localhost':33445
- '11#.48.86.1':33445
- '12#.#05.171.225':41857
- '<LOCALNET>.1.100':52530
- 'localhost':52530
- '5.##.63.53':52530
- 'localhost':4019
- '13#.#4.165.176':4019
- 'localhost':40869
- '10#.#0.80.110':40869
- '78.#5.48.2':7837
- '12#.#51.110.209':4001
- '17#.#68.1.208':43116
- '22#.#27.26.108':43116
- 'localhost':37112
- 'localhost':37989
- 'localhost':41857
- 'localhost':41508
- 'localhost':33535
- 'localhost':31831
- '10.##4.6.179':31831
- '15#.#5.71.229':31831
- 'localhost':35214
- '58.##3.152.31':35214
- '10.##4.3.224':31004
- 'localhost':31004
- '13#.#8.45.10':31004
- '58.##.205.109':4001
- 'localhost':60626
- '10#.#05.232.203':60626
- 'localhost':32052
- '10.##4.7.119':32052
- '15#.#5.96.114':32052
- 'localhost':41195
- '11#.#37.15.75':41195
- 'localhost':50945
- '22#.#7.20.64':50945
- '54.##1.131.39':4001
- 'localhost':31075
- '10.##4.3.224':31075
- '13#.#8.45.10':31075
- '17#.23.0.3':4001
- '13#.#09.209.133':1028
- '22#.#6.205.238':41508
- '87.##8.107.76':36743
- '16#.#27.24.133':30296
- 'localhost':38345
- '14#.#5.109.29':4001
- 'localhost':51819
- '5.##.196.92':51819
- '18#.#31.153.99':4001
- '17#.17.0.2':4001
- '18#.#31.153.99':1028
- '<LOCALNET>.255.20':37514
- 'localhost':37514
- '22#.#71.37.221':37514
- '51.##.253.127':4001
- '19#.#0.215.6':4001
- '58.##3.29.144':51360
- '15#.#5.96.40':32283
- 'localhost':49632
- '83.##6.236.51':49632
- 'localhost':31573
- '10.#44.5.72':31573
- '15#.#5.108.245':31573
- '<LOCALNET>.0.60':4001
- '<LOCALNET>.0.60':4002
- '3.##.27.231':4001
- '75.##9.157.207':4001
- 'localhost':33733
- '<LOCALNET>.1.100':33733
- 'localhost':43255
- '68.##2.26.117':4017
- '42.##8.86.60':56307
- 'localhost':37789
- '18#.#62.224.16':37789
- 'localhost':51465
- '<LOCALNET>.1.70':51465
- '58.##3.203.147':51465
- '21#.#42.27.237':4001
- '18#.#21.214.88':4001
- 'localhost':40824
- '11#.#12.154.226':40824
- 'localhost':46976
- 'localhost':42610
- 'localhost':39809
- 'localhost':48901
- '<LOCALNET>.68.106':4001
- '<LOCALNET>.86.30':51360
- 'localhost':51360
- 'localhost':32283
- '10.##4.5.213':32283
- 'localhost':8081
- '11#.#6.140.243':4001
- '21#.#05.209.183':46976
- '19#.#27.172.169':4001
- '12#.#54.106.233':42610
- '11#.#46.52.146':39809
- '21#.#30.201.238':48901
- '11#.#46.122.8':33733
- '11#.#96.218.229':43255
- '<LOCALNET>.1.129':4001
- '10#.#6.73.129':64766
- '49.##8.100.115':64766
- '69.##7.17.217':45129
- '10#.#3.77.52':4001
- '24.##.242.67':40977
- '<LOCALNET>.0.3':4001
- '16#.254.0.1':4001
- 'localhost':36710
- '20#.#10.78.121':36710
- '10.##4.3.224':31033
- 'localhost':31033
- '13#.#8.45.10':31033
- '19#.#63.154.185':4001
- '<LOCALNET>.1.12':4001
- 'localhost':46522
- '58.##3.203.180':39690
- '11#.#92.29.248':46522
- 'localhost':43225
- '17#.#95.254.165':43225
- 'localhost':30750
- '10.##4.1.114':30750
- '13#.#97.207.75':30750
- '17#.19.0.2':4001
- '95.##1.192.120':1024
- '52.##.200.215':4001
- 'localhost':38013
- '10#.#43.157.195':38013
- '11#.#49.56.111':38345
- 'localhost':43116
- 'localhost':39690
- '11#.#4.75.212':1210
- '17#.24.0.3':4001
- 'localhost':33935
- '18#.#3.207.61':33935
- '45.##1.107.93':4001
- '14#.#5.195.153':4001
- '46.#7.96.99':14597
- '10#.#9.95.125':15079
- '10#.#9.95.146':62681
- 'localhost':41142
- '11#.#19.147.251':41142
- 'localhost':46594
- '22#.#46.166.201':46594
- 'localhost':40795
- '21#.#44.184.71':40795
- 'localhost':34986
- '37.##0.58.194':34986
- 'localhost':39125
- '11#.#95.230.122':39125
- '54.##5.159.67':4001
- '19#.#27.172.169':4006
- '21#.#31.77.26':12956
- '<LOCALNET>.20.41':4001
- '21#.#31.76.153':12956
- 'localhost':47518
- '<LOCALNET>.16.15':47518
- 'localhost':36743
- '11#.#5.15.197':4001
- '10#.#9.95.146':57717
- '<LOCALNET>.1.49':54022
- '94.##.253.86':55846
- 'localhost':46087
- '11#.#46.55.236':46087
- 'lu##osi.de':4002
- 'lu##osi.de':4001
- '<LOCALNET>.35.25':4001
- '39.##5.65.82':51086
- 'localhost':52023
- '20#.#86.133.92':52023
- '16#.#72.254.24':35523
- '16#.#72.254.24':4001
- '<LOCALNET>.100.10':55846
- 'localhost':55846
- '18#.#8.238.68':65037
- '10.#44.5.72':31504
- 'localhost':31504
- '15#.#5.108.245':31504
- 'localhost':32001
- '10.##4.7.119':32001
- '15#.#5.96.114':32001
- 'localhost':4002
- '16#.#79.91.8':4001
- '35.##5.132.165':4001
- '17#.18.0.15':4001
- '<LOCALNET>.0.100':44421
- 'ch#####.amazonaws.com':80
- '31.##8.148.4':37389
- 'localhost':31842
- '10.##4.6.179':31842
- '15#.#5.71.229':31842
- 'localhost':32023
- '10.##4.7.119':32023
- '15#.#5.96.114':32023
- 'localhost':38910
- '21#.#30.145.236':38910
- '17#.25.0.2':4001
- '18#.#40.253.87':6981
- '74.##8.94.102':4001
- 'localhost':42713
- '42.#.101.98':42713
- 'localhost':49647
- '22#.#8.251.78':49647
- '95.##6.29.105':4001
- '17#.18.0.2':4001
- '47.##1.71.107':4001
- '10.#.0.9':4001
- '18#.#19.32.250':1064
- '17#.20.7.5':4001
- 'localhost':38595
- '20#.#18.84.26':38595
- '17#.21.0.2':4001
- '34.##1.148.59':4001
- '95.##6.229.53':4001
- 'localhost':44421
- 'localhost':32065
- '10.##4.7.119':32065
- '15#.#5.96.114':32065
- '17#.#32.7.102':50093
- 'if##nfig.io':80
- 'ic###azip.com':443
- 'di#####tic.opendns.com':80
- '54.##5.30.139':31781
- 'my####rnalip.com':443
- 'sp###test.net':80
- '10.##4.1.114':30775
- 'localhost':30775
- '13#.#97.207.75':30775
- '18#.#94.76.219':50093
- 'localhost':50093
- '21#.#28.146.125':4001
- 'id##t.me':80
- '22#.#24.66.80':59048
- 'localhost':59048
- '<LOCALNET>.68.114':59048
- 'localhost':4001
- '45.#3.48.33':4001
- 'ew###.##otstrap.libp2p.io':4001
- 'nr###.##otstrap.libp2p.io':4001
- 'am###.##otstrap.libp2p.io':4001
- 'sj###.##otstrap.libp2p.io':4001
- '14#.#5.70.221':4001
- '10#.#31.131.82':4001
- '12#.#.207.250':4001
- 'localhost':37389
- 'wh#####yip.akamai.com':80
- '<LOCALNET>.66.137':4001
- 'my##.#nsomatic.com':80
- 'localhost':33479
- '46.##1.26.158':33479
- 'localhost':37192
- '12#.#86.87.220':37192
- '84.##6.231.34':4001
- '<LOCALNET>.1.166':4001
- 'localhost':30309
- '16#.#27.24.133':30309
- 'localhost':37853
- '59.#6.0.136':37853
- '3.###.40.212':4001
- '18#.#3.108.254':4001
- 'localhost':6745
- '14#.#5.49.71':6745
- '17#.65.0.13':4011
- '13#.#48.161.122':4001
- '14#.#44.184.158':4001
- 'sp###test.net':443
- '16#.#32.172.23':4001
- '14.#7.86.56':4001
- 'di#####tic.opendns.com':443
- 'localhost':45898
- '12#.#68.202.36':45898
- '85.##.232.199':4001
- '54.##.33.214':4001
- 'localhost':45273
- '10.##4.6.179':31840
- '21#.#12.28.169':52722
- '17#.18.0.7':4001
- '88.##.173.103':41891
- '12#.#0.176.76':4001
- 'localhost':30335
- '10.##4.1.188':30335
- '13#.#8.46.71':30335
- '49.##6.118.221':60427
- '<LOCALNET>.0.12':4001
- '86.##.193.194':44792
- 'localhost':53654
- '42.##.218.172':53654
- '67.##5.159.18':4001
- '88.##.173.103':4001
- 'localhost':30827
- '10.##4.1.114':30827
- '13#.#97.207.75':30827
- 'localhost':40771
- '17#.#10.205.29':40771
- 'localhost':58711
- '18#.#13.253.29':58711
- 'localhost':58031
- 'localhost':32284
- '10.##4.5.213':32284
- '16#.#8.97.137':1024
- 'localhost':44410
- '12#.#24.214.5':48025
- '58.##2.139.68':54022
- '15#.#5.71.229':31840
- '14#.#1.78.73':4001
- 'localhost':33627
- '17#.#8.200.31':4001
- '19#.#49.137.252':42388
- 'localhost':46391
- 'localhost':42388
- 'localhost':33813
- 'localhost':33061
- '51.##2.80.219':4001
- '18#.#3.239.242':33627
- '18#.#19.121.202':4001
- '11#.#11.0.43':4001
- '10#.#30.120.119':4001
- '54.##2.175.171':4001
- '19#.#49.137.252':46391
- '20#.#89.194.99':33813
- '22#.#12.22.30':33061
- '16#.#43.174.46':4002
- '16#.#43.174.46':4001
- 'localhost':43299
- '11#.#7.141.223':43299
- 'localhost':30254
- '16#.#27.24.133':30254
- 'localhost':54022
- 'localhost':32285
- '22#.#33.21.245':44410
- '10.##4.5.213':32285
- 'localhost':60704
- 'localhost':32020
- '21#.#5.222.189':65533
- '10.##4.6.112':31329
- '<LOCALNET>.10.2':48571
- 'localhost':48571
- 'localhost':38501
- 'localhost':30777
- '10.##4.1.114':30777
- 'localhost':4009
- '17#.17.0.1':4001
- '10.#28.0.27':4001
- '10.#6.0.30':4001
- '21#.#21.183.128':46647
- '22#.#6.169.91':46275
- '<LOCALNET>.0.17':4001
- '17#.#4.155.205':37515
- '12#.#32.1.228':45273
- '17#.#21.243.41':55779
- '15#.#5.110.234':31329
- '31.##3.7.117':48571
- '89.##2.231.141':38501
- '13#.#97.207.75':30777
- '13#.#4.165.176':4009
- '34.#0.26.9':4001
- '34.##.165.113':4001
- 'localhost':52722
- 'localhost':48025
- 'localhost':31840
- '17#.#21.243.41':4001
- 'localhost':37515
- 'localhost':31329
- '10.##4.7.119':32020
- 'localhost':37892
- '13#.#25.8.109':4001
- 'localhost':30048
- '10.##4.0.226':30048
- '18#.#27.250.13':4001
- '13#.#5.17.171':58031
- '34.##5.148.84':4001
- '15#.#5.96.40':32284
- '16#.#8.97.137':4001
- '15#.#5.96.40':32285
- '<LOCALNET>.32.150':4001
- '61.##.116.58':60704
- '15#.#5.96.114':32020
- '60.##9.83.164':37892
- '11#.#22.12.177':4001
- '10#.#48.243.115':4001
- '13#.#25.8.109':15347
- '16#.#9.160.76':30048
- 'localhost':46647
- '<LOCALNET>.68.109':39495
- 'localhost':39495
- 'localhost':46275
- '<LOCALNET>.1.60':4001
- '<LOCALNET>.1.208':45273
- 'localhost':30296
- http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
- http://sp###test.net/speedtest-config.php
- http://di#####tic.opendns.com/myip
- http://my##.#nsomatic.com/
- http://wh#####yip.akamai.com/
- http://id##t.me/
- http://if##nfig.io/ip
- http://ch#####.amazonaws.com/
- '17#.#32.7.102':443
- '10#.#9.95.146':33348
- '46.##9.21.179':37989
- '18#.#55.84.74':58308
- '42.#.65.24':52923
- '21#.#3.103.81':59078
- '21#.#02.66.209':39713
- '18#.#63.95.161':35766
- '20#.#10.78.121':36710
- '61.##.44.134':57628
- '22#.#8.174.181':37112
- '68.##2.26.117':4017
- '11#.#49.56.111':38345
- '10#.#43.157.195':38013
- '17#.#95.254.165':43225
- '11#.#92.29.248':46522
- '69.##7.17.217':45129
- '10#.#9.95.125':39386
- '10#.#9.95.146':24603
- '13#.#81.1.95':4001
- '19#.#63.154.185':4001
- '22#.#6.84.55':51399
- '5.##.63.53':52530
- '15#.#15.57.115':4001
- '11#.48.86.1':33445
- '11#.#46.123.20':41584
- '18#.#7.145.55':4001
- '75.##8.244.78':46513
- '84.##2.12.186':48661
- '22#.#8.64.223':33535
- '12#.#05.171.225':41857
- '22#.#6.205.238':41508
- '22#.#7.20.64':50945
- '11#.#37.15.75':41195
- '10#.#05.232.203':60626
- '58.##3.152.31':35214
- '58.##.205.109':4001
- '11#.#53.194.223':52286
- '78.#5.48.2':7837
- '10#.#9.95.146':57817
- '22#.#6.169.91':46275
- '24.##.242.67':40977
- '60.##9.83.164':37892
- '5.##.196.92':51819
- '19#.#27.172.169':4001
- '14#.#5.109.29':4001
- '42.##8.86.60':56307
- '58.##3.29.144':51360
- '11#.#6.140.243':4001
- '12#.#54.106.233':42610
- '87.##8.107.76':36743
- '21#.#05.209.183':46976
- '11#.#5.15.197':4001
- '11#.#46.52.146':39809
- '11#.#12.154.226':40824
- '18#.#21.214.88':4001
- '21#.#42.27.237':4001
- '58.##3.203.147':51465
- '18#.#31.153.99':4001
- '51.##.253.127':4001
- '22#.#71.37.221':37514
- '19#.#0.215.6':4001
- '11#.#96.218.229':43255
- '58.##3.203.180':39690
- '19#.#27.172.169':4006
- '21#.#31.77.26':12956
- '37.##0.58.194':34986
- '21#.#44.184.71':40795
- '10#.#9.95.146':62681
- '10#.#9.95.125':15079
- '22#.#27.26.108':43116
- '14#.#5.195.153':4001
- '13#.#4.165.176':4019
- '45.##1.107.93':4001
- '18#.#3.207.61':33935
- '11#.#46.122.8':33733
- '75.##9.157.207':4001
- '3.##.27.231':4001
- '83.##6.236.51':49632
- '20#.#86.133.92':52023
- '11#.#19.147.251':41142
- '11#.#4.75.212':1210
- '49.##8.100.115':64766
- '10#.#9.95.146':57717
- '86.##.193.194':44792
- '14#.#1.78.73':4001
- '16#.#32.172.23':4001
- '3.###.40.212':4001
- '84.##6.231.34':4001
- '16#.#27.24.133':30309
- '59.#6.0.136':37853
- '46.##1.26.158':33479
- '16#.#79.91.8':4001
- '35.##5.132.165':4001
- '16#.#72.254.24':4001
- '18#.#8.238.68':65037
- '39.##5.65.82':51086
- 'lu##osi.de':4001
- 'lu##osi.de':4002
- '94.##.253.86':55846
- '11#.#46.55.236':46087
- '18#.#3.108.254':4001
- '13#.#48.161.122':4001
- '14#.#5.49.71':6745
- '14#.#44.184.158':4001
- '17#.65.0.13':4011
- '22#.#24.66.80':59048
- '10#.#31.131.82':4001
- 'am###.##otstrap.libp2p.io':4001
- 'ew###.##otstrap.libp2p.io':4001
- 'sj###.##otstrap.libp2p.io':4001
- '14#.#5.70.221':4001
- 'nr###.##otstrap.libp2p.io':4001
- '45.#3.48.33':4001
- '95.##6.29.105':4001
- '18#.#62.224.16':37789
- '21#.#28.146.125':4001
- 'my####rnalip.com':443
- 'ic###azip.com':443
- '85.##.232.199':4001
- '54.##5.30.139':31781
- '54.##.33.214':4001
- 'di#####tic.opendns.com':443
- 'sp###test.net':443
- '<DNS_SERVER>':53
- '18#.#94.76.219':50093
- '21#.#30.201.238':48901
- '14.#7.86.56':4001
- '21#.#30.145.236':38910
- '88.##.173.103':4001
- '67.##5.159.18':4001
- '58.##2.139.68':54022
- '16#.#27.24.133':30254
- '16#.#43.174.46':4001
- '11#.#7.141.223':43299
- '12#.#68.202.36':45898
- '20#.#89.194.99':33813
- '51.##2.80.219':4001
- '19#.#49.137.252':46391
- '19#.#49.137.252':42388
- '54.##2.175.171':4001
- '10#.#30.120.119':4001
- '18#.#19.121.202':4001
- '22#.#12.22.30':33061
- '42.##.218.172':53654
- '18#.#3.239.242':33627
- '12#.#0.176.76':4001
- '49.##6.118.221':60427
- '22#.#33.21.245':44410
- '17#.#10.205.29':40771
- '12#.#.207.250':4001
- '21#.#12.28.169':52722
- '12#.#24.214.5':48025
- '89.##2.231.141':38501
- '17#.#4.155.205':37515
- '31.##3.7.117':48571
- '22#.#8.251.78':49647
- '13#.#4.165.176':4009
- '42.#.101.98':42713
- '12#.#32.1.228':45273
- '17#.#21.243.41':4001
- '10#.#48.243.115':4001
- '13#.#25.8.109':4001
- '16#.#8.97.137':4001
- '18#.#27.250.13':4001
- '11#.#22.12.177':4001
- '18#.#40.253.87':6981
- '18#.#13.253.29':58711
- '21#.#21.183.128':46647
- '16#.#27.24.133':30296
- DNS ASK _d######.bootstrap.libp2p.io
- DNS ASK id##t.me
- DNS ASK my##.#nsomatic.com
- DNS ASK wh#####yip.akamai.com
- DNS ASK ch#####.amazonaws.com
- DNS ASK if##nfig.io
- DNS ASK my####rnalip.com
- DNS ASK sp###test.net
- DNS ASK ic###azip.com
- DNS ASK di#####tic.opendns.com
- DNS ASK ew###.##otstrap.libp2p.io
- DNS ASK nr###.##otstrap.libp2p.io
- DNS ASK am###.##otstrap.libp2p.io
- DNS ASK sj###.##otstrap.libp2p.io
- DNS ASK _d######.#wr-1.bootstrap.libp2p.io
- DNS ASK _d######.#rt-1.bootstrap.libp2p.io
- DNS ASK _d######.#jc-1.bootstrap.libp2p.io
- DNS ASK _d######.#ms-2.bootstrap.libp2p.io
- DNS ASK lu##osi.de
- DNS ASK microsoft.com
- '%LOCALAPPDATA%\packages\adobe.photoshop_plf9fvkmbf7qk\appdata\adobearm.exe'
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -NoExit -Command -' (with hidden window)
- '<SYSTEM32>\windowspowershell\v1.0\powershell.exe' -NoExit -Command -