| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp word ptr [edi+ebx+02h], 0000h | 2_2_0043F080 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov ecx, eax | 2_2_0040B11D |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx edi, byte ptr [esp+ecx] | 2_2_0043D929 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov ecx, eax | 2_2_004269E0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp dword ptr [ebp+edx*8+00h], DA026237h | 2_2_00423257 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx esi, byte ptr [esp+edi+6ED1A348h] | 2_2_004382F0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp byte ptr [eax+edi+09h], 00000000h | 2_2_004382F0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx edi, byte ptr [esp+ecx] | 2_2_0043D357 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov eax, edx | 2_2_0040C404 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov byte ptr [edi], cl | 2_2_0042CD4D |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov word ptr [edi], ax | 2_2_0040C551 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx esi, byte ptr [esp+ecx+000001F0h] | 2_2_00415729 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx esi, byte ptr [esp+eax+000001F0h] | 2_2_00415729 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp dword ptr [ebx+edi*8], 344CE4E0h | 2_2_00415729 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov byte ptr [eax], cl | 2_2_0041C051 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then lea ebx, dword ptr [eax+eax] | 2_2_0041C051 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov byte ptr [edi], al | 2_2_0042D05A |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx ebx, byte ptr [eax+edx] | 2_2_0041F0E0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx ebx, byte ptr [edx] | 2_2_00435880 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov byte ptr [edi], al | 2_2_0042D0AE |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx eax, byte ptr [esp+esi] | 2_2_0043B910 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov word ptr [eax], cx | 2_2_004221E0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov word ptr [eax], cx | 2_2_004221E0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then jmp eax | 2_2_0043E1F4 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx ebp, byte ptr [esp+edi+0Ah] | 2_2_0041C980 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx esi, byte ptr [esp+ecx-67h] | 2_2_00425986 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx ebx, byte ptr [edx] | 2_2_0041B18C |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp dword ptr [edi+esi*8], 4B1BF3DAh | 2_2_0041499B |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx edx, byte ptr [esp+edi] | 2_2_0041499B |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp dword ptr [esi+edx*8], 0827F28Dh | 2_2_0041499B |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp dword ptr [ecx+esi*8], 37A3DD63h | 2_2_0041499B |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov word ptr [eax], cx | 2_2_00429241 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp byte ptr [esi+ebx], 00000000h | 2_2_0042AAE0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp dword ptr [ebx+edi*8], 4B1BF3DAh | 2_2_00438AE0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov byte ptr [edx], bl | 2_2_004092A0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov ecx, eax | 2_2_004092A0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov edx, ecx | 2_2_0042B3C0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx esi, byte ptr [esp+ecx-3A8FE122h] | 2_2_00419BE0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp dword ptr [edi+esi*8], 385488F2h | 2_2_00419BE0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp dword ptr [ebx+edx*8], 11A82DE9h | 2_2_00419BE0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then jmp eax | 2_2_00428BFE |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx eax, word ptr [ebp+00h] | 2_2_00439459 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx esi, byte ptr [esp+eax+000001F0h] | 2_2_00415C3B |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp dword ptr [ebx+edi*8], 344CE4E0h | 2_2_00415C3B |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov word ptr [eax], cx | 2_2_00429241 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx edi, byte ptr [ebp+esi-2Ch] | 2_2_0043DCE7 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then jmp eax | 2_2_00424C80 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov ebx, dword ptr [edi+04h] | 2_2_0042A4B0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov word ptr [eax], cx | 2_2_00422540 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx ecx, word ptr [edi+esi*4] | 2_2_00407500 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov edx, ecx | 2_2_00438D10 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp dword ptr [edi+ebp*8], 6E87DD67h | 2_2_00438D10 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp dword ptr [edx+edi*8], 31E2A9F4h | 2_2_00438D10 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then test eax, eax | 2_2_00438D10 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp edx, esi | 2_2_00438D10 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov ecx, eax | 2_2_0041B5DD |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov word ptr [esi], ax | 2_2_0041D5EC |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx ebx, bx | 2_2_0042459E |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then cmp cl, 0000002Eh | 2_2_00426E50 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov byte ptr [edi], cl | 2_2_00426E50 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov byte ptr [edi], al | 2_2_0042C62D |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov word ptr [esi], ax | 2_2_0041D603 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov byte ptr [edi], al | 2_2_0042C62F |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov byte ptr [edi], al | 2_2_0042DE30 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then movzx edx, byte ptr [esp+eax-1Eh] | 2_2_004096A0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 4x nop then mov edi, ecx | 2_2_0041BF5D |
| Source: Aura.exe, 00000002.00000002.3511215128.000000000336C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://147.45.47.81/conhost.exe |
| Source: Aura.exe, 00000002.00000002.3511215128.000000000336C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://147.45.47.81/conhost.exeS |
| Source: Aura.exe | String found in binary or memory: http://aia.entrust.net/ts1-chain256.cer01 |
| Source: Aura.exe, 00000002.00000003.1815244598.0000000005B50000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0 |
| Source: Aura.exe, 00000002.00000003.1815244598.0000000005B50000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B |
| Source: Aura.exe | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0 |
| Source: Aura.exe | String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
| Source: Aura.exe | String found in binary or memory: http://crl.entrust.net/2048ca.crl0 |
| Source: Aura.exe | String found in binary or memory: http://crl.entrust.net/ts1ca.crl0 |
| Source: Aura.exe, 00000002.00000003.1815244598.0000000005B50000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0 |
| Source: Aura.exe, 00000002.00000003.1815244598.0000000005B50000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07 |
| Source: Aura.exe, 00000002.00000003.1815244598.0000000005B50000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0= |
| Source: Aura.exe | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S |
| Source: Aura.exe | String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
| Source: Aura.exe, 00000002.00000003.1815244598.0000000005B50000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00 |
| Source: Aura.exe | String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0 |
| Source: Aura.exe, 00000002.00000003.1815244598.0000000005B50000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0? |
| Source: Aura.exe | String found in binary or memory: http://ocsp.digicert.com0 |
| Source: Aura.exe | String found in binary or memory: http://ocsp.digicert.com0A |
| Source: Aura.exe | String found in binary or memory: http://ocsp.entrust.net02 |
| Source: Aura.exe | String found in binary or memory: http://ocsp.entrust.net03 |
| Source: Aura.exe, 00000002.00000003.1815244598.0000000005B50000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://ocsp.rootca1.amazontrust.com0: |
| Source: Aura.exe, 00000002.00000002.3511215128.000000000336C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/acco |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/account/cookiepreferences/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/privacy_agreement/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000002.3511215128.000000000336C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://store.steampowered.com/subscriber_agreement/ |
| Source: Aura.exe | String found in binary or memory: http://www.digicert.com/CPS0 |
| Source: Aura.exe | String found in binary or memory: http://www.entrust.net/rpa03 |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: http://www.valvesoftware.com/legal.htm |
| Source: Aura.exe, 00000002.00000003.1815244598.0000000005B50000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.c.lencr.org/0 |
| Source: Aura.exe, 00000002.00000003.1815244598.0000000005B50000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: http://x1.i.lencr.org/0 |
| Source: Aura.exe, 00000002.00000003.1767549116.0000000005B69000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1766979070.0000000005B6B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ac.ecosia.org/autocomplete?q= |
| Source: Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://avatars.fastly.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg |
| Source: Aura.exe, 00000002.00000003.1816553901.0000000005B2E000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417. |
| Source: Aura.exe, 00000002.00000003.1841956357.0000000005B2C000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1842228400.0000000005B2C000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1839023378.0000000005B2B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta |
| Source: Aura.exe, 00000002.00000003.1767549116.0000000005B69000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1766979070.0000000005B6B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= |
| Source: Aura.exe, 00000002.00000003.1767549116.0000000005B69000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1766979070.0000000005B6B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search |
| Source: Aura.exe, 00000002.00000003.1767549116.0000000005B69000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1766979070.0000000005B6B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= |
| Source: Aura.exe, 00000002.00000003.1739501843.000000000337A000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/applications/community/main.css?v=Lj6X7NKUMfzk&a |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/globalv2.css?v=hzEgqbtRcI5V&l=english&_c |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/promo/summer2017/stickers.css?v=Ncr6N09yZIap& |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/header.css?v=EM4kCu67DNda&l=english&a |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/modalContent.css?v=WXAusLHclDIt&l=eng |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/css/skin_1/profilev2.css?v=fe66ET2uI50l&l=englis |
| Source: Aura.exe, 00000002.00000003.1739501843.000000000337A000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/images/skin_1/arrowDn9x5.gif |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1 |
| Source: Aura.exe, 00000002.00000003.1739501843.000000000337A000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6 |
| Source: Aura.exe, 00000002.00000003.1739501843.000000000337A000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/main.js?v=_92TWn81 |
| Source: Aura.exe, 00000002.00000003.1739501843.000000000337A000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/applications/community/manifest.js?v=FRRi |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/global.js?v=jWc2JLWHx5Kn&l=english&am |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=gQHVlrK4-jX-&l |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/modalContent.js?v=uqf5ttWTRe7l&l=engl |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/modalv2.js?v=zBXEuexVQ0FZ&l=english&a |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/profile.js?v=GeQ6v03mWpAc&l=english&a |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/promo/stickers.js?v=CcLRHsa04otQ&l=en |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/prototype-1.7.js?v=npJElBnrEO6W&l=eng |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/reportedcontent.js?v=-lZqrarogJr8&l=e |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=pbdAKOcDIgbC |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/javascript/webui/clientcom.js?v=oOCAGrkRfpQ6&l=e |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/buttons.css?v=qhQgyjWi6LgJ&l=english& |
| Source: Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/motiva_sans.css?v=-yZgCk0Nu7kH&l=engl |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/shared_global.css?v=wuA4X_n5-mo0&l=en |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/css/shared_responsive.css?v=JL1e4uQSrVGe& |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016 |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/header_logo.png |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/auth_refresh.js?v=w6QbwI-5-j2S& |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/shared_global.js?v=Gr6TbGRvDtNE&am |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v=tvQ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://community.fastly.steamstatic.com/public/shared/javascript/tooltip.js?v=QYkT4eS5mbTN&l=en |
| Source: Aura.exe, 00000002.00000003.1816553901.0000000005B2E000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpg |
| Source: Aura.exe, 00000002.00000003.1841956357.0000000005B2C000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1842228400.0000000005B2C000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1839023378.0000000005B2B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg |
| Source: Aura.exe, 00000002.00000003.1767549116.0000000005B69000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1766979070.0000000005B6B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/ac/?q= |
| Source: Aura.exe, 00000002.00000003.1767549116.0000000005B69000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1766979070.0000000005B6B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/chrome_newtab |
| Source: Aura.exe, 00000002.00000003.1767549116.0000000005B69000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1766979070.0000000005B6B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://help.steampowered.com/en/ |
| Source: Aura.exe, 00000002.00000003.1841956357.0000000005B2C000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1842228400.0000000005B2C000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1839023378.0000000005B2B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIX |
| Source: Aura.exe, 00000002.00000003.1816553901.0000000005B2E000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi |
| Source: Aura.exe, 00000002.00000003.1739584373.00000000033B8000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000002.3511433189.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.2531562354.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739501843.0000000003382000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/ |
| Source: Aura.exe, 00000002.00000003.2531148527.00000000033B7000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000002.3511215128.00000000033B7000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.2531674049.00000000033B7000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com//:O |
| Source: Aura.exe, 00000002.00000003.1739584373.00000000033D5000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.2531562354.00000000033F2000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.2531148527.00000000033D5000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000002.3511215128.000000000336C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/api |
| Source: Aura.exe, 00000002.00000002.3511433189.00000000033F4000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.2531562354.00000000033F2000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.2531148527.00000000033D5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/api1 |
| Source: Aura.exe, 00000002.00000003.1739584373.00000000033D5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/apib |
| Source: Aura.exe, 00000002.00000002.3511433189.00000000033F4000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.2531562354.00000000033F2000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.2531148527.00000000033D5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/apil |
| Source: Aura.exe, 00000002.00000002.3511215128.000000000336C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/apimv |
| Source: Aura.exe, 00000002.00000002.3511433189.0000000003415000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.2531562354.0000000003415000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/pi |
| Source: Aura.exe, 00000002.00000003.1739584373.00000000033B8000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/pi( |
| Source: Aura.exe, 00000002.00000003.1863854855.0000000003417000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://lev-tolstoi.com/r |
| Source: Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/?subsection=broadcasts |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/discussions/ |
| Source: Aura.exe, 00000002.00000003.1739584373.00000000033D5000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/dn.c |
| Source: Aura.exe, 00000002.00000002.3511215128.000000000336C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.or |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org |
| Source: Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900 |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/market/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/my/wishlist/ |
| Source: Aura.exe, 00000002.00000003.1739501843.0000000003382000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900 |
| Source: Aura.exe, 00000002.00000003.1739501843.000000000337A000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/badges |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/76561199724331900/inventory/ |
| Source: Aura.exe, 00000002.00000003.1739501843.0000000003382000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/profiles/765611997243319007 |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://steamcommunity.com/workshop/ |
| Source: Aura.exe, 00000002.00000002.3511215128.000000000336C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampower |
| Source: Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/ |
| Source: Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/about/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/explore/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/legal/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/mobile |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/news/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/points/shop/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/privacy_agreement/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/stats/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/steam_refunds/ |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://store.steampowered.com/subscriber_agreement/ |
| Source: Aura.exe, 00000002.00000003.1769020508.0000000005BC5000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.microsof |
| Source: Aura.exe, 00000002.00000003.1816181771.0000000005C4B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br |
| Source: Aura.exe, 00000002.00000003.1816181771.0000000005C4B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.mozilla.org/products/firefoxgro.all |
| Source: Aura.exe, 00000002.00000003.1792800080.0000000005B77000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1792942781.0000000005B77000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1769020508.0000000005BC3000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1769094742.0000000005B77000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016 |
| Source: Aura.exe, 00000002.00000003.1769094742.0000000005B52000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples |
| Source: Aura.exe, 00000002.00000003.1792800080.0000000005B77000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1792942781.0000000005B77000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1769020508.0000000005BC3000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1769094742.0000000005B77000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17 |
| Source: Aura.exe, 00000002.00000003.1769094742.0000000005B52000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install |
| Source: Aura.exe, 00000002.00000003.1841956357.0000000005B2C000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1842228400.0000000005B2C000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1839023378.0000000005B2B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94 |
| Source: Aura.exe, 00000002.00000003.1767549116.0000000005B69000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1766979070.0000000005B6B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.ecosia.org/newtab/ |
| Source: Aura.exe | String found in binary or memory: https://www.entrust.net/rpa0 |
| Source: Aura.exe, 00000002.00000003.1816553901.0000000005B2E000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.expedia.com/?locale=en_US&siteid=1&semcid=US.UB.ADMARKETPLACE.GT-C-EN.HOTEL&SEMDTL=a1219 |
| Source: Aura.exe, 00000002.00000003.1767549116.0000000005B69000.00000004.00000800.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1766979070.0000000005B6B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico |
| Source: Aura.exe, 00000002.00000003.1816181771.0000000005C4B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.VsJpOAWrHqB2 |
| Source: Aura.exe, 00000002.00000003.1816181771.0000000005C4B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.n0g9CLHwD9nR |
| Source: Aura.exe, 00000002.00000003.1816181771.0000000005C4B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox |
| Source: Aura.exe, 00000002.00000003.1816181771.0000000005C4B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig |
| Source: Aura.exe, 00000002.00000003.1816181771.0000000005C4B000.00000004.00000800.00020000.00000000.sdmp | String found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www. |
| Source: Aura.exe, 00000002.00000003.1739457082.000000000340D000.00000004.00000020.00020000.00000000.sdmp, Aura.exe, 00000002.00000003.1739487855.0000000003410000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 0_2_000A1000 | 0_2_000A1000 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 0_2_000AF555 | 0_2_000AF555 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 0_2_000C7792 | 0_2_000C7792 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 0_2_000C5C5E | 0_2_000C5C5E |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 0_2_000B9CC0 | 0_2_000B9CC0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 0_2_000B3FB2 | 0_2_000B3FB2 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_000A1000 | 2_2_000A1000 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_000AF555 | 2_2_000AF555 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_000C7792 | 2_2_000C7792 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_000C5C5E | 2_2_000C5C5E |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_000B9CC0 | 2_2_000B9CC0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_000B3FB2 | 2_2_000B3FB2 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00438000 | 2_2_00438000 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004120A0 | 2_2_004120A0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0040B11D | 2_2_0040B11D |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004269E0 | 2_2_004269E0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0040E1FA | 2_2_0040E1FA |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043F1A0 | 2_2_0043F1A0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004219B0 | 2_2_004219B0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00423257 | 2_2_00423257 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004382F0 | 2_2_004382F0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043FB30 | 2_2_0043FB30 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00422C3F | 2_2_00422C3F |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043B4D0 | 2_2_0043B4D0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00408680 | 2_2_00408680 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0042BF5D | 2_2_0042BF5D |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00415729 | 2_2_00415729 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0041C051 | 2_2_0041C051 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0042F856 | 2_2_0042F856 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004038C0 | 2_2_004038C0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004058D0 | 2_2_004058D0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004260E0 | 2_2_004260E0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00428882 | 2_2_00428882 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0041E080 | 2_2_0041E080 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004210B0 | 2_2_004210B0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0042C8BC | 2_2_0042C8BC |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0042BF5D | 2_2_0042BF5D |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00408680 | 2_2_00408680 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00418968 | 2_2_00418968 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043E970 | 2_2_0043E970 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043B910 | 2_2_0043B910 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004471CB | 2_2_004471CB |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0041C980 | 2_2_0041C980 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0041499B | 2_2_0041499B |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0041D9A0 | 2_2_0041D9A0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00429241 | 2_2_00429241 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00432A40 | 2_2_00432A40 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0040AA50 | 2_2_0040AA50 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00404270 | 2_2_00404270 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00424200 | 2_2_00424200 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043EA20 | 2_2_0043EA20 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00415230 | 2_2_00415230 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00406290 | 2_2_00406290 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004092A0 | 2_2_004092A0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0042D2B3 | 2_2_0042D2B3 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043EAB0 | 2_2_0043EAB0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0042DB4C | 2_2_0042DB4C |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00402B20 | 2_2_00402B20 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00419BE0 | 2_2_00419BE0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00429BE1 | 2_2_00429BE1 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0040FB82 | 2_2_0040FB82 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00404BA0 | 2_2_00404BA0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0041E3A0 | 2_2_0041E3A0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00439459 | 2_2_00439459 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00424460 | 2_2_00424460 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0042846C | 2_2_0042846C |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043BC30 | 2_2_0043BC30 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00415C3B | 2_2_00415C3B |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043F4C0 | 2_2_0043F4C0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00429241 | 2_2_00429241 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00427CD5 | 2_2_00427CD5 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043DCE7 | 2_2_0043DCE7 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00411480 | 2_2_00411480 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0041DC80 | 2_2_0041DC80 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00427C8F | 2_2_00427C8F |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00422540 | 2_2_00422540 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0042A550 | 2_2_0042A550 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00411D74 | 2_2_00411D74 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00423D78 | 2_2_00423D78 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00407500 | 2_2_00407500 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00438D10 | 2_2_00438D10 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0041ADD0 | 2_2_0041ADD0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0041E5E0 | 2_2_0041E5E0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00418D9F | 2_2_00418D9F |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00436DBA | 2_2_00436DBA |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0042EE4B | 2_2_0042EE4B |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00426E50 | 2_2_00426E50 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0040EE60 | 2_2_0040EE60 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043EE60 | 2_2_0043EE60 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00424600 | 2_2_00424600 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00428E34 | 2_2_00428E34 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00402EC0 | 2_2_00402EC0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004376E0 | 2_2_004376E0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_004096A0 | 2_2_004096A0 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00416745 | 2_2_00416745 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0042CF46 | 2_2_0042CF46 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043E700 | 2_2_0043E700 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00406720 | 2_2_00406720 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_00408F20 | 2_2_00408F20 |
| Source: C:\Users\user\Desktop\Aura.exe | Code function: 2_2_0043F7C0 | 2_2_0043F7C0 |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\prefs.js | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopg | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoa | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkld | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolaf | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\oeljdldpnmdbchonielidgobddfffla | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfci | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjeh | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemg | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhae | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\key4.db | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliof | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmon | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcm | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ilgcnhelpchnceeipipijaljkblbcob | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjh | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\abogmiocnneedmmepnohnhlijcjpcifd | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflc | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbg | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahd | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhk | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgn | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifb | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgk | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkd | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For Account | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnf | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihd | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcje | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaoc | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdaf | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cert9.db | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkm | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\formhistory.sqlite | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbic | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoadd | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhi | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeap | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihoh | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbn | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\logins.json | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilc | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclg | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchh | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoa | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfdd | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpak | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpo | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgpp | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblb | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbch | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbm | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfe | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklk | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdma | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdil | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnkno | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncg | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcob | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnba | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddfffla | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcge | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgik | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhad | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgef | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbb | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkp | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data | Jump to behavior |
| Source: C:\Users\user\Desktop\Aura.exe | File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcellj | Jump to behavior |
Edit tour
Aura.exe (PID: 7348 cmdline: 
conhost.exe (PID: 7356 cmdline: 
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node