Create Arechclient2.txt

strings_dump/Arechclient2.txt

@@ -0,0 +1,153 @@
+SELECT * FROM Win32_DiskDrive 
+SerialNumber
+-
+77.73.133.83
+15647
+09.01 #2
+True
+https://pastebin.com/raw/NdY0fAXm
+p8Ga5rmzt0SWaIMgO1D9P2eA/on1sj+MugV7SZOjq/c=
+Receive
+Type
+ReceiveEncryptionStatus
+Software\Microsoft\Windows\CurrentVersion\Policies\System
+ConsentPromptBehaviorAdmin
+0
+Status
+On
+%USERPROFILE%\AppData\Local\Battle.net
+        %USERPROFILE%\AppData\Local\Chromium\User Data
+        %USERPROFILE%\AppData\Local\Google\Chrome\User Data
+        %USERPROFILE%\AppData\Local\Google(x86)\Chrome\User Data
+        %USERPROFILE%\AppData\Roaming\Opera Software\
+        %USERPROFILE%\AppData\Local\MapleStudio\ChromePlus\User Data
+        %USERPROFILE%\AppData\Local\Iridium\User Data
+        %USERPROFILE%\AppData\Local\7Star\7Star\User Data
+        %USERPROFILE%\AppData\Local\CentBrowser\User Data
+        %USERPROFILE%\AppData\Local\Chedot\User Data
+        %USERPROFILE%\AppData\Local\Vivaldi\User Data
+        %USERPROFILE%\AppData\Local\Kometa\User Data
+        %USERPROFILE%\AppData\Local\Elements Browser\User Data
+        %USERPROFILE%\AppData\Local\Epic Privacy Browser\User Data
+        %USERPROFILE%\AppData\Local\uCozMedia\Uran\User Data
+        %USERPROFILE%\AppData\Local\Fenrir Inc\Sleipnir5\setting\modules\ChromiumViewer
+        %USERPROFILE%\AppData\Local\CatalinaGroup\Citrio\User Data
+        %USERPROFILE%\AppData\Local\Coowon\Coowon\User Data
+        %USERPROFILE%\AppData\Local\liebao\User Data
+        %USERPROFILE%\AppData\Local\QIP Surf\User Data
+        %USERPROFILE%\AppData\Local\Orbitum\User Data
+        %USERPROFILE%\AppData\Local\Comodo\Dragon\User Data
+        %USERPROFILE%\AppData\Local\Amigo\User\User Data
+        %USERPROFILE%\AppData\Local\Torch\User Data
+        %USERPROFILE%\AppData\Local\Yandex\YandexBrowser\User Data
+        %USERPROFILE%\AppData\Local\Comodo\User Data
+        %USERPROFILE%\AppData\Local\360Browser\Browser\User Data
+        %USERPROFILE%\AppData\Local\Maxthon3\User Data
+        %USERPROFILE%\AppData\Local\K-Melon\User Data
+        %USERPROFILE%\AppData\Local\Sputnik\Sputnik\User Data
+        %USERPROFILE%\AppData\Local\Nichrome\User Data
+        %USERPROFILE%\AppData\Local\CocCoc\Browser\User Data
+        %USERPROFILE%\AppData\Local\Uran\User Data
+        %USERPROFILE%\AppData\Local\Chromodo\User Data
+        %USERPROFILE%\AppData\Local\Mail.Ru\Atom\User Data
+        %USERPROFILE%\AppData\Local\BraveSoftware\Brave-Browser\User Data
+        %USERPROFILE%\AppData\Local\Microsoft\Edge\User Data
+        %USERPROFILE%\AppData\Local\NVIDIA Corporation\NVIDIA GeForce Experience
+        %USERPROFILE%\AppData\Local\Steam
+        %USERPROFILE%\AppData\Local\CryptoTab Browser\User Data
+        %USERPROFILE%\AppData\Roaming\Mozilla\Firefox
+        %USERPROFILE%\AppData\Roaming\Waterfox
+        %USERPROFILE%\AppData\Roaming\K-Meleon
+        %USERPROFILE%\AppData\Roaming\Thunderbird
+        %USERPROFILE%\AppData\Roaming\Comodo\IceDragon
+        %USERPROFILE%\AppData\Roaming\8pecxstudios\Cyberfox
+        %USERPROFILE%\AppData\Roaming\NETGATE Technologies\BlackHaw
+        %USERPROFILE%\AppData\Roaming\Moonchild Productions\Pale Moon      
+Yandex\YaAddon
+ ||| 
+x64
+SOFTWARE\Microsoft\Windows NT\CurrentVersion
+ProductName
+CSDVersion
+SOFTWARE\WOW6432Node\Clients\StartMenuInternet
+shell\open\command
+"
+FileSystem
+SELECT * FROM Win32_Processor
+Name
+NumberOfCores
+root\CIMV2
+SELECT * FROM Win32_VideoController
+AdapterRAM
+0 Mb or 0
+SELECT * FROM Win32_OperatingSystem
+{0}{1}{2}
+Login Data
+Web Data
+Cookies
+Opera GX Stable
+AppData\Roaming\
+_[
+]
+\
+(
+UNIQUE
+Network\
+f2f279c5-e59e-4bc9-8709-ab92ee395ecb99
+.
+1
+windows-1251
+bcrypt.dll
+AES
+Microsoft Primitive Provider
+ChainingModeGCM
+BCryptOpenAlgorithmProvider
+ChainingMode
+BCryptSetProperty
+ObjectLength
+BCryptGetProperty
+KeyDataBlob
+BCryptImportKey
+AuthTagLength
+BCryptDecrypt
+BCryptDestroyKey
+BCryptCloseAlgorithmProvider
+cmedit_cards
+MANGO
+SELECT * FROM Win32_Process Where SessionId='
+ [
+MetaC
+%localappdata%\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
+ChainC
+%localappdata%\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
+TronC
+%localappdata%\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
+CBitC
+%localappdata%\Google\Chrome\User Data\Default\Local Extension Settings\ckpaelocniggkheibcacecnmmlmeodfa
+MetaB
+%localappdata%\BraveSoftware\Brave-Browser\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
+ChainB
+%localappdata%\BraveSoftware\Brave-Browser\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
+TronB
+%localappdata%\BraveSoftware\Brave-Browser\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
+CBitB
+%localappdata%\BraveSoftware\Brave-Browser\User Data\Default\Local Extension Settings\ckpaelocniggkheibcacecnmmlmeodfa
+AtomL
+%appdata%\atomic
+ExodL
+%appdata%\exodus
+ElectrL
+%appdata%\electrum
+DaedL
+%appdata%\Daedalus Mainnet\
+NONE
+http://eth0.me
+{"Type":"ConnectionType","ConnectionType":"Client","SessionID":"
+","BotName":"
+","BuildID":"
+","BotOS":"
+SELECT Caption FROM Win32_OperatingSystem
+Caption
+","URLData":"
+","UIP":"
+"}