Analysis Overview
SHA256
eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200
Threat Level: Known bad
The file eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200 was found to be: Known bad.
Malicious Activity Summary
Cerber
Executes dropped EXE
Adds policy Run key to start application
Drops startup file
Checks computer location settings
Reads user/profile data of web browsers
Deletes itself
Loads dropped DLL
JavaScript code in executable
Looks up external IP address via web service
Checks whether UAC is enabled
Adds Run key to start application
Sets desktop wallpaper using registry
Drops file in Windows directory
Drops file in Program Files directory
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious use of FindShellTrayWindow
Modifies Control Panel
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Kills process with taskkill
Runs ping.exe
Suspicious use of UnmapMainImage
Modifies Internet Explorer settings
Suspicious behavior: MapViewOfSection
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V6
Analysis: static1
Detonation Overview
Reported
2020-11-09 20:51
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2020-11-09 20:51
Reported
2020-11-11 02:25
Platform
win7v20201028
Max time kernel
151s
Max time network
126s
Command Line
Signatures
Cerber
Adds policy Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run = "\"C:\\Users\\Admin\\AppData\\Roaming\\{886FFC81-3F92-2114-B483-51AF935A6426}\\label.exe\"" | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run = "\"C:\\Users\\Admin\\AppData\\Roaming\\{886FFC81-3F92-2114-B483-51AF935A6426}\\label.exe\"" | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
Deletes itself
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\cmd.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\label.lnk | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\label.lnk | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\Run\label = "\"C:\\Users\\Admin\\AppData\\Roaming\\{886FFC81-3F92-2114-B483-51AF935A6426}\\label.exe\"" | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\label = "\"C:\\Users\\Admin\\AppData\\Roaming\\{886FFC81-3F92-2114-B483-51AF935A6426}\\label.exe\"" | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\Run | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\Run\label = "\"C:\\Users\\Admin\\AppData\\Roaming\\{886FFC81-3F92-2114-B483-51AF935A6426}\\label.exe\"" | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\label = "\"C:\\Users\\Admin\\AppData\\Roaming\\{886FFC81-3F92-2114-B483-51AF935A6426}\\label.exe\"" | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Windows\CurrentVersion\Run | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
JavaScript code in executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ip-api.com | N/A | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\AppData\\Local\\Temp\\tmpEABC.bmp" | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BLANK.ONE | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\# DECRYPT MY FILES #.html | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\# DECRYPT MY FILES #.txt | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\# DECRYPT MY FILES #.vbs | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\PLANNERS.ONE | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNote-PipelineConfig.xml | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\SendToOneNote.ini | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\ACADEMIC.ONE | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\BUSINESS.ONE | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\# DECRYPT MY FILES #.url | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Stationery\DESIGNER.ONE | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\# DECRYPT MY FILES #.txt | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\# DECRYPT MY FILES #.html | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\# DECRYPT MY FILES #.url | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft Office\Office14\OneNote\# DECRYPT MY FILES #.vbs | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
Modifies Control Panel
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Control Panel\Desktop\SCRNSAVE.EXE = "\"C:\\Users\\Admin\\AppData\\Roaming\\{886FFC81-3F92-2114-B483-51AF935A6426}\\label.exe\"" | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Control Panel\Desktop | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Control Panel\Desktop\SCRNSAVE.EXE = "\"C:\\Users\\Admin\\AppData\\Roaming\\{886FFC81-3F92-2114-B483-51AF935A6426}\\label.exe\"" | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Control Panel\Desktop | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\IETld\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000033044fc40189d459fe40d0e3dcc9b660000000002000000000010660000000100002000000067b6528ca88719b76f85c3c2b49375bb7f9a75e201e0463169466d41d583ddda000000000e800000000200002000000047929e15c5f74961b376aa5becd6a492cc00cc5a3e7795af624f75415e955dd020000000248f4e7181c1ec6972f210203abf3a58fd3101f59358b3177a045bbe4133ec50400000007a8b5727bac8b96604eb2458ca81f17317fafd52f1cbe0db539b5664009413e8472c64fc885e3242d889f293b43062ed98fc08ae06ee452c18dd8411552eec98 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Zoom | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{DFE36871-23CC-11EB-824D-DA78EDA9FF87} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000033044fc40189d459fe40d0e3dcc9b6600000000020000000000106600000001000020000000ed1f1c4724e7a67a35aac3b644cfa4df2b26ea6af75f054e3c6bfed1ef64bdff000000000e80000000020000200000001df813aca2b22aad98a737eddccd775625b1f90a68411dd1db3b67a46d473a439000000088f52463729cc38653a781985c1d4bc0d19c1826a82f4e5ccd868f28485a439775c7da11ea42ac7375237eba508466a38d66ff3b8264e4443bbef423bcd58b035434a51a98430ec33010d4a0d62dd563c2ac9f29238585bb297ef4b15adb41bfcfc0f04d53a922f7f296f1ba0a0e280b4bfe54e34db00d052f348d11a2b41372a982ddf5349ae8047ab229109fda89d7400000004ae3c5bf330a0bb9325e42c2d2e17b6d326ca8e3852df384e170b78203795d90f7bcdbf9a5f410cf9006e66c0a3a5d0015f5f73684dafab3c5cfaeb1ecbe67b0 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\InternetRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\LowRegistry | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60adcea5d9b7d601 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\PageSetup | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\IntelliForms | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-293278959-2699126792-324916226-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Runs ping.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Windows\system32\PING.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\system32\taskkill.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of UnmapMainImage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe
"C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe"
C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe
"C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe"
C:\Windows\SysWOW64\cmd.exe
/d /c taskkill /t /f /im "eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe" > NUL & ping -n 1 127.0.0.1 > NUL & del "C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe" > NUL
C:\Windows\SysWOW64\taskkill.exe
taskkill /t /f /im "eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe"
C:\Windows\SysWOW64\PING.EXE
ping -n 1 127.0.0.1
C:\Windows\system32\taskeng.exe
taskeng.exe {6D867B8F-2028-4D54-9209-CC703B567974} S-1-5-21-293278959-2699126792-324916226-1000:TUICJFPF\Admin:Interactive:[1]
C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe
C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Desktop\# DECRYPT MY FILES #.html
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\# DECRYPT MY FILES #.txt
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1720 CREDAT:275457 /prefetch:2
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\# DECRYPT MY FILES #.vbs"
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{3F6B5E16-092A-41ED-930B-0B4125D91D4E}
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x450
C:\Windows\system32\cmd.exe
/d /c taskkill /t /f /im "label.exe" > NUL & ping -n 1 127.0.0.1 > NUL & del "C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe" > NUL
C:\Windows\system32\taskkill.exe
taskkill /t /f /im "label.exe"
C:\Windows\system32\PING.EXE
ping -n 1 127.0.0.1
Network
| Country | Destination | Domain | Proto |
| N/A | 8.8.8.8:53 | ip-api.com | udp |
| N/A | 208.95.112.1:80 | ip-api.com | tcp |
| N/A | 31.184.234.0:6892 | udp | |
| N/A | 31.184.234.1:6892 | udp | |
| N/A | 31.184.234.2:6892 | udp | |
| N/A | 31.184.234.3:6892 | udp | |
| N/A | 31.184.234.4:6892 | udp | |
| N/A | 31.184.234.5:6892 | udp | |
| N/A | 31.184.234.6:6892 | udp | |
| N/A | 31.184.234.7:6892 | udp | |
| N/A | 31.184.234.8:6892 | udp | |
| N/A | 31.184.234.9:6892 | udp | |
| N/A | 31.184.234.10:6892 | udp | |
| N/A | 31.184.234.11:6892 | udp | |
| N/A | 31.184.234.12:6892 | udp | |
| N/A | 31.184.234.13:6892 | udp | |
| N/A | 31.184.234.14:6892 | udp | |
| N/A | 31.184.234.15:6892 | udp | |
| N/A | 31.184.234.16:6892 | udp | |
| N/A | 31.184.234.17:6892 | udp | |
| N/A | 31.184.234.18:6892 | udp | |
| N/A | 31.184.234.19:6892 | udp | |
| N/A | 31.184.234.20:6892 | udp | |
| N/A | 31.184.234.21:6892 | udp | |
| N/A | 31.184.234.22:6892 | udp | |
| N/A | 31.184.234.23:6892 | udp | |
| N/A | 31.184.234.24:6892 | udp | |
| N/A | 31.184.234.25:6892 | udp | |
| N/A | 31.184.234.26:6892 | udp | |
| N/A | 31.184.234.27:6892 | udp | |
| N/A | 31.184.234.28:6892 | udp | |
| N/A | 31.184.234.29:6892 | udp | |
| N/A | 31.184.234.30:6892 | udp | |
| N/A | 31.184.234.31:6892 | udp | |
| N/A | 31.184.234.32:6892 | udp | |
| N/A | 31.184.234.33:6892 | udp | |
| N/A | 31.184.234.34:6892 | udp | |
| N/A | 31.184.234.35:6892 | udp | |
| N/A | 31.184.234.36:6892 | udp | |
| N/A | 31.184.234.37:6892 | udp | |
| N/A | 31.184.234.38:6892 | udp | |
| N/A | 31.184.234.39:6892 | udp | |
| N/A | 31.184.234.40:6892 | udp | |
| N/A | 31.184.234.41:6892 | udp | |
| N/A | 31.184.234.42:6892 | udp | |
| N/A | 31.184.234.43:6892 | udp | |
| N/A | 31.184.234.44:6892 | udp | |
| N/A | 31.184.234.45:6892 | udp | |
| N/A | 31.184.234.46:6892 | udp | |
| N/A | 31.184.234.47:6892 | udp | |
| N/A | 31.184.234.48:6892 | udp | |
| N/A | 31.184.234.49:6892 | udp | |
| N/A | 31.184.234.50:6892 | udp | |
| N/A | 31.184.234.51:6892 | udp | |
| N/A | 31.184.234.52:6892 | udp | |
| N/A | 31.184.234.53:6892 | udp | |
| N/A | 31.184.234.54:6892 | udp | |
| N/A | 31.184.234.55:6892 | udp | |
| N/A | 31.184.234.56:6892 | udp | |
| N/A | 31.184.234.57:6892 | udp | |
| N/A | 31.184.234.58:6892 | udp | |
| N/A | 31.184.234.59:6892 | udp | |
| N/A | 31.184.234.60:6892 | udp | |
| N/A | 31.184.234.61:6892 | udp | |
| N/A | 31.184.234.62:6892 | udp | |
| N/A | 31.184.234.63:6892 | udp | |
| N/A | 31.184.234.64:6892 | udp | |
| N/A | 31.184.234.65:6892 | udp | |
| N/A | 31.184.234.66:6892 | udp | |
| N/A | 31.184.234.67:6892 | udp | |
| N/A | 31.184.234.68:6892 | udp | |
| N/A | 31.184.234.69:6892 | udp | |
| N/A | 31.184.234.70:6892 | udp | |
| N/A | 31.184.234.71:6892 | udp | |
| N/A | 31.184.234.72:6892 | udp | |
| N/A | 31.184.234.73:6892 | udp | |
| N/A | 31.184.234.74:6892 | udp | |
| N/A | 31.184.234.75:6892 | udp | |
| N/A | 31.184.234.76:6892 | udp | |
| N/A | 31.184.234.77:6892 | udp | |
| N/A | 31.184.234.78:6892 | udp | |
| N/A | 31.184.234.79:6892 | udp | |
| N/A | 31.184.234.80:6892 | udp | |
| N/A | 31.184.234.81:6892 | udp | |
| N/A | 31.184.234.82:6892 | udp | |
| N/A | 31.184.234.83:6892 | udp | |
| N/A | 31.184.234.84:6892 | udp | |
| N/A | 31.184.234.85:6892 | udp | |
| N/A | 31.184.234.86:6892 | udp | |
| N/A | 31.184.234.87:6892 | udp | |
| N/A | 31.184.234.88:6892 | udp | |
| N/A | 31.184.234.89:6892 | udp | |
| N/A | 31.184.234.90:6892 | udp | |
| N/A | 31.184.234.91:6892 | udp | |
| N/A | 31.184.234.92:6892 | udp | |
| N/A | 31.184.234.93:6892 | udp | |
| N/A | 31.184.234.94:6892 | udp | |
| N/A | 31.184.234.95:6892 | udp | |
| N/A | 31.184.234.96:6892 | udp | |
| N/A | 31.184.234.97:6892 | udp | |
| N/A | 31.184.234.98:6892 | udp | |
| N/A | 31.184.234.99:6892 | udp | |
| N/A | 31.184.234.100:6892 | udp | |
| N/A | 31.184.234.101:6892 | udp | |
| N/A | 31.184.234.102:6892 | udp | |
| N/A | 31.184.234.103:6892 | udp | |
| N/A | 31.184.234.104:6892 | udp | |
| N/A | 31.184.234.105:6892 | udp | |
| N/A | 31.184.234.106:6892 | udp | |
| N/A | 31.184.234.107:6892 | udp | |
| N/A | 31.184.234.108:6892 | udp | |
| N/A | 31.184.234.109:6892 | udp | |
| N/A | 31.184.234.110:6892 | udp | |
| N/A | 31.184.234.111:6892 | udp | |
| N/A | 31.184.234.112:6892 | udp | |
| N/A | 31.184.234.113:6892 | udp | |
| N/A | 31.184.234.114:6892 | udp | |
| N/A | 31.184.234.115:6892 | udp | |
| N/A | 31.184.234.116:6892 | udp | |
| N/A | 31.184.234.117:6892 | udp | |
| N/A | 31.184.234.118:6892 | udp | |
| N/A | 31.184.234.119:6892 | udp | |
| N/A | 31.184.234.120:6892 | udp | |
| N/A | 31.184.234.121:6892 | udp | |
| N/A | 31.184.234.122:6892 | udp | |
| N/A | 31.184.234.123:6892 | udp | |
| N/A | 31.184.234.124:6892 | udp | |
| N/A | 31.184.234.125:6892 | udp | |
| N/A | 31.184.234.126:6892 | udp | |
| N/A | 31.184.234.127:6892 | udp | |
| N/A | 31.184.234.128:6892 | udp | |
| N/A | 31.184.234.129:6892 | udp | |
| N/A | 31.184.234.130:6892 | udp | |
| N/A | 31.184.234.131:6892 | udp | |
| N/A | 31.184.234.132:6892 | udp | |
| N/A | 31.184.234.133:6892 | udp | |
| N/A | 31.184.234.134:6892 | udp | |
| N/A | 31.184.234.135:6892 | udp | |
| N/A | 31.184.234.136:6892 | udp | |
| N/A | 31.184.234.137:6892 | udp | |
| N/A | 31.184.234.138:6892 | udp | |
| N/A | 31.184.234.139:6892 | udp | |
| N/A | 31.184.234.140:6892 | udp | |
| N/A | 31.184.234.141:6892 | udp | |
| N/A | 31.184.234.142:6892 | udp | |
| N/A | 31.184.234.143:6892 | udp | |
| N/A | 31.184.234.144:6892 | udp | |
| N/A | 31.184.234.145:6892 | udp | |
| N/A | 31.184.234.146:6892 | udp | |
| N/A | 31.184.234.147:6892 | udp | |
| N/A | 31.184.234.148:6892 | udp | |
| N/A | 31.184.234.149:6892 | udp | |
| N/A | 31.184.234.150:6892 | udp | |
| N/A | 31.184.234.151:6892 | udp | |
| N/A | 31.184.234.152:6892 | udp | |
| N/A | 31.184.234.153:6892 | udp | |
| N/A | 31.184.234.154:6892 | udp | |
| N/A | 31.184.234.155:6892 | udp | |
| N/A | 31.184.234.156:6892 | udp | |
| N/A | 31.184.234.157:6892 | udp | |
| N/A | 31.184.234.158:6892 | udp | |
| N/A | 31.184.234.159:6892 | udp | |
| N/A | 31.184.234.160:6892 | udp | |
| N/A | 31.184.234.161:6892 | udp | |
| N/A | 31.184.234.162:6892 | udp | |
| N/A | 31.184.234.163:6892 | udp | |
| N/A | 31.184.234.164:6892 | udp | |
| N/A | 31.184.234.165:6892 | udp | |
| N/A | 31.184.234.166:6892 | udp | |
| N/A | 31.184.234.167:6892 | udp | |
| N/A | 31.184.234.168:6892 | udp | |
| N/A | 31.184.234.169:6892 | udp | |
| N/A | 31.184.234.170:6892 | udp | |
| N/A | 31.184.234.171:6892 | udp | |
| N/A | 31.184.234.172:6892 | udp | |
| N/A | 31.184.234.173:6892 | udp | |
| N/A | 31.184.234.174:6892 | udp | |
| N/A | 31.184.234.175:6892 | udp | |
| N/A | 31.184.234.176:6892 | udp | |
| N/A | 31.184.234.177:6892 | udp | |
| N/A | 31.184.234.178:6892 | udp | |
| N/A | 31.184.234.179:6892 | udp | |
| N/A | 31.184.234.180:6892 | udp | |
| N/A | 31.184.234.181:6892 | udp | |
| N/A | 31.184.234.182:6892 | udp | |
| N/A | 31.184.234.183:6892 | udp | |
| N/A | 31.184.234.184:6892 | udp | |
| N/A | 31.184.234.185:6892 | udp | |
| N/A | 31.184.234.186:6892 | udp | |
| N/A | 31.184.234.187:6892 | udp | |
| N/A | 31.184.234.188:6892 | udp | |
| N/A | 31.184.234.189:6892 | udp | |
| N/A | 31.184.234.190:6892 | udp | |
| N/A | 31.184.234.191:6892 | udp | |
| N/A | 31.184.234.192:6892 | udp | |
| N/A | 31.184.234.193:6892 | udp | |
| N/A | 31.184.234.194:6892 | udp | |
| N/A | 31.184.234.195:6892 | udp | |
| N/A | 31.184.234.196:6892 | udp | |
| N/A | 31.184.234.197:6892 | udp | |
| N/A | 31.184.234.198:6892 | udp | |
| N/A | 31.184.234.199:6892 | udp | |
| N/A | 31.184.234.200:6892 | udp | |
| N/A | 31.184.234.201:6892 | udp | |
| N/A | 31.184.234.202:6892 | udp | |
| N/A | 31.184.234.203:6892 | udp | |
| N/A | 31.184.234.204:6892 | udp | |
| N/A | 31.184.234.205:6892 | udp | |
| N/A | 31.184.234.206:6892 | udp | |
| N/A | 31.184.234.207:6892 | udp | |
| N/A | 31.184.234.208:6892 | udp | |
| N/A | 31.184.234.209:6892 | udp | |
| N/A | 31.184.234.210:6892 | udp | |
| N/A | 31.184.234.211:6892 | udp | |
| N/A | 31.184.234.212:6892 | udp | |
| N/A | 31.184.234.213:6892 | udp | |
| N/A | 31.184.234.214:6892 | udp | |
| N/A | 31.184.234.215:6892 | udp | |
| N/A | 31.184.234.216:6892 | udp | |
| N/A | 31.184.234.217:6892 | udp | |
| N/A | 31.184.234.218:6892 | udp | |
| N/A | 31.184.234.219:6892 | udp | |
| N/A | 31.184.234.220:6892 | udp | |
| N/A | 31.184.234.221:6892 | udp | |
| N/A | 31.184.234.222:6892 | udp | |
| N/A | 31.184.234.223:6892 | udp | |
| N/A | 31.184.234.224:6892 | udp | |
| N/A | 31.184.234.225:6892 | udp | |
| N/A | 31.184.234.226:6892 | udp | |
| N/A | 31.184.234.227:6892 | udp | |
| N/A | 31.184.234.228:6892 | udp | |
| N/A | 31.184.234.229:6892 | udp | |
| N/A | 31.184.234.230:6892 | udp | |
| N/A | 31.184.234.231:6892 | udp | |
| N/A | 31.184.234.232:6892 | udp | |
| N/A | 31.184.234.233:6892 | udp | |
| N/A | 31.184.234.234:6892 | udp | |
| N/A | 31.184.234.235:6892 | udp | |
| N/A | 31.184.234.236:6892 | udp | |
| N/A | 31.184.234.237:6892 | udp | |
| N/A | 31.184.234.238:6892 | udp | |
| N/A | 31.184.234.239:6892 | udp | |
| N/A | 31.184.234.240:6892 | udp | |
| N/A | 31.184.234.241:6892 | udp | |
| N/A | 31.184.234.242:6892 | udp | |
| N/A | 31.184.234.243:6892 | udp | |
| N/A | 31.184.234.244:6892 | udp | |
| N/A | 31.184.234.245:6892 | udp | |
| N/A | 31.184.234.246:6892 | udp | |
| N/A | 31.184.234.247:6892 | udp | |
| N/A | 31.184.234.248:6892 | udp | |
| N/A | 31.184.234.249:6892 | udp | |
| N/A | 31.184.234.250:6892 | udp | |
| N/A | 31.184.234.251:6892 | udp | |
| N/A | 31.184.234.252:6892 | udp | |
| N/A | 31.184.234.253:6892 | udp | |
| N/A | 31.184.234.254:6892 | udp | |
| N/A | 31.184.234.255:6892 | udp | |
| N/A | 31.184.235.0:6892 | udp | |
| N/A | 31.184.235.1:6892 | udp | |
| N/A | 31.184.235.2:6892 | udp | |
| N/A | 31.184.235.3:6892 | udp | |
| N/A | 31.184.235.4:6892 | udp | |
| N/A | 31.184.235.5:6892 | udp | |
| N/A | 31.184.235.6:6892 | udp | |
| N/A | 31.184.235.7:6892 | udp | |
| N/A | 31.184.235.8:6892 | udp | |
| N/A | 31.184.235.9:6892 | udp | |
| N/A | 31.184.235.10:6892 | udp | |
| N/A | 31.184.235.11:6892 | udp | |
| N/A | 31.184.235.12:6892 | udp | |
| N/A | 31.184.235.13:6892 | udp | |
| N/A | 31.184.235.14:6892 | udp | |
| N/A | 31.184.235.15:6892 | udp | |
| N/A | 31.184.235.16:6892 | udp | |
| N/A | 31.184.235.17:6892 | udp | |
| N/A | 31.184.235.18:6892 | udp | |
| N/A | 31.184.235.19:6892 | udp | |
| N/A | 31.184.235.20:6892 | udp | |
| N/A | 31.184.235.21:6892 | udp | |
| N/A | 31.184.235.22:6892 | udp | |
| N/A | 31.184.235.23:6892 | udp | |
| N/A | 31.184.235.24:6892 | udp | |
| N/A | 31.184.235.25:6892 | udp | |
| N/A | 31.184.235.26:6892 | udp | |
| N/A | 31.184.235.27:6892 | udp | |
| N/A | 31.184.235.28:6892 | udp | |
| N/A | 31.184.235.29:6892 | udp | |
| N/A | 31.184.235.30:6892 | udp | |
| N/A | 31.184.235.31:6892 | udp | |
| N/A | 31.184.235.32:6892 | udp | |
| N/A | 31.184.235.33:6892 | udp | |
| N/A | 31.184.235.34:6892 | udp | |
| N/A | 31.184.235.35:6892 | udp | |
| N/A | 31.184.235.36:6892 | udp | |
| N/A | 31.184.235.37:6892 | udp | |
| N/A | 31.184.235.38:6892 | udp | |
| N/A | 31.184.235.39:6892 | udp | |
| N/A | 31.184.235.40:6892 | udp | |
| N/A | 31.184.235.41:6892 | udp | |
| N/A | 31.184.235.42:6892 | udp | |
| N/A | 31.184.235.43:6892 | udp | |
| N/A | 31.184.235.44:6892 | udp | |
| N/A | 31.184.235.45:6892 | udp | |
| N/A | 31.184.235.46:6892 | udp | |
| N/A | 31.184.235.47:6892 | udp | |
| N/A | 31.184.235.48:6892 | udp | |
| N/A | 31.184.235.49:6892 | udp | |
| N/A | 31.184.235.50:6892 | udp | |
| N/A | 31.184.235.51:6892 | udp | |
| N/A | 31.184.235.52:6892 | udp | |
| N/A | 31.184.235.53:6892 | udp | |
| N/A | 31.184.235.54:6892 | udp | |
| N/A | 31.184.235.55:6892 | udp | |
| N/A | 31.184.235.56:6892 | udp | |
| N/A | 31.184.235.57:6892 | udp | |
| N/A | 31.184.235.58:6892 | udp | |
| N/A | 31.184.235.59:6892 | udp | |
| N/A | 31.184.235.60:6892 | udp | |
| N/A | 31.184.235.61:6892 | udp | |
| N/A | 31.184.235.62:6892 | udp | |
| N/A | 31.184.235.63:6892 | udp | |
| N/A | 31.184.235.64:6892 | udp | |
| N/A | 31.184.235.65:6892 | udp | |
| N/A | 31.184.235.66:6892 | udp | |
| N/A | 31.184.235.67:6892 | udp | |
| N/A | 31.184.235.68:6892 | udp | |
| N/A | 31.184.235.69:6892 | udp | |
| N/A | 31.184.235.70:6892 | udp | |
| N/A | 31.184.235.71:6892 | udp | |
| N/A | 31.184.235.72:6892 | udp | |
| N/A | 31.184.235.73:6892 | udp | |
| N/A | 31.184.235.74:6892 | udp | |
| N/A | 31.184.235.75:6892 | udp | |
| N/A | 31.184.235.76:6892 | udp | |
| N/A | 31.184.235.77:6892 | udp | |
| N/A | 31.184.235.78:6892 | udp | |
| N/A | 31.184.235.79:6892 | udp | |
| N/A | 31.184.235.80:6892 | udp | |
| N/A | 31.184.235.81:6892 | udp | |
| N/A | 31.184.235.82:6892 | udp | |
| N/A | 31.184.235.83:6892 | udp | |
| N/A | 31.184.235.84:6892 | udp | |
| N/A | 31.184.235.85:6892 | udp | |
| N/A | 31.184.235.86:6892 | udp | |
| N/A | 31.184.235.87:6892 | udp | |
| N/A | 31.184.235.88:6892 | udp | |
| N/A | 31.184.235.89:6892 | udp | |
| N/A | 31.184.235.90:6892 | udp | |
| N/A | 31.184.235.91:6892 | udp | |
| N/A | 31.184.235.92:6892 | udp | |
| N/A | 31.184.235.93:6892 | udp | |
| N/A | 31.184.235.94:6892 | udp | |
| N/A | 31.184.235.95:6892 | udp | |
| N/A | 31.184.235.96:6892 | udp | |
| N/A | 31.184.235.97:6892 | udp | |
| N/A | 31.184.235.98:6892 | udp | |
| N/A | 31.184.235.99:6892 | udp | |
| N/A | 31.184.235.100:6892 | udp | |
| N/A | 31.184.235.101:6892 | udp | |
| N/A | 31.184.235.102:6892 | udp | |
| N/A | 31.184.235.103:6892 | udp | |
| N/A | 31.184.235.104:6892 | udp | |
| N/A | 31.184.235.105:6892 | udp | |
| N/A | 31.184.235.106:6892 | udp | |
| N/A | 31.184.235.107:6892 | udp | |
| N/A | 31.184.235.108:6892 | udp | |
| N/A | 31.184.235.109:6892 | udp | |
| N/A | 31.184.235.110:6892 | udp | |
| N/A | 31.184.235.111:6892 | udp | |
| N/A | 31.184.235.112:6892 | udp | |
| N/A | 31.184.235.113:6892 | udp | |
| N/A | 31.184.235.114:6892 | udp | |
| N/A | 31.184.235.115:6892 | udp | |
| N/A | 31.184.235.116:6892 | udp | |
| N/A | 31.184.235.117:6892 | udp | |
| N/A | 31.184.235.118:6892 | udp | |
| N/A | 31.184.235.119:6892 | udp | |
| N/A | 31.184.235.120:6892 | udp | |
| N/A | 31.184.235.121:6892 | udp | |
| N/A | 31.184.235.122:6892 | udp | |
| N/A | 31.184.235.123:6892 | udp | |
| N/A | 31.184.235.124:6892 | udp | |
| N/A | 31.184.235.125:6892 | udp | |
| N/A | 31.184.235.126:6892 | udp | |
| N/A | 31.184.235.127:6892 | udp | |
| N/A | 31.184.235.128:6892 | udp | |
| N/A | 31.184.235.129:6892 | udp | |
| N/A | 31.184.235.130:6892 | udp | |
| N/A | 31.184.235.131:6892 | udp | |
| N/A | 31.184.235.132:6892 | udp | |
| N/A | 31.184.235.133:6892 | udp | |
| N/A | 31.184.235.134:6892 | udp | |
| N/A | 31.184.235.135:6892 | udp | |
| N/A | 31.184.235.136:6892 | udp | |
| N/A | 31.184.235.137:6892 | udp | |
| N/A | 31.184.235.138:6892 | udp | |
| N/A | 31.184.235.139:6892 | udp | |
| N/A | 31.184.235.140:6892 | udp | |
| N/A | 31.184.235.141:6892 | udp | |
| N/A | 31.184.235.142:6892 | udp | |
| N/A | 31.184.235.143:6892 | udp | |
| N/A | 31.184.235.144:6892 | udp | |
| N/A | 31.184.235.145:6892 | udp | |
| N/A | 31.184.235.146:6892 | udp | |
| N/A | 31.184.235.147:6892 | udp | |
| N/A | 31.184.235.148:6892 | udp | |
| N/A | 31.184.235.149:6892 | udp | |
| N/A | 31.184.235.150:6892 | udp | |
| N/A | 31.184.235.151:6892 | udp | |
| N/A | 31.184.235.152:6892 | udp | |
| N/A | 31.184.235.153:6892 | udp | |
| N/A | 31.184.235.154:6892 | udp | |
| N/A | 31.184.235.155:6892 | udp | |
| N/A | 31.184.235.156:6892 | udp | |
| N/A | 31.184.235.157:6892 | udp | |
| N/A | 31.184.235.158:6892 | udp | |
| N/A | 31.184.235.159:6892 | udp | |
| N/A | 31.184.235.160:6892 | udp | |
| N/A | 31.184.235.161:6892 | udp | |
| N/A | 31.184.235.162:6892 | udp | |
| N/A | 31.184.235.163:6892 | udp | |
| N/A | 31.184.235.164:6892 | udp | |
| N/A | 31.184.235.165:6892 | udp | |
| N/A | 31.184.235.166:6892 | udp | |
| N/A | 31.184.235.167:6892 | udp | |
| N/A | 31.184.235.168:6892 | udp | |
| N/A | 31.184.235.169:6892 | udp | |
| N/A | 31.184.235.170:6892 | udp | |
| N/A | 31.184.235.171:6892 | udp | |
| N/A | 31.184.235.172:6892 | udp | |
| N/A | 31.184.235.173:6892 | udp | |
| N/A | 31.184.235.174:6892 | udp | |
| N/A | 31.184.235.175:6892 | udp | |
| N/A | 31.184.235.176:6892 | udp | |
| N/A | 31.184.235.177:6892 | udp | |
| N/A | 31.184.235.178:6892 | udp | |
| N/A | 31.184.235.179:6892 | udp | |
| N/A | 31.184.235.180:6892 | udp | |
| N/A | 31.184.235.181:6892 | udp | |
| N/A | 31.184.235.182:6892 | udp | |
| N/A | 31.184.235.183:6892 | udp | |
| N/A | 31.184.235.184:6892 | udp | |
| N/A | 31.184.235.185:6892 | udp | |
| N/A | 31.184.235.186:6892 | udp | |
| N/A | 31.184.235.187:6892 | udp | |
| N/A | 31.184.235.188:6892 | udp | |
| N/A | 31.184.235.189:6892 | udp | |
| N/A | 31.184.235.190:6892 | udp | |
| N/A | 31.184.235.191:6892 | udp | |
| N/A | 31.184.235.192:6892 | udp | |
| N/A | 31.184.235.193:6892 | udp | |
| N/A | 31.184.235.194:6892 | udp | |
| N/A | 31.184.235.195:6892 | udp | |
| N/A | 31.184.235.196:6892 | udp | |
| N/A | 31.184.235.197:6892 | udp | |
| N/A | 31.184.235.198:6892 | udp | |
| N/A | 31.184.235.199:6892 | udp | |
| N/A | 31.184.235.200:6892 | udp | |
| N/A | 31.184.235.201:6892 | udp | |
| N/A | 31.184.235.202:6892 | udp | |
| N/A | 31.184.235.203:6892 | udp | |
| N/A | 31.184.235.204:6892 | udp | |
| N/A | 31.184.235.205:6892 | udp | |
| N/A | 31.184.235.206:6892 | udp | |
| N/A | 31.184.235.207:6892 | udp | |
| N/A | 31.184.235.208:6892 | udp | |
| N/A | 31.184.235.209:6892 | udp | |
| N/A | 31.184.235.210:6892 | udp | |
| N/A | 31.184.235.211:6892 | udp | |
| N/A | 31.184.235.212:6892 | udp | |
| N/A | 31.184.235.213:6892 | udp | |
| N/A | 31.184.235.214:6892 | udp | |
| N/A | 31.184.235.215:6892 | udp | |
| N/A | 31.184.235.216:6892 | udp | |
| N/A | 31.184.235.217:6892 | udp | |
| N/A | 31.184.235.218:6892 | udp | |
| N/A | 31.184.235.219:6892 | udp | |
| N/A | 31.184.235.220:6892 | udp | |
| N/A | 31.184.235.221:6892 | udp | |
| N/A | 31.184.235.222:6892 | udp | |
| N/A | 31.184.235.223:6892 | udp | |
| N/A | 31.184.235.224:6892 | udp | |
| N/A | 31.184.235.225:6892 | udp | |
| N/A | 31.184.235.226:6892 | udp | |
| N/A | 31.184.235.227:6892 | udp | |
| N/A | 31.184.235.228:6892 | udp | |
| N/A | 31.184.235.229:6892 | udp | |
| N/A | 31.184.235.230:6892 | udp | |
| N/A | 31.184.235.231:6892 | udp | |
| N/A | 31.184.235.232:6892 | udp | |
| N/A | 31.184.235.233:6892 | udp | |
| N/A | 31.184.235.234:6892 | udp | |
| N/A | 31.184.235.235:6892 | udp | |
| N/A | 31.184.235.236:6892 | udp | |
| N/A | 31.184.235.237:6892 | udp | |
| N/A | 31.184.235.238:6892 | udp | |
| N/A | 31.184.235.239:6892 | udp | |
| N/A | 31.184.235.240:6892 | udp | |
| N/A | 31.184.235.241:6892 | udp | |
| N/A | 31.184.235.242:6892 | udp | |
| N/A | 31.184.235.243:6892 | udp | |
| N/A | 31.184.235.244:6892 | udp | |
| N/A | 31.184.235.245:6892 | udp | |
| N/A | 31.184.235.246:6892 | udp | |
| N/A | 31.184.235.247:6892 | udp | |
| N/A | 31.184.235.248:6892 | udp | |
| N/A | 31.184.235.249:6892 | udp | |
| N/A | 31.184.235.250:6892 | udp | |
| N/A | 31.184.235.251:6892 | udp | |
| N/A | 31.184.235.252:6892 | udp | |
| N/A | 31.184.235.253:6892 | udp | |
| N/A | 31.184.235.254:6892 | udp | |
| N/A | 31.184.235.255:6892 | udp | |
| N/A | 31.184.234.0:6892 | udp | |
| N/A | 31.184.234.1:6892 | udp | |
| N/A | 31.184.234.2:6892 | udp | |
| N/A | 31.184.234.3:6892 | udp | |
| N/A | 31.184.234.4:6892 | udp | |
| N/A | 31.184.234.5:6892 | udp | |
| N/A | 31.184.234.6:6892 | udp | |
| N/A | 31.184.234.7:6892 | udp | |
| N/A | 31.184.234.8:6892 | udp | |
| N/A | 31.184.234.9:6892 | udp | |
| N/A | 31.184.234.10:6892 | udp | |
| N/A | 31.184.234.11:6892 | udp | |
| N/A | 31.184.234.12:6892 | udp | |
| N/A | 31.184.234.13:6892 | udp | |
| N/A | 31.184.234.14:6892 | udp | |
| N/A | 31.184.234.15:6892 | udp | |
| N/A | 31.184.234.16:6892 | udp | |
| N/A | 31.184.234.17:6892 | udp | |
| N/A | 31.184.234.18:6892 | udp | |
| N/A | 31.184.234.19:6892 | udp | |
| N/A | 31.184.234.20:6892 | udp | |
| N/A | 31.184.234.21:6892 | udp | |
| N/A | 31.184.234.22:6892 | udp | |
| N/A | 31.184.234.23:6892 | udp | |
| N/A | 31.184.234.24:6892 | udp | |
| N/A | 31.184.234.25:6892 | udp | |
| N/A | 31.184.234.26:6892 | udp | |
| N/A | 31.184.234.27:6892 | udp | |
| N/A | 31.184.234.28:6892 | udp | |
| N/A | 31.184.234.29:6892 | udp | |
| N/A | 31.184.234.30:6892 | udp | |
| N/A | 31.184.234.31:6892 | udp | |
| N/A | 31.184.234.32:6892 | udp | |
| N/A | 31.184.234.33:6892 | udp | |
| N/A | 31.184.234.34:6892 | udp | |
| N/A | 31.184.234.35:6892 | udp | |
| N/A | 31.184.234.36:6892 | udp | |
| N/A | 31.184.234.37:6892 | udp | |
| N/A | 31.184.234.38:6892 | udp | |
| N/A | 31.184.234.39:6892 | udp | |
| N/A | 31.184.234.40:6892 | udp | |
| N/A | 31.184.234.41:6892 | udp | |
| N/A | 31.184.234.42:6892 | udp | |
| N/A | 31.184.234.43:6892 | udp | |
| N/A | 31.184.234.44:6892 | udp | |
| N/A | 31.184.234.45:6892 | udp | |
| N/A | 31.184.234.46:6892 | udp | |
| N/A | 31.184.234.47:6892 | udp | |
| N/A | 31.184.234.48:6892 | udp | |
| N/A | 31.184.234.49:6892 | udp | |
| N/A | 31.184.234.50:6892 | udp | |
| N/A | 31.184.234.51:6892 | udp | |
| N/A | 31.184.234.52:6892 | udp | |
| N/A | 31.184.234.53:6892 | udp | |
| N/A | 31.184.234.54:6892 | udp | |
| N/A | 31.184.234.55:6892 | udp | |
| N/A | 31.184.234.56:6892 | udp | |
| N/A | 31.184.234.57:6892 | udp | |
| N/A | 31.184.234.58:6892 | udp | |
| N/A | 31.184.234.59:6892 | udp | |
| N/A | 31.184.234.60:6892 | udp | |
| N/A | 31.184.234.61:6892 | udp | |
| N/A | 31.184.234.62:6892 | udp | |
| N/A | 31.184.234.63:6892 | udp | |
| N/A | 31.184.234.64:6892 | udp | |
| N/A | 31.184.234.65:6892 | udp | |
| N/A | 31.184.234.66:6892 | udp | |
| N/A | 31.184.234.67:6892 | udp | |
| N/A | 31.184.234.68:6892 | udp | |
| N/A | 31.184.234.69:6892 | udp | |
| N/A | 31.184.234.70:6892 | udp | |
| N/A | 31.184.234.71:6892 | udp | |
| N/A | 31.184.234.72:6892 | udp | |
| N/A | 31.184.234.73:6892 | udp | |
| N/A | 31.184.234.74:6892 | udp | |
| N/A | 31.184.234.75:6892 | udp | |
| N/A | 31.184.234.76:6892 | udp | |
| N/A | 31.184.234.77:6892 | udp | |
| N/A | 31.184.234.78:6892 | udp | |
| N/A | 31.184.234.79:6892 | udp | |
| N/A | 31.184.234.80:6892 | udp | |
| N/A | 31.184.234.81:6892 | udp | |
| N/A | 31.184.234.82:6892 | udp | |
| N/A | 31.184.234.83:6892 | udp | |
| N/A | 31.184.234.84:6892 | udp | |
| N/A | 31.184.234.85:6892 | udp | |
| N/A | 31.184.234.86:6892 | udp | |
| N/A | 31.184.234.87:6892 | udp | |
| N/A | 31.184.234.88:6892 | udp | |
| N/A | 31.184.234.89:6892 | udp | |
| N/A | 31.184.234.90:6892 | udp | |
| N/A | 31.184.234.91:6892 | udp | |
| N/A | 31.184.234.92:6892 | udp | |
| N/A | 31.184.234.93:6892 | udp | |
| N/A | 31.184.234.94:6892 | udp | |
| N/A | 31.184.234.95:6892 | udp | |
| N/A | 31.184.234.96:6892 | udp | |
| N/A | 31.184.234.97:6892 | udp | |
| N/A | 31.184.234.98:6892 | udp | |
| N/A | 31.184.234.99:6892 | udp | |
| N/A | 31.184.234.100:6892 | udp | |
| N/A | 31.184.234.101:6892 | udp | |
| N/A | 31.184.234.102:6892 | udp | |
| N/A | 31.184.234.103:6892 | udp | |
| N/A | 31.184.234.104:6892 | udp | |
| N/A | 31.184.234.105:6892 | udp | |
| N/A | 31.184.234.106:6892 | udp | |
| N/A | 31.184.234.107:6892 | udp | |
| N/A | 31.184.234.108:6892 | udp | |
| N/A | 31.184.234.109:6892 | udp | |
| N/A | 31.184.234.110:6892 | udp | |
| N/A | 31.184.234.111:6892 | udp | |
| N/A | 31.184.234.112:6892 | udp | |
| N/A | 31.184.234.113:6892 | udp | |
| N/A | 31.184.234.114:6892 | udp | |
| N/A | 31.184.234.115:6892 | udp | |
| N/A | 31.184.234.116:6892 | udp | |
| N/A | 31.184.234.117:6892 | udp | |
| N/A | 31.184.234.118:6892 | udp | |
| N/A | 31.184.234.119:6892 | udp | |
| N/A | 31.184.234.120:6892 | udp | |
| N/A | 31.184.234.121:6892 | udp | |
| N/A | 31.184.234.122:6892 | udp | |
| N/A | 31.184.234.123:6892 | udp | |
| N/A | 31.184.234.124:6892 | udp | |
| N/A | 31.184.234.125:6892 | udp | |
| N/A | 31.184.234.126:6892 | udp | |
| N/A | 31.184.234.127:6892 | udp | |
| N/A | 31.184.234.128:6892 | udp | |
| N/A | 31.184.234.129:6892 | udp | |
| N/A | 31.184.234.130:6892 | udp | |
| N/A | 31.184.234.131:6892 | udp | |
| N/A | 31.184.234.132:6892 | udp | |
| N/A | 31.184.234.133:6892 | udp | |
| N/A | 31.184.234.134:6892 | udp | |
| N/A | 31.184.234.135:6892 | udp | |
| N/A | 31.184.234.136:6892 | udp | |
| N/A | 31.184.234.137:6892 | udp | |
| N/A | 31.184.234.138:6892 | udp | |
| N/A | 31.184.234.139:6892 | udp | |
| N/A | 31.184.234.140:6892 | udp | |
| N/A | 31.184.234.141:6892 | udp | |
| N/A | 31.184.234.142:6892 | udp | |
| N/A | 31.184.234.143:6892 | udp | |
| N/A | 31.184.234.144:6892 | udp | |
| N/A | 31.184.234.145:6892 | udp | |
| N/A | 31.184.234.146:6892 | udp | |
| N/A | 31.184.234.147:6892 | udp | |
| N/A | 31.184.234.148:6892 | udp | |
| N/A | 31.184.234.149:6892 | udp | |
| N/A | 31.184.234.150:6892 | udp | |
| N/A | 31.184.234.151:6892 | udp | |
| N/A | 31.184.234.152:6892 | udp | |
| N/A | 31.184.234.153:6892 | udp | |
| N/A | 31.184.234.154:6892 | udp | |
| N/A | 31.184.234.155:6892 | udp | |
| N/A | 31.184.234.156:6892 | udp | |
| N/A | 31.184.234.157:6892 | udp | |
| N/A | 31.184.234.158:6892 | udp | |
| N/A | 31.184.234.159:6892 | udp | |
| N/A | 31.184.234.160:6892 | udp | |
| N/A | 31.184.234.161:6892 | udp | |
| N/A | 31.184.234.162:6892 | udp | |
| N/A | 31.184.234.163:6892 | udp | |
| N/A | 31.184.234.164:6892 | udp | |
| N/A | 31.184.234.165:6892 | udp | |
| N/A | 31.184.234.166:6892 | udp | |
| N/A | 31.184.234.167:6892 | udp | |
| N/A | 31.184.234.168:6892 | udp | |
| N/A | 31.184.234.169:6892 | udp | |
| N/A | 31.184.234.170:6892 | udp | |
| N/A | 31.184.234.171:6892 | udp | |
| N/A | 31.184.234.172:6892 | udp | |
| N/A | 31.184.234.173:6892 | udp | |
| N/A | 31.184.234.174:6892 | udp | |
| N/A | 31.184.234.175:6892 | udp | |
| N/A | 31.184.234.176:6892 | udp | |
| N/A | 31.184.234.177:6892 | udp | |
| N/A | 31.184.234.178:6892 | udp | |
| N/A | 31.184.234.179:6892 | udp | |
| N/A | 31.184.234.180:6892 | udp | |
| N/A | 31.184.234.181:6892 | udp | |
| N/A | 31.184.234.182:6892 | udp | |
| N/A | 31.184.234.183:6892 | udp | |
| N/A | 31.184.234.184:6892 | udp | |
| N/A | 31.184.234.185:6892 | udp | |
| N/A | 31.184.234.186:6892 | udp | |
| N/A | 31.184.234.187:6892 | udp | |
| N/A | 31.184.234.188:6892 | udp | |
| N/A | 31.184.234.189:6892 | udp | |
| N/A | 31.184.234.190:6892 | udp | |
| N/A | 31.184.234.191:6892 | udp | |
| N/A | 31.184.234.192:6892 | udp | |
| N/A | 31.184.234.193:6892 | udp | |
| N/A | 31.184.234.194:6892 | udp | |
| N/A | 31.184.234.195:6892 | udp | |
| N/A | 31.184.234.196:6892 | udp | |
| N/A | 31.184.234.197:6892 | udp | |
| N/A | 31.184.234.198:6892 | udp | |
| N/A | 31.184.234.199:6892 | udp | |
| N/A | 31.184.234.200:6892 | udp | |
| N/A | 31.184.234.201:6892 | udp | |
| N/A | 31.184.234.202:6892 | udp | |
| N/A | 31.184.234.203:6892 | udp | |
| N/A | 31.184.234.204:6892 | udp | |
| N/A | 31.184.234.205:6892 | udp | |
| N/A | 31.184.234.206:6892 | udp | |
| N/A | 31.184.234.207:6892 | udp | |
| N/A | 31.184.234.208:6892 | udp | |
| N/A | 31.184.234.209:6892 | udp | |
| N/A | 31.184.234.210:6892 | udp | |
| N/A | 31.184.234.211:6892 | udp | |
| N/A | 31.184.234.212:6892 | udp | |
| N/A | 31.184.234.213:6892 | udp | |
| N/A | 31.184.234.214:6892 | udp | |
| N/A | 31.184.234.215:6892 | udp | |
| N/A | 31.184.234.216:6892 | udp | |
| N/A | 31.184.234.217:6892 | udp | |
| N/A | 31.184.234.218:6892 | udp | |
| N/A | 31.184.234.219:6892 | udp | |
| N/A | 31.184.234.220:6892 | udp | |
| N/A | 31.184.234.221:6892 | udp | |
| N/A | 31.184.234.222:6892 | udp | |
| N/A | 31.184.234.223:6892 | udp | |
| N/A | 31.184.234.224:6892 | udp | |
| N/A | 31.184.234.225:6892 | udp | |
| N/A | 31.184.234.226:6892 | udp | |
| N/A | 31.184.234.227:6892 | udp | |
| N/A | 31.184.234.228:6892 | udp | |
| N/A | 31.184.234.229:6892 | udp | |
| N/A | 31.184.234.230:6892 | udp | |
| N/A | 31.184.234.231:6892 | udp | |
| N/A | 31.184.234.232:6892 | udp | |
| N/A | 31.184.234.233:6892 | udp | |
| N/A | 31.184.234.234:6892 | udp | |
| N/A | 31.184.234.235:6892 | udp | |
| N/A | 31.184.234.236:6892 | udp | |
| N/A | 31.184.234.237:6892 | udp | |
| N/A | 31.184.234.238:6892 | udp | |
| N/A | 31.184.234.239:6892 | udp | |
| N/A | 31.184.234.240:6892 | udp | |
| N/A | 31.184.234.241:6892 | udp | |
| N/A | 31.184.234.242:6892 | udp | |
| N/A | 31.184.234.243:6892 | udp | |
| N/A | 31.184.234.244:6892 | udp | |
| N/A | 31.184.234.245:6892 | udp | |
| N/A | 31.184.234.246:6892 | udp | |
| N/A | 31.184.234.247:6892 | udp | |
| N/A | 31.184.234.248:6892 | udp | |
| N/A | 31.184.234.249:6892 | udp | |
| N/A | 31.184.234.250:6892 | udp | |
| N/A | 31.184.234.251:6892 | udp | |
| N/A | 31.184.234.252:6892 | udp | |
| N/A | 31.184.234.253:6892 | udp | |
| N/A | 31.184.234.254:6892 | udp | |
| N/A | 31.184.234.255:6892 | udp | |
| N/A | 31.184.235.0:6892 | udp | |
| N/A | 31.184.235.1:6892 | udp | |
| N/A | 31.184.235.2:6892 | udp | |
| N/A | 31.184.235.3:6892 | udp | |
| N/A | 31.184.235.4:6892 | udp | |
| N/A | 31.184.235.5:6892 | udp | |
| N/A | 31.184.235.6:6892 | udp | |
| N/A | 31.184.235.7:6892 | udp | |
| N/A | 31.184.235.8:6892 | udp | |
| N/A | 31.184.235.9:6892 | udp | |
| N/A | 31.184.235.10:6892 | udp | |
| N/A | 31.184.235.11:6892 | udp | |
| N/A | 31.184.235.12:6892 | udp | |
| N/A | 31.184.235.13:6892 | udp | |
| N/A | 31.184.235.14:6892 | udp | |
| N/A | 31.184.235.15:6892 | udp | |
| N/A | 31.184.235.16:6892 | udp | |
| N/A | 31.184.235.17:6892 | udp | |
| N/A | 31.184.235.18:6892 | udp | |
| N/A | 31.184.235.19:6892 | udp | |
| N/A | 31.184.235.20:6892 | udp | |
| N/A | 31.184.235.21:6892 | udp | |
| N/A | 31.184.235.22:6892 | udp | |
| N/A | 31.184.235.23:6892 | udp | |
| N/A | 31.184.235.24:6892 | udp | |
| N/A | 31.184.235.25:6892 | udp | |
| N/A | 31.184.235.26:6892 | udp | |
| N/A | 31.184.235.27:6892 | udp | |
| N/A | 31.184.235.28:6892 | udp | |
| N/A | 31.184.235.29:6892 | udp | |
| N/A | 31.184.235.30:6892 | udp | |
| N/A | 31.184.235.31:6892 | udp | |
| N/A | 31.184.235.32:6892 | udp | |
| N/A | 31.184.235.33:6892 | udp | |
| N/A | 31.184.235.34:6892 | udp | |
| N/A | 31.184.235.35:6892 | udp | |
| N/A | 31.184.235.36:6892 | udp | |
| N/A | 31.184.235.37:6892 | udp | |
| N/A | 31.184.235.38:6892 | udp | |
| N/A | 31.184.235.39:6892 | udp | |
| N/A | 31.184.235.40:6892 | udp | |
| N/A | 31.184.235.41:6892 | udp | |
| N/A | 31.184.235.42:6892 | udp | |
| N/A | 31.184.235.43:6892 | udp | |
| N/A | 31.184.235.44:6892 | udp | |
| N/A | 31.184.235.45:6892 | udp | |
| N/A | 31.184.235.46:6892 | udp | |
| N/A | 31.184.235.47:6892 | udp | |
| N/A | 31.184.235.48:6892 | udp | |
| N/A | 31.184.235.49:6892 | udp | |
| N/A | 31.184.235.50:6892 | udp | |
| N/A | 31.184.235.51:6892 | udp | |
| N/A | 31.184.235.52:6892 | udp | |
| N/A | 31.184.235.53:6892 | udp | |
| N/A | 31.184.235.54:6892 | udp | |
| N/A | 31.184.235.55:6892 | udp | |
| N/A | 31.184.235.56:6892 | udp | |
| N/A | 31.184.235.57:6892 | udp | |
| N/A | 31.184.235.58:6892 | udp | |
| N/A | 31.184.235.59:6892 | udp | |
| N/A | 31.184.235.60:6892 | udp | |
| N/A | 31.184.235.61:6892 | udp | |
| N/A | 31.184.235.62:6892 | udp | |
| N/A | 31.184.235.63:6892 | udp | |
| N/A | 31.184.235.64:6892 | udp | |
| N/A | 31.184.235.65:6892 | udp | |
| N/A | 31.184.235.66:6892 | udp | |
| N/A | 31.184.235.67:6892 | udp | |
| N/A | 31.184.235.68:6892 | udp | |
| N/A | 31.184.235.69:6892 | udp | |
| N/A | 31.184.235.70:6892 | udp | |
| N/A | 31.184.235.71:6892 | udp | |
| N/A | 31.184.235.72:6892 | udp | |
| N/A | 31.184.235.73:6892 | udp | |
| N/A | 31.184.235.74:6892 | udp | |
| N/A | 31.184.235.75:6892 | udp | |
| N/A | 31.184.235.76:6892 | udp | |
| N/A | 31.184.235.77:6892 | udp | |
| N/A | 31.184.235.78:6892 | udp | |
| N/A | 31.184.235.79:6892 | udp | |
| N/A | 31.184.235.80:6892 | udp | |
| N/A | 31.184.235.81:6892 | udp | |
| N/A | 31.184.235.82:6892 | udp | |
| N/A | 31.184.235.83:6892 | udp | |
| N/A | 31.184.235.84:6892 | udp | |
| N/A | 31.184.235.85:6892 | udp | |
| N/A | 31.184.235.86:6892 | udp | |
| N/A | 31.184.235.87:6892 | udp | |
| N/A | 31.184.235.88:6892 | udp | |
| N/A | 31.184.235.89:6892 | udp | |
| N/A | 31.184.235.90:6892 | udp | |
| N/A | 31.184.235.91:6892 | udp | |
| N/A | 31.184.235.92:6892 | udp | |
| N/A | 31.184.235.93:6892 | udp | |
| N/A | 31.184.235.94:6892 | udp | |
| N/A | 31.184.235.95:6892 | udp | |
| N/A | 31.184.235.96:6892 | udp | |
| N/A | 31.184.235.97:6892 | udp | |
| N/A | 31.184.235.98:6892 | udp | |
| N/A | 31.184.235.99:6892 | udp | |
| N/A | 31.184.235.100:6892 | udp | |
| N/A | 31.184.235.101:6892 | udp | |
| N/A | 31.184.235.102:6892 | udp | |
| N/A | 31.184.235.103:6892 | udp | |
| N/A | 31.184.235.104:6892 | udp | |
| N/A | 31.184.235.105:6892 | udp | |
| N/A | 31.184.235.106:6892 | udp | |
| N/A | 31.184.235.107:6892 | udp | |
| N/A | 31.184.235.108:6892 | udp | |
| N/A | 31.184.235.109:6892 | udp | |
| N/A | 31.184.235.110:6892 | udp | |
| N/A | 31.184.235.111:6892 | udp | |
| N/A | 31.184.235.112:6892 | udp | |
| N/A | 31.184.235.113:6892 | udp | |
| N/A | 31.184.235.114:6892 | udp | |
| N/A | 31.184.235.115:6892 | udp | |
| N/A | 31.184.235.116:6892 | udp | |
| N/A | 31.184.235.117:6892 | udp | |
| N/A | 31.184.235.118:6892 | udp | |
| N/A | 31.184.235.119:6892 | udp | |
| N/A | 31.184.235.120:6892 | udp | |
| N/A | 31.184.235.121:6892 | udp | |
| N/A | 31.184.235.122:6892 | udp | |
| N/A | 31.184.235.123:6892 | udp | |
| N/A | 31.184.235.124:6892 | udp | |
| N/A | 31.184.235.125:6892 | udp | |
| N/A | 31.184.235.126:6892 | udp | |
| N/A | 31.184.235.127:6892 | udp | |
| N/A | 31.184.235.128:6892 | udp | |
| N/A | 31.184.235.129:6892 | udp | |
| N/A | 31.184.235.130:6892 | udp | |
| N/A | 31.184.235.131:6892 | udp | |
| N/A | 31.184.235.132:6892 | udp | |
| N/A | 31.184.235.133:6892 | udp | |
| N/A | 31.184.235.134:6892 | udp | |
| N/A | 31.184.235.135:6892 | udp | |
| N/A | 31.184.235.136:6892 | udp | |
| N/A | 31.184.235.137:6892 | udp | |
| N/A | 31.184.235.138:6892 | udp | |
| N/A | 31.184.235.139:6892 | udp | |
| N/A | 31.184.235.140:6892 | udp | |
| N/A | 31.184.235.141:6892 | udp | |
| N/A | 31.184.235.142:6892 | udp | |
| N/A | 31.184.235.143:6892 | udp | |
| N/A | 31.184.235.144:6892 | udp | |
| N/A | 31.184.235.145:6892 | udp | |
| N/A | 31.184.235.146:6892 | udp | |
| N/A | 31.184.235.147:6892 | udp | |
| N/A | 31.184.235.148:6892 | udp | |
| N/A | 31.184.235.149:6892 | udp | |
| N/A | 31.184.235.150:6892 | udp | |
| N/A | 31.184.235.151:6892 | udp | |
| N/A | 31.184.235.152:6892 | udp | |
| N/A | 31.184.235.153:6892 | udp | |
| N/A | 31.184.235.154:6892 | udp | |
| N/A | 31.184.235.155:6892 | udp | |
| N/A | 31.184.235.156:6892 | udp | |
| N/A | 31.184.235.157:6892 | udp | |
| N/A | 31.184.235.158:6892 | udp | |
| N/A | 31.184.235.159:6892 | udp | |
| N/A | 31.184.235.160:6892 | udp | |
| N/A | 31.184.235.161:6892 | udp | |
| N/A | 31.184.235.162:6892 | udp | |
| N/A | 31.184.235.163:6892 | udp | |
| N/A | 31.184.235.164:6892 | udp | |
| N/A | 31.184.235.165:6892 | udp | |
| N/A | 31.184.235.166:6892 | udp | |
| N/A | 31.184.235.167:6892 | udp | |
| N/A | 31.184.235.168:6892 | udp | |
| N/A | 31.184.235.169:6892 | udp | |
| N/A | 31.184.235.170:6892 | udp | |
| N/A | 31.184.235.171:6892 | udp | |
| N/A | 31.184.235.172:6892 | udp | |
| N/A | 31.184.235.173:6892 | udp | |
| N/A | 31.184.235.174:6892 | udp | |
| N/A | 31.184.235.175:6892 | udp | |
| N/A | 31.184.235.176:6892 | udp | |
| N/A | 31.184.235.177:6892 | udp | |
| N/A | 31.184.235.178:6892 | udp | |
| N/A | 31.184.235.179:6892 | udp | |
| N/A | 31.184.235.180:6892 | udp | |
| N/A | 31.184.235.181:6892 | udp | |
| N/A | 31.184.235.182:6892 | udp | |
| N/A | 31.184.235.183:6892 | udp | |
| N/A | 31.184.235.184:6892 | udp | |
| N/A | 31.184.235.185:6892 | udp | |
| N/A | 31.184.235.186:6892 | udp | |
| N/A | 31.184.235.187:6892 | udp | |
| N/A | 31.184.235.188:6892 | udp | |
| N/A | 31.184.235.189:6892 | udp | |
| N/A | 31.184.235.190:6892 | udp | |
| N/A | 31.184.235.191:6892 | udp | |
| N/A | 31.184.235.192:6892 | udp | |
| N/A | 31.184.235.193:6892 | udp | |
| N/A | 31.184.235.194:6892 | udp | |
| N/A | 31.184.235.195:6892 | udp | |
| N/A | 31.184.235.196:6892 | udp | |
| N/A | 31.184.235.197:6892 | udp | |
| N/A | 31.184.235.198:6892 | udp | |
| N/A | 31.184.235.199:6892 | udp | |
| N/A | 31.184.235.200:6892 | udp | |
| N/A | 31.184.235.201:6892 | udp | |
| N/A | 31.184.235.202:6892 | udp | |
| N/A | 31.184.235.203:6892 | udp | |
| N/A | 31.184.235.204:6892 | udp | |
| N/A | 31.184.235.205:6892 | udp | |
| N/A | 31.184.235.206:6892 | udp | |
| N/A | 31.184.235.207:6892 | udp | |
| N/A | 31.184.235.208:6892 | udp | |
| N/A | 31.184.235.209:6892 | udp | |
| N/A | 31.184.235.210:6892 | udp | |
| N/A | 31.184.235.211:6892 | udp | |
| N/A | 31.184.235.212:6892 | udp | |
| N/A | 31.184.235.213:6892 | udp | |
| N/A | 31.184.235.214:6892 | udp | |
| N/A | 31.184.235.215:6892 | udp | |
| N/A | 31.184.235.216:6892 | udp | |
| N/A | 31.184.235.217:6892 | udp | |
| N/A | 31.184.235.218:6892 | udp | |
| N/A | 31.184.235.219:6892 | udp | |
| N/A | 31.184.235.220:6892 | udp | |
| N/A | 31.184.235.221:6892 | udp | |
| N/A | 31.184.235.222:6892 | udp | |
| N/A | 31.184.235.223:6892 | udp | |
| N/A | 31.184.235.224:6892 | udp | |
| N/A | 31.184.235.225:6892 | udp | |
| N/A | 31.184.235.226:6892 | udp | |
| N/A | 31.184.235.227:6892 | udp | |
| N/A | 31.184.235.228:6892 | udp | |
| N/A | 31.184.235.229:6892 | udp | |
| N/A | 31.184.235.230:6892 | udp | |
| N/A | 31.184.235.231:6892 | udp | |
| N/A | 31.184.235.232:6892 | udp | |
| N/A | 31.184.235.233:6892 | udp | |
| N/A | 31.184.235.234:6892 | udp | |
| N/A | 31.184.235.235:6892 | udp | |
| N/A | 31.184.235.236:6892 | udp | |
| N/A | 31.184.235.237:6892 | udp | |
| N/A | 31.184.235.238:6892 | udp | |
| N/A | 31.184.235.239:6892 | udp | |
| N/A | 31.184.235.240:6892 | udp | |
| N/A | 31.184.235.241:6892 | udp | |
| N/A | 31.184.235.242:6892 | udp | |
| N/A | 31.184.235.243:6892 | udp | |
| N/A | 31.184.235.244:6892 | udp | |
| N/A | 31.184.235.245:6892 | udp | |
| N/A | 31.184.235.246:6892 | udp | |
| N/A | 31.184.235.247:6892 | udp | |
| N/A | 31.184.235.248:6892 | udp | |
| N/A | 31.184.235.249:6892 | udp | |
| N/A | 31.184.235.250:6892 | udp | |
| N/A | 31.184.235.251:6892 | udp | |
| N/A | 31.184.235.252:6892 | udp | |
| N/A | 31.184.235.253:6892 | udp | |
| N/A | 31.184.235.254:6892 | udp | |
| N/A | 31.184.235.255:6892 | udp | |
| N/A | 8.8.8.8:53 | go.microsoft.com | udp |
| N/A | 8.8.8.8:53 | bqyjebfh25oellur.onion.to | udp |
| N/A | 31.184.234.0:6892 | udp | |
| N/A | 31.184.234.1:6892 | udp | |
| N/A | 31.184.234.2:6892 | udp | |
| N/A | 31.184.234.3:6892 | udp | |
| N/A | 31.184.234.4:6892 | udp | |
| N/A | 31.184.234.5:6892 | udp | |
| N/A | 31.184.234.6:6892 | udp | |
| N/A | 31.184.234.7:6892 | udp | |
| N/A | 31.184.234.8:6892 | udp | |
| N/A | 31.184.234.9:6892 | udp | |
| N/A | 31.184.234.10:6892 | udp | |
| N/A | 31.184.234.11:6892 | udp | |
| N/A | 31.184.234.12:6892 | udp | |
| N/A | 31.184.234.13:6892 | udp | |
| N/A | 31.184.234.14:6892 | udp | |
| N/A | 31.184.234.15:6892 | udp | |
| N/A | 31.184.234.16:6892 | udp | |
| N/A | 31.184.234.17:6892 | udp | |
| N/A | 31.184.234.18:6892 | udp | |
| N/A | 31.184.234.19:6892 | udp | |
| N/A | 31.184.234.20:6892 | udp | |
| N/A | 31.184.234.21:6892 | udp | |
| N/A | 31.184.234.22:6892 | udp | |
| N/A | 31.184.234.23:6892 | udp | |
| N/A | 31.184.234.24:6892 | udp | |
| N/A | 31.184.234.25:6892 | udp | |
| N/A | 31.184.234.26:6892 | udp | |
| N/A | 31.184.234.27:6892 | udp | |
| N/A | 31.184.234.28:6892 | udp | |
| N/A | 31.184.234.29:6892 | udp | |
| N/A | 31.184.234.30:6892 | udp | |
| N/A | 31.184.234.31:6892 | udp | |
| N/A | 31.184.234.32:6892 | udp | |
| N/A | 31.184.234.33:6892 | udp | |
| N/A | 31.184.234.34:6892 | udp | |
| N/A | 31.184.234.35:6892 | udp | |
| N/A | 31.184.234.36:6892 | udp | |
| N/A | 31.184.234.37:6892 | udp | |
| N/A | 31.184.234.38:6892 | udp | |
| N/A | 31.184.234.39:6892 | udp | |
| N/A | 31.184.234.40:6892 | udp | |
| N/A | 31.184.234.41:6892 | udp | |
| N/A | 31.184.234.42:6892 | udp | |
| N/A | 31.184.234.43:6892 | udp | |
| N/A | 31.184.234.44:6892 | udp | |
| N/A | 31.184.234.45:6892 | udp | |
| N/A | 31.184.234.46:6892 | udp | |
| N/A | 31.184.234.47:6892 | udp | |
| N/A | 31.184.234.48:6892 | udp | |
| N/A | 31.184.234.49:6892 | udp | |
| N/A | 31.184.234.50:6892 | udp | |
| N/A | 31.184.234.51:6892 | udp | |
| N/A | 31.184.234.52:6892 | udp | |
| N/A | 31.184.234.53:6892 | udp | |
| N/A | 31.184.234.54:6892 | udp | |
| N/A | 31.184.234.55:6892 | udp | |
| N/A | 31.184.234.56:6892 | udp | |
| N/A | 31.184.234.57:6892 | udp | |
| N/A | 31.184.234.58:6892 | udp | |
| N/A | 31.184.234.59:6892 | udp | |
| N/A | 31.184.234.60:6892 | udp | |
| N/A | 31.184.234.61:6892 | udp | |
| N/A | 31.184.234.62:6892 | udp | |
| N/A | 31.184.234.63:6892 | udp | |
| N/A | 31.184.234.64:6892 | udp | |
| N/A | 31.184.234.65:6892 | udp | |
| N/A | 31.184.234.66:6892 | udp | |
| N/A | 31.184.234.67:6892 | udp | |
| N/A | 31.184.234.68:6892 | udp | |
| N/A | 31.184.234.69:6892 | udp | |
| N/A | 31.184.234.70:6892 | udp | |
| N/A | 31.184.234.71:6892 | udp | |
| N/A | 31.184.234.72:6892 | udp | |
| N/A | 31.184.234.73:6892 | udp | |
| N/A | 31.184.234.74:6892 | udp | |
| N/A | 31.184.234.75:6892 | udp | |
| N/A | 31.184.234.76:6892 | udp | |
| N/A | 31.184.234.77:6892 | udp | |
| N/A | 31.184.234.78:6892 | udp | |
| N/A | 31.184.234.79:6892 | udp | |
| N/A | 31.184.234.80:6892 | udp | |
| N/A | 31.184.234.81:6892 | udp | |
| N/A | 31.184.234.82:6892 | udp | |
| N/A | 31.184.234.83:6892 | udp | |
| N/A | 31.184.234.84:6892 | udp | |
| N/A | 31.184.234.85:6892 | udp | |
| N/A | 31.184.234.86:6892 | udp | |
| N/A | 31.184.234.87:6892 | udp | |
| N/A | 31.184.234.88:6892 | udp | |
| N/A | 31.184.234.89:6892 | udp | |
| N/A | 31.184.234.90:6892 | udp | |
| N/A | 31.184.234.91:6892 | udp | |
| N/A | 31.184.234.92:6892 | udp | |
| N/A | 31.184.234.93:6892 | udp | |
| N/A | 31.184.234.94:6892 | udp | |
| N/A | 31.184.234.95:6892 | udp | |
| N/A | 31.184.234.96:6892 | udp | |
| N/A | 31.184.234.97:6892 | udp | |
| N/A | 31.184.234.98:6892 | udp | |
| N/A | 31.184.234.99:6892 | udp | |
| N/A | 31.184.234.100:6892 | udp | |
| N/A | 31.184.234.101:6892 | udp | |
| N/A | 31.184.234.102:6892 | udp | |
| N/A | 31.184.234.103:6892 | udp | |
| N/A | 31.184.234.104:6892 | udp | |
| N/A | 31.184.234.105:6892 | udp | |
| N/A | 31.184.234.106:6892 | udp | |
| N/A | 31.184.234.107:6892 | udp | |
| N/A | 31.184.234.108:6892 | udp | |
| N/A | 31.184.234.109:6892 | udp | |
| N/A | 31.184.234.110:6892 | udp | |
| N/A | 31.184.234.111:6892 | udp | |
| N/A | 31.184.234.112:6892 | udp | |
| N/A | 31.184.234.113:6892 | udp | |
| N/A | 31.184.234.114:6892 | udp | |
| N/A | 31.184.234.115:6892 | udp | |
| N/A | 31.184.234.116:6892 | udp | |
| N/A | 31.184.234.117:6892 | udp | |
| N/A | 31.184.234.118:6892 | udp | |
| N/A | 31.184.234.119:6892 | udp | |
| N/A | 31.184.234.120:6892 | udp | |
| N/A | 31.184.234.121:6892 | udp | |
| N/A | 31.184.234.122:6892 | udp | |
| N/A | 31.184.234.123:6892 | udp | |
| N/A | 31.184.234.124:6892 | udp | |
| N/A | 31.184.234.125:6892 | udp | |
| N/A | 31.184.234.126:6892 | udp | |
| N/A | 31.184.234.127:6892 | udp | |
| N/A | 31.184.234.128:6892 | udp | |
| N/A | 31.184.234.129:6892 | udp | |
| N/A | 31.184.234.130:6892 | udp | |
| N/A | 31.184.234.131:6892 | udp | |
| N/A | 31.184.234.132:6892 | udp | |
| N/A | 31.184.234.133:6892 | udp | |
| N/A | 31.184.234.134:6892 | udp | |
| N/A | 31.184.234.135:6892 | udp | |
| N/A | 31.184.234.136:6892 | udp | |
| N/A | 31.184.234.137:6892 | udp | |
| N/A | 31.184.234.138:6892 | udp | |
| N/A | 31.184.234.139:6892 | udp | |
| N/A | 31.184.234.140:6892 | udp | |
| N/A | 31.184.234.141:6892 | udp | |
| N/A | 31.184.234.142:6892 | udp | |
| N/A | 31.184.234.143:6892 | udp | |
| N/A | 31.184.234.144:6892 | udp | |
| N/A | 31.184.234.145:6892 | udp | |
| N/A | 31.184.234.146:6892 | udp | |
| N/A | 31.184.234.147:6892 | udp | |
| N/A | 31.184.234.148:6892 | udp | |
| N/A | 31.184.234.149:6892 | udp | |
| N/A | 31.184.234.150:6892 | udp | |
| N/A | 31.184.234.151:6892 | udp | |
| N/A | 31.184.234.152:6892 | udp | |
| N/A | 31.184.234.153:6892 | udp | |
| N/A | 31.184.234.154:6892 | udp | |
| N/A | 31.184.234.155:6892 | udp | |
| N/A | 31.184.234.156:6892 | udp | |
| N/A | 31.184.234.157:6892 | udp | |
| N/A | 31.184.234.158:6892 | udp | |
| N/A | 31.184.234.159:6892 | udp | |
| N/A | 31.184.234.160:6892 | udp | |
| N/A | 31.184.234.161:6892 | udp | |
| N/A | 31.184.234.162:6892 | udp | |
| N/A | 31.184.234.163:6892 | udp | |
| N/A | 31.184.234.164:6892 | udp | |
| N/A | 31.184.234.165:6892 | udp | |
| N/A | 31.184.234.166:6892 | udp | |
| N/A | 31.184.234.167:6892 | udp | |
| N/A | 31.184.234.168:6892 | udp | |
| N/A | 31.184.234.169:6892 | udp | |
| N/A | 31.184.234.170:6892 | udp | |
| N/A | 31.184.234.171:6892 | udp | |
| N/A | 31.184.234.172:6892 | udp | |
| N/A | 31.184.234.173:6892 | udp | |
| N/A | 31.184.234.174:6892 | udp | |
| N/A | 31.184.234.175:6892 | udp | |
| N/A | 31.184.234.176:6892 | udp | |
| N/A | 31.184.234.177:6892 | udp | |
| N/A | 31.184.234.178:6892 | udp | |
| N/A | 31.184.234.179:6892 | udp | |
| N/A | 31.184.234.180:6892 | udp | |
| N/A | 31.184.234.181:6892 | udp | |
| N/A | 31.184.234.182:6892 | udp | |
| N/A | 31.184.234.183:6892 | udp | |
| N/A | 31.184.234.184:6892 | udp | |
| N/A | 31.184.234.185:6892 | udp | |
| N/A | 31.184.234.186:6892 | udp | |
| N/A | 31.184.234.187:6892 | udp | |
| N/A | 31.184.234.188:6892 | udp | |
| N/A | 31.184.234.189:6892 | udp | |
| N/A | 31.184.234.190:6892 | udp | |
| N/A | 31.184.234.191:6892 | udp | |
| N/A | 31.184.234.192:6892 | udp | |
| N/A | 31.184.234.193:6892 | udp | |
| N/A | 31.184.234.194:6892 | udp | |
| N/A | 31.184.234.195:6892 | udp | |
| N/A | 31.184.234.196:6892 | udp | |
| N/A | 31.184.234.197:6892 | udp | |
| N/A | 31.184.234.198:6892 | udp | |
| N/A | 31.184.234.199:6892 | udp | |
| N/A | 31.184.234.200:6892 | udp | |
| N/A | 31.184.234.201:6892 | udp | |
| N/A | 31.184.234.202:6892 | udp | |
| N/A | 31.184.234.203:6892 | udp | |
| N/A | 31.184.234.204:6892 | udp | |
| N/A | 31.184.234.205:6892 | udp | |
| N/A | 31.184.234.206:6892 | udp | |
| N/A | 31.184.234.207:6892 | udp | |
| N/A | 31.184.234.208:6892 | udp | |
| N/A | 31.184.234.209:6892 | udp | |
| N/A | 31.184.234.210:6892 | udp | |
| N/A | 31.184.234.211:6892 | udp | |
| N/A | 31.184.234.212:6892 | udp | |
| N/A | 31.184.234.213:6892 | udp | |
| N/A | 31.184.234.214:6892 | udp | |
| N/A | 31.184.234.215:6892 | udp | |
| N/A | 31.184.234.216:6892 | udp | |
| N/A | 31.184.234.217:6892 | udp | |
| N/A | 31.184.234.218:6892 | udp | |
| N/A | 31.184.234.219:6892 | udp | |
| N/A | 31.184.234.220:6892 | udp | |
| N/A | 31.184.234.221:6892 | udp | |
| N/A | 31.184.234.222:6892 | udp | |
| N/A | 31.184.234.223:6892 | udp | |
| N/A | 31.184.234.224:6892 | udp | |
| N/A | 31.184.234.225:6892 | udp | |
| N/A | 31.184.234.226:6892 | udp | |
| N/A | 31.184.234.227:6892 | udp | |
| N/A | 31.184.234.228:6892 | udp | |
| N/A | 31.184.234.229:6892 | udp | |
| N/A | 31.184.234.230:6892 | udp | |
| N/A | 31.184.234.231:6892 | udp | |
| N/A | 31.184.234.232:6892 | udp | |
| N/A | 31.184.234.233:6892 | udp | |
| N/A | 31.184.234.234:6892 | udp | |
| N/A | 31.184.234.235:6892 | udp | |
| N/A | 31.184.234.236:6892 | udp | |
| N/A | 31.184.234.237:6892 | udp | |
| N/A | 31.184.234.238:6892 | udp | |
| N/A | 31.184.234.239:6892 | udp | |
| N/A | 31.184.234.240:6892 | udp | |
| N/A | 31.184.234.241:6892 | udp | |
| N/A | 31.184.234.242:6892 | udp | |
| N/A | 31.184.234.243:6892 | udp | |
| N/A | 31.184.234.244:6892 | udp | |
| N/A | 31.184.234.245:6892 | udp | |
| N/A | 31.184.234.246:6892 | udp | |
| N/A | 31.184.234.247:6892 | udp | |
| N/A | 31.184.234.248:6892 | udp | |
| N/A | 31.184.234.249:6892 | udp | |
| N/A | 31.184.234.250:6892 | udp | |
| N/A | 31.184.234.251:6892 | udp | |
| N/A | 31.184.234.252:6892 | udp | |
| N/A | 31.184.234.253:6892 | udp | |
| N/A | 31.184.234.254:6892 | udp | |
| N/A | 185.100.85.150:80 | bqyjebfh25oellur.onion.to | tcp |
| N/A | 185.100.85.150:80 | bqyjebfh25oellur.onion.to | tcp |
| N/A | 31.184.234.255:6892 | udp | |
| N/A | 31.184.235.0:6892 | udp | |
| N/A | 31.184.235.1:6892 | udp | |
| N/A | 31.184.235.2:6892 | udp | |
| N/A | 31.184.235.3:6892 | udp | |
| N/A | 31.184.235.4:6892 | udp | |
| N/A | 31.184.235.5:6892 | udp | |
| N/A | 31.184.235.6:6892 | udp | |
| N/A | 31.184.235.7:6892 | udp | |
| N/A | 31.184.235.8:6892 | udp | |
| N/A | 31.184.235.9:6892 | udp | |
| N/A | 31.184.235.10:6892 | udp | |
| N/A | 31.184.235.11:6892 | udp | |
| N/A | 31.184.235.12:6892 | udp | |
| N/A | 31.184.235.13:6892 | udp | |
| N/A | 31.184.235.14:6892 | udp | |
| N/A | 31.184.235.15:6892 | udp | |
| N/A | 31.184.235.16:6892 | udp | |
| N/A | 31.184.235.17:6892 | udp | |
| N/A | 31.184.235.18:6892 | udp | |
| N/A | 31.184.235.19:6892 | udp | |
| N/A | 31.184.235.20:6892 | udp | |
| N/A | 31.184.235.21:6892 | udp | |
| N/A | 31.184.235.22:6892 | udp | |
| N/A | 31.184.235.23:6892 | udp | |
| N/A | 31.184.235.24:6892 | udp | |
| N/A | 31.184.235.25:6892 | udp | |
| N/A | 31.184.235.26:6892 | udp | |
| N/A | 31.184.235.27:6892 | udp | |
| N/A | 31.184.235.28:6892 | udp | |
| N/A | 31.184.235.29:6892 | udp | |
| N/A | 31.184.235.30:6892 | udp | |
| N/A | 31.184.235.31:6892 | udp | |
| N/A | 31.184.235.32:6892 | udp | |
| N/A | 31.184.235.33:6892 | udp | |
| N/A | 31.184.235.34:6892 | udp | |
| N/A | 31.184.235.35:6892 | udp | |
| N/A | 31.184.235.36:6892 | udp | |
| N/A | 31.184.235.37:6892 | udp | |
| N/A | 31.184.235.38:6892 | udp | |
| N/A | 31.184.235.39:6892 | udp | |
| N/A | 31.184.235.40:6892 | udp | |
| N/A | 31.184.235.41:6892 | udp | |
| N/A | 31.184.235.42:6892 | udp | |
| N/A | 31.184.235.43:6892 | udp | |
| N/A | 31.184.235.44:6892 | udp | |
| N/A | 31.184.235.45:6892 | udp | |
| N/A | 31.184.235.46:6892 | udp | |
| N/A | 31.184.235.47:6892 | udp | |
| N/A | 31.184.235.48:6892 | udp | |
| N/A | 31.184.235.49:6892 | udp | |
| N/A | 31.184.235.50:6892 | udp | |
| N/A | 31.184.235.51:6892 | udp | |
| N/A | 31.184.235.52:6892 | udp | |
| N/A | 31.184.235.53:6892 | udp | |
| N/A | 31.184.235.54:6892 | udp | |
| N/A | 31.184.235.55:6892 | udp | |
| N/A | 31.184.235.56:6892 | udp | |
| N/A | 31.184.235.57:6892 | udp | |
| N/A | 31.184.235.58:6892 | udp | |
| N/A | 31.184.235.59:6892 | udp | |
| N/A | 31.184.235.60:6892 | udp | |
| N/A | 31.184.235.61:6892 | udp | |
| N/A | 31.184.235.62:6892 | udp | |
| N/A | 31.184.235.63:6892 | udp | |
| N/A | 31.184.235.64:6892 | udp | |
| N/A | 31.184.235.65:6892 | udp | |
| N/A | 31.184.235.66:6892 | udp | |
| N/A | 31.184.235.67:6892 | udp | |
| N/A | 31.184.235.68:6892 | udp | |
| N/A | 31.184.235.69:6892 | udp | |
| N/A | 31.184.235.70:6892 | udp | |
| N/A | 31.184.235.71:6892 | udp | |
| N/A | 31.184.235.72:6892 | udp | |
| N/A | 31.184.235.73:6892 | udp | |
| N/A | 31.184.235.74:6892 | udp | |
| N/A | 31.184.235.75:6892 | udp | |
| N/A | 31.184.235.76:6892 | udp | |
| N/A | 31.184.235.77:6892 | udp | |
| N/A | 31.184.235.78:6892 | udp | |
| N/A | 31.184.235.79:6892 | udp | |
| N/A | 31.184.235.80:6892 | udp | |
| N/A | 31.184.235.81:6892 | udp | |
| N/A | 31.184.235.82:6892 | udp | |
| N/A | 31.184.235.83:6892 | udp | |
| N/A | 31.184.235.84:6892 | udp | |
| N/A | 31.184.235.85:6892 | udp | |
| N/A | 31.184.235.86:6892 | udp | |
| N/A | 31.184.235.87:6892 | udp | |
| N/A | 31.184.235.88:6892 | udp | |
| N/A | 31.184.235.89:6892 | udp | |
| N/A | 31.184.235.90:6892 | udp | |
| N/A | 31.184.235.91:6892 | udp | |
| N/A | 31.184.235.92:6892 | udp | |
| N/A | 31.184.235.93:6892 | udp | |
| N/A | 31.184.235.94:6892 | udp | |
| N/A | 31.184.235.95:6892 | udp | |
| N/A | 31.184.235.96:6892 | udp | |
| N/A | 31.184.235.97:6892 | udp | |
| N/A | 31.184.235.98:6892 | udp | |
| N/A | 31.184.235.99:6892 | udp | |
| N/A | 31.184.235.100:6892 | udp | |
| N/A | 31.184.235.101:6892 | udp | |
| N/A | 31.184.235.102:6892 | udp | |
| N/A | 31.184.235.103:6892 | udp | |
| N/A | 31.184.235.104:6892 | udp | |
| N/A | 31.184.235.105:6892 | udp | |
| N/A | 31.184.235.106:6892 | udp | |
| N/A | 31.184.235.107:6892 | udp | |
| N/A | 31.184.235.108:6892 | udp | |
| N/A | 31.184.235.109:6892 | udp | |
| N/A | 31.184.235.110:6892 | udp | |
| N/A | 31.184.235.111:6892 | udp | |
| N/A | 31.184.235.112:6892 | udp | |
| N/A | 31.184.235.113:6892 | udp | |
| N/A | 31.184.235.114:6892 | udp | |
| N/A | 31.184.235.115:6892 | udp | |
| N/A | 31.184.235.116:6892 | udp | |
| N/A | 31.184.235.117:6892 | udp | |
| N/A | 31.184.235.118:6892 | udp | |
| N/A | 31.184.235.119:6892 | udp | |
| N/A | 31.184.235.120:6892 | udp | |
| N/A | 31.184.235.121:6892 | udp | |
| N/A | 31.184.235.122:6892 | udp | |
| N/A | 31.184.235.123:6892 | udp | |
| N/A | 31.184.235.124:6892 | udp | |
| N/A | 31.184.235.125:6892 | udp | |
| N/A | 31.184.235.126:6892 | udp | |
| N/A | 31.184.235.127:6892 | udp | |
| N/A | 31.184.235.128:6892 | udp | |
| N/A | 31.184.235.129:6892 | udp | |
| N/A | 31.184.235.130:6892 | udp | |
| N/A | 31.184.235.131:6892 | udp | |
| N/A | 31.184.235.132:6892 | udp | |
| N/A | 31.184.235.133:6892 | udp | |
| N/A | 31.184.235.134:6892 | udp | |
| N/A | 31.184.235.135:6892 | udp | |
| N/A | 31.184.235.136:6892 | udp | |
| N/A | 31.184.235.137:6892 | udp | |
| N/A | 31.184.235.138:6892 | udp | |
| N/A | 31.184.235.139:6892 | udp | |
| N/A | 31.184.235.140:6892 | udp | |
| N/A | 31.184.235.141:6892 | udp | |
| N/A | 31.184.235.142:6892 | udp | |
| N/A | 31.184.235.143:6892 | udp | |
| N/A | 31.184.235.144:6892 | udp | |
| N/A | 31.184.235.145:6892 | udp | |
| N/A | 31.184.235.146:6892 | udp | |
| N/A | 31.184.235.147:6892 | udp | |
| N/A | 31.184.235.148:6892 | udp | |
| N/A | 31.184.235.149:6892 | udp | |
| N/A | 31.184.235.150:6892 | udp | |
| N/A | 31.184.235.151:6892 | udp | |
| N/A | 31.184.235.152:6892 | udp | |
| N/A | 31.184.235.153:6892 | udp | |
| N/A | 31.184.235.154:6892 | udp | |
| N/A | 31.184.235.155:6892 | udp | |
| N/A | 31.184.235.156:6892 | udp | |
| N/A | 31.184.235.157:6892 | udp | |
| N/A | 31.184.235.158:6892 | udp | |
| N/A | 31.184.235.159:6892 | udp | |
| N/A | 31.184.235.160:6892 | udp | |
| N/A | 31.184.235.161:6892 | udp | |
| N/A | 31.184.235.162:6892 | udp | |
| N/A | 31.184.235.163:6892 | udp | |
| N/A | 31.184.235.164:6892 | udp | |
| N/A | 31.184.235.165:6892 | udp | |
| N/A | 31.184.235.166:6892 | udp | |
| N/A | 31.184.235.167:6892 | udp | |
| N/A | 31.184.235.168:6892 | udp | |
| N/A | 31.184.235.169:6892 | udp | |
| N/A | 31.184.235.170:6892 | udp | |
| N/A | 31.184.235.171:6892 | udp | |
| N/A | 31.184.235.172:6892 | udp | |
| N/A | 31.184.235.173:6892 | udp | |
| N/A | 31.184.235.174:6892 | udp | |
| N/A | 31.184.235.175:6892 | udp | |
| N/A | 31.184.235.176:6892 | udp | |
| N/A | 31.184.235.177:6892 | udp | |
| N/A | 31.184.235.178:6892 | udp | |
| N/A | 31.184.235.179:6892 | udp | |
| N/A | 31.184.235.180:6892 | udp | |
| N/A | 31.184.235.181:6892 | udp | |
| N/A | 31.184.235.182:6892 | udp | |
| N/A | 31.184.235.183:6892 | udp | |
| N/A | 31.184.235.184:6892 | udp | |
| N/A | 31.184.235.185:6892 | udp | |
| N/A | 31.184.235.186:6892 | udp | |
| N/A | 31.184.235.187:6892 | udp | |
| N/A | 31.184.235.188:6892 | udp | |
| N/A | 31.184.235.189:6892 | udp | |
| N/A | 31.184.235.190:6892 | udp | |
| N/A | 31.184.235.191:6892 | udp | |
| N/A | 31.184.235.192:6892 | udp | |
| N/A | 31.184.235.193:6892 | udp | |
| N/A | 31.184.235.194:6892 | udp | |
| N/A | 31.184.235.195:6892 | udp | |
| N/A | 31.184.235.196:6892 | udp | |
| N/A | 31.184.235.197:6892 | udp | |
| N/A | 31.184.235.198:6892 | udp | |
| N/A | 31.184.235.199:6892 | udp | |
| N/A | 31.184.235.200:6892 | udp | |
| N/A | 31.184.235.201:6892 | udp | |
| N/A | 31.184.235.202:6892 | udp | |
| N/A | 31.184.235.203:6892 | udp | |
| N/A | 31.184.235.204:6892 | udp | |
| N/A | 31.184.235.205:6892 | udp | |
| N/A | 31.184.235.206:6892 | udp | |
| N/A | 31.184.235.207:6892 | udp | |
| N/A | 31.184.235.208:6892 | udp | |
| N/A | 31.184.235.209:6892 | udp | |
| N/A | 31.184.235.210:6892 | udp | |
| N/A | 31.184.235.211:6892 | udp | |
| N/A | 31.184.235.212:6892 | udp | |
| N/A | 31.184.235.213:6892 | udp | |
| N/A | 31.184.235.214:6892 | udp | |
| N/A | 31.184.235.215:6892 | udp | |
| N/A | 31.184.235.216:6892 | udp | |
| N/A | 31.184.235.217:6892 | udp | |
| N/A | 31.184.235.218:6892 | udp | |
| N/A | 31.184.235.219:6892 | udp | |
| N/A | 31.184.235.220:6892 | udp | |
| N/A | 31.184.235.221:6892 | udp | |
| N/A | 31.184.235.222:6892 | udp | |
| N/A | 31.184.235.223:6892 | udp | |
| N/A | 31.184.235.224:6892 | udp | |
| N/A | 31.184.235.225:6892 | udp | |
| N/A | 31.184.235.226:6892 | udp | |
| N/A | 31.184.235.227:6892 | udp | |
| N/A | 31.184.235.228:6892 | udp | |
| N/A | 31.184.235.229:6892 | udp | |
| N/A | 31.184.235.230:6892 | udp | |
| N/A | 31.184.235.231:6892 | udp | |
| N/A | 31.184.235.232:6892 | udp | |
| N/A | 31.184.235.233:6892 | udp | |
| N/A | 31.184.235.234:6892 | udp | |
| N/A | 31.184.235.235:6892 | udp | |
| N/A | 31.184.235.236:6892 | udp | |
| N/A | 31.184.235.237:6892 | udp | |
| N/A | 31.184.235.238:6892 | udp | |
| N/A | 31.184.235.239:6892 | udp | |
| N/A | 31.184.235.240:6892 | udp | |
| N/A | 31.184.235.241:6892 | udp | |
| N/A | 31.184.235.242:6892 | udp | |
| N/A | 31.184.235.243:6892 | udp | |
| N/A | 31.184.235.244:6892 | udp | |
| N/A | 31.184.235.245:6892 | udp | |
| N/A | 31.184.235.246:6892 | udp | |
| N/A | 31.184.235.247:6892 | udp | |
| N/A | 31.184.235.248:6892 | udp | |
| N/A | 31.184.235.249:6892 | udp | |
| N/A | 31.184.235.250:6892 | udp | |
| N/A | 31.184.235.251:6892 | udp | |
| N/A | 31.184.235.252:6892 | udp | |
| N/A | 31.184.235.253:6892 | udp | |
| N/A | 31.184.235.254:6892 | udp | |
| N/A | 185.100.85.150:80 | bqyjebfh25oellur.onion.to | tcp |
| N/A | 185.100.85.150:80 | bqyjebfh25oellur.onion.to | tcp |
| N/A | 31.184.235.255:6892 | udp | |
| N/A | 8.8.8.8:53 | btc.blockr.io | udp |
| N/A | 8.8.8.8:53 | btc.blockr.io | udp |
| N/A | 8.8.8.8:53 | api.blockcypher.com | udp |
| N/A | 104.20.21.251:80 | api.blockcypher.com | tcp |
| N/A | 104.20.21.251:80 | api.blockcypher.com | tcp |
| N/A | 8.8.8.8:53 | chain.so | udp |
| N/A | 172.67.157.138:443 | chain.so | tcp |
| N/A | 172.67.157.138:443 | chain.so | tcp |
| N/A | 8.8.8.8:53 | sochain.com | udp |
| N/A | 104.26.14.247:443 | sochain.com | tcp |
| N/A | 104.26.14.247:443 | sochain.com | tcp |
| N/A | 8.8.8.8:53 | crl.verisign.com | udp |
| N/A | 8.8.8.8:53 | udp | |
| N/A | 204.79.197.200:443 | tcp | |
| N/A | 204.79.197.200:443 | tcp |
Files
\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe
| MD5 | 601d43f704d6d7c6060d5ec7f5fb6aec |
| SHA1 | 12754bcb9e254921eca1b2266feb5320982e4a4f |
| SHA256 | eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200 |
| SHA512 | a9f31b94e42e885777347f078dfa6c9fe1376be0a3ea55497abb7e9f605e7a9e64c7a82765c2de5df70474f9d3743f66f0d6d062d6d151464fb77df8c42cc3f8 |
C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe
| MD5 | 601d43f704d6d7c6060d5ec7f5fb6aec |
| SHA1 | 12754bcb9e254921eca1b2266feb5320982e4a4f |
| SHA256 | eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200 |
| SHA512 | a9f31b94e42e885777347f078dfa6c9fe1376be0a3ea55497abb7e9f605e7a9e64c7a82765c2de5df70474f9d3743f66f0d6d062d6d151464fb77df8c42cc3f8 |
memory/1140-1-0x0000000000000000-mapping.dmp
memory/1040-3-0x0000000000000000-mapping.dmp
memory/268-4-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe
| MD5 | 601d43f704d6d7c6060d5ec7f5fb6aec |
| SHA1 | 12754bcb9e254921eca1b2266feb5320982e4a4f |
| SHA256 | eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200 |
| SHA512 | a9f31b94e42e885777347f078dfa6c9fe1376be0a3ea55497abb7e9f605e7a9e64c7a82765c2de5df70474f9d3743f66f0d6d062d6d151464fb77df8c42cc3f8 |
memory/940-6-0x000007FEF7BD0000-0x000007FEF7E4A000-memory.dmp
memory/528-7-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\label.lnk
| MD5 | e361e6f0ef619b97576fb49ebcfdded7 |
| SHA1 | 17caa51b134ac9b276a3127dc842738f0e6bb55c |
| SHA256 | e519cd1ea0d688eba6c27bec09166bfed45aad5e3a6f4ac8d6aac7057e780f67 |
| SHA512 | 4410d6bb0f1026d896b27c45002f8d802c0ee4afc949a1df4f0a861b72f3119fefca835d1eba66e07fbb01f5d45f8bacf93978cbf921e3e9259770fcc5a8aca0 |
memory/548-9-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe
| MD5 | 601d43f704d6d7c6060d5ec7f5fb6aec |
| SHA1 | 12754bcb9e254921eca1b2266feb5320982e4a4f |
| SHA256 | eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200 |
| SHA512 | a9f31b94e42e885777347f078dfa6c9fe1376be0a3ea55497abb7e9f605e7a9e64c7a82765c2de5df70474f9d3743f66f0d6d062d6d151464fb77df8c42cc3f8 |
\Users\Admin\AppData\Roaming\{886FFC81-3F92-2114-B483-51AF935A6426}\label.exe
| MD5 | 601d43f704d6d7c6060d5ec7f5fb6aec |
| SHA1 | 12754bcb9e254921eca1b2266feb5320982e4a4f |
| SHA256 | eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200 |
| SHA512 | a9f31b94e42e885777347f078dfa6c9fe1376be0a3ea55497abb7e9f605e7a9e64c7a82765c2de5df70474f9d3743f66f0d6d062d6d151464fb77df8c42cc3f8 |
memory/1720-12-0x0000000000000000-mapping.dmp
memory/836-13-0x0000000000000000-mapping.dmp
C:\Users\Admin\Desktop\# DECRYPT MY FILES #.txt
| MD5 | ca6fb096a771ab52bf4ede70a8760191 |
| SHA1 | e7f5df8e510529b60349f4e1eafb65bda8481e39 |
| SHA256 | 49d5e44c23420bb615eda9235b7be04e4cec88bfd9f016eaa259f241692503ae |
| SHA512 | 1ae2b68a15069cac26172d4d2d1785698b61c47e9a0fdb6cdfa8ef9e17bb8382f6e1a9ce46ca8c7352eee4ff19bd030d63efb9cd3333ec2bfd485b5c6e76f432 |
memory/1120-15-0x0000000000000000-mapping.dmp
C:\Users\Admin\Desktop\# DECRYPT MY FILES #.html
| MD5 | 266104b312799f244c35a300d5b9d953 |
| SHA1 | 116b0b420197d7fe35a1bbc7884bbbfa1029488c |
| SHA256 | d9d66598c3b58579ffd717158e23fa527d4fb3e3ec43e73976c21e281609b98f |
| SHA512 | c128b945e58c3e2307c7bd2c5b8dc7d44b98005c5dde2936d3a11532af89663b2ce9f5f67696719abd6a04e263f12e1f7c7b20199a446a2050862ae8dd11ccb5 |
C:\Users\Admin\Desktop\# DECRYPT MY FILES #.url
| MD5 | 6fc059513ab848efe96fb5aa64e556a4 |
| SHA1 | 234b985f0bd1aa8b02575c4e532b334d323f43d6 |
| SHA256 | ed9a1a0eff65426c54ec43b276725762a6c7066ab69de46460bc96d31f25ea23 |
| SHA512 | 3f6cb221ec685d272fc8e69d0417b3bff69d37fa0e2a1a21bcf6eae7e0cfa043e2c2f201f43eee0d338b87a80f64502d2691957c03105ecec3980462c0eecf61 |
memory/1548-18-0x0000000000000000-mapping.dmp
C:\Users\Admin\Desktop\# DECRYPT MY FILES #.vbs
| MD5 | 1c2a24505278e661eca32666d4311ce5 |
| SHA1 | d1deb57023bbe38a33f0894b6a9a7bbffbfdeeee |
| SHA256 | 3f0dc6126cf33e7aa725df926a1b7d434eaf62a69f42e1b8ae4c110fd3572628 |
| SHA512 | ce866f2c4b96c6c7c090f4bf1708bfebdfcd58ce65a23bdc124a13402ef4941377c7e286e6156a28bd229e422685454052382f1f532545bc2edf07be4861b36c |
memory/1036-20-0x0000000000000000-mapping.dmp
memory/1748-21-0x0000000000000000-mapping.dmp
memory/2104-22-0x0000000000000000-mapping.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2020-11-09 20:51
Reported
2020-11-11 02:25
Platform
win10v20201028
Max time kernel
150s
Max time network
137s
Command Line
Signatures
Cerber
Adds policy Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run = "\"C:\\Users\\Admin\\AppData\\Roaming\\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\\isoburn.exe\"" | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run = "\"C:\\Users\\Admin\\AppData\\Roaming\\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\\isoburn.exe\"" | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\isoburn.lnk | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\isoburn.lnk | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\Run | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\Run\isoburn = "\"C:\\Users\\Admin\\AppData\\Roaming\\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\\isoburn.exe\"" | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\isoburn = "\"C:\\Users\\Admin\\AppData\\Roaming\\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\\isoburn.exe\"" | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\Run | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\Run\isoburn = "\"C:\\Users\\Admin\\AppData\\Roaming\\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\\isoburn.exe\"" | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\isoburn = "\"C:\\Users\\Admin\\AppData\\Roaming\\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\\isoburn.exe\"" | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
JavaScript code in executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | ip-api.com | N/A | N/A |
Sets desktop wallpaper using registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\AppData\\Local\\Temp\\tmp39CE.bmp" | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Debug\ESE.TXT | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
Modifies Control Panel
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\Desktop | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\Desktop\SCRNSAVE.EXE = "\"C:\\Users\\Admin\\AppData\\Roaming\\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\\isoburn.exe\"" | C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\Desktop | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\Desktop\SCRNSAVE.EXE = "\"C:\\Users\\Admin\\AppData\\Roaming\\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\\isoburn.exe\"" | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Control Panel\Colors | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$vBulletin 3 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Cookies | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLs\url5 = "https://twitter.com/" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData\Enabled = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\ChromeMigration\MigrationTime = 6c3a3b6c55add601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\ChromeMigration\AllComplete = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CacheLimit = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData\Md5FileCheck = 9fa75725855604a758366c6a1d9f0311 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Roaming\ChangeUnitGenerationNeeded = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\New Windows | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = c37e5237d1b7d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\NextUpdateDate = "311861359" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Extensible Cache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings | C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$Telligent | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListFirstRun = "3" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\IEMigration\AllComplete = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData\RulesFileCountryCode = "US" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLs\url1 = "https://www.facebook.com/" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData\RulesVersion = "6" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\IEMigration | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Cookies\CacheLimit = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\LastCleanup = 0000000000000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing\NewTabPage\ProcessingFlag = f0c1f749d1b7d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\DatastoreSchemaVersion = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main\OperationalData = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History\CacheLimit = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\DynamicCodePolicy = 00000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$vBulletin 4 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$http://www.typepad.com/ | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\FirstRecoveryTime = 6c3a3b6c55add601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "395205405" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Next Rating Prompt = 50f40e86e3ddd601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\IsSignedIn = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\usage\dscc_inventory | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$MediaWiki | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$WordPress | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\LowRegistry\DOMStorage | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\usage\dscc_inventory\ExtensionI = "{5D147143-9307-402E-8F7D-17E63ADD0C4F}" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\PrivacyAdvanced = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Content | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\NextPromptBuild = "15063" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify = 010000004d4d22c4dd2a2fb8178e8fdf3670c92d25a63a496170faaaa2cd30d6de811cdd3401dd8026af80354f21969bdf562672e612ebd45ccbe9b638dd6d7f83f2f3f969ceca706ee8dcf6719590821fece8d5a756ae22a419f1c8c079 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Toolbar\WebBrowser | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\usage\dscc_inventory\ExtensionI = "5" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 12451937d1b7d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ReadingMode | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ReadingMode\FontSize = "3" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\EdgeMigration\DatabaseComplete = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$blogger | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$Discuz! | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{AEBA21FA-782A-4A90-978D-B72164 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-Revision = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 0849fb49d1b7d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory\NextBrowserDataLogTime = 80cddc9b03b8d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\Certificates\5FF1348C80820F2A98 = 0300000001000000140000005ff1348c80820f2a988d0c0c7abea0ea394b5e6c040000000100000010000000fd42404f68fae3f0d490e8d19d08ab1d0f00000001000000200000005546bb2210de2560292e6f4610af4ffbdb453f9bf9983e62942c35959e16038d140000000100000014000000b3b30880146b0eb235e8e136e7d15c9c4847f5f3190000000100000010000000e142e209d34bfb2eac257eb76a2b61e15c0000000100000004000000000800001800000001000000100000002d581a49c8eb5b3b3c6ef9bb65314d702000000001000000e5050000308205e1308203c9a0030201020213330000016fd585f24b93e88a0700000000016f300d06092a864886f70d01010b0500307e310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e312830260603550403131f4d6963726f736f667420536563757265205365727665722043412032303131301e170d3139313231323030303333315a170d3231303331323030303333315a3081a3310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e310d300b060355040b130442696e67311b301906035504031312494520496e737472756d656e746174696f6e3121301f06092a864886f70d010901161271666265406d6963726f736f66742e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100cfb24782c35c66c63688c01ed857df9a4330b81628c86831de4d577f8cb2155b880ee41953a18ac28de644bacfa97558ec6f522490f103b7fa0092430f8e0ba55c36dd91f6f1f91baec6eb3581d89133141e1580e02ec2445e5380b178f92f81e97193be8be1223d36e5f2be070a3db6ac17987ea3b42d15994c73a10e64794da4660a5d875e179c567bb06ecfd7cbf4c1ee4fe453284e72877d746a3e178788a1bd540ba9250a931a11105bb98f1b2b757fa6c5ade16e7cc1d1628fedb716018526f5b56630b54cd5f75f938e9b4a956609cc441aac84a10a101f6429b6fceb9434a41b24f0ca9781bf72b010f14bd13dc5d996b6ed6c4d53156969dd04f7390203010001a38201303082012c300e0603551d0f0101ff0404030204f030150603551d25040e300c060a2b0601040182374c0c01301d0603551d0e04160414b3b30880146b0eb235e8e136e7d15c9c4847f5f3301f0603551d230418301680143656896549cb5b9b2f3cac4216504d91b933d79130530603551d1f044c304a3048a046a0448642687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b696f70732f63726c2f4d69635365635365724341323031315f323031312d31302d31382e63726c306006082b0601050507010104543052305006082b060105050730028644687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b696f70732f63657274732f4d69635365635365724341323031315f323031312d31302d31382e637274300c0603551d130101ff04023000300d06092a864886f70d01010b0500038202010064d81278e224099c122690412271d5f2d92ae1c00f7135d64f63663ccc0588826bf24cc6cffa0d6666b7e3f989825dd1021fd1bdc6a9d4a492c0f46198534382204d8668b0f3c8d85f9f614f7fff47e391a4fdc89dba1b423f1d2a8d4986ff42bac032a21224b246b03ffef26e7da49d3ef381ff9d669cda0234445bff395be1b70627f013ccde692280d75d690b4f4c5e3a123b379bd30bdc6cf1af0c69d97eb0aa4f580eb4e876465b2c62514a612a3971f6bc6ace33f569e0cbcbd5498caf2af949952c310221a382d0a7fbc4594b0bfe96a1c81d26639b249beea28179ead8377bf70e9a09596997af2b405c5425a1e5e6e46b065016901b7cd120e2389d47924b1f834955135461f7592c9487e3910bf0de382ad5906dd8c46b321b176698caaec19d1ee10aa6679981d8f2f5c40d69240a7075ce4341305d2bbd082e03c81c41baeb557b41904482ae88d0566f339ab517ae2f84223d567f9ec734c1c5a2be39aa24c49930b6428bbe2fa300f2369e1c8cc554c14010f1ee518afa32e4bf0a15cb251d37791338f5ade8ced4b67ca5fc56320c2c2973f9b13e250dabe4a373580becf787afd552c6b293dfc7bfb1f67739c64df74ae3d373e2db9c27090fe15e58591824e4f150602af628917a6d1353919cd0a8489596f97070833a98b34c2d3a0ebafda2f81096533b773c5914d7f05e66cb17af2bcd11ad517440b5 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IntelliForms | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\Favorites\Order = 0c0000000a000000000000000c0000000100000000000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\IEMigration\FlipAheadCompletedVersion = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = b9f50f4ad1b7d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListInPrivateBrowsingAllowed = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData\RulesFileVersion = "10" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CRLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "395205405" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\History | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CacheLimit = "256000" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "268435456" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLs\url2 = "https://login.aliexpress.com/" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLs\url3 = "https://signin.ebay.com/ws/ebayisapi.dll" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\History\CacheLimit = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify = 010000008208abc03c0dee4514ab97919fcdf295e271c9251061bd6691ffe93c17e0fa6f8a0af4f32727b5165afddb4ff395b52e0fd0304b495ea0e66bec | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\ChromeMigration | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\New Windows\AllowInPrivate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x1414\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 0738953cd1b7d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\MrtCache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\TreeView = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Content\CacheLimit = "256000" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Extensible Cache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing\NewTabPage | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\en-US = "en-US.1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\Certificates\83DA05A9886F7658B = 03000000010000001400000083da05a9886f7658be73acf0a4930c0f99b92f011400000001000000140000003656896549cb5b9b2f3cac4216504d91b933d79104000000010000001000000062455357dd57cb80c32ab295743cccc00f00000001000000200000006811c6215f18c75fdbe32cf56bd66248562a7fa3ba459cfee338745061e583941900000001000000100000002d581a49c8eb5b3b3c6ef9bb65314d705c000000010000000400000000100000180000000100000010000000bb048f1838395f6fc3a1f3d2b7e976542000000001000000dc060000308206d8308204c0a003020102020a613fb718000000000004300d06092a864886f70d01010b0500308188310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e31323030060355040313294d6963726f736f667420526f6f7420436572746966696361746520417574686f726974792032303131301e170d3131313031383232353531395a170d3236313031383233303531395a307e310b3009060355040613025553311330110603550408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e312830260603550403131f4d6963726f736f66742053656375726520536572766572204341203230313130820222300d06092a864886f70d01010105000382020f003082020a0282020100d00bc0a4a81981e236e5e2aae5f3b2155875beb4e549f1e084f9bb0d64ef85c18155b8f3e7f16d40553dce8b6ad18493f5757c5ba4d47410ca32f323d3aeeecf9e0458c2d947cbd17c004148711b01671718afc6fe73037ee4ef439cef01712a1f81264377985457739d552bf09e8e7d060eac1b54f326f7f82308228b9e061d3738fd72d2cae563c19a5a7db26db352a96ee9aeb5fc8b36f99efaf61c581b9756a511e5b752dbbbe9f054bfb4ff2c6cb85d26cea00ad7df93ed7fddacf12c731ad9193755badd22788ea1d49b09f807223171b094aee0b0e726445790819715ce61ec65e24bf185521632f8b578aa7ecd4dec8321a4a89bbe9a6a04e0a31ccd56186cfd6b2f423ee237f272abd07873727bdeec0058e52130a3083a99ef9fc3f77a169665b5c381aff4397049aff6a9f66a0038f9b40819e01a35a55676225f6af269ae3ead58464db854f68941441e72b1bc122753d2c1ffb2cd50981eb5f4bbb6c28239d9ac1bf23b27846ab0c6260bd73a10e7b3db7cd356ac534c0bfa3b313774d8592bf9007919067bfd1c1d42d4410d2f050ed56b4923ffcfcdf87a82cfda3c2ddfe8d8120418ba1e8877b8981f1007bbc8057e0b09bf6bdde34e5bb0f9c784a63bca4c9f5b6229f7c7a2a89588702ce5c13f3c52234f409ac33185832fbf29f11d508f219607ceeff280c2447d9b62ef2fc37789ab454d533e0279d30203010001a382014b30820147301006092b06010401823715010403020100301d0603551d0e041604143656896549cb5b9b2f3cac4216504d91b933d791301906092b0601040182371402040c1e0a00530075006200430041300b0603551d0f040403020186300f0603551d130101ff040530030101ff301f0603551d23041830168014722d3a02319043b914054ee1eaa7c731d1238934305a0603551d1f04533051304fa04da04b8649687474703a2f2f63726c2e6d6963726f736f66742e636f6d2f706b692f63726c2f70726f64756374732f4d6963526f6f436572417574323031315f323031315f30335f32322e63726c305e06082b0601050507010104523050304e06082b060105050730028642687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b692f63657274732f4d6963526f6f436572417574323031315f323031315f30335f32322e637274300d06092a864886f70d01010b0500038202010041c861c1f55b9e3e9131f1b0c6bf0901b49db69074d709dba62e0d9fc8e7763446af0760894c81b33cd5f4123575c273a5f54d848ccba45dafbf92f617085742957265057679adeed1bab82e54a35107ac68eb210ce32581c2cd2af2c3ffcfc2bd49189ac7f084c5f914bc6b95e596efb342d253d54aa012c4ae12765309560e9df7d3a6498850f28a2c9720a2be4e78ef0565b74ba11688de31c70842247ca47b9e9dbc60005e6297e393fca7fe5b7b25dfe4537f4bbee63ef0db0179421c6e856c7db64430fba5379293b2a5ee20ad3f53d5c9f4286b57c1f81d6ab7562ab627811ca62d9fe7f4d0318397a82ab6acbe1b41f5e4895f56fbda5ad35e7d5594107e5357f44a3d402ac8bd679f84e110eefdda6b158249fc461dff4506749c4214edc539d3b3cd0b832790435192f24482ae6e9a1517b219fac7456c98017bbf37a9b088a492bc3838e01de47c97981a2e5fef3865b7352fbd7f4f21fac48cd26f06f94935eadf200f25aaea60ab2c1f4b89fcb7fa5c54904b3ea2284f6ce45265c1fd901c8582886ee9a655dd21287945b014e50acce65fc4bbdb6134699fac2638f7c1294108152e4ca0f7f90c3ede5fab08092d83acac348362f4c949428925b56eb247c5b339a0b1201b2cb18e046fa530491cd046e9405bf4ad6ebadb824a87124a80094ddbdf76b9055b1be0bb20705f0025c7d30efa16ad7b229e7108 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath\dummySetting = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\Favorites | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\SharedCookie_MRACMigrationDone = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\LowRegistry | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify = 01000000c3f031937b98cd5cd13cac4fc47a6b89733ecc605c7fbed9a818da8a8638209810140371b4cd097b0ebed79549989474ac068886a2c6e15526621f60bdfcdd0324e91c11ecef96fd647801c1120aad48eacf5ab35f0b79c948b4a43d1aa5f15cf90e8f69d71e39274c0ba0969cf1a713ef3932aef66cb50ae1afdf132053e5736325d9229a7ab6b5f516874ae46dd65c17e58fa07e0bf65e20f4ffd98f252f150acd62b8ec23967ca63bf1d61a9f53830c7195fd4307beb88221acc9f43d9e5584a5abac87395ecbf219058212a58569267e4b7fc87f3aca34d8793149ba151e6a4f87caf0dc0fa7ef500677f9a0cd71ceac6d2f169573e681b79fcf40bc9514036a2a79ba2c5ad29580c98970b15ccbc79bce80a46740aec65f4fc37f63c5cf8595171cab49e6a71a49451a2ff68f0cb2ebfc7d55178a9430718308b3ce365b6c721889f7533abd164b671ef5902724643d21fffac3f02dcb8b048aeb1f4f0ddd9ffa879d6a32630026e6b2a79fda904a2f51f8538de44d534fe2bc1275c2a8d0bee564afae60e9567a8b47594470ef55625bd0b09338fcf30f9cbd6bdf639e3d59bcb1d15b | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{D58FD1C7-0FE5-4FE3-8AC9-FA9CC7A0D994} = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\EnablementState = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\EdgeMigration\AllComplete = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Extensible Cache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Explorer | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify = 01000000fb42f508d38102d455e110b4dc6eb3032bc212eb37d40f81207af72d64f413a1a241f446d825a2d13b15dc0e500796ec13bccb8fcb70aacaba02 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Cookies | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\LowRegistry\DontShowMeThisDialogAgain | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\ACGPolicyState = "6" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\EdgeMigration | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main\OperationalData = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = bae48d3cd1b7d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\ | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ReadingMode\SettingsVersion = "2" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\EdgeMigration\ManagerHistoryComplete = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\IEMigration\TypedUrlsComplete = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CacheLimit = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory\UUID = "{F7B0BC23-BA68-49EE-8AE2-33627FFA2E9B}" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\LastCleanup = 6151ae3cd1b7d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\NextUpdateDate = "311855864" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\SubSysId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Zoom | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DXFeatureLevel = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\NextUpdateDate = "311892760" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLs\url4 = "https://login.live.com/" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Explorer\Main\OperationalData = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData\RulesFileNextUpdateDate = "311898868" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\EnableNegotiate = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\InternetRegistry | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\Extensions | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 570f5151d1b7d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Rating Prompt Shown = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\IEMigration\SmartScreenCompletedVersio = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\usage\dscc_inventory\ExtensionI | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Roaming | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PageSetup | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Toolbar | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = d649bc36d1b7d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\OneTimeCleanup = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\FileVersion = "2016061511" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\Certificates\83DA05A9886F7658B | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\IEMigration\DetectPhoneNumberCompleted = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-087602 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\IEMigration\MigrationTime = 6c3a3b6c55add601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\Certificates\5FF1348C80820F2A98 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DeviceId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 108ea337d1b7d601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "268435456" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\usage | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CacheLimit = "256000" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CacheLimit = "1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\ImageStoreRandomFolder = "fijhyt3" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3341490333-719741536-2920803124-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\UserStateMigration\EdgeMigration\MigrationTime = 6c3a3b6c55add601 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
Runs ping.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\PING.EXE | N/A |
| N/A | N/A | C:\Windows\system32\PING.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: MapViewOfSection
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe
"C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe"
C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe
"C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe"
C:\Windows\SysWOW64\cmd.exe
/d /c taskkill /t /f /im "eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe" > NUL & ping -n 1 127.0.0.1 > NUL & del "C:\Users\Admin\AppData\Local\Temp\eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe" > NUL
C:\Windows\SysWOW64\taskkill.exe
taskkill /t /f /im "eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200.exe"
C:\Windows\SysWOW64\PING.EXE
ping -n 1 127.0.0.1
C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe
C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\# DECRYPT MY FILES #.txt
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\# DECRYPT MY FILES #.vbs"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x424
C:\Windows\system32\cmd.exe
/d /c taskkill /t /f /im "isoburn.exe" > NUL & ping -n 1 127.0.0.1 > NUL & del "C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe" > NUL
C:\Windows\system32\taskkill.exe
taskkill /t /f /im "isoburn.exe"
C:\Windows\system32\PING.EXE
ping -n 1 127.0.0.1
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
Network
| Country | Destination | Domain | Proto |
| N/A | 52.109.8.21:443 | tcp | |
| N/A | 8.8.8.8:53 | ip-api.com | udp |
| N/A | 208.95.112.1:80 | ip-api.com | tcp |
| N/A | 52.109.12.20:443 | tcp | |
| N/A | 31.184.234.0:6892 | udp | |
| N/A | 31.184.234.1:6892 | udp | |
| N/A | 31.184.234.2:6892 | udp | |
| N/A | 31.184.234.3:6892 | udp | |
| N/A | 31.184.234.4:6892 | udp | |
| N/A | 31.184.234.5:6892 | udp | |
| N/A | 31.184.234.6:6892 | udp | |
| N/A | 31.184.234.7:6892 | udp | |
| N/A | 31.184.234.8:6892 | udp | |
| N/A | 31.184.234.9:6892 | udp | |
| N/A | 31.184.234.10:6892 | udp | |
| N/A | 31.184.234.11:6892 | udp | |
| N/A | 31.184.234.12:6892 | udp | |
| N/A | 31.184.234.13:6892 | udp | |
| N/A | 31.184.234.14:6892 | udp | |
| N/A | 31.184.234.15:6892 | udp | |
| N/A | 31.184.234.16:6892 | udp | |
| N/A | 31.184.234.17:6892 | udp | |
| N/A | 31.184.234.18:6892 | udp | |
| N/A | 31.184.234.19:6892 | udp | |
| N/A | 31.184.234.20:6892 | udp | |
| N/A | 31.184.234.21:6892 | udp | |
| N/A | 31.184.234.22:6892 | udp | |
| N/A | 31.184.234.23:6892 | udp | |
| N/A | 31.184.234.24:6892 | udp | |
| N/A | 31.184.234.25:6892 | udp | |
| N/A | 31.184.234.26:6892 | udp | |
| N/A | 31.184.234.27:6892 | udp | |
| N/A | 31.184.234.28:6892 | udp | |
| N/A | 31.184.234.29:6892 | udp | |
| N/A | 31.184.234.30:6892 | udp | |
| N/A | 31.184.234.31:6892 | udp | |
| N/A | 31.184.234.32:6892 | udp | |
| N/A | 31.184.234.33:6892 | udp | |
| N/A | 31.184.234.34:6892 | udp | |
| N/A | 31.184.234.35:6892 | udp | |
| N/A | 31.184.234.36:6892 | udp | |
| N/A | 31.184.234.37:6892 | udp | |
| N/A | 31.184.234.38:6892 | udp | |
| N/A | 31.184.234.39:6892 | udp | |
| N/A | 31.184.234.40:6892 | udp | |
| N/A | 31.184.234.41:6892 | udp | |
| N/A | 31.184.234.42:6892 | udp | |
| N/A | 31.184.234.43:6892 | udp | |
| N/A | 31.184.234.44:6892 | udp | |
| N/A | 31.184.234.45:6892 | udp | |
| N/A | 31.184.234.46:6892 | udp | |
| N/A | 31.184.234.47:6892 | udp | |
| N/A | 31.184.234.48:6892 | udp | |
| N/A | 31.184.234.49:6892 | udp | |
| N/A | 31.184.234.50:6892 | udp | |
| N/A | 31.184.234.51:6892 | udp | |
| N/A | 31.184.234.52:6892 | udp | |
| N/A | 31.184.234.53:6892 | udp | |
| N/A | 31.184.234.54:6892 | udp | |
| N/A | 31.184.234.55:6892 | udp | |
| N/A | 31.184.234.56:6892 | udp | |
| N/A | 31.184.234.57:6892 | udp | |
| N/A | 31.184.234.58:6892 | udp | |
| N/A | 31.184.234.59:6892 | udp | |
| N/A | 31.184.234.60:6892 | udp | |
| N/A | 31.184.234.61:6892 | udp | |
| N/A | 31.184.234.62:6892 | udp | |
| N/A | 31.184.234.63:6892 | udp | |
| N/A | 31.184.234.64:6892 | udp | |
| N/A | 31.184.234.65:6892 | udp | |
| N/A | 31.184.234.66:6892 | udp | |
| N/A | 31.184.234.67:6892 | udp | |
| N/A | 31.184.234.68:6892 | udp | |
| N/A | 31.184.234.69:6892 | udp | |
| N/A | 31.184.234.70:6892 | udp | |
| N/A | 31.184.234.71:6892 | udp | |
| N/A | 31.184.234.72:6892 | udp | |
| N/A | 31.184.234.73:6892 | udp | |
| N/A | 31.184.234.74:6892 | udp | |
| N/A | 31.184.234.75:6892 | udp | |
| N/A | 31.184.234.76:6892 | udp | |
| N/A | 31.184.234.77:6892 | udp | |
| N/A | 31.184.234.78:6892 | udp | |
| N/A | 31.184.234.79:6892 | udp | |
| N/A | 31.184.234.80:6892 | udp | |
| N/A | 31.184.234.81:6892 | udp | |
| N/A | 31.184.234.82:6892 | udp | |
| N/A | 31.184.234.83:6892 | udp | |
| N/A | 31.184.234.84:6892 | udp | |
| N/A | 31.184.234.85:6892 | udp | |
| N/A | 31.184.234.86:6892 | udp | |
| N/A | 31.184.234.87:6892 | udp | |
| N/A | 31.184.234.88:6892 | udp | |
| N/A | 31.184.234.89:6892 | udp | |
| N/A | 31.184.234.90:6892 | udp | |
| N/A | 31.184.234.91:6892 | udp | |
| N/A | 31.184.234.92:6892 | udp | |
| N/A | 31.184.234.93:6892 | udp | |
| N/A | 31.184.234.94:6892 | udp | |
| N/A | 31.184.234.95:6892 | udp | |
| N/A | 31.184.234.96:6892 | udp | |
| N/A | 31.184.234.97:6892 | udp | |
| N/A | 31.184.234.98:6892 | udp | |
| N/A | 31.184.234.99:6892 | udp | |
| N/A | 31.184.234.100:6892 | udp | |
| N/A | 31.184.234.101:6892 | udp | |
| N/A | 31.184.234.102:6892 | udp | |
| N/A | 31.184.234.103:6892 | udp | |
| N/A | 31.184.234.104:6892 | udp | |
| N/A | 31.184.234.105:6892 | udp | |
| N/A | 31.184.234.106:6892 | udp | |
| N/A | 31.184.234.107:6892 | udp | |
| N/A | 31.184.234.108:6892 | udp | |
| N/A | 31.184.234.109:6892 | udp | |
| N/A | 31.184.234.110:6892 | udp | |
| N/A | 31.184.234.111:6892 | udp | |
| N/A | 31.184.234.112:6892 | udp | |
| N/A | 31.184.234.113:6892 | udp | |
| N/A | 31.184.234.114:6892 | udp | |
| N/A | 31.184.234.115:6892 | udp | |
| N/A | 31.184.234.116:6892 | udp | |
| N/A | 31.184.234.117:6892 | udp | |
| N/A | 31.184.234.118:6892 | udp | |
| N/A | 31.184.234.119:6892 | udp | |
| N/A | 31.184.234.120:6892 | udp | |
| N/A | 31.184.234.121:6892 | udp | |
| N/A | 31.184.234.122:6892 | udp | |
| N/A | 31.184.234.123:6892 | udp | |
| N/A | 31.184.234.124:6892 | udp | |
| N/A | 31.184.234.125:6892 | udp | |
| N/A | 31.184.234.126:6892 | udp | |
| N/A | 31.184.234.127:6892 | udp | |
| N/A | 31.184.234.128:6892 | udp | |
| N/A | 31.184.234.129:6892 | udp | |
| N/A | 31.184.234.130:6892 | udp | |
| N/A | 31.184.234.131:6892 | udp | |
| N/A | 31.184.234.132:6892 | udp | |
| N/A | 31.184.234.133:6892 | udp | |
| N/A | 31.184.234.134:6892 | udp | |
| N/A | 31.184.234.135:6892 | udp | |
| N/A | 31.184.234.136:6892 | udp | |
| N/A | 31.184.234.137:6892 | udp | |
| N/A | 31.184.234.138:6892 | udp | |
| N/A | 31.184.234.139:6892 | udp | |
| N/A | 31.184.234.140:6892 | udp | |
| N/A | 31.184.234.141:6892 | udp | |
| N/A | 31.184.234.142:6892 | udp | |
| N/A | 31.184.234.143:6892 | udp | |
| N/A | 31.184.234.144:6892 | udp | |
| N/A | 31.184.234.145:6892 | udp | |
| N/A | 31.184.234.146:6892 | udp | |
| N/A | 31.184.234.147:6892 | udp | |
| N/A | 31.184.234.148:6892 | udp | |
| N/A | 31.184.234.149:6892 | udp | |
| N/A | 31.184.234.150:6892 | udp | |
| N/A | 31.184.234.151:6892 | udp | |
| N/A | 31.184.234.152:6892 | udp | |
| N/A | 31.184.234.153:6892 | udp | |
| N/A | 31.184.234.154:6892 | udp | |
| N/A | 31.184.234.155:6892 | udp | |
| N/A | 31.184.234.156:6892 | udp | |
| N/A | 31.184.234.157:6892 | udp | |
| N/A | 31.184.234.158:6892 | udp | |
| N/A | 31.184.234.159:6892 | udp | |
| N/A | 31.184.234.160:6892 | udp | |
| N/A | 31.184.234.161:6892 | udp | |
| N/A | 31.184.234.162:6892 | udp | |
| N/A | 31.184.234.163:6892 | udp | |
| N/A | 31.184.234.164:6892 | udp | |
| N/A | 31.184.234.165:6892 | udp | |
| N/A | 31.184.234.166:6892 | udp | |
| N/A | 31.184.234.167:6892 | udp | |
| N/A | 31.184.234.168:6892 | udp | |
| N/A | 31.184.234.169:6892 | udp | |
| N/A | 31.184.234.170:6892 | udp | |
| N/A | 31.184.234.171:6892 | udp | |
| N/A | 31.184.234.172:6892 | udp | |
| N/A | 31.184.234.173:6892 | udp | |
| N/A | 31.184.234.174:6892 | udp | |
| N/A | 31.184.234.175:6892 | udp | |
| N/A | 31.184.234.176:6892 | udp | |
| N/A | 31.184.234.177:6892 | udp | |
| N/A | 31.184.234.178:6892 | udp | |
| N/A | 31.184.234.179:6892 | udp | |
| N/A | 31.184.234.180:6892 | udp | |
| N/A | 31.184.234.181:6892 | udp | |
| N/A | 31.184.234.182:6892 | udp | |
| N/A | 31.184.234.183:6892 | udp | |
| N/A | 31.184.234.184:6892 | udp | |
| N/A | 31.184.234.185:6892 | udp | |
| N/A | 31.184.234.186:6892 | udp | |
| N/A | 31.184.234.187:6892 | udp | |
| N/A | 31.184.234.188:6892 | udp | |
| N/A | 31.184.234.189:6892 | udp | |
| N/A | 31.184.234.190:6892 | udp | |
| N/A | 31.184.234.191:6892 | udp | |
| N/A | 31.184.234.192:6892 | udp | |
| N/A | 31.184.234.193:6892 | udp | |
| N/A | 31.184.234.194:6892 | udp | |
| N/A | 31.184.234.195:6892 | udp | |
| N/A | 31.184.234.196:6892 | udp | |
| N/A | 31.184.234.197:6892 | udp | |
| N/A | 31.184.234.198:6892 | udp | |
| N/A | 31.184.234.199:6892 | udp | |
| N/A | 31.184.234.200:6892 | udp | |
| N/A | 31.184.234.201:6892 | udp | |
| N/A | 31.184.234.202:6892 | udp | |
| N/A | 31.184.234.203:6892 | udp | |
| N/A | 31.184.234.204:6892 | udp | |
| N/A | 31.184.234.205:6892 | udp | |
| N/A | 31.184.234.206:6892 | udp | |
| N/A | 31.184.234.207:6892 | udp | |
| N/A | 31.184.234.208:6892 | udp | |
| N/A | 31.184.234.209:6892 | udp | |
| N/A | 31.184.234.210:6892 | udp | |
| N/A | 31.184.234.211:6892 | udp | |
| N/A | 31.184.234.212:6892 | udp | |
| N/A | 31.184.234.213:6892 | udp | |
| N/A | 31.184.234.214:6892 | udp | |
| N/A | 31.184.234.215:6892 | udp | |
| N/A | 31.184.234.216:6892 | udp | |
| N/A | 31.184.234.217:6892 | udp | |
| N/A | 31.184.234.218:6892 | udp | |
| N/A | 31.184.234.219:6892 | udp | |
| N/A | 31.184.234.220:6892 | udp | |
| N/A | 31.184.234.221:6892 | udp | |
| N/A | 31.184.234.222:6892 | udp | |
| N/A | 31.184.234.223:6892 | udp | |
| N/A | 31.184.234.224:6892 | udp | |
| N/A | 31.184.234.225:6892 | udp | |
| N/A | 31.184.234.226:6892 | udp | |
| N/A | 31.184.234.227:6892 | udp | |
| N/A | 31.184.234.228:6892 | udp | |
| N/A | 31.184.234.229:6892 | udp | |
| N/A | 31.184.234.230:6892 | udp | |
| N/A | 31.184.234.231:6892 | udp | |
| N/A | 31.184.234.232:6892 | udp | |
| N/A | 31.184.234.233:6892 | udp | |
| N/A | 31.184.234.234:6892 | udp | |
| N/A | 31.184.234.235:6892 | udp | |
| N/A | 31.184.234.236:6892 | udp | |
| N/A | 31.184.234.237:6892 | udp | |
| N/A | 31.184.234.238:6892 | udp | |
| N/A | 31.184.234.239:6892 | udp | |
| N/A | 31.184.234.240:6892 | udp | |
| N/A | 31.184.234.241:6892 | udp | |
| N/A | 31.184.234.242:6892 | udp | |
| N/A | 31.184.234.243:6892 | udp | |
| N/A | 31.184.234.244:6892 | udp | |
| N/A | 31.184.234.245:6892 | udp | |
| N/A | 31.184.234.246:6892 | udp | |
| N/A | 31.184.234.247:6892 | udp | |
| N/A | 31.184.234.248:6892 | udp | |
| N/A | 31.184.234.249:6892 | udp | |
| N/A | 31.184.234.250:6892 | udp | |
| N/A | 31.184.234.251:6892 | udp | |
| N/A | 31.184.234.252:6892 | udp | |
| N/A | 31.184.234.253:6892 | udp | |
| N/A | 31.184.234.254:6892 | udp | |
| N/A | 31.184.234.255:6892 | udp | |
| N/A | 31.184.235.0:6892 | udp | |
| N/A | 31.184.235.1:6892 | udp | |
| N/A | 31.184.235.2:6892 | udp | |
| N/A | 31.184.235.3:6892 | udp | |
| N/A | 31.184.235.4:6892 | udp | |
| N/A | 31.184.235.5:6892 | udp | |
| N/A | 31.184.235.6:6892 | udp | |
| N/A | 31.184.235.7:6892 | udp | |
| N/A | 31.184.235.8:6892 | udp | |
| N/A | 31.184.235.9:6892 | udp | |
| N/A | 31.184.235.10:6892 | udp | |
| N/A | 31.184.235.11:6892 | udp | |
| N/A | 31.184.235.12:6892 | udp | |
| N/A | 31.184.235.13:6892 | udp | |
| N/A | 31.184.235.14:6892 | udp | |
| N/A | 31.184.235.15:6892 | udp | |
| N/A | 31.184.235.16:6892 | udp | |
| N/A | 31.184.235.17:6892 | udp | |
| N/A | 31.184.235.18:6892 | udp | |
| N/A | 31.184.235.19:6892 | udp | |
| N/A | 31.184.235.20:6892 | udp | |
| N/A | 31.184.235.21:6892 | udp | |
| N/A | 31.184.235.22:6892 | udp | |
| N/A | 31.184.235.23:6892 | udp | |
| N/A | 31.184.235.24:6892 | udp | |
| N/A | 31.184.235.25:6892 | udp | |
| N/A | 31.184.235.26:6892 | udp | |
| N/A | 31.184.235.27:6892 | udp | |
| N/A | 31.184.235.28:6892 | udp | |
| N/A | 31.184.235.29:6892 | udp | |
| N/A | 31.184.235.30:6892 | udp | |
| N/A | 31.184.235.31:6892 | udp | |
| N/A | 31.184.235.32:6892 | udp | |
| N/A | 31.184.235.33:6892 | udp | |
| N/A | 31.184.235.34:6892 | udp | |
| N/A | 31.184.235.35:6892 | udp | |
| N/A | 31.184.235.36:6892 | udp | |
| N/A | 31.184.235.37:6892 | udp | |
| N/A | 31.184.235.38:6892 | udp | |
| N/A | 31.184.235.39:6892 | udp | |
| N/A | 31.184.235.40:6892 | udp | |
| N/A | 31.184.235.41:6892 | udp | |
| N/A | 31.184.235.42:6892 | udp | |
| N/A | 31.184.235.43:6892 | udp | |
| N/A | 31.184.235.44:6892 | udp | |
| N/A | 31.184.235.45:6892 | udp | |
| N/A | 31.184.235.46:6892 | udp | |
| N/A | 31.184.235.47:6892 | udp | |
| N/A | 31.184.235.48:6892 | udp | |
| N/A | 31.184.235.49:6892 | udp | |
| N/A | 31.184.235.50:6892 | udp | |
| N/A | 31.184.235.51:6892 | udp | |
| N/A | 31.184.235.52:6892 | udp | |
| N/A | 31.184.235.53:6892 | udp | |
| N/A | 31.184.235.54:6892 | udp | |
| N/A | 31.184.235.55:6892 | udp | |
| N/A | 31.184.235.56:6892 | udp | |
| N/A | 31.184.235.57:6892 | udp | |
| N/A | 31.184.235.58:6892 | udp | |
| N/A | 31.184.235.59:6892 | udp | |
| N/A | 31.184.235.60:6892 | udp | |
| N/A | 31.184.235.61:6892 | udp | |
| N/A | 31.184.235.62:6892 | udp | |
| N/A | 31.184.235.63:6892 | udp | |
| N/A | 31.184.235.64:6892 | udp | |
| N/A | 31.184.235.65:6892 | udp | |
| N/A | 31.184.235.66:6892 | udp | |
| N/A | 31.184.235.67:6892 | udp | |
| N/A | 31.184.235.68:6892 | udp | |
| N/A | 31.184.235.69:6892 | udp | |
| N/A | 31.184.235.70:6892 | udp | |
| N/A | 31.184.235.71:6892 | udp | |
| N/A | 31.184.235.72:6892 | udp | |
| N/A | 31.184.235.73:6892 | udp | |
| N/A | 31.184.235.74:6892 | udp | |
| N/A | 31.184.235.75:6892 | udp | |
| N/A | 31.184.235.76:6892 | udp | |
| N/A | 31.184.235.77:6892 | udp | |
| N/A | 31.184.235.78:6892 | udp | |
| N/A | 31.184.235.79:6892 | udp | |
| N/A | 31.184.235.80:6892 | udp | |
| N/A | 31.184.235.81:6892 | udp | |
| N/A | 31.184.235.82:6892 | udp | |
| N/A | 31.184.235.83:6892 | udp | |
| N/A | 31.184.235.84:6892 | udp | |
| N/A | 31.184.235.85:6892 | udp | |
| N/A | 31.184.235.86:6892 | udp | |
| N/A | 31.184.235.87:6892 | udp | |
| N/A | 31.184.235.88:6892 | udp | |
| N/A | 31.184.235.89:6892 | udp | |
| N/A | 31.184.235.90:6892 | udp | |
| N/A | 31.184.235.91:6892 | udp | |
| N/A | 31.184.235.92:6892 | udp | |
| N/A | 31.184.235.93:6892 | udp | |
| N/A | 31.184.235.94:6892 | udp | |
| N/A | 31.184.235.95:6892 | udp | |
| N/A | 31.184.235.96:6892 | udp | |
| N/A | 31.184.235.97:6892 | udp | |
| N/A | 31.184.235.98:6892 | udp | |
| N/A | 31.184.235.99:6892 | udp | |
| N/A | 31.184.235.100:6892 | udp | |
| N/A | 31.184.235.101:6892 | udp | |
| N/A | 31.184.235.102:6892 | udp | |
| N/A | 31.184.235.103:6892 | udp | |
| N/A | 31.184.235.104:6892 | udp | |
| N/A | 31.184.235.105:6892 | udp | |
| N/A | 31.184.235.106:6892 | udp | |
| N/A | 31.184.235.107:6892 | udp | |
| N/A | 31.184.235.108:6892 | udp | |
| N/A | 31.184.235.109:6892 | udp | |
| N/A | 31.184.235.110:6892 | udp | |
| N/A | 31.184.235.111:6892 | udp | |
| N/A | 31.184.235.112:6892 | udp | |
| N/A | 31.184.235.113:6892 | udp | |
| N/A | 31.184.235.114:6892 | udp | |
| N/A | 31.184.235.115:6892 | udp | |
| N/A | 31.184.235.116:6892 | udp | |
| N/A | 31.184.235.117:6892 | udp | |
| N/A | 31.184.235.118:6892 | udp | |
| N/A | 31.184.235.119:6892 | udp | |
| N/A | 31.184.235.120:6892 | udp | |
| N/A | 31.184.235.121:6892 | udp | |
| N/A | 31.184.235.122:6892 | udp | |
| N/A | 31.184.235.123:6892 | udp | |
| N/A | 31.184.235.124:6892 | udp | |
| N/A | 31.184.235.125:6892 | udp | |
| N/A | 31.184.235.126:6892 | udp | |
| N/A | 31.184.235.127:6892 | udp | |
| N/A | 31.184.235.128:6892 | udp | |
| N/A | 31.184.235.129:6892 | udp | |
| N/A | 31.184.235.130:6892 | udp | |
| N/A | 31.184.235.131:6892 | udp | |
| N/A | 31.184.235.132:6892 | udp | |
| N/A | 31.184.235.133:6892 | udp | |
| N/A | 31.184.235.134:6892 | udp | |
| N/A | 31.184.235.135:6892 | udp | |
| N/A | 31.184.235.136:6892 | udp | |
| N/A | 31.184.235.137:6892 | udp | |
| N/A | 31.184.235.138:6892 | udp | |
| N/A | 31.184.235.139:6892 | udp | |
| N/A | 31.184.235.140:6892 | udp | |
| N/A | 31.184.235.141:6892 | udp | |
| N/A | 31.184.235.142:6892 | udp | |
| N/A | 31.184.235.143:6892 | udp | |
| N/A | 31.184.235.144:6892 | udp | |
| N/A | 31.184.235.145:6892 | udp | |
| N/A | 31.184.235.146:6892 | udp | |
| N/A | 31.184.235.147:6892 | udp | |
| N/A | 31.184.235.148:6892 | udp | |
| N/A | 31.184.235.149:6892 | udp | |
| N/A | 31.184.235.150:6892 | udp | |
| N/A | 31.184.235.151:6892 | udp | |
| N/A | 31.184.235.152:6892 | udp | |
| N/A | 31.184.235.153:6892 | udp | |
| N/A | 31.184.235.154:6892 | udp | |
| N/A | 31.184.235.155:6892 | udp | |
| N/A | 31.184.235.156:6892 | udp | |
| N/A | 31.184.235.157:6892 | udp | |
| N/A | 31.184.235.158:6892 | udp | |
| N/A | 31.184.235.159:6892 | udp | |
| N/A | 31.184.235.160:6892 | udp | |
| N/A | 31.184.235.161:6892 | udp | |
| N/A | 31.184.235.162:6892 | udp | |
| N/A | 31.184.235.163:6892 | udp | |
| N/A | 31.184.235.164:6892 | udp | |
| N/A | 31.184.235.165:6892 | udp | |
| N/A | 31.184.235.166:6892 | udp | |
| N/A | 31.184.235.167:6892 | udp | |
| N/A | 31.184.235.168:6892 | udp | |
| N/A | 31.184.235.169:6892 | udp | |
| N/A | 31.184.235.170:6892 | udp | |
| N/A | 31.184.235.171:6892 | udp | |
| N/A | 31.184.235.172:6892 | udp | |
| N/A | 31.184.235.173:6892 | udp | |
| N/A | 31.184.235.174:6892 | udp | |
| N/A | 31.184.235.175:6892 | udp | |
| N/A | 31.184.235.176:6892 | udp | |
| N/A | 31.184.235.177:6892 | udp | |
| N/A | 31.184.235.178:6892 | udp | |
| N/A | 31.184.235.179:6892 | udp | |
| N/A | 31.184.235.180:6892 | udp | |
| N/A | 31.184.235.181:6892 | udp | |
| N/A | 31.184.235.182:6892 | udp | |
| N/A | 31.184.235.183:6892 | udp | |
| N/A | 31.184.235.184:6892 | udp | |
| N/A | 31.184.235.185:6892 | udp | |
| N/A | 31.184.235.186:6892 | udp | |
| N/A | 31.184.235.187:6892 | udp | |
| N/A | 31.184.235.188:6892 | udp | |
| N/A | 31.184.235.189:6892 | udp | |
| N/A | 31.184.235.190:6892 | udp | |
| N/A | 31.184.235.191:6892 | udp | |
| N/A | 31.184.235.192:6892 | udp | |
| N/A | 31.184.235.193:6892 | udp | |
| N/A | 31.184.235.194:6892 | udp | |
| N/A | 31.184.235.195:6892 | udp | |
| N/A | 31.184.235.196:6892 | udp | |
| N/A | 31.184.235.197:6892 | udp | |
| N/A | 31.184.235.198:6892 | udp | |
| N/A | 31.184.235.199:6892 | udp | |
| N/A | 31.184.235.200:6892 | udp | |
| N/A | 31.184.235.201:6892 | udp | |
| N/A | 31.184.235.202:6892 | udp | |
| N/A | 31.184.235.203:6892 | udp | |
| N/A | 31.184.235.204:6892 | udp | |
| N/A | 31.184.235.205:6892 | udp | |
| N/A | 31.184.235.206:6892 | udp | |
| N/A | 31.184.235.207:6892 | udp | |
| N/A | 31.184.235.208:6892 | udp | |
| N/A | 31.184.235.209:6892 | udp | |
| N/A | 31.184.235.210:6892 | udp | |
| N/A | 31.184.235.211:6892 | udp | |
| N/A | 31.184.235.212:6892 | udp | |
| N/A | 31.184.235.213:6892 | udp | |
| N/A | 31.184.235.214:6892 | udp | |
| N/A | 31.184.235.215:6892 | udp | |
| N/A | 31.184.235.216:6892 | udp | |
| N/A | 31.184.235.217:6892 | udp | |
| N/A | 31.184.235.218:6892 | udp | |
| N/A | 31.184.235.219:6892 | udp | |
| N/A | 31.184.235.220:6892 | udp | |
| N/A | 31.184.235.221:6892 | udp | |
| N/A | 31.184.235.222:6892 | udp | |
| N/A | 31.184.235.223:6892 | udp | |
| N/A | 31.184.235.224:6892 | udp | |
| N/A | 31.184.235.225:6892 | udp | |
| N/A | 31.184.235.226:6892 | udp | |
| N/A | 31.184.235.227:6892 | udp | |
| N/A | 31.184.235.228:6892 | udp | |
| N/A | 31.184.235.229:6892 | udp | |
| N/A | 31.184.235.230:6892 | udp | |
| N/A | 31.184.235.231:6892 | udp | |
| N/A | 31.184.235.232:6892 | udp | |
| N/A | 31.184.235.233:6892 | udp | |
| N/A | 31.184.235.234:6892 | udp | |
| N/A | 31.184.235.235:6892 | udp | |
| N/A | 31.184.235.236:6892 | udp | |
| N/A | 31.184.235.237:6892 | udp | |
| N/A | 31.184.235.238:6892 | udp | |
| N/A | 31.184.235.239:6892 | udp | |
| N/A | 31.184.235.240:6892 | udp | |
| N/A | 31.184.235.241:6892 | udp | |
| N/A | 31.184.235.242:6892 | udp | |
| N/A | 31.184.235.243:6892 | udp | |
| N/A | 31.184.235.244:6892 | udp | |
| N/A | 31.184.235.245:6892 | udp | |
| N/A | 31.184.235.246:6892 | udp | |
| N/A | 31.184.235.247:6892 | udp | |
| N/A | 31.184.235.248:6892 | udp | |
| N/A | 31.184.235.249:6892 | udp | |
| N/A | 31.184.235.250:6892 | udp | |
| N/A | 31.184.235.251:6892 | udp | |
| N/A | 31.184.235.252:6892 | udp | |
| N/A | 31.184.235.253:6892 | udp | |
| N/A | 31.184.235.254:6892 | udp | |
| N/A | 31.184.235.255:6892 | udp | |
| N/A | 31.184.234.0:6892 | udp | |
| N/A | 31.184.234.1:6892 | udp | |
| N/A | 31.184.234.2:6892 | udp | |
| N/A | 31.184.234.3:6892 | udp | |
| N/A | 31.184.234.4:6892 | udp | |
| N/A | 31.184.234.5:6892 | udp | |
| N/A | 31.184.234.6:6892 | udp | |
| N/A | 31.184.234.7:6892 | udp | |
| N/A | 31.184.234.8:6892 | udp | |
| N/A | 31.184.234.9:6892 | udp | |
| N/A | 31.184.234.10:6892 | udp | |
| N/A | 31.184.234.11:6892 | udp | |
| N/A | 31.184.234.12:6892 | udp | |
| N/A | 31.184.234.13:6892 | udp | |
| N/A | 31.184.234.14:6892 | udp | |
| N/A | 31.184.234.15:6892 | udp | |
| N/A | 31.184.234.16:6892 | udp | |
| N/A | 31.184.234.17:6892 | udp | |
| N/A | 31.184.234.18:6892 | udp | |
| N/A | 31.184.234.19:6892 | udp | |
| N/A | 31.184.234.20:6892 | udp | |
| N/A | 31.184.234.21:6892 | udp | |
| N/A | 31.184.234.22:6892 | udp | |
| N/A | 31.184.234.23:6892 | udp | |
| N/A | 31.184.234.24:6892 | udp | |
| N/A | 31.184.234.25:6892 | udp | |
| N/A | 31.184.234.26:6892 | udp | |
| N/A | 31.184.234.27:6892 | udp | |
| N/A | 31.184.234.28:6892 | udp | |
| N/A | 31.184.234.29:6892 | udp | |
| N/A | 31.184.234.30:6892 | udp | |
| N/A | 31.184.234.31:6892 | udp | |
| N/A | 31.184.234.32:6892 | udp | |
| N/A | 31.184.234.33:6892 | udp | |
| N/A | 31.184.234.34:6892 | udp | |
| N/A | 31.184.234.35:6892 | udp | |
| N/A | 31.184.234.36:6892 | udp | |
| N/A | 31.184.234.37:6892 | udp | |
| N/A | 31.184.234.38:6892 | udp | |
| N/A | 31.184.234.39:6892 | udp | |
| N/A | 31.184.234.40:6892 | udp | |
| N/A | 31.184.234.41:6892 | udp | |
| N/A | 31.184.234.42:6892 | udp | |
| N/A | 31.184.234.43:6892 | udp | |
| N/A | 31.184.234.44:6892 | udp | |
| N/A | 31.184.234.45:6892 | udp | |
| N/A | 31.184.234.46:6892 | udp | |
| N/A | 31.184.234.47:6892 | udp | |
| N/A | 31.184.234.48:6892 | udp | |
| N/A | 31.184.234.49:6892 | udp | |
| N/A | 31.184.234.50:6892 | udp | |
| N/A | 31.184.234.51:6892 | udp | |
| N/A | 31.184.234.52:6892 | udp | |
| N/A | 31.184.234.53:6892 | udp | |
| N/A | 31.184.234.54:6892 | udp | |
| N/A | 31.184.234.55:6892 | udp | |
| N/A | 31.184.234.56:6892 | udp | |
| N/A | 31.184.234.57:6892 | udp | |
| N/A | 31.184.234.58:6892 | udp | |
| N/A | 31.184.234.59:6892 | udp | |
| N/A | 31.184.234.60:6892 | udp | |
| N/A | 31.184.234.61:6892 | udp | |
| N/A | 31.184.234.62:6892 | udp | |
| N/A | 31.184.234.63:6892 | udp | |
| N/A | 31.184.234.64:6892 | udp | |
| N/A | 31.184.234.65:6892 | udp | |
| N/A | 31.184.234.66:6892 | udp | |
| N/A | 31.184.234.67:6892 | udp | |
| N/A | 31.184.234.68:6892 | udp | |
| N/A | 31.184.234.69:6892 | udp | |
| N/A | 31.184.234.70:6892 | udp | |
| N/A | 31.184.234.71:6892 | udp | |
| N/A | 31.184.234.72:6892 | udp | |
| N/A | 31.184.234.73:6892 | udp | |
| N/A | 31.184.234.74:6892 | udp | |
| N/A | 31.184.234.75:6892 | udp | |
| N/A | 31.184.234.76:6892 | udp | |
| N/A | 31.184.234.77:6892 | udp | |
| N/A | 31.184.234.78:6892 | udp | |
| N/A | 31.184.234.79:6892 | udp | |
| N/A | 31.184.234.80:6892 | udp | |
| N/A | 31.184.234.81:6892 | udp | |
| N/A | 31.184.234.82:6892 | udp | |
| N/A | 31.184.234.83:6892 | udp | |
| N/A | 31.184.234.84:6892 | udp | |
| N/A | 31.184.234.85:6892 | udp | |
| N/A | 31.184.234.86:6892 | udp | |
| N/A | 31.184.234.87:6892 | udp | |
| N/A | 31.184.234.88:6892 | udp | |
| N/A | 31.184.234.89:6892 | udp | |
| N/A | 31.184.234.90:6892 | udp | |
| N/A | 31.184.234.91:6892 | udp | |
| N/A | 31.184.234.92:6892 | udp | |
| N/A | 31.184.234.93:6892 | udp | |
| N/A | 31.184.234.94:6892 | udp | |
| N/A | 31.184.234.95:6892 | udp | |
| N/A | 31.184.234.96:6892 | udp | |
| N/A | 31.184.234.97:6892 | udp | |
| N/A | 31.184.234.98:6892 | udp | |
| N/A | 31.184.234.99:6892 | udp | |
| N/A | 31.184.234.100:6892 | udp | |
| N/A | 31.184.234.101:6892 | udp | |
| N/A | 31.184.234.102:6892 | udp | |
| N/A | 31.184.234.103:6892 | udp | |
| N/A | 31.184.234.104:6892 | udp | |
| N/A | 31.184.234.105:6892 | udp | |
| N/A | 31.184.234.106:6892 | udp | |
| N/A | 31.184.234.107:6892 | udp | |
| N/A | 31.184.234.108:6892 | udp | |
| N/A | 31.184.234.109:6892 | udp | |
| N/A | 31.184.234.110:6892 | udp | |
| N/A | 31.184.234.111:6892 | udp | |
| N/A | 31.184.234.112:6892 | udp | |
| N/A | 31.184.234.113:6892 | udp | |
| N/A | 31.184.234.114:6892 | udp | |
| N/A | 31.184.234.115:6892 | udp | |
| N/A | 31.184.234.116:6892 | udp | |
| N/A | 31.184.234.117:6892 | udp | |
| N/A | 31.184.234.118:6892 | udp | |
| N/A | 31.184.234.119:6892 | udp | |
| N/A | 31.184.234.120:6892 | udp | |
| N/A | 31.184.234.121:6892 | udp | |
| N/A | 31.184.234.122:6892 | udp | |
| N/A | 31.184.234.123:6892 | udp | |
| N/A | 31.184.234.124:6892 | udp | |
| N/A | 31.184.234.125:6892 | udp | |
| N/A | 31.184.234.126:6892 | udp | |
| N/A | 31.184.234.127:6892 | udp | |
| N/A | 31.184.234.128:6892 | udp | |
| N/A | 31.184.234.129:6892 | udp | |
| N/A | 31.184.234.130:6892 | udp | |
| N/A | 31.184.234.131:6892 | udp | |
| N/A | 31.184.234.132:6892 | udp | |
| N/A | 31.184.234.133:6892 | udp | |
| N/A | 31.184.234.134:6892 | udp | |
| N/A | 31.184.234.135:6892 | udp | |
| N/A | 31.184.234.136:6892 | udp | |
| N/A | 31.184.234.137:6892 | udp | |
| N/A | 31.184.234.138:6892 | udp | |
| N/A | 31.184.234.139:6892 | udp | |
| N/A | 31.184.234.140:6892 | udp | |
| N/A | 31.184.234.141:6892 | udp | |
| N/A | 31.184.234.142:6892 | udp | |
| N/A | 31.184.234.143:6892 | udp | |
| N/A | 31.184.234.144:6892 | udp | |
| N/A | 31.184.234.145:6892 | udp | |
| N/A | 31.184.234.146:6892 | udp | |
| N/A | 31.184.234.147:6892 | udp | |
| N/A | 31.184.234.148:6892 | udp | |
| N/A | 31.184.234.149:6892 | udp | |
| N/A | 31.184.234.150:6892 | udp | |
| N/A | 31.184.234.151:6892 | udp | |
| N/A | 31.184.234.152:6892 | udp | |
| N/A | 31.184.234.153:6892 | udp | |
| N/A | 31.184.234.154:6892 | udp | |
| N/A | 31.184.234.155:6892 | udp | |
| N/A | 31.184.234.156:6892 | udp | |
| N/A | 31.184.234.157:6892 | udp | |
| N/A | 31.184.234.158:6892 | udp | |
| N/A | 31.184.234.159:6892 | udp | |
| N/A | 31.184.234.160:6892 | udp | |
| N/A | 31.184.234.161:6892 | udp | |
| N/A | 31.184.234.162:6892 | udp | |
| N/A | 31.184.234.163:6892 | udp | |
| N/A | 31.184.234.164:6892 | udp | |
| N/A | 31.184.234.165:6892 | udp | |
| N/A | 31.184.234.166:6892 | udp | |
| N/A | 31.184.234.167:6892 | udp | |
| N/A | 31.184.234.168:6892 | udp | |
| N/A | 31.184.234.169:6892 | udp | |
| N/A | 31.184.234.170:6892 | udp | |
| N/A | 31.184.234.171:6892 | udp | |
| N/A | 31.184.234.172:6892 | udp | |
| N/A | 31.184.234.173:6892 | udp | |
| N/A | 31.184.234.174:6892 | udp | |
| N/A | 31.184.234.175:6892 | udp | |
| N/A | 31.184.234.176:6892 | udp | |
| N/A | 31.184.234.177:6892 | udp | |
| N/A | 31.184.234.178:6892 | udp | |
| N/A | 31.184.234.179:6892 | udp | |
| N/A | 31.184.234.180:6892 | udp | |
| N/A | 31.184.234.181:6892 | udp | |
| N/A | 31.184.234.182:6892 | udp | |
| N/A | 31.184.234.183:6892 | udp | |
| N/A | 31.184.234.184:6892 | udp | |
| N/A | 31.184.234.185:6892 | udp | |
| N/A | 31.184.234.186:6892 | udp | |
| N/A | 31.184.234.187:6892 | udp | |
| N/A | 31.184.234.188:6892 | udp | |
| N/A | 31.184.234.189:6892 | udp | |
| N/A | 31.184.234.190:6892 | udp | |
| N/A | 31.184.234.191:6892 | udp | |
| N/A | 31.184.234.192:6892 | udp | |
| N/A | 31.184.234.193:6892 | udp | |
| N/A | 31.184.234.194:6892 | udp | |
| N/A | 31.184.234.195:6892 | udp | |
| N/A | 31.184.234.196:6892 | udp | |
| N/A | 31.184.234.197:6892 | udp | |
| N/A | 31.184.234.198:6892 | udp | |
| N/A | 31.184.234.199:6892 | udp | |
| N/A | 31.184.234.200:6892 | udp | |
| N/A | 31.184.234.201:6892 | udp | |
| N/A | 31.184.234.202:6892 | udp | |
| N/A | 31.184.234.203:6892 | udp | |
| N/A | 31.184.234.204:6892 | udp | |
| N/A | 31.184.234.205:6892 | udp | |
| N/A | 31.184.234.206:6892 | udp | |
| N/A | 31.184.234.207:6892 | udp | |
| N/A | 31.184.234.208:6892 | udp | |
| N/A | 31.184.234.209:6892 | udp | |
| N/A | 31.184.234.210:6892 | udp | |
| N/A | 31.184.234.211:6892 | udp | |
| N/A | 31.184.234.212:6892 | udp | |
| N/A | 31.184.234.213:6892 | udp | |
| N/A | 31.184.234.214:6892 | udp | |
| N/A | 31.184.234.215:6892 | udp | |
| N/A | 31.184.234.216:6892 | udp | |
| N/A | 31.184.234.217:6892 | udp | |
| N/A | 31.184.234.218:6892 | udp | |
| N/A | 31.184.234.219:6892 | udp | |
| N/A | 31.184.234.220:6892 | udp | |
| N/A | 31.184.234.221:6892 | udp | |
| N/A | 31.184.234.222:6892 | udp | |
| N/A | 31.184.234.223:6892 | udp | |
| N/A | 31.184.234.224:6892 | udp | |
| N/A | 31.184.234.225:6892 | udp | |
| N/A | 31.184.234.226:6892 | udp | |
| N/A | 31.184.234.227:6892 | udp | |
| N/A | 31.184.234.228:6892 | udp | |
| N/A | 31.184.234.229:6892 | udp | |
| N/A | 31.184.234.230:6892 | udp | |
| N/A | 31.184.234.231:6892 | udp | |
| N/A | 31.184.234.232:6892 | udp | |
| N/A | 31.184.234.233:6892 | udp | |
| N/A | 31.184.234.234:6892 | udp | |
| N/A | 31.184.234.235:6892 | udp | |
| N/A | 31.184.234.236:6892 | udp | |
| N/A | 31.184.234.237:6892 | udp | |
| N/A | 31.184.234.238:6892 | udp | |
| N/A | 31.184.234.239:6892 | udp | |
| N/A | 31.184.234.240:6892 | udp | |
| N/A | 31.184.234.241:6892 | udp | |
| N/A | 31.184.234.242:6892 | udp | |
| N/A | 31.184.234.243:6892 | udp | |
| N/A | 31.184.234.244:6892 | udp | |
| N/A | 31.184.234.245:6892 | udp | |
| N/A | 31.184.234.246:6892 | udp | |
| N/A | 31.184.234.247:6892 | udp | |
| N/A | 31.184.234.248:6892 | udp | |
| N/A | 31.184.234.249:6892 | udp | |
| N/A | 31.184.234.250:6892 | udp | |
| N/A | 31.184.234.251:6892 | udp | |
| N/A | 31.184.234.252:6892 | udp | |
| N/A | 31.184.234.253:6892 | udp | |
| N/A | 31.184.234.254:6892 | udp | |
| N/A | 31.184.234.255:6892 | udp | |
| N/A | 31.184.235.0:6892 | udp | |
| N/A | 31.184.235.1:6892 | udp | |
| N/A | 31.184.235.2:6892 | udp | |
| N/A | 31.184.235.3:6892 | udp | |
| N/A | 31.184.235.4:6892 | udp | |
| N/A | 31.184.235.5:6892 | udp | |
| N/A | 31.184.235.6:6892 | udp | |
| N/A | 31.184.235.7:6892 | udp | |
| N/A | 31.184.235.8:6892 | udp | |
| N/A | 31.184.235.9:6892 | udp | |
| N/A | 31.184.235.10:6892 | udp | |
| N/A | 31.184.235.11:6892 | udp | |
| N/A | 31.184.235.12:6892 | udp | |
| N/A | 31.184.235.13:6892 | udp | |
| N/A | 31.184.235.14:6892 | udp | |
| N/A | 31.184.235.15:6892 | udp | |
| N/A | 31.184.235.16:6892 | udp | |
| N/A | 31.184.235.17:6892 | udp | |
| N/A | 31.184.235.18:6892 | udp | |
| N/A | 31.184.235.19:6892 | udp | |
| N/A | 31.184.235.20:6892 | udp | |
| N/A | 31.184.235.21:6892 | udp | |
| N/A | 31.184.235.22:6892 | udp | |
| N/A | 31.184.235.23:6892 | udp | |
| N/A | 31.184.235.24:6892 | udp | |
| N/A | 31.184.235.25:6892 | udp | |
| N/A | 31.184.235.26:6892 | udp | |
| N/A | 31.184.235.27:6892 | udp | |
| N/A | 31.184.235.28:6892 | udp | |
| N/A | 31.184.235.29:6892 | udp | |
| N/A | 31.184.235.30:6892 | udp | |
| N/A | 31.184.235.31:6892 | udp | |
| N/A | 31.184.235.32:6892 | udp | |
| N/A | 31.184.235.33:6892 | udp | |
| N/A | 31.184.235.34:6892 | udp | |
| N/A | 31.184.235.35:6892 | udp | |
| N/A | 31.184.235.36:6892 | udp | |
| N/A | 31.184.235.37:6892 | udp | |
| N/A | 31.184.235.38:6892 | udp | |
| N/A | 31.184.235.39:6892 | udp | |
| N/A | 31.184.235.40:6892 | udp | |
| N/A | 31.184.235.41:6892 | udp | |
| N/A | 31.184.235.42:6892 | udp | |
| N/A | 31.184.235.43:6892 | udp | |
| N/A | 31.184.235.44:6892 | udp | |
| N/A | 31.184.235.45:6892 | udp | |
| N/A | 31.184.235.46:6892 | udp | |
| N/A | 31.184.235.47:6892 | udp | |
| N/A | 31.184.235.48:6892 | udp | |
| N/A | 31.184.235.49:6892 | udp | |
| N/A | 31.184.235.50:6892 | udp | |
| N/A | 31.184.235.51:6892 | udp | |
| N/A | 31.184.235.52:6892 | udp | |
| N/A | 31.184.235.53:6892 | udp | |
| N/A | 31.184.235.54:6892 | udp | |
| N/A | 31.184.235.55:6892 | udp | |
| N/A | 31.184.235.56:6892 | udp | |
| N/A | 31.184.235.57:6892 | udp | |
| N/A | 31.184.235.58:6892 | udp | |
| N/A | 31.184.235.59:6892 | udp | |
| N/A | 31.184.235.60:6892 | udp | |
| N/A | 31.184.235.61:6892 | udp | |
| N/A | 31.184.235.62:6892 | udp | |
| N/A | 31.184.235.63:6892 | udp | |
| N/A | 31.184.235.64:6892 | udp | |
| N/A | 31.184.235.65:6892 | udp | |
| N/A | 31.184.235.66:6892 | udp | |
| N/A | 31.184.235.67:6892 | udp | |
| N/A | 31.184.235.68:6892 | udp | |
| N/A | 31.184.235.69:6892 | udp | |
| N/A | 31.184.235.70:6892 | udp | |
| N/A | 31.184.235.71:6892 | udp | |
| N/A | 31.184.235.72:6892 | udp | |
| N/A | 31.184.235.73:6892 | udp | |
| N/A | 31.184.235.74:6892 | udp | |
| N/A | 31.184.235.75:6892 | udp | |
| N/A | 31.184.235.76:6892 | udp | |
| N/A | 31.184.235.77:6892 | udp | |
| N/A | 31.184.235.78:6892 | udp | |
| N/A | 31.184.235.79:6892 | udp | |
| N/A | 31.184.235.80:6892 | udp | |
| N/A | 31.184.235.81:6892 | udp | |
| N/A | 31.184.235.82:6892 | udp | |
| N/A | 31.184.235.83:6892 | udp | |
| N/A | 31.184.235.84:6892 | udp | |
| N/A | 31.184.235.85:6892 | udp | |
| N/A | 31.184.235.86:6892 | udp | |
| N/A | 31.184.235.87:6892 | udp | |
| N/A | 31.184.235.88:6892 | udp | |
| N/A | 31.184.235.89:6892 | udp | |
| N/A | 31.184.235.90:6892 | udp | |
| N/A | 31.184.235.91:6892 | udp | |
| N/A | 31.184.235.92:6892 | udp | |
| N/A | 31.184.235.93:6892 | udp | |
| N/A | 31.184.235.94:6892 | udp | |
| N/A | 31.184.235.95:6892 | udp | |
| N/A | 31.184.235.96:6892 | udp | |
| N/A | 31.184.235.97:6892 | udp | |
| N/A | 31.184.235.98:6892 | udp | |
| N/A | 31.184.235.99:6892 | udp | |
| N/A | 31.184.235.100:6892 | udp | |
| N/A | 31.184.235.101:6892 | udp | |
| N/A | 31.184.235.102:6892 | udp | |
| N/A | 31.184.235.103:6892 | udp | |
| N/A | 31.184.235.104:6892 | udp | |
| N/A | 31.184.235.105:6892 | udp | |
| N/A | 31.184.235.106:6892 | udp | |
| N/A | 31.184.235.107:6892 | udp | |
| N/A | 31.184.235.108:6892 | udp | |
| N/A | 31.184.235.109:6892 | udp | |
| N/A | 31.184.235.110:6892 | udp | |
| N/A | 31.184.235.111:6892 | udp | |
| N/A | 31.184.235.112:6892 | udp | |
| N/A | 31.184.235.113:6892 | udp | |
| N/A | 31.184.235.114:6892 | udp | |
| N/A | 31.184.235.115:6892 | udp | |
| N/A | 31.184.235.116:6892 | udp | |
| N/A | 31.184.235.117:6892 | udp | |
| N/A | 31.184.235.118:6892 | udp | |
| N/A | 31.184.235.119:6892 | udp | |
| N/A | 31.184.235.120:6892 | udp | |
| N/A | 31.184.235.121:6892 | udp | |
| N/A | 31.184.235.122:6892 | udp | |
| N/A | 31.184.235.123:6892 | udp | |
| N/A | 31.184.235.124:6892 | udp | |
| N/A | 31.184.235.125:6892 | udp | |
| N/A | 31.184.235.126:6892 | udp | |
| N/A | 31.184.235.127:6892 | udp | |
| N/A | 31.184.235.128:6892 | udp | |
| N/A | 31.184.235.129:6892 | udp | |
| N/A | 31.184.235.130:6892 | udp | |
| N/A | 31.184.235.131:6892 | udp | |
| N/A | 31.184.235.132:6892 | udp | |
| N/A | 31.184.235.133:6892 | udp | |
| N/A | 31.184.235.134:6892 | udp | |
| N/A | 31.184.235.135:6892 | udp | |
| N/A | 31.184.235.136:6892 | udp | |
| N/A | 31.184.235.137:6892 | udp | |
| N/A | 31.184.235.138:6892 | udp | |
| N/A | 31.184.235.139:6892 | udp | |
| N/A | 31.184.235.140:6892 | udp | |
| N/A | 31.184.235.141:6892 | udp | |
| N/A | 31.184.235.142:6892 | udp | |
| N/A | 31.184.235.143:6892 | udp | |
| N/A | 31.184.235.144:6892 | udp | |
| N/A | 31.184.235.145:6892 | udp | |
| N/A | 31.184.235.146:6892 | udp | |
| N/A | 31.184.235.147:6892 | udp | |
| N/A | 31.184.235.148:6892 | udp | |
| N/A | 31.184.235.149:6892 | udp | |
| N/A | 31.184.235.150:6892 | udp | |
| N/A | 31.184.235.151:6892 | udp | |
| N/A | 31.184.235.152:6892 | udp | |
| N/A | 31.184.235.153:6892 | udp | |
| N/A | 31.184.235.154:6892 | udp | |
| N/A | 31.184.235.155:6892 | udp | |
| N/A | 31.184.235.156:6892 | udp | |
| N/A | 31.184.235.157:6892 | udp | |
| N/A | 31.184.235.158:6892 | udp | |
| N/A | 31.184.235.159:6892 | udp | |
| N/A | 31.184.235.160:6892 | udp | |
| N/A | 31.184.235.161:6892 | udp | |
| N/A | 31.184.235.162:6892 | udp | |
| N/A | 31.184.235.163:6892 | udp | |
| N/A | 31.184.235.164:6892 | udp | |
| N/A | 31.184.235.165:6892 | udp | |
| N/A | 31.184.235.166:6892 | udp | |
| N/A | 31.184.235.167:6892 | udp | |
| N/A | 31.184.235.168:6892 | udp | |
| N/A | 31.184.235.169:6892 | udp | |
| N/A | 31.184.235.170:6892 | udp | |
| N/A | 31.184.235.171:6892 | udp | |
| N/A | 31.184.235.172:6892 | udp | |
| N/A | 31.184.235.173:6892 | udp | |
| N/A | 31.184.235.174:6892 | udp | |
| N/A | 31.184.235.175:6892 | udp | |
| N/A | 31.184.235.176:6892 | udp | |
| N/A | 31.184.235.177:6892 | udp | |
| N/A | 31.184.235.178:6892 | udp | |
| N/A | 31.184.235.179:6892 | udp | |
| N/A | 31.184.235.180:6892 | udp | |
| N/A | 31.184.235.181:6892 | udp | |
| N/A | 31.184.235.182:6892 | udp | |
| N/A | 31.184.235.183:6892 | udp | |
| N/A | 31.184.235.184:6892 | udp | |
| N/A | 31.184.235.185:6892 | udp | |
| N/A | 31.184.235.186:6892 | udp | |
| N/A | 31.184.235.187:6892 | udp | |
| N/A | 31.184.235.188:6892 | udp | |
| N/A | 31.184.235.189:6892 | udp | |
| N/A | 31.184.235.190:6892 | udp | |
| N/A | 31.184.235.191:6892 | udp | |
| N/A | 31.184.235.192:6892 | udp | |
| N/A | 31.184.235.193:6892 | udp | |
| N/A | 31.184.235.194:6892 | udp | |
| N/A | 31.184.235.195:6892 | udp | |
| N/A | 31.184.235.196:6892 | udp | |
| N/A | 31.184.235.197:6892 | udp | |
| N/A | 31.184.235.198:6892 | udp | |
| N/A | 31.184.235.199:6892 | udp | |
| N/A | 31.184.235.200:6892 | udp | |
| N/A | 31.184.235.201:6892 | udp | |
| N/A | 31.184.235.202:6892 | udp | |
| N/A | 31.184.235.203:6892 | udp | |
| N/A | 31.184.235.204:6892 | udp | |
| N/A | 31.184.235.205:6892 | udp | |
| N/A | 31.184.235.206:6892 | udp | |
| N/A | 31.184.235.207:6892 | udp | |
| N/A | 31.184.235.208:6892 | udp | |
| N/A | 31.184.235.209:6892 | udp | |
| N/A | 31.184.235.210:6892 | udp | |
| N/A | 31.184.235.211:6892 | udp | |
| N/A | 31.184.235.212:6892 | udp | |
| N/A | 31.184.235.213:6892 | udp | |
| N/A | 31.184.235.214:6892 | udp | |
| N/A | 31.184.235.215:6892 | udp | |
| N/A | 31.184.235.216:6892 | udp | |
| N/A | 31.184.235.217:6892 | udp | |
| N/A | 31.184.235.218:6892 | udp | |
| N/A | 31.184.235.219:6892 | udp | |
| N/A | 31.184.235.220:6892 | udp | |
| N/A | 31.184.235.221:6892 | udp | |
| N/A | 31.184.235.222:6892 | udp | |
| N/A | 31.184.235.223:6892 | udp | |
| N/A | 31.184.235.224:6892 | udp | |
| N/A | 31.184.235.225:6892 | udp | |
| N/A | 31.184.235.226:6892 | udp | |
| N/A | 31.184.235.227:6892 | udp | |
| N/A | 31.184.235.228:6892 | udp | |
| N/A | 31.184.235.229:6892 | udp | |
| N/A | 31.184.235.230:6892 | udp | |
| N/A | 31.184.235.231:6892 | udp | |
| N/A | 31.184.235.232:6892 | udp | |
| N/A | 31.184.235.233:6892 | udp | |
| N/A | 31.184.235.234:6892 | udp | |
| N/A | 31.184.235.235:6892 | udp | |
| N/A | 31.184.235.236:6892 | udp | |
| N/A | 31.184.235.237:6892 | udp | |
| N/A | 31.184.235.238:6892 | udp | |
| N/A | 31.184.235.239:6892 | udp | |
| N/A | 31.184.235.240:6892 | udp | |
| N/A | 31.184.235.241:6892 | udp | |
| N/A | 31.184.235.242:6892 | udp | |
| N/A | 31.184.235.243:6892 | udp | |
| N/A | 31.184.235.244:6892 | udp | |
| N/A | 31.184.235.245:6892 | udp | |
| N/A | 31.184.235.246:6892 | udp | |
| N/A | 31.184.235.247:6892 | udp | |
| N/A | 31.184.235.248:6892 | udp | |
| N/A | 31.184.235.249:6892 | udp | |
| N/A | 31.184.235.250:6892 | udp | |
| N/A | 31.184.235.251:6892 | udp | |
| N/A | 31.184.235.252:6892 | udp | |
| N/A | 31.184.235.253:6892 | udp | |
| N/A | 31.184.235.254:6892 | udp | |
| N/A | 31.184.235.255:6892 | udp | |
| N/A | 31.184.234.0:6892 | udp | |
| N/A | 31.184.234.1:6892 | udp | |
| N/A | 31.184.234.2:6892 | udp | |
| N/A | 31.184.234.3:6892 | udp | |
| N/A | 31.184.234.4:6892 | udp | |
| N/A | 31.184.234.5:6892 | udp | |
| N/A | 31.184.234.6:6892 | udp | |
| N/A | 31.184.234.7:6892 | udp | |
| N/A | 31.184.234.8:6892 | udp | |
| N/A | 31.184.234.9:6892 | udp | |
| N/A | 31.184.234.10:6892 | udp | |
| N/A | 31.184.234.11:6892 | udp | |
| N/A | 31.184.234.12:6892 | udp | |
| N/A | 31.184.234.13:6892 | udp | |
| N/A | 31.184.234.14:6892 | udp | |
| N/A | 31.184.234.15:6892 | udp | |
| N/A | 31.184.234.16:6892 | udp | |
| N/A | 31.184.234.17:6892 | udp | |
| N/A | 31.184.234.18:6892 | udp | |
| N/A | 31.184.234.19:6892 | udp | |
| N/A | 31.184.234.20:6892 | udp | |
| N/A | 31.184.234.21:6892 | udp | |
| N/A | 31.184.234.22:6892 | udp | |
| N/A | 31.184.234.23:6892 | udp | |
| N/A | 31.184.234.24:6892 | udp | |
| N/A | 31.184.234.25:6892 | udp | |
| N/A | 31.184.234.26:6892 | udp | |
| N/A | 31.184.234.27:6892 | udp | |
| N/A | 31.184.234.28:6892 | udp | |
| N/A | 31.184.234.29:6892 | udp | |
| N/A | 31.184.234.30:6892 | udp | |
| N/A | 31.184.234.31:6892 | udp | |
| N/A | 31.184.234.32:6892 | udp | |
| N/A | 31.184.234.33:6892 | udp | |
| N/A | 31.184.234.34:6892 | udp | |
| N/A | 31.184.234.35:6892 | udp | |
| N/A | 31.184.234.36:6892 | udp | |
| N/A | 31.184.234.37:6892 | udp | |
| N/A | 31.184.234.38:6892 | udp | |
| N/A | 31.184.234.39:6892 | udp | |
| N/A | 31.184.234.40:6892 | udp | |
| N/A | 31.184.234.41:6892 | udp | |
| N/A | 31.184.234.42:6892 | udp | |
| N/A | 31.184.234.43:6892 | udp | |
| N/A | 31.184.234.44:6892 | udp | |
| N/A | 31.184.234.45:6892 | udp | |
| N/A | 31.184.234.46:6892 | udp | |
| N/A | 31.184.234.47:6892 | udp | |
| N/A | 31.184.234.48:6892 | udp | |
| N/A | 31.184.234.49:6892 | udp | |
| N/A | 31.184.234.50:6892 | udp | |
| N/A | 31.184.234.51:6892 | udp | |
| N/A | 31.184.234.52:6892 | udp | |
| N/A | 31.184.234.53:6892 | udp | |
| N/A | 31.184.234.54:6892 | udp | |
| N/A | 31.184.234.55:6892 | udp | |
| N/A | 31.184.234.56:6892 | udp | |
| N/A | 31.184.234.57:6892 | udp | |
| N/A | 31.184.234.58:6892 | udp | |
| N/A | 31.184.234.59:6892 | udp | |
| N/A | 31.184.234.60:6892 | udp | |
| N/A | 31.184.234.61:6892 | udp | |
| N/A | 31.184.234.62:6892 | udp | |
| N/A | 31.184.234.63:6892 | udp | |
| N/A | 31.184.234.64:6892 | udp | |
| N/A | 31.184.234.65:6892 | udp | |
| N/A | 31.184.234.66:6892 | udp | |
| N/A | 31.184.234.67:6892 | udp | |
| N/A | 31.184.234.68:6892 | udp | |
| N/A | 31.184.234.69:6892 | udp | |
| N/A | 31.184.234.70:6892 | udp | |
| N/A | 31.184.234.71:6892 | udp | |
| N/A | 31.184.234.72:6892 | udp | |
| N/A | 31.184.234.73:6892 | udp | |
| N/A | 31.184.234.74:6892 | udp | |
| N/A | 31.184.234.75:6892 | udp | |
| N/A | 31.184.234.76:6892 | udp | |
| N/A | 31.184.234.77:6892 | udp | |
| N/A | 31.184.234.78:6892 | udp | |
| N/A | 31.184.234.79:6892 | udp | |
| N/A | 31.184.234.80:6892 | udp | |
| N/A | 31.184.234.81:6892 | udp | |
| N/A | 31.184.234.82:6892 | udp | |
| N/A | 31.184.234.83:6892 | udp | |
| N/A | 31.184.234.84:6892 | udp | |
| N/A | 31.184.234.85:6892 | udp | |
| N/A | 31.184.234.86:6892 | udp | |
| N/A | 31.184.234.87:6892 | udp | |
| N/A | 31.184.234.88:6892 | udp | |
| N/A | 31.184.234.89:6892 | udp | |
| N/A | 31.184.234.90:6892 | udp | |
| N/A | 31.184.234.91:6892 | udp | |
| N/A | 31.184.234.92:6892 | udp | |
| N/A | 31.184.234.93:6892 | udp | |
| N/A | 31.184.234.94:6892 | udp | |
| N/A | 31.184.234.95:6892 | udp | |
| N/A | 31.184.234.96:6892 | udp | |
| N/A | 31.184.234.97:6892 | udp | |
| N/A | 31.184.234.98:6892 | udp | |
| N/A | 31.184.234.99:6892 | udp | |
| N/A | 31.184.234.100:6892 | udp | |
| N/A | 31.184.234.101:6892 | udp | |
| N/A | 31.184.234.102:6892 | udp | |
| N/A | 31.184.234.103:6892 | udp | |
| N/A | 31.184.234.104:6892 | udp | |
| N/A | 31.184.234.105:6892 | udp | |
| N/A | 31.184.234.106:6892 | udp | |
| N/A | 31.184.234.107:6892 | udp | |
| N/A | 31.184.234.108:6892 | udp | |
| N/A | 31.184.234.109:6892 | udp | |
| N/A | 31.184.234.110:6892 | udp | |
| N/A | 31.184.234.111:6892 | udp | |
| N/A | 31.184.234.112:6892 | udp | |
| N/A | 31.184.234.113:6892 | udp | |
| N/A | 31.184.234.114:6892 | udp | |
| N/A | 31.184.234.115:6892 | udp | |
| N/A | 31.184.234.116:6892 | udp | |
| N/A | 31.184.234.117:6892 | udp | |
| N/A | 31.184.234.118:6892 | udp | |
| N/A | 31.184.234.119:6892 | udp | |
| N/A | 31.184.234.120:6892 | udp | |
| N/A | 31.184.234.121:6892 | udp | |
| N/A | 31.184.234.122:6892 | udp | |
| N/A | 31.184.234.123:6892 | udp | |
| N/A | 31.184.234.124:6892 | udp | |
| N/A | 31.184.234.125:6892 | udp | |
| N/A | 31.184.234.126:6892 | udp | |
| N/A | 31.184.234.127:6892 | udp | |
| N/A | 31.184.234.128:6892 | udp | |
| N/A | 31.184.234.129:6892 | udp | |
| N/A | 31.184.234.130:6892 | udp | |
| N/A | 31.184.234.131:6892 | udp | |
| N/A | 31.184.234.132:6892 | udp | |
| N/A | 31.184.234.133:6892 | udp | |
| N/A | 31.184.234.134:6892 | udp | |
| N/A | 31.184.234.135:6892 | udp | |
| N/A | 31.184.234.136:6892 | udp | |
| N/A | 31.184.234.137:6892 | udp | |
| N/A | 31.184.234.138:6892 | udp | |
| N/A | 31.184.234.139:6892 | udp | |
| N/A | 31.184.234.140:6892 | udp | |
| N/A | 31.184.234.141:6892 | udp | |
| N/A | 31.184.234.142:6892 | udp | |
| N/A | 31.184.234.143:6892 | udp | |
| N/A | 31.184.234.144:6892 | udp | |
| N/A | 31.184.234.145:6892 | udp | |
| N/A | 31.184.234.146:6892 | udp | |
| N/A | 31.184.234.147:6892 | udp | |
| N/A | 31.184.234.148:6892 | udp | |
| N/A | 31.184.234.149:6892 | udp | |
| N/A | 31.184.234.150:6892 | udp | |
| N/A | 31.184.234.151:6892 | udp | |
| N/A | 31.184.234.152:6892 | udp | |
| N/A | 31.184.234.153:6892 | udp | |
| N/A | 31.184.234.154:6892 | udp | |
| N/A | 31.184.234.155:6892 | udp | |
| N/A | 31.184.234.156:6892 | udp | |
| N/A | 31.184.234.157:6892 | udp | |
| N/A | 31.184.234.158:6892 | udp | |
| N/A | 31.184.234.159:6892 | udp | |
| N/A | 31.184.234.160:6892 | udp | |
| N/A | 31.184.234.161:6892 | udp | |
| N/A | 31.184.234.162:6892 | udp | |
| N/A | 31.184.234.163:6892 | udp | |
| N/A | 31.184.234.164:6892 | udp | |
| N/A | 31.184.234.165:6892 | udp | |
| N/A | 31.184.234.166:6892 | udp | |
| N/A | 31.184.234.167:6892 | udp | |
| N/A | 31.184.234.168:6892 | udp | |
| N/A | 31.184.234.169:6892 | udp | |
| N/A | 31.184.234.170:6892 | udp | |
| N/A | 31.184.234.171:6892 | udp | |
| N/A | 31.184.234.172:6892 | udp | |
| N/A | 31.184.234.173:6892 | udp | |
| N/A | 31.184.234.174:6892 | udp | |
| N/A | 31.184.234.175:6892 | udp | |
| N/A | 31.184.234.176:6892 | udp | |
| N/A | 31.184.234.177:6892 | udp | |
| N/A | 31.184.234.178:6892 | udp | |
| N/A | 31.184.234.179:6892 | udp | |
| N/A | 31.184.234.180:6892 | udp | |
| N/A | 31.184.234.181:6892 | udp | |
| N/A | 31.184.234.182:6892 | udp | |
| N/A | 31.184.234.183:6892 | udp | |
| N/A | 31.184.234.184:6892 | udp | |
| N/A | 31.184.234.185:6892 | udp | |
| N/A | 31.184.234.186:6892 | udp | |
| N/A | 31.184.234.187:6892 | udp | |
| N/A | 31.184.234.188:6892 | udp | |
| N/A | 31.184.234.189:6892 | udp | |
| N/A | 31.184.234.190:6892 | udp | |
| N/A | 31.184.234.191:6892 | udp | |
| N/A | 31.184.234.192:6892 | udp | |
| N/A | 31.184.234.193:6892 | udp | |
| N/A | 31.184.234.194:6892 | udp | |
| N/A | 31.184.234.195:6892 | udp | |
| N/A | 31.184.234.196:6892 | udp | |
| N/A | 31.184.234.197:6892 | udp | |
| N/A | 31.184.234.198:6892 | udp | |
| N/A | 31.184.234.199:6892 | udp | |
| N/A | 31.184.234.200:6892 | udp | |
| N/A | 31.184.234.201:6892 | udp | |
| N/A | 31.184.234.202:6892 | udp | |
| N/A | 31.184.234.203:6892 | udp | |
| N/A | 31.184.234.204:6892 | udp | |
| N/A | 31.184.234.205:6892 | udp | |
| N/A | 31.184.234.206:6892 | udp | |
| N/A | 31.184.234.207:6892 | udp | |
| N/A | 31.184.234.208:6892 | udp | |
| N/A | 31.184.234.209:6892 | udp | |
| N/A | 31.184.234.210:6892 | udp | |
| N/A | 31.184.234.211:6892 | udp | |
| N/A | 31.184.234.212:6892 | udp | |
| N/A | 31.184.234.213:6892 | udp | |
| N/A | 31.184.234.214:6892 | udp | |
| N/A | 31.184.234.215:6892 | udp | |
| N/A | 31.184.234.216:6892 | udp | |
| N/A | 31.184.234.217:6892 | udp | |
| N/A | 31.184.234.218:6892 | udp | |
| N/A | 31.184.234.219:6892 | udp | |
| N/A | 31.184.234.220:6892 | udp | |
| N/A | 31.184.234.221:6892 | udp | |
| N/A | 31.184.234.222:6892 | udp | |
| N/A | 31.184.234.223:6892 | udp | |
| N/A | 31.184.234.224:6892 | udp | |
| N/A | 31.184.234.225:6892 | udp | |
| N/A | 31.184.234.226:6892 | udp | |
| N/A | 31.184.234.227:6892 | udp | |
| N/A | 31.184.234.228:6892 | udp | |
| N/A | 31.184.234.229:6892 | udp | |
| N/A | 31.184.234.230:6892 | udp | |
| N/A | 31.184.234.231:6892 | udp | |
| N/A | 31.184.234.232:6892 | udp | |
| N/A | 31.184.234.233:6892 | udp | |
| N/A | 31.184.234.234:6892 | udp | |
| N/A | 31.184.234.235:6892 | udp | |
| N/A | 31.184.234.236:6892 | udp | |
| N/A | 31.184.234.237:6892 | udp | |
| N/A | 31.184.234.238:6892 | udp | |
| N/A | 31.184.234.239:6892 | udp | |
| N/A | 31.184.234.240:6892 | udp | |
| N/A | 31.184.234.241:6892 | udp | |
| N/A | 31.184.234.242:6892 | udp | |
| N/A | 31.184.234.243:6892 | udp | |
| N/A | 31.184.234.244:6892 | udp | |
| N/A | 31.184.234.245:6892 | udp | |
| N/A | 31.184.234.246:6892 | udp | |
| N/A | 31.184.234.247:6892 | udp | |
| N/A | 31.184.234.248:6892 | udp | |
| N/A | 31.184.234.249:6892 | udp | |
| N/A | 31.184.234.250:6892 | udp | |
| N/A | 31.184.234.251:6892 | udp | |
| N/A | 31.184.234.252:6892 | udp | |
| N/A | 31.184.234.253:6892 | udp | |
| N/A | 31.184.234.254:6892 | udp | |
| N/A | 8.8.8.8:53 | bqyjebfh25oellur.onion.to | udp |
| N/A | 185.100.85.150:80 | bqyjebfh25oellur.onion.to | tcp |
| N/A | 185.100.85.150:80 | bqyjebfh25oellur.onion.to | tcp |
| N/A | 31.184.234.255:6892 | udp | |
| N/A | 31.184.235.0:6892 | udp | |
| N/A | 31.184.235.1:6892 | udp | |
| N/A | 31.184.235.2:6892 | udp | |
| N/A | 31.184.235.3:6892 | udp | |
| N/A | 31.184.235.4:6892 | udp | |
| N/A | 31.184.235.5:6892 | udp | |
| N/A | 31.184.235.6:6892 | udp | |
| N/A | 31.184.235.7:6892 | udp | |
| N/A | 31.184.235.8:6892 | udp | |
| N/A | 31.184.235.9:6892 | udp | |
| N/A | 31.184.235.10:6892 | udp | |
| N/A | 31.184.235.11:6892 | udp | |
| N/A | 31.184.235.12:6892 | udp | |
| N/A | 31.184.235.13:6892 | udp | |
| N/A | 31.184.235.14:6892 | udp | |
| N/A | 31.184.235.15:6892 | udp | |
| N/A | 31.184.235.16:6892 | udp | |
| N/A | 31.184.235.17:6892 | udp | |
| N/A | 31.184.235.18:6892 | udp | |
| N/A | 31.184.235.19:6892 | udp | |
| N/A | 31.184.235.20:6892 | udp | |
| N/A | 31.184.235.21:6892 | udp | |
| N/A | 31.184.235.22:6892 | udp | |
| N/A | 31.184.235.23:6892 | udp | |
| N/A | 31.184.235.24:6892 | udp | |
| N/A | 31.184.235.25:6892 | udp | |
| N/A | 31.184.235.26:6892 | udp | |
| N/A | 31.184.235.27:6892 | udp | |
| N/A | 31.184.235.28:6892 | udp | |
| N/A | 31.184.235.29:6892 | udp | |
| N/A | 31.184.235.30:6892 | udp | |
| N/A | 31.184.235.31:6892 | udp | |
| N/A | 31.184.235.32:6892 | udp | |
| N/A | 31.184.235.33:6892 | udp | |
| N/A | 31.184.235.34:6892 | udp | |
| N/A | 31.184.235.35:6892 | udp | |
| N/A | 31.184.235.36:6892 | udp | |
| N/A | 31.184.235.37:6892 | udp | |
| N/A | 31.184.235.38:6892 | udp | |
| N/A | 31.184.235.39:6892 | udp | |
| N/A | 31.184.235.40:6892 | udp | |
| N/A | 31.184.235.41:6892 | udp | |
| N/A | 31.184.235.42:6892 | udp | |
| N/A | 31.184.235.43:6892 | udp | |
| N/A | 31.184.235.44:6892 | udp | |
| N/A | 31.184.235.45:6892 | udp | |
| N/A | 31.184.235.46:6892 | udp | |
| N/A | 31.184.235.47:6892 | udp | |
| N/A | 31.184.235.48:6892 | udp | |
| N/A | 31.184.235.49:6892 | udp | |
| N/A | 31.184.235.50:6892 | udp | |
| N/A | 31.184.235.51:6892 | udp | |
| N/A | 31.184.235.52:6892 | udp | |
| N/A | 31.184.235.53:6892 | udp | |
| N/A | 31.184.235.54:6892 | udp | |
| N/A | 31.184.235.55:6892 | udp | |
| N/A | 31.184.235.56:6892 | udp | |
| N/A | 31.184.235.57:6892 | udp | |
| N/A | 31.184.235.58:6892 | udp | |
| N/A | 31.184.235.59:6892 | udp | |
| N/A | 31.184.235.60:6892 | udp | |
| N/A | 31.184.235.61:6892 | udp | |
| N/A | 31.184.235.62:6892 | udp | |
| N/A | 31.184.235.63:6892 | udp | |
| N/A | 31.184.235.64:6892 | udp | |
| N/A | 31.184.235.65:6892 | udp | |
| N/A | 31.184.235.66:6892 | udp | |
| N/A | 31.184.235.67:6892 | udp | |
| N/A | 31.184.235.68:6892 | udp | |
| N/A | 31.184.235.69:6892 | udp | |
| N/A | 31.184.235.70:6892 | udp | |
| N/A | 31.184.235.71:6892 | udp | |
| N/A | 31.184.235.72:6892 | udp | |
| N/A | 31.184.235.73:6892 | udp | |
| N/A | 31.184.235.74:6892 | udp | |
| N/A | 31.184.235.75:6892 | udp | |
| N/A | 31.184.235.76:6892 | udp | |
| N/A | 31.184.235.77:6892 | udp | |
| N/A | 31.184.235.78:6892 | udp | |
| N/A | 31.184.235.79:6892 | udp | |
| N/A | 31.184.235.80:6892 | udp | |
| N/A | 31.184.235.81:6892 | udp | |
| N/A | 31.184.235.82:6892 | udp | |
| N/A | 31.184.235.83:6892 | udp | |
| N/A | 31.184.235.84:6892 | udp | |
| N/A | 31.184.235.85:6892 | udp | |
| N/A | 31.184.235.86:6892 | udp | |
| N/A | 31.184.235.87:6892 | udp | |
| N/A | 31.184.235.88:6892 | udp | |
| N/A | 31.184.235.89:6892 | udp | |
| N/A | 31.184.235.90:6892 | udp | |
| N/A | 31.184.235.91:6892 | udp | |
| N/A | 31.184.235.92:6892 | udp | |
| N/A | 31.184.235.93:6892 | udp | |
| N/A | 31.184.235.94:6892 | udp | |
| N/A | 31.184.235.95:6892 | udp | |
| N/A | 31.184.235.96:6892 | udp | |
| N/A | 31.184.235.97:6892 | udp | |
| N/A | 31.184.235.98:6892 | udp | |
| N/A | 31.184.235.99:6892 | udp | |
| N/A | 31.184.235.100:6892 | udp | |
| N/A | 31.184.235.101:6892 | udp | |
| N/A | 31.184.235.102:6892 | udp | |
| N/A | 31.184.235.103:6892 | udp | |
| N/A | 31.184.235.104:6892 | udp | |
| N/A | 31.184.235.105:6892 | udp | |
| N/A | 31.184.235.106:6892 | udp | |
| N/A | 31.184.235.107:6892 | udp | |
| N/A | 31.184.235.108:6892 | udp | |
| N/A | 31.184.235.109:6892 | udp | |
| N/A | 31.184.235.110:6892 | udp | |
| N/A | 31.184.235.111:6892 | udp | |
| N/A | 31.184.235.112:6892 | udp | |
| N/A | 31.184.235.113:6892 | udp | |
| N/A | 31.184.235.114:6892 | udp | |
| N/A | 31.184.235.115:6892 | udp | |
| N/A | 31.184.235.116:6892 | udp | |
| N/A | 31.184.235.117:6892 | udp | |
| N/A | 31.184.235.118:6892 | udp | |
| N/A | 31.184.235.119:6892 | udp | |
| N/A | 31.184.235.120:6892 | udp | |
| N/A | 31.184.235.121:6892 | udp | |
| N/A | 31.184.235.122:6892 | udp | |
| N/A | 31.184.235.123:6892 | udp | |
| N/A | 31.184.235.124:6892 | udp | |
| N/A | 31.184.235.125:6892 | udp | |
| N/A | 31.184.235.126:6892 | udp | |
| N/A | 31.184.235.127:6892 | udp | |
| N/A | 31.184.235.128:6892 | udp | |
| N/A | 31.184.235.129:6892 | udp | |
| N/A | 31.184.235.130:6892 | udp | |
| N/A | 31.184.235.131:6892 | udp | |
| N/A | 31.184.235.132:6892 | udp | |
| N/A | 31.184.235.133:6892 | udp | |
| N/A | 31.184.235.134:6892 | udp | |
| N/A | 31.184.235.135:6892 | udp | |
| N/A | 31.184.235.136:6892 | udp | |
| N/A | 31.184.235.137:6892 | udp | |
| N/A | 31.184.235.138:6892 | udp | |
| N/A | 31.184.235.139:6892 | udp | |
| N/A | 31.184.235.140:6892 | udp | |
| N/A | 31.184.235.141:6892 | udp | |
| N/A | 31.184.235.142:6892 | udp | |
| N/A | 31.184.235.143:6892 | udp | |
| N/A | 31.184.235.144:6892 | udp | |
| N/A | 31.184.235.145:6892 | udp | |
| N/A | 31.184.235.146:6892 | udp | |
| N/A | 31.184.235.147:6892 | udp | |
| N/A | 31.184.235.148:6892 | udp | |
| N/A | 31.184.235.149:6892 | udp | |
| N/A | 31.184.235.150:6892 | udp | |
| N/A | 31.184.235.151:6892 | udp | |
| N/A | 31.184.235.152:6892 | udp | |
| N/A | 31.184.235.153:6892 | udp | |
| N/A | 31.184.235.154:6892 | udp | |
| N/A | 31.184.235.155:6892 | udp | |
| N/A | 31.184.235.156:6892 | udp | |
| N/A | 31.184.235.157:6892 | udp | |
| N/A | 31.184.235.158:6892 | udp | |
| N/A | 31.184.235.159:6892 | udp | |
| N/A | 31.184.235.160:6892 | udp | |
| N/A | 31.184.235.161:6892 | udp | |
| N/A | 31.184.235.162:6892 | udp | |
| N/A | 31.184.235.163:6892 | udp | |
| N/A | 31.184.235.164:6892 | udp | |
| N/A | 31.184.235.165:6892 | udp | |
| N/A | 31.184.235.166:6892 | udp | |
| N/A | 31.184.235.167:6892 | udp | |
| N/A | 31.184.235.168:6892 | udp | |
| N/A | 31.184.235.169:6892 | udp | |
| N/A | 31.184.235.170:6892 | udp | |
| N/A | 31.184.235.171:6892 | udp | |
| N/A | 31.184.235.172:6892 | udp | |
| N/A | 31.184.235.173:6892 | udp | |
| N/A | 31.184.235.174:6892 | udp | |
| N/A | 31.184.235.175:6892 | udp | |
| N/A | 31.184.235.176:6892 | udp | |
| N/A | 31.184.235.177:6892 | udp | |
| N/A | 31.184.235.178:6892 | udp | |
| N/A | 31.184.235.179:6892 | udp | |
| N/A | 31.184.235.180:6892 | udp | |
| N/A | 31.184.235.181:6892 | udp | |
| N/A | 31.184.235.182:6892 | udp | |
| N/A | 31.184.235.183:6892 | udp | |
| N/A | 31.184.235.184:6892 | udp | |
| N/A | 31.184.235.185:6892 | udp | |
| N/A | 31.184.235.186:6892 | udp | |
| N/A | 31.184.235.187:6892 | udp | |
| N/A | 31.184.235.188:6892 | udp | |
| N/A | 31.184.235.189:6892 | udp | |
| N/A | 31.184.235.190:6892 | udp | |
| N/A | 31.184.235.191:6892 | udp | |
| N/A | 31.184.235.192:6892 | udp | |
| N/A | 31.184.235.193:6892 | udp | |
| N/A | 31.184.235.194:6892 | udp | |
| N/A | 31.184.235.195:6892 | udp | |
| N/A | 31.184.235.196:6892 | udp | |
| N/A | 31.184.235.197:6892 | udp | |
| N/A | 31.184.235.198:6892 | udp | |
| N/A | 31.184.235.199:6892 | udp | |
| N/A | 31.184.235.200:6892 | udp | |
| N/A | 31.184.235.201:6892 | udp | |
| N/A | 31.184.235.202:6892 | udp | |
| N/A | 31.184.235.203:6892 | udp | |
| N/A | 31.184.235.204:6892 | udp | |
| N/A | 31.184.235.205:6892 | udp | |
| N/A | 31.184.235.206:6892 | udp | |
| N/A | 31.184.235.207:6892 | udp | |
| N/A | 31.184.235.208:6892 | udp | |
| N/A | 31.184.235.209:6892 | udp | |
| N/A | 31.184.235.210:6892 | udp | |
| N/A | 31.184.235.211:6892 | udp | |
| N/A | 31.184.235.212:6892 | udp | |
| N/A | 31.184.235.213:6892 | udp | |
| N/A | 31.184.235.214:6892 | udp | |
| N/A | 31.184.235.215:6892 | udp | |
| N/A | 31.184.235.216:6892 | udp | |
| N/A | 31.184.235.217:6892 | udp | |
| N/A | 31.184.235.218:6892 | udp | |
| N/A | 31.184.235.219:6892 | udp | |
| N/A | 31.184.235.220:6892 | udp | |
| N/A | 31.184.235.221:6892 | udp | |
| N/A | 31.184.235.222:6892 | udp | |
| N/A | 31.184.235.223:6892 | udp | |
| N/A | 31.184.235.224:6892 | udp | |
| N/A | 31.184.235.225:6892 | udp | |
| N/A | 31.184.235.226:6892 | udp | |
| N/A | 31.184.235.227:6892 | udp | |
| N/A | 31.184.235.228:6892 | udp | |
| N/A | 31.184.235.229:6892 | udp | |
| N/A | 31.184.235.230:6892 | udp | |
| N/A | 31.184.235.231:6892 | udp | |
| N/A | 31.184.235.232:6892 | udp | |
| N/A | 31.184.235.233:6892 | udp | |
| N/A | 31.184.235.234:6892 | udp | |
| N/A | 31.184.235.235:6892 | udp | |
| N/A | 31.184.235.236:6892 | udp | |
| N/A | 31.184.235.237:6892 | udp | |
| N/A | 31.184.235.238:6892 | udp | |
| N/A | 31.184.235.239:6892 | udp | |
| N/A | 31.184.235.240:6892 | udp | |
| N/A | 31.184.235.241:6892 | udp | |
| N/A | 31.184.235.242:6892 | udp | |
| N/A | 31.184.235.243:6892 | udp | |
| N/A | 31.184.235.244:6892 | udp | |
| N/A | 31.184.235.245:6892 | udp | |
| N/A | 31.184.235.246:6892 | udp | |
| N/A | 31.184.235.247:6892 | udp | |
| N/A | 31.184.235.248:6892 | udp | |
| N/A | 31.184.235.249:6892 | udp | |
| N/A | 31.184.235.250:6892 | udp | |
| N/A | 31.184.235.251:6892 | udp | |
| N/A | 31.184.235.252:6892 | udp | |
| N/A | 31.184.235.253:6892 | udp | |
| N/A | 31.184.235.254:6892 | udp | |
| N/A | 31.184.235.255:6892 | udp | |
| N/A | 185.100.85.150:80 | bqyjebfh25oellur.onion.to | tcp |
| N/A | 8.8.8.8:53 | btc.blockr.io | udp |
| N/A | 8.8.8.8:53 | btc.blockr.io | udp |
| N/A | 8.8.8.8:53 | api.blockcypher.com | udp |
| N/A | 172.67.2.88:80 | api.blockcypher.com | tcp |
| N/A | 172.67.2.88:80 | api.blockcypher.com | tcp |
| N/A | 8.8.8.8:53 | bqyjebfh25oellur.onion.to | udp |
| N/A | 8.8.8.8:53 | chain.so | udp |
| N/A | 172.67.157.138:443 | chain.so | tcp |
| N/A | 172.67.157.138:443 | chain.so | tcp |
| N/A | 8.8.8.8:53 | iecvlist.microsoft.com | udp |
| N/A | 152.199.19.161:443 | iecvlist.microsoft.com | tcp |
| N/A | 8.8.8.8:53 | ocsp.msocsp.com | udp |
| N/A | 104.18.25.243:80 | ocsp.msocsp.com | tcp |
| N/A | 8.8.8.8:53 | ieonline.microsoft.com | udp |
| N/A | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| N/A | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| N/A | 8.8.8.8:53 | go.microsoft.com | udp |
| N/A | 2.16.212.108:443 | go.microsoft.com | tcp |
| N/A | 2.16.212.108:443 | go.microsoft.com | tcp |
| N/A | 8.8.8.8:53 | www.microsoft.com | udp |
| N/A | 8.8.8.8:53 | www.bing.com | udp |
| N/A | 204.79.197.200:443 | www.bing.com | tcp |
| N/A | 204.79.197.200:443 | www.bing.com | tcp |
Files
memory/2696-0-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe
| MD5 | 601d43f704d6d7c6060d5ec7f5fb6aec |
| SHA1 | 12754bcb9e254921eca1b2266feb5320982e4a4f |
| SHA256 | eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200 |
| SHA512 | a9f31b94e42e885777347f078dfa6c9fe1376be0a3ea55497abb7e9f605e7a9e64c7a82765c2de5df70474f9d3743f66f0d6d062d6d151464fb77df8c42cc3f8 |
C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe
| MD5 | 601d43f704d6d7c6060d5ec7f5fb6aec |
| SHA1 | 12754bcb9e254921eca1b2266feb5320982e4a4f |
| SHA256 | eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200 |
| SHA512 | a9f31b94e42e885777347f078dfa6c9fe1376be0a3ea55497abb7e9f605e7a9e64c7a82765c2de5df70474f9d3743f66f0d6d062d6d151464fb77df8c42cc3f8 |
memory/2716-3-0x0000000000000000-mapping.dmp
memory/4004-4-0x0000000000000000-mapping.dmp
memory/208-5-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\isoburn.lnk
| MD5 | 030f1982e4fe6e4bbc762bb0023305ba |
| SHA1 | 3d227a97054614fef576c8588f240b6a53d7ab3b |
| SHA256 | 5e08ba1135cc66db629ddfadc2696b3f476218e64f9631104707c21f6830622a |
| SHA512 | dc0afb6e24f5d933b8666b8dc88c4963a4dcf158a532636cab7c5146a2b06c02ffe2c5609e6b81db39ba6be9772823dc4664c28dc3fdee772f775fd5689427a7 |
C:\Users\Admin\AppData\Roaming\{979CC176-2CBB-9CDF-ED19-828F81E1B52B}\isoburn.exe
| MD5 | 601d43f704d6d7c6060d5ec7f5fb6aec |
| SHA1 | 12754bcb9e254921eca1b2266feb5320982e4a4f |
| SHA256 | eef9b5684b6e673999c963232a0635744c8853a3758b7177e81afdef71249200 |
| SHA512 | a9f31b94e42e885777347f078dfa6c9fe1376be0a3ea55497abb7e9f605e7a9e64c7a82765c2de5df70474f9d3743f66f0d6d062d6d151464fb77df8c42cc3f8 |
C:\Users\Admin\Desktop\# DECRYPT MY FILES #.html
| MD5 | 84ad1ea89dfda0867e72ac4781c98a7e |
| SHA1 | f319f2324a2f0449c700b1d58355da00be2ce812 |
| SHA256 | 6af3b056d41d80680ffdf054193055d8b4b19b0adf91676d40bcb8c9b290f809 |
| SHA512 | f43b3da4656aebedfb4371b7c4cea85e4db5033f9f684c767f2fe0b535a9ebedb54cedac20ce8120b9846c25160e4ddda7cd993c5a232564773651bb34a26315 |
memory/2292-9-0x0000000000000000-mapping.dmp
C:\Users\Admin\Desktop\# DECRYPT MY FILES #.txt
| MD5 | 72460a8e5ec56e47b2086e13ea0f8838 |
| SHA1 | befea57a07809d5568c84032c3b9c66af168d602 |
| SHA256 | 2b2d2623fa6fdc4200ea06c4bca178aec272e26bdba582c8278e6f39306a74d3 |
| SHA512 | d4b574b8c729e0e7339c59ba6cbfd8c4b77047844326b509a6ec3f777f5423a42676d87224eaac8ce9b8ae10624e3e441414ea82505b2523c42082157aa255fd |
memory/4184-28-0x0000000000000000-mapping.dmp
C:\Users\Admin\Desktop\# DECRYPT MY FILES #.vbs
| MD5 | 1c2a24505278e661eca32666d4311ce5 |
| SHA1 | d1deb57023bbe38a33f0894b6a9a7bbffbfdeeee |
| SHA256 | 3f0dc6126cf33e7aa725df926a1b7d434eaf62a69f42e1b8ae4c110fd3572628 |
| SHA512 | ce866f2c4b96c6c7c090f4bf1708bfebdfcd58ce65a23bdc124a13402ef4941377c7e286e6156a28bd229e422685454052382f1f532545bc2edf07be4861b36c |
memory/4568-42-0x0000000000000000-mapping.dmp
memory/4612-43-0x0000000000000000-mapping.dmp
memory/4652-44-0x0000000000000000-mapping.dmp