Analysis Overview
SHA256
2ef69f36d3a99e423ae6b8de52168fd26656d0c274845270000b013043daac7e
Threat Level: Known bad
The file mmc-stable-win32.zip was found to be: Known bad.
Malicious Activity Summary
Suspicious use of NtCreateUserProcessOtherParentProcess
BazarBackdoor
Bazar/Team9 Backdoor payload
Registers COM server for autorun
UPX packed file
Executes dropped EXE
Downloads MZ/PE file
Loads dropped DLL
Adds Run key to start application
Enumerates connected drives
Installs/modifies Browser Helper Object
Drops file in System32 directory
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
Modifies Internet Explorer settings
Modifies registry class
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Suspicious behavior: AddClipboardFormatListener
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Checks SCSI registry key(s)
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: GetForegroundWindowSpam
Enumerates system info in registry
Suspicious use of WriteProcessMemory
Checks processor information in registry
MITRE ATT&CK
Enterprise Matrix V6
Analysis: static1
Detonation Overview
Reported
2023-01-03 18:38
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2023-01-03 18:38
Reported
2023-01-03 18:42
Platform
win7-20221111-en
Max time kernel
30s
Max time network
33s
Command Line
Signatures
Processes
C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\mmc-stable-win32.zip
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2023-01-03 18:38
Reported
2023-01-03 18:42
Platform
win10v2004-20221111-en
Max time kernel
90s
Max time network
153s
Command Line
Signatures
Processes
C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\mmc-stable-win32.zip
Network
| Country | Destination | Domain | Proto |
| N/A | 209.197.3.8:80 | tcp | |
| N/A | 209.197.3.8:80 | tcp | |
| N/A | 51.104.15.252:443 | tcp | |
| N/A | 93.184.221.240:80 | tcp | |
| N/A | 93.184.221.240:80 | tcp | |
| N/A | 93.184.221.240:80 | tcp | |
| N/A | 104.80.225.205:443 | tcp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2023-01-03 18:38
Reported
2023-01-03 18:42
Platform
win7-20220812-en
Max time kernel
42s
Max time network
45s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\MultiMC\MultiMC.exe
"C:\Users\Admin\AppData\Local\Temp\MultiMC\MultiMC.exe"
Network
Files
memory/1036-54-0x00000000753C1000-0x00000000753C3000-memory.dmp
memory/1036-55-0x00000000002C0000-0x00000000002D8000-memory.dmp
memory/1036-56-0x0000000000B20000-0x0000000001164000-memory.dmp
memory/1036-58-0x0000000070940000-0x000000007095C000-memory.dmp
memory/1036-59-0x0000000061740000-0x0000000061771000-memory.dmp
memory/1036-60-0x000000006C8C0000-0x000000006C8FF000-memory.dmp
memory/1036-61-0x0000000068880000-0x0000000068DAF000-memory.dmp
memory/1036-64-0x0000000061740000-0x0000000061771000-memory.dmp
memory/1036-63-0x0000000070940000-0x000000007095C000-memory.dmp
memory/1036-65-0x000000006C8C0000-0x000000006C8FF000-memory.dmp
memory/1036-62-0x0000000061940000-0x0000000061EB5000-memory.dmp
memory/1036-66-0x0000000063400000-0x0000000063415000-memory.dmp
Analysis: behavioral4
Detonation Overview
Submitted
2023-01-03 18:38
Reported
2023-01-03 18:57
Platform
win10v2004-20221111-en
Max time kernel
1005s
Max time network
961s
Command Line
Signatures
BazarBackdoor
Suspicious use of NtCreateUserProcessOtherParentProcess
| Description | Indicator | Process | Target |
| PID 1268 created 4972 | N/A | C:\Windows\system32\svchost.exe | C:\Program Files\Java\jre1.8.0_351\installer.exe |
| PID 1268 created 4676 | N/A | C:\Windows\system32\svchost.exe | C:\Users\Admin\AppData\Local\Temp\jds240678140.tmp\jre-8u351-windows-x64.exe |
| PID 1268 created 4676 | N/A | C:\Windows\system32\svchost.exe | C:\Users\Admin\AppData\Local\Temp\jds240678140.tmp\jre-8u351-windows-x64.exe |
Bazar/Team9 Backdoor payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Downloads MZ/PE file
Executes dropped EXE
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0343-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0025-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0066-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0304-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0128-ABCDEFFEDCBC}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0073-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0056-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0327-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0077-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0018-0000-0055-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0018-0000-0295-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0057-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0189-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0333-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0134-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0296-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0064-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0134-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0069-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0115-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0278-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0342-ABCDEFFEDCBC}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0061-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0073-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0361-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0194-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0127-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0173-ABCDEFFEDCBB}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0297-ABCDEFFEDCBA}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0140-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0017-0000-0170-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0157-ABCDEFFEDCBC}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0088-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0083-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0154-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0111-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0297-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0066-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0091-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0217-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0248-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0059-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0033-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0077-ABCDEFFEDCBC}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0094-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0210-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0264-ABCDEFFEDCBC}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000\Software\Microsoft\Windows\CurrentVersion\Run | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched = "\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000\Software\Microsoft\Windows\CurrentVersion\Run | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000\Software\Microsoft\Windows\CurrentVersion\Run | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\NoExplorer = "1" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{DBC80044-A445-435B-BC74-9C25C1C588A9} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\NoExplorer = "1" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\NoExplorer = "1" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{DBC80044-A445-435B-BC74-9C25C1C588A9} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\NoExplorer = "1" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\WindowsAccessBridge-64.dll | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| File opened for modification | C:\Windows\system32\WindowsAccessBridge-64.dll | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| File created | C:\Windows\system32\WindowsAccessBridge-64.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\java.exe | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\deploy\messages_ja.properties | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\charsets.jar | C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\images\cursors\win32_MoveNoDrop32x32.gif | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\api-ms-win-core-string-l1-1-0.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\javaws.jar | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\ext\cldrdata.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\eula.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\legal\javafx\glib.md | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\legal\jdk\relaxngom.md | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\management\jmxremote.password.template | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jdwp.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\README.txt | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\legal\jdk\lcms.md | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\currency.data | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fonts\LucidaTypewriterRegular.ttf | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jp2native.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\hijrah-config-umalqura.properties | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\psfont.properties.ja | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\api-ms-win-core-file-l1-1-0.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\api-ms-win-crt-private-l1-1-0.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\ext\sunmscapi.jar | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\ktab.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\legal\jdk\freebxml.md | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\legal\jdk\jopt-simple.md | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\fonts\LucidaBrightRegular.ttf | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fonts\LucidaTypewriterBold.ttf | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\COPYRIGHT | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\javaw.exe | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\legal\jdk\unicode.md | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\cmm\LINEAR_RGB.pf | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\awt.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\legal\javafx\public_suffix.md | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\fonts\LucidaSansDemiBold.ttf | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jp2launcher.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\plugin.jar | C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Oracle\Java\javapath | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fonts\LucidaBrightItalic.ttf | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\deploy\messages_zh_HK.properties | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\javaws.pack | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\security\blacklist | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\fontconfig.bfc | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\jaas_nt.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\ktab.exe | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\security\blacklist | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\release | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\currency.data | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\legal\jdk\dynalink.md | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\jfxwebkit.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\jce.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\msvcp140_1.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\javafx_font.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\api-ms-win-core-processenvironment-l1-1-0.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\api-ms-win-core-processthreads-l1-1-1.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\sunec.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\management\management.properties | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre1.8.0_66\lib\cmm\GRAY.pf | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\api-ms-win-core-libraryloader-l1-1-0.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\lib\net.properties | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\Welcome.html | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\bin\api-ms-win-crt-filesystem-l1-1-0.dll | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| File created | C:\Program Files\Java\jre1.8.0_351\legal\javafx\libxml2.md | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\e58e6a4.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9BDB.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e58e6a7.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{26A24AE4-039D-4CA4-87B4-2F64180351F0} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI46E.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e58e5da.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9C6.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{4A03706F-666A-4037-7777-5F2748764D10} | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e58e5d7.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE2.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI7A46.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIAAFC.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9406.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI97F1.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9AC1.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI42E.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9754.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e58e6a4.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9EAB.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e58e5d7.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIFFE7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI9649.tmp | C:\Windows\system32\msiexec.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\msiexec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\msiexec.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\AlternateCLSID = "{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\AlternateCLSID = "{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\AppName = "jp2launcher.exe" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\AppName = "javaws.exe" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\Policy = "0" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\Compatibility Flags = "1024" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\AppPath = "C:\\Program Files\\Java\\jre1.8.0_351\\bin" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ACTIVEX COMPATIBILITY\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\AppName = "ssvagent.exe" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\AppPath = "C:\\Program Files\\Java\\jre1.8.0_351\\bin" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5852F5ED-8BF4-11D4-A245-0080C6F74284} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\Policy = "0" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\AppName = "jp2launcher.exe" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\Policy = "3" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\AppPath = "C:\\Program Files\\Java\\jre1.8.0_351\\bin" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{44D1B085-E495-4B5F-9EE6-34795C46E7E7} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\AppPath = "C:\\Program Files\\Java\\jre1.8.0_351\\bin" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\AppName = "ssvagent.exe" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\AppPath = "C:\\Program Files\\Java\\jre1.8.0_351\\bin" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\Policy = "3" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\Policy = "3" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\AppPath = "C:\\Program Files\\Java\\jre1.8.0_351\\bin" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5852F5ED-8BF4-11D4-A245-0080C6F74284} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\Policy = "3" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\AppName = "javaws.exe" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\Compatibility Flags = "1024" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{44D1B085-E495-4B5F-9EE6-34795C46E7E7} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0332-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0018-0000-0188-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0144-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0211-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0116-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0140-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0291-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0284-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0017-0000-0135-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0257-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0112-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0121-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0291-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0131-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0147-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0246-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0059-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0279-ABCDEFFEDCBC}\ = "Java Plug-in 1.8.0_279" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\ = "Java Plug-in 1.3.1_05" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0146-ABCDEFFEDCBB}\ = "Java Plug-in 1.6.0_146" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0017-0000-0159-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0017-0000-0320-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0253-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0291-ABCDEFFEDCBA}\ = "Java Plug-in 1.8.0_291" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0015-0000-0087-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\ = "Java Plug-in 1.6.0_14" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0135-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0046-ABCDEFFEDCBC}\ = "Java Plug-in 1.8.0_46" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0195-ABCDEFFEDCBA}\ = "Java Plug-in 1.8.0_195" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0232-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0018-0000-0165-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0018-0000-0330-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0300-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0175-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0143-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0014-0002-0084-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0193-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}\ = "Java Plug-in 1.5.0_40" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0051-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0308-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0013-0001-0092-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0218-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0266-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0276-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0299-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0013-0001-0090-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0052-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0014-0002-0087-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0015-0000-0054-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0355-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0173-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0018-0000-0272-ABCDEFFEDCBB}\ = "Java Plug-in 1.8.0_272" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0016-0000-0209-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0300-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\CLSID\{CAFEEFAC-0017-0000-0054-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0090-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0122-ABCDEFFEDCBA} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0065-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0082-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0297-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0320-ABCDEFFEDCBB}\ = "Java Plug-in 1.7.0_320" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0131-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}\ = "Java Plug-in 1.6.0_31" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}\ = "Java Plug-in 1.6.0_48" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0259-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0282-ABCDEFFEDCBC} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0204-ABCDEFFEDCBA}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0057-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\ = "Java Plug-in 1.4.0" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0307-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0350-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0211-ABCDEFFEDCBA} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0062-ABCDEFFEDCBB} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0148-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0237-ABCDEFFEDCBB}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0059-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InProcServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0277-ABCDEFFEDCBC}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0153-ABCDEFFEDCBC} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0074-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0167-ABCDEFFEDCBC} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0107-ABCDEFFEDCBA}\InprocServer32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0177-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0319-ABCDEFFEDCBC} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0076-ABCDEFFEDCBB}\ = "Java Plug-in 1.5.0_76" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0130-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0067-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0306-ABCDEFFEDCBB} | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0053-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0169-ABCDEFFEDCBA} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0011-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0077-ABCDEFFEDCBA}\ = "Java Plug-in 1.5.0_77" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0075-ABCDEFFEDCBA} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0172-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0209-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0242-ABCDEFFEDCBC}\ = "Java Plug-in 1.8.0_242" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0274-ABCDEFFEDCBC} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}\ = "Java Plug-in 1.6.0_20" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0263-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0092-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0324-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0257-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0088-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0251-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0259-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0045-ABCDEFFEDCBC} | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0051-ABCDEFFEDCBA}\ = "Java Plug-in 1.8.0_51" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0018-0000-0340-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0072-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0188-ABCDEFFEDCBC}\ = "Java Plug-in 1.6.0_188" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0082-ABCDEFFEDCBB} | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0219-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-2386679933-1492765628-3466841596-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0108-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0074-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre1.8.0_351\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre1.8.0_351\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Windows\Installer\MSIAAFC.tmp | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 291206.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\MultiMC\MultiMC.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\MultiMC\MultiMC.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds240678140.tmp\jre-8u351-windows-x64.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\MultiMC\MultiMC.exe
"C:\Users\Admin\AppData\Local\Temp\MultiMC\MultiMC.exe"
C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -jar C:/Users/Admin/AppData/Local/Temp/MultiMC/jars/JavaCheck.jar
C:\Program Files\Java\jdk1.8.0_66\bin\javaw.exe
"C:\Program Files\Java\jdk1.8.0_66\bin\javaw.exe" -jar C:/Users/Admin/AppData/Local/Temp/MultiMC/jars/JavaCheck.jar
C:\ProgramData\Oracle\Java\javapath\javaw.exe
javaw -jar C:/Users/Admin/AppData/Local/Temp/MultiMC/jars/JavaCheck.jar
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f0 0x2b4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa4a2046f8,0x7ffa4a204708,0x7ffa4a204718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2712 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5692 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5872 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4408 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ff7e9605460,0x7ff7e9605470,0x7ff7e9605480
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4408 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5720 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3020 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5840 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6044 /prefetch:8
C:\Users\Admin\Downloads\jre-8u351-windows-x64.exe
"C:\Users\Admin\Downloads\jre-8u351-windows-x64.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2160,9559595506241170829,3207018664700091303,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\jds240678140.tmp\jre-8u351-windows-x64.exe
"C:\Users\Admin\AppData\Local\Temp\jds240678140.tmp\jre-8u351-windows-x64.exe"
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding 9640C35881E97C594AE407CDEAA89501
C:\Program Files\Java\jre1.8.0_351\installer.exe
"C:\Program Files\Java\jre1.8.0_351\installer.exe" /s INSTALLDIR="C:\Program Files\Java\jre1.8.0_351\\" INSTALL_SILENT=1 REPAIRMODE=0 ProductCode={26A24AE4-039D-4CA4-87B4-2F64180351F0}
C:\ProgramData\Oracle\Java\installcache_x64\240716828.tmp\bspatch.exe
"bspatch.exe" baseimagefam8 newimage diff
C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_351\lib/plugin.pack" "C:\Program Files\Java\jre1.8.0_351\lib/plugin.jar"
C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_351\lib/javaws.pack" "C:\Program Files\Java\jre1.8.0_351\lib/javaws.jar"
C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_351\lib/deploy.pack" "C:\Program Files\Java\jre1.8.0_351\lib/deploy.jar"
C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_351\lib/rt.pack" "C:\Program Files\Java\jre1.8.0_351\lib/rt.jar"
C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_351\lib/jsse.pack" "C:\Program Files\Java\jre1.8.0_351\lib/jsse.jar"
C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_351\lib/charsets.pack" "C:\Program Files\Java\jre1.8.0_351\lib/charsets.jar"
C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe
"C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe" -r "C:\Program Files\Java\jre1.8.0_351\lib/ext/localedata.pack" "C:\Program Files\Java\jre1.8.0_351\lib/ext/localedata.jar"
C:\Program Files\Java\jre1.8.0_351\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_351\bin\javaw.exe" -Xshare:dump -Djdk.disableLastUsageTracking
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k netsvcs -p -s seclogon
C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe
"C:\Program Files\Java\jre1.8.0_351\bin\ssvagent.exe" -doHKCUSSVSetup
C:\Program Files\Java\jre1.8.0_351\bin\javaws.exe
"C:\Program Files\Java\jre1.8.0_351\bin\javaws.exe" -wait -fix -permissions -silent
C:\Program Files\Java\jre1.8.0_351\bin\jp2launcher.exe
"C:\Program Files\Java\jre1.8.0_351\bin\jp2launcher.exe" -secure -javaws -jre "C:\Program Files\Java\jre1.8.0_351" -vma LWNsYXNzcGF0aABDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfMzUxXGxpYlxkZXBsb3kuamFyAC1EamF2YS5zZWN1cml0eS5wb2xpY3k9ZmlsZTpDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfMzUxXGxpYlxzZWN1cml0eVxqYXZhd3MucG9saWN5AC1EdHJ1c3RQcm94eT10cnVlAC1YdmVyaWZ5OnJlbW90ZQAtRGpubHB4LmhvbWU9QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZTEuOC4wXzM1MVxiaW4ALURqYXZhLnNlY3VyaXR5Lm1hbmFnZXIALURzdW4uYXd0Lndhcm11cD10cnVlAC1YYm9vdGNsYXNzcGF0aC9hOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF8zNTFcbGliXGphdmF3cy5qYXI7QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZTEuOC4wXzM1MVxsaWJcZGVwbG95LmphcjtDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfMzUxXGxpYlxwbHVnaW4uamFyAC1EamF2YS5hd3QuaGVhZGxlc3M9dHJ1ZQAtRGpubHB4Lmp2bT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfMzUxXGJpblxqYXZhdy5leGU= -ma LXdhaXQALWZpeAAtcGVybWlzc2lvbnMALXNpbGVudAAtbm90V2ViSmF2YQ==
C:\Program Files\Java\jre1.8.0_351\bin\javaws.exe
"C:\Program Files\Java\jre1.8.0_351\bin\javaws.exe" -wait -fix -shortcut -silent
C:\Program Files\Java\jre1.8.0_351\bin\jp2launcher.exe
"C:\Program Files\Java\jre1.8.0_351\bin\jp2launcher.exe" -secure -javaws -jre "C:\Program Files\Java\jre1.8.0_351" -vma LWNsYXNzcGF0aABDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfMzUxXGxpYlxkZXBsb3kuamFyAC1EamF2YS5zZWN1cml0eS5wb2xpY3k9ZmlsZTpDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfMzUxXGxpYlxzZWN1cml0eVxqYXZhd3MucG9saWN5AC1EdHJ1c3RQcm94eT10cnVlAC1YdmVyaWZ5OnJlbW90ZQAtRGpubHB4LmhvbWU9QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZTEuOC4wXzM1MVxiaW4ALURqYXZhLnNlY3VyaXR5Lm1hbmFnZXIALURzdW4uYXd0Lndhcm11cD10cnVlAC1YYm9vdGNsYXNzcGF0aC9hOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF8zNTFcbGliXGphdmF3cy5qYXI7QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZTEuOC4wXzM1MVxsaWJcZGVwbG95LmphcjtDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfMzUxXGxpYlxwbHVnaW4uamFyAC1EamF2YS5hd3QuaGVhZGxlc3M9dHJ1ZQAtRGpubHB4Lmp2bT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfMzUxXGJpblxqYXZhdy5leGU= -ma LXdhaXQALWZpeAAtc2hvcnRjdXQALXNpbGVudAAtbm90V2ViSmF2YQ==
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding 273CA504E9C9A250CD2705119C9880CC E Global\MSI0000
C:\Windows\Installer\MSIAAFC.tmp
"C:\Windows\Installer\MSIAAFC.tmp" ProductCode={26A24AE4-039D-4CA4-87B4-2F86418066F0} /s
C:\Program Files\Java\jre1.8.0_66\bin\javaws.exe
"C:\Program Files\Java\jre1.8.0_66\bin\javaws.exe" -wait -fix -shortcut -silent
C:\Program Files\Java\jre1.8.0_66\bin\jp2launcher.exe
"C:\Program Files\Java\jre1.8.0_66\bin\jp2launcher.exe" -secure -javaws -jre "C:\Program Files\Java\jre1.8.0_66" -vma LWNsYXNzcGF0aABDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfNjZcbGliXGRlcGxveS5qYXIALURqYXZhLnNlY3VyaXR5LnBvbGljeT1maWxlOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF82NlxsaWJcc2VjdXJpdHlcamF2YXdzLnBvbGljeQAtRHRydXN0UHJveHk9dHJ1ZQAtWHZlcmlmeTpyZW1vdGUALURqbmxweC5ob21lPUM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF82NlxiaW4ALURqYXZhLnNlY3VyaXR5Lm1hbmFnZXIALURzdW4uYXd0Lndhcm11cD10cnVlAC1YYm9vdGNsYXNzcGF0aC9hOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUxLjguMF82NlxsaWJcamF2YXdzLmphcjtDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfNjZcbGliXGRlcGxveS5qYXI7QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZTEuOC4wXzY2XGxpYlxwbHVnaW4uamFyAC1EamF2YS5hd3QuaGVhZGxlc3M9dHJ1ZQAtRGpubHB4Lmp2bT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlMS44LjBfNjZcYmluXGphdmF3LmV4ZQ== -ma LXdhaXQALWZpeAAtc2hvcnRjdXQALXNpbGVudAAtbm90V2ViSmF2YQ==
C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe" -u auto-update
C:\Program Files\Java\jre1.8.0_351\bin\javaw.exe
-Djdk.disableLastUsageTracking -cp "C:\Program Files\Java\jre1.8.0_351\bin\..\lib\deploy.jar" com.sun.deploy.panel.ControlPanel -getUserWebJavaStatus
C:\Program Files\Java\jre1.8.0_351\bin\javaw.exe
-Djdk.disableLastUsageTracking -cp "C:\Program Files\Java\jre1.8.0_351\bin\..\lib\deploy.jar" com.sun.deploy.panel.ControlPanel -getUserPreviousDecisionsExist 30
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ffa4a2046f8,0x7ffa4a204708,0x7ffa4a204718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,1690469621917267966,8600150211386754726,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,1690469621917267966,8600150211386754726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,1690469621917267966,8600150211386754726,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2956 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1690469621917267966,8600150211386754726,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1690469621917267966,8600150211386754726,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3796 /prefetch:1
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 5CABAB0A358A5A547CD3B8E20308CBDE
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding B28ABF240ED74A502D90004D9A91174D E Global\MSI0000
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding F2A9DAFC55ABDCD3575CBCA4E9E39B52
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 35FC845F8575EC5E6FC583543C9DD406 E Global\MSI0000
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2076,1690469621917267966,8600150211386754726,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5540 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1690469621917267966,8600150211386754726,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,1690469621917267966,8600150211386754726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3916 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,1690469621917267966,8600150211386754726,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3916 /prefetch:8
C:\Program Files\Java\jre1.8.0_351\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_351\bin\javaw.exe" -jar C:/Users/Admin/AppData/Local/Temp/MultiMC/jars/JavaCheck.jar
C:\ProgramData\Oracle\Java\javapath\javaw.exe
javaw -jar C:/Users/Admin/AppData/Local/Temp/MultiMC/jars/JavaCheck.jar
C:\Program Files\Java\jdk1.8.0_66\bin\javaw.exe
"C:\Program Files\Java\jdk1.8.0_66\bin\javaw.exe" -jar C:/Users/Admin/AppData/Local/Temp/MultiMC/jars/JavaCheck.jar
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa4a2046f8,0x7ffa4a204708,0x7ffa4a204718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2604 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3496 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5420 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5708 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5556 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f0 0x2b4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6396 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=7132 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3740 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,4456874395203459159,6515777719514130798,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4980 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| N/A | 8.8.8.8:53 | files.multimc.org | udp |
| N/A | 104.21.39.176:443 | files.multimc.org | tcp |
| N/A | 52.182.143.211:443 | tcp | |
| N/A | 104.80.225.205:443 | tcp | |
| N/A | 104.21.39.176:443 | files.multimc.org | tcp |
| N/A | 8.8.8.8:53 | multimc.org | udp |
| N/A | 104.21.39.176:80 | multimc.org | tcp |
| N/A | 104.21.39.176:443 | multimc.org | tcp |
| N/A | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| N/A | 20.82.250.189:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 8.8.8.8:53 | smartscreen-prod.microsoft.com | udp |
| N/A | 20.67.219.150:443 | smartscreen-prod.microsoft.com | tcp |
| N/A | 20.67.219.150:443 | smartscreen-prod.microsoft.com | tcp |
| N/A | 20.67.219.150:443 | smartscreen-prod.microsoft.com | tcp |
| N/A | 8.8.8.8:53 | ntp.msn.com | udp |
| N/A | 93.184.221.240:80 | tcp | |
| N/A | 93.184.221.240:80 | tcp | |
| N/A | 20.82.250.189:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 204.79.197.200:443 | www.bing.com | tcp |
| N/A | 8.8.8.8:53 | assets.msn.com | udp |
| N/A | 2.16.165.124:443 | assets.msn.com | tcp |
| N/A | 2.16.165.124:443 | assets.msn.com | tcp |
| N/A | 2.16.165.124:443 | assets.msn.com | tcp |
| N/A | 2.16.165.124:443 | assets.msn.com | tcp |
| N/A | 2.16.165.124:443 | assets.msn.com | tcp |
| N/A | 8.8.8.8:53 | c.msn.com | udp |
| N/A | 8.8.8.8:53 | c.bing.com | udp |
| N/A | 20.67.219.150:443 | smartscreen-prod.microsoft.com | tcp |
| N/A | 204.79.197.200:443 | c.bing.com | tcp |
| N/A | 20.234.93.27:443 | c.msn.com | tcp |
| N/A | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| N/A | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| N/A | 52.222.139.45:443 | sb.scorecardresearch.com | tcp |
| N/A | 23.72.252.155:443 | img-s-msn-com.akamaized.net | tcp |
| N/A | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| N/A | 40.79.189.59:443 | browser.events.data.msn.com | tcp |
| N/A | 40.79.189.59:443 | browser.events.data.msn.com | tcp |
| N/A | 8.8.8.8:53 | edge.microsoft.com | udp |
| N/A | 131.253.33.239:443 | edge.microsoft.com | tcp |
| N/A | 8.8.8.8:53 | deff.nelreports.net | udp |
| N/A | 23.200.86.240:443 | deff.nelreports.net | tcp |
| N/A | 8.8.8.8:53 | srtb.msn.com | udp |
| N/A | 8.8.8.8:53 | dns.google | udp |
| N/A | 8.8.4.4:443 | dns.google | tcp |
| N/A | 8.8.4.4:443 | dns.google | tcp |
| N/A | 131.253.33.239:443 | edge.microsoft.com | tcp |
| N/A | 8.8.4.4:443 | dns.google | udp |
| N/A | 23.39.244.146:443 | ecn.dev.virtualearth.net | tcp |
| N/A | 131.253.33.200:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| N/A | 204.79.197.219:443 | tcp | |
| N/A | 204.79.197.200:443 | c.bing.com | tcp |
| N/A | 204.79.197.200:443 | c.bing.com | tcp |
| N/A | 204.79.197.219:443 | tcp | |
| N/A | 87.248.116.12:443 | s.yimg.com | tcp |
| N/A | 151.101.1.44:443 | images.archive-digger.com | tcp |
| N/A | 104.19.133.78:443 | s-img.mgid.com | tcp |
| N/A | 104.18.27.85:443 | privacyportal.onetrust.com | tcp |
| N/A | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| N/A | 20.86.249.62:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 20.118.138.130:443 | tcp | |
| N/A | 13.107.237.67:443 | tcp | |
| N/A | 13.107.237.67:443 | tcp | |
| N/A | 13.107.237.67:443 | tcp | |
| N/A | 13.107.237.67:443 | tcp | |
| N/A | 13.107.237.67:443 | tcp | |
| N/A | 13.107.237.67:443 | tcp | |
| N/A | 13.107.237.67:443 | tcp | |
| N/A | 13.107.237.67:443 | tcp | |
| N/A | 13.107.237.67:443 | tcp | |
| N/A | 20.120.124.64:443 | tcp | |
| N/A | 13.69.239.72:443 | tcp | |
| N/A | 13.69.239.72:443 | tcp | |
| N/A | 13.69.239.72:443 | tcp | |
| N/A | 52.182.143.208:443 | tcp | |
| N/A | 52.182.143.208:443 | tcp | |
| N/A | 52.182.143.208:443 | tcp | |
| N/A | 52.182.143.208:443 | tcp | |
| N/A | 104.18.27.85:443 | privacyportal.onetrust.com | tcp |
| N/A | 13.107.42.14:443 | tcp | |
| N/A | 151.101.1.44:443 | trc.taboola.com | tcp |
| N/A | 64.74.236.127:443 | tcp | |
| N/A | 34.249.200.167:443 | tcp | |
| N/A | 2.20.8.22:443 | hbx.media.net | tcp |
| N/A | 104.19.132.78:443 | udp | |
| N/A | 185.89.211.12:443 | tcp | |
| N/A | 13.248.245.213:443 | tcp | |
| N/A | 185.184.8.90:443 | creativecdn.com | tcp |
| N/A | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| N/A | 172.241.51.68:443 | tcp | |
| N/A | 35.208.249.213:443 | trace.mediago.io | tcp |
| N/A | 8.8.8.8:53 | apps.identrust.com | udp |
| N/A | 88.221.25.153:80 | apps.identrust.com | tcp |
| N/A | 185.89.211.116:443 | tcp | |
| N/A | 35.213.89.133:443 | trace.popin.cc | tcp |
| N/A | 20.127.253.7:443 | sync.inmobi.com | tcp |
| N/A | 35.213.89.133:443 | tcp | |
| N/A | 84.53.185.139:443 | www.java.com | tcp |
| N/A | 84.53.185.139:443 | tcp | |
| N/A | 162.19.138.82:443 | id5-sync.com | tcp |
| N/A | 95.101.125.213:443 | tcp | |
| N/A | 69.192.66.17:443 | static.ocecdn.oraclecloud.com | tcp |
| N/A | 138.1.45.89:443 | tcp | |
| N/A | 69.192.64.212:443 | c.oracleinfinity.io | tcp |
| N/A | 87.248.202.1:80 | tcp | |
| N/A | 23.222.18.199:443 | tcp | |
| N/A | 95.101.125.213:443 | www.oracle.com | tcp |
| N/A | 95.101.125.213:443 | tcp | |
| N/A | 69.192.64.212:443 | c.oracleinfinity.io | tcp |
| N/A | 13.227.219.116:443 | consent.trustarc.com | tcp |
| N/A | 138.1.45.89:443 | tcp | |
| N/A | 13.227.219.116:443 | consent.trustarc.com | tcp |
| N/A | 15.188.95.229:443 | oracle.112.2o7.net | tcp |
| N/A | 138.1.45.89:443 | tcp | |
| N/A | 69.192.71.29:443 | tcp | |
| N/A | 69.192.71.29:443 | tcp | |
| N/A | 2.20.8.83:443 | sdlc-esd.oracle.com | tcp |
| N/A | 8.8.4.4:443 | dns.google | udp |
| N/A | 204.79.197.239:443 | tcp | |
| N/A | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| N/A | 209.197.3.8:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| N/A | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| N/A | 20.82.250.189:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 8.8.4.4:443 | dns.google | tcp |
| N/A | 8.8.8.8:53 | edge.microsoft.com | udp |
| N/A | 204.79.197.239:443 | edge.microsoft.com | tcp |
| N/A | 8.8.8.8:53 | javadl-esd-secure.oracle.com | udp |
| N/A | 23.65.205.24:443 | javadl-esd-secure.oracle.com | tcp |
| N/A | 8.8.8.8:53 | www.java.com | udp |
| N/A | 84.53.185.139:443 | www.java.com | tcp |
| N/A | 13.107.21.200:443 | c.bing.com | tcp |
| N/A | 8.8.8.8:53 | fp-afd-nocache-ccp.azureedge.net | udp |
| N/A | 13.107.237.67:443 | fp-afd-nocache-ccp.azureedge.net | tcp |
| N/A | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| N/A | 20.73.130.64:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 8.8.8.8:53 | ntp.msn.com | udp |
| N/A | 204.79.197.200:443 | www.bing.com | tcp |
| N/A | 8.8.8.8:53 | assets.msn.com | udp |
| N/A | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| N/A | 84.53.185.32:443 | assets.msn.com | tcp |
| N/A | 84.53.185.32:443 | assets.msn.com | tcp |
| N/A | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| N/A | 8.8.8.8:53 | c.msn.com | udp |
| N/A | 52.222.139.45:443 | sb.scorecardresearch.com | tcp |
| N/A | 8.8.8.8:53 | c.bing.com | udp |
| N/A | 20.234.93.27:443 | c.msn.com | tcp |
| N/A | 23.72.252.152:443 | img-s-msn-com.akamaized.net | tcp |
| N/A | 204.79.197.200:443 | c.bing.com | tcp |
| N/A | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| N/A | 52.182.143.210:443 | browser.events.data.msn.com | tcp |
| N/A | 8.8.8.8:53 | srtb.msn.com | udp |
| N/A | 8.8.8.8:53 | r.bing.com | udp |
| N/A | 8.8.8.8:53 | r.msftstatic.com | udp |
| N/A | 204.79.197.219:443 | r.msftstatic.com | tcp |
| N/A | 204.79.197.219:443 | r.msftstatic.com | tcp |
| N/A | 204.79.197.200:443 | r.bing.com | tcp |
| N/A | 204.79.197.200:443 | r.bing.com | tcp |
| N/A | 8.8.8.8:53 | sjremetrics.java.com | udp |
| N/A | 15.236.176.210:443 | sjremetrics.java.com | tcp |
| N/A | 8.8.8.8:53 | images.archive-digger.com | udp |
| N/A | 151.101.1.44:443 | images.archive-digger.com | tcp |
| N/A | 8.8.8.8:53 | s.yimg.com | udp |
| N/A | 52.182.143.210:443 | browser.events.data.msn.com | tcp |
| N/A | 87.248.116.12:443 | s.yimg.com | tcp |
| N/A | 204.79.197.200:443 | r.bing.com | tcp |
| N/A | 8.8.4.4:443 | dns.google | tcp |
| N/A | 8.8.4.4:443 | dns.google | udp |
| N/A | 8.8.4.4:443 | dns.google | tcp |
| N/A | 8.8.4.4:443 | dns.google | udp |
| N/A | 204.79.197.239:443 | edge.microsoft.com | tcp |
| N/A | 8.8.8.8:53 | meta.multimc.org | udp |
| N/A | 172.67.147.103:443 | meta.multimc.org | tcp |
| N/A | 172.67.147.103:443 | meta.multimc.org | tcp |
| N/A | 8.8.8.8:53 | ntp.msn.com | udp |
| N/A | 204.79.197.200:443 | www.bing.com | tcp |
| N/A | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| N/A | 20.73.130.64:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 8.8.8.8:53 | assets.msn.com | udp |
| N/A | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| N/A | 2.16.165.101:443 | assets.msn.com | tcp |
| N/A | 2.16.165.101:443 | assets.msn.com | tcp |
| N/A | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| N/A | 8.8.8.8:53 | c.msn.com | udp |
| N/A | 23.72.252.155:443 | img-s-msn-com.akamaized.net | tcp |
| N/A | 52.222.139.77:443 | sb.scorecardresearch.com | tcp |
| N/A | 20.234.93.27:443 | c.msn.com | tcp |
| N/A | 8.8.8.8:53 | c.bing.com | udp |
| N/A | 204.79.197.200:443 | c.bing.com | tcp |
| N/A | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| N/A | 52.178.17.2:443 | browser.events.data.msn.com | tcp |
| N/A | 8.8.8.8:53 | srtb.msn.com | udp |
| N/A | 8.8.8.8:53 | deff.nelreports.net | udp |
| N/A | 23.200.87.20:443 | deff.nelreports.net | tcp |
| N/A | 8.8.8.8:53 | r.msftstatic.com | udp |
| N/A | 8.8.8.8:53 | r.bing.com | udp |
| N/A | 204.79.197.219:443 | r.msftstatic.com | tcp |
| N/A | 204.79.197.219:443 | r.msftstatic.com | tcp |
| N/A | 204.79.197.200:443 | r.bing.com | tcp |
| N/A | 204.79.197.200:443 | r.bing.com | tcp |
| N/A | 8.8.8.8:53 | images.archive-digger.com | udp |
| N/A | 8.8.8.8:53 | s.yimg.com | udp |
| N/A | 87.248.116.11:443 | s.yimg.com | tcp |
| N/A | 151.101.1.44:443 | images.archive-digger.com | tcp |
| N/A | 204.79.197.200:443 | r.bing.com | tcp |
| N/A | 8.8.8.8:53 | dns.google | udp |
| N/A | 8.8.8.8:443 | dns.google | tcp |
| N/A | 8.8.8.8:443 | dns.google | udp |
| N/A | 8.8.8.8:443 | dns.google | tcp |
| N/A | 8.8.8.8:443 | dns.google | udp |
| N/A | 204.79.197.239:443 | edge.microsoft.com | tcp |
| N/A | 104.19.147.132:443 | www.curseforge.com | tcp |
| N/A | 104.19.147.132:443 | tcp | |
| N/A | 104.19.147.132:443 | udp | |
| N/A | 13.227.219.84:443 | configs.forgecdn.net | tcp |
| N/A | 13.227.219.58:443 | lngtd.com | tcp |
| N/A | 52.222.139.112:443 | tags.crwdcntrl.net | tcp |
| N/A | 52.23.74.83:443 | tcp | |
| N/A | 13.224.223.183:443 | c.amazon-adsystem.com | tcp |
| N/A | 188.114.96.0:443 | steam-repacks.com | tcp |
| N/A | 52.222.139.56:443 | tcp | |
| N/A | 52.222.139.56:443 | media.forgecdn.net | tcp |
| N/A | 52.222.139.56:443 | tcp | |
| N/A | 52.222.139.56:443 | tcp | |
| N/A | 52.222.139.56:443 | tcp | |
| N/A | 52.222.139.56:443 | tcp | |
| N/A | 13.107.237.67:443 | fp-afd-nocache-ccp.azureedge.net | tcp |
| N/A | 142.250.179.136:443 | ssl.google-analytics.com | tcp |
| N/A | 54.192.87.238:443 | static-cdn.jtvnw.net | tcp |
| N/A | 142.250.179.136:443 | udp | |
| N/A | 13.227.219.2:443 | content.overwolf.com | tcp |
| N/A | 13.227.219.2:443 | content.overwolf.com | tcp |
| N/A | 142.250.27.156:443 | stats.g.doubleclick.net | tcp |
| N/A | 142.250.27.156:443 | tcp | |
| N/A | 20.120.124.64:443 | tcp | |
| N/A | 172.217.168.194:443 | googleads.g.doubleclick.net | tcp |
| N/A | 52.222.139.53:443 | cdn.privacy-mgmt.com | tcp |
| N/A | 52.222.139.53:443 | cdn.privacy-mgmt.com | tcp |
| N/A | 52.204.114.10:443 | tcp | |
| N/A | 142.250.179.130:443 | securepubads.g.doubleclick.net | tcp |
| N/A | 172.67.74.207:443 | longitudeads-com.videoplayerhub.com | tcp |
| N/A | 104.18.16.107:443 | cdn.confiant-integrations.net | tcp |
| N/A | 192.184.69.252:443 | tcp | |
| N/A | 52.222.139.103:443 | get.s-onetag.com | tcp |
| N/A | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| N/A | 23.65.195.36:443 | secure.cdn.fastclick.net | tcp |
| N/A | 13.227.219.37:443 | ats.rlcdn.com | tcp |
| N/A | 104.26.7.139:443 | btloader.com | tcp |
| N/A | 142.250.179.130:443 | udp | |
| N/A | 104.18.16.107:443 | udp | |
| N/A | 54.174.80.144:443 | tcp | |
| N/A | 141.95.33.111:443 | lb.eu-1-id5-sync.com | tcp |
| N/A | 162.19.138.120:443 | lbs.eu-1-id5-sync.com | tcp |
| N/A | 185.89.210.180:443 | tcp | |
| N/A | 151.101.2.49:443 | tcp | |
| N/A | 213.19.162.90:443 | tcp | |
| N/A | 18.198.164.240:443 | tcp | |
| N/A | 104.19.133.78:443 | udp | |
| N/A | 52.223.40.198:443 | tcp | |
| N/A | 34.111.234.236:443 | ml314.com | tcp |
| N/A | 37.157.4.40:443 | tcp | |
| N/A | 51.144.7.192:443 | tcp | |
| N/A | 3.135.147.228:443 | tcp | |
| N/A | 46.228.164.13:443 | d.turn.com | tcp |
| N/A | 104.19.133.78:443 | tcp | |
| N/A | 52.222.139.102:443 | geo.privacymanager.io | tcp |
| N/A | 64.58.232.179:443 | tcp | |
| N/A | 23.222.19.168:443 | tags.bluekai.com | tcp |
| N/A | 18.207.77.150:443 | tcp | |
| N/A | 15.235.42.102:443 | wt.rqtrk.eu | tcp |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 185.29.134.244:443 | tcp | |
| N/A | 104.26.2.70:443 | ad-delivery.net | tcp |
| N/A | 104.26.2.70:443 | tcp | |
| N/A | 52.222.139.35:443 | signal-beacon.s-onetag.com | tcp |
| N/A | 13.227.219.83:443 | onetag-geo.s-onetag.com | tcp |
| N/A | 52.71.178.108:443 | tcp | |
| N/A | 107.178.246.49:443 | pixel.tapad.com | tcp |
| N/A | 52.222.139.13:443 | rules.quantcount.com | tcp |
| N/A | 44.194.228.115:443 | tcp | |
| N/A | 216.52.2.48:443 | ap.lijit.com | tcp |
| N/A | 130.211.23.194:443 | tcp | |
| N/A | 130.211.23.194:443 | api.btloader.com | tcp |
| N/A | 207.198.113.87:443 | tcp | |
| N/A | 142.251.39.98:443 | cm.g.doubleclick.net | tcp |
| N/A | 104.16.108.154:443 | dmp.truoptik.com | tcp |
| N/A | 107.178.246.49:443 | udp | |
| N/A | 212.82.100.182:443 | tcp | |
| N/A | 142.251.39.98:443 | udp | |
| N/A | 13.224.223.183:443 | tcp | |
| N/A | 99.83.181.31:443 | tcp | |
| N/A | 99.83.181.31:443 | tcp | |
| N/A | 172.217.168.194:443 | udp | |
| N/A | 185.76.10.11:443 | p.lngtdv.com | tcp |
| N/A | 185.76.10.11:443 | tcp | |
| N/A | 185.59.222.20:443 | video.lngtdv.com | tcp |
| N/A | 52.46.143.56:443 | tcp | |
| N/A | 185.94.180.125:443 | tcp | |
| N/A | 3.248.28.171:443 | tcp | |
| N/A | 34.232.140.51:443 | tcp | |
| N/A | 52.222.139.53:443 | audex.userreport.com | tcp |
| N/A | 151.101.1.44:443 | images.archive-digger.com | tcp |
| N/A | 3.219.228.7:443 | tcp | |
| N/A | 34.252.79.40:443 | tcp | |
| N/A | 35.190.60.146:443 | idsync.rlcdn.com | tcp |
| N/A | 89.108.119.43:443 | x01.aidata.io | tcp |
| N/A | 185.94.180.125:443 | tcp | |
| N/A | 185.94.180.125:443 | tcp | |
| N/A | 54.175.24.238:443 | tcp | |
| N/A | 107.178.254.65:443 | pippio.com | tcp |
| N/A | 72.251.249.14:443 | ce.lijit.com | tcp |
| N/A | 142.250.179.202:443 | imasdk.googleapis.com | tcp |
| N/A | 52.87.86.241:443 | tcp | |
| N/A | 15.235.15.221:443 | pixel.onaudience.com | tcp |
| N/A | 54.197.35.226:443 | tcp | |
| N/A | 185.64.190.78:443 | tcp | |
| N/A | 107.178.254.65:443 | udp | |
| N/A | 44.235.243.161:443 | tcp | |
| N/A | 185.86.139.113:443 | sync.smartadserver.com | tcp |
| N/A | 35.190.60.146:443 | udp | |
| N/A | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| N/A | 13.227.198.171:443 | tcp | |
| N/A | 35.157.246.167:443 | tcp | |
| N/A | 35.157.246.167:443 | tcp | |
| N/A | 35.157.246.167:443 | tcp | |
| N/A | 35.157.246.167:443 | tcp | |
| N/A | 35.157.246.167:443 | tcp | |
| N/A | 35.157.246.167:443 | c2shb.pubgw.yahoo.com | tcp |
| N/A | 172.67.75.241:443 | script.4dex.io | tcp |
| N/A | 185.89.210.90:443 | tcp | |
| N/A | 104.18.33.19:443 | tcp | |
| N/A | 178.250.0.165:443 | bidder.criteo.com | tcp |
| N/A | 52.206.83.201:443 | tcp | |
| N/A | 3.224.43.211:443 | tcp | |
| N/A | 185.89.210.90:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 104.22.54.206:443 | i.connectad.io | tcp |
| N/A | 34.149.20.76:443 | tcp | |
| N/A | 34.149.20.76:443 | tcp | |
| N/A | 34.149.20.76:443 | tcp | |
| N/A | 34.149.20.76:443 | ssc.33across.com | tcp |
| N/A | 34.149.20.76:443 | tcp | |
| N/A | 34.149.20.76:443 | tcp | |
| N/A | 54.202.135.250:443 | tcp | |
| N/A | 216.52.2.48:443 | ap.lijit.com | tcp |
| N/A | 34.107.148.139:443 | prebid.media.net | tcp |
| N/A | 185.64.190.77:443 | tcp | |
| N/A | 104.18.2.114:443 | mp.4dex.io | tcp |
| N/A | 35.211.165.199:443 | tcp | |
| N/A | 104.18.99.194:443 | p.adsymptotic.com | tcp |
| N/A | 130.211.23.194:443 | udp | |
| N/A | 172.67.75.241:443 | script.4dex.io | tcp |
| N/A | 67.220.228.202:443 | tcp | |
| N/A | 2.20.8.202:443 | tcp | |
| N/A | 142.250.179.193:443 | 7060e372e4d114b1ab63331ecfe3e99e.safeframe.googlesyndication.com | tcp |
| N/A | 142.251.36.34:443 | adservice.google.nl | tcp |
| N/A | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| N/A | 20.73.130.64:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| N/A | 151.101.1.229:443 | udp | |
| N/A | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| N/A | 216.239.36.21:443 | tcp | |
| N/A | 178.250.0.130:443 | static.criteo.net | tcp |
| N/A | 34.96.70.87:443 | tcp | |
| N/A | 142.251.39.97:443 | udp | |
| N/A | 142.250.179.193:443 | tcp | |
| N/A | 142.250.179.193:443 | tcp | |
| N/A | 142.250.179.193:443 | cdn.ampproject.org | tcp |
| N/A | 142.250.179.193:443 | tcp | |
| N/A | 142.250.179.193:443 | tcp | |
| N/A | 52.84.134.198:443 | cdn.prod.uidapi.com | tcp |
| N/A | 23.2.211.147:443 | secure-assets.rubiconproject.com | tcp |
| N/A | 20.73.130.64:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 35.190.39.111:443 | esp.rtbhouse.com | tcp |
| N/A | 35.190.39.111:443 | udp | |
| N/A | 178.250.0.157:443 | gum.criteo.com | tcp |
| N/A | 34.120.135.53:443 | oajs.openx.net | tcp |
| N/A | 23.206.96.118:443 | eus.rubiconproject.com | tcp |
| N/A | 142.251.39.97:443 | udp | |
| N/A | 178.250.6.195:443 | ag.gbc.criteo.com | tcp |
| N/A | 74.119.119.139:443 | dnacdn.net | tcp |
| N/A | 185.235.85.39:443 | gem.gbc.criteo.com | tcp |
| N/A | 34.120.135.53:443 | udp | |
| N/A | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| N/A | 34.98.64.218:443 | udp | |
| N/A | 104.18.33.19:443 | ssum-sec.casalemedia.com | tcp |
| N/A | 104.18.33.19:443 | udp | |
| N/A | 34.149.40.38:443 | u.4dex.io | tcp |
| N/A | 67.202.105.21:443 | tcp | |
| N/A | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| N/A | 151.101.1.108:443 | tcp | |
| N/A | 67.202.105.21:443 | tcp | |
| N/A | 67.202.105.21:443 | tcp | |
| N/A | 67.202.105.21:443 | tcp | |
| N/A | 76.223.111.18:443 | tcp | |
| N/A | 172.64.151.162:443 | tcp | |
| N/A | 35.244.193.51:443 | tcp | |
| N/A | 104.85.0.23:443 | contextual.media.net | tcp |
| N/A | 13.227.219.110:443 | tcp | |
| N/A | 185.86.139.103:443 | ssbsync.smartadserver.com | tcp |
| N/A | 52.222.139.67:443 | s.ad.smaato.net | tcp |
| N/A | 77.245.57.72:443 | tcp | |
| N/A | 104.85.0.209:443 | tcp | |
| N/A | 35.211.178.172:443 | tcp | |
| N/A | 141.95.33.111:443 | lb.eu-1-id5-sync.com | tcp |
| N/A | 77.245.57.72:443 | tcp | |
| N/A | 104.18.33.19:443 | udp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 35.173.88.25:443 | tcp | |
| N/A | 35.173.88.25:443 | tcp | |
| N/A | 67.202.105.34:443 | de.tynt.com | tcp |
| N/A | 67.202.105.34:443 | tcp | |
| N/A | 67.202.105.34:443 | tcp | |
| N/A | 67.202.105.34:443 | tcp | |
| N/A | 67.202.105.34:443 | tcp | |
| N/A | 35.244.193.51:443 | udp | |
| N/A | 199.127.204.162:443 | tcp | |
| N/A | 142.250.179.202:443 | udp | |
| N/A | 178.250.2.83:443 | ssp-sync.criteo.com | tcp |
| N/A | 184.73.94.61:443 | tcp | |
| N/A | 142.251.36.38:443 | s0.2mdn.net | tcp |
| N/A | 44.209.91.56:443 | tcp | |
| N/A | 44.209.91.56:443 | tcp | |
| N/A | 37.157.5.141:443 | tcp | |
| N/A | 185.184.8.90:443 | creativecdn.com | tcp |
| N/A | 20.127.253.7:443 | sync.inmobi.com | tcp |
| N/A | 172.64.154.237:443 | ssum.casalemedia.com | tcp |
| N/A | 34.149.40.38:443 | udp | |
| N/A | 44.194.228.115:443 | tcp | |
| N/A | 54.87.127.173:443 | usersync.gumgum.com | tcp |
| N/A | 64.74.236.127:443 | tcp | |
| N/A | 199.127.204.147:443 | tcp | |
| N/A | 198.148.27.140:443 | bh.contextweb.com | tcp |
| N/A | 64.202.112.127:443 | tcp | |
| N/A | 54.87.127.173:443 | usersync.gumgum.com | tcp |
| N/A | 199.127.204.147:443 | tcp | |
| N/A | 198.148.27.140:443 | tcp | |
| N/A | 129.158.42.199:443 | sync.technoratimedia.com | tcp |
| N/A | 185.64.190.79:443 | tcp | |
| N/A | 63.34.39.251:443 | tcp | |
| N/A | 35.214.223.115:443 | csync.loopme.me | tcp |
| N/A | 3.218.90.66:443 | ups.analytics.yahoo.com | tcp |
| N/A | 172.64.154.237:443 | udp | |
| N/A | 51.89.9.252:443 | onetag-sys.com | tcp |
| N/A | 54.87.127.173:443 | usersync.gumgum.com | tcp |
| N/A | 145.40.89.200:443 | prebid.a-mo.net | tcp |
| N/A | 199.127.204.147:443 | tcp | |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 69.166.1.10:443 | tcp | |
| N/A | 162.19.138.118:443 | tcp | |
| N/A | 199.127.204.147:443 | tcp | |
| N/A | 199.127.204.147:443 | tcp | |
| N/A | 199.127.204.147:443 | tcp | |
| N/A | 52.202.161.209:443 | tcp | |
| N/A | 104.22.54.206:443 | udp | |
| N/A | 34.149.20.76:443 | udp | |
| N/A | 185.255.84.152:443 | visitor.omnitagjs.com | tcp |
| N/A | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| N/A | 20.73.130.64:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 67.202.105.31:443 | hde.tynt.com | tcp |
| N/A | 172.217.168.194:443 | udp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 20.73.130.64:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 199.127.204.162:443 | tcp | |
| N/A | 142.251.36.38:443 | udp | |
| N/A | 3.222.12.191:443 | tcp | |
| N/A | 68.67.129.85:443 | tcp | |
| N/A | 178.250.6.195:443 | ag.gbc.criteo.com | tcp |
| N/A | 185.235.85.39:443 | gem.gbc.criteo.com | tcp |
| N/A | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| N/A | 107.178.240.89:443 | fei.pro-market.net | tcp |
| N/A | 212.83.160.162:443 | tcp | |
| N/A | 3.82.80.127:443 | tcp | |
| N/A | 52.45.81.218:443 | tcp | |
| N/A | 199.127.207.190:443 | tcp | |
| N/A | 85.114.159.93:443 | tcp | |
| N/A | 8.8.8.8:53 | geo-um.btrll.com | udp |
| N/A | 104.22.25.87:443 | spl.zeotap.com | tcp |
| N/A | 63.35.30.59:443 | tcp | |
| N/A | 35.210.53.219:443 | pool.admedo.com | tcp |
| N/A | 168.119.79.223:443 | tcp | |
| N/A | 35.210.53.219:443 | udp | |
| N/A | 51.158.28.83:443 | tcp | |
| N/A | 37.157.3.30:443 | tcp | |
| N/A | 185.86.139.106:443 | rtb-csync.smartadserver.com | tcp |
| N/A | 185.86.139.106:443 | rtb-csync.smartadserver.com | tcp |
| N/A | 50.57.31.206:443 | tcp | |
| N/A | 3.89.171.107:443 | tcp | |
| N/A | 213.19.162.80:443 | tcp | |
| N/A | 54.76.184.81:443 | tcp | |
| N/A | 67.202.105.34:443 | de.tynt.com | tcp |
| N/A | 44.209.91.56:443 | tcp | |
| N/A | 34.98.67.3:443 | tags.rd.linksynergy.com | tcp |
| N/A | 35.211.178.172:443 | tcp | |
| N/A | 64.202.112.127:443 | tcp | |
| N/A | 198.148.27.140:443 | bh.contextweb.com | tcp |
| N/A | 44.194.228.115:443 | tcp | |
| N/A | 64.74.236.127:443 | tcp | |
| N/A | 54.87.127.173:443 | usersync.gumgum.com | tcp |
| N/A | 54.87.127.173:443 | usersync.gumgum.com | tcp |
| N/A | 54.87.127.173:443 | usersync.gumgum.com | tcp |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 8.43.72.97:443 | tcp | |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 124.146.215.42:443 | tcp | |
| N/A | 23.23.35.108:443 | tcp | |
| N/A | 3.133.1.83:443 | tcp | |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 124.146.215.42:443 | tcp | |
| N/A | 178.250.0.162:443 | csm.fr.eu.criteo.net | tcp |
| N/A | 178.250.6.195:443 | ag.gbc.criteo.com | tcp |
| N/A | 185.235.85.39:443 | gem.gbc.criteo.com | tcp |
| N/A | 178.250.0.165:443 | bidder.criteo.com | tcp |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 178.250.2.83:443 | ssp-sync.criteo.com | tcp |
| N/A | 199.127.204.162:443 | tcp | |
| N/A | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| N/A | 20.73.130.64:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| N/A | 207.198.113.87:443 | tcp | |
| N/A | 64.202.112.127:443 | tcp | |
| N/A | 34.120.23.223:443 | engagefront.theweathernetwork.com | tcp |
| N/A | 80.77.87.163:443 | tcp | |
| N/A | 67.202.105.34:443 | de.tynt.com | tcp |
| N/A | 44.209.91.56:443 | tcp | |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 199.127.204.147:443 | tcp | |
| N/A | 198.148.27.140:443 | bh.contextweb.com | tcp |
| N/A | 44.194.228.115:443 | tcp | |
| N/A | 64.74.236.127:443 | tcp | |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 169.197.150.8:443 | match.deepintent.com | tcp |
| N/A | 34.96.71.22:443 | s.company-target.com | tcp |
| N/A | 35.83.111.26:443 | tcp | |
| N/A | 54.217.63.172:443 | rtb-lb-event-adcloud-prod-eu-west-1-tm.everesttech.net | tcp |
| N/A | 142.251.36.2:443 | www.googletagservices.com | tcp |
| N/A | 3.210.230.244:443 | tcp | |
| N/A | 72.21.81.64:443 | tcp | |
| N/A | 34.243.93.43:443 | tcp | |
| N/A | 104.110.240.210:443 | cdn.doubleverify.com | tcp |
| N/A | 104.110.240.210:443 | cdn.doubleverify.com | tcp |
| N/A | 3.220.219.7:443 | tcp | |
| N/A | 34.243.93.43:443 | tcp | |
| N/A | 34.149.12.213:443 | rtb0.doubleverify.com | tcp |
| N/A | 34.243.93.43:443 | tcp | |
| N/A | 34.149.12.213:443 | rtbc-eu3.doubleverify.com | tcp |
| N/A | 104.73.137.165:443 | servedby.flashtalking.com | tcp |
| N/A | 205.185.216.10:443 | tcp | |
| N/A | 34.149.12.213:443 | tps.doubleverify.com | tcp |
| N/A | 52.212.26.196:443 | tcp | |
| N/A | 104.85.0.47:443 | tcp | |
| N/A | 23.200.86.242:443 | tcp | |
| N/A | 204.79.197.239:443 | edge.microsoft.com | tcp |
| N/A | 34.149.12.213:443 | tpsc-eu3.doubleverify.com | tcp |
| N/A | 23.72.252.136:443 | aefd.nelreports.net | tcp |
| N/A | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| N/A | 8.238.21.126:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| N/A | 34.149.12.213:443 | tpsc-eu3.doubleverify.com | tcp |
| N/A | 34.149.12.213:443 | tpsc-eu3.doubleverify.com | tcp |
| N/A | 178.250.0.162:443 | csm.fr.eu.criteo.net | tcp |
| N/A | 185.89.210.180:443 | tcp | |
| N/A | 178.250.0.157:443 | gum.criteo.com | tcp |
| N/A | 216.52.2.48:443 | ap.lijit.com | tcp |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 54.175.181.104:443 | tcp | |
| N/A | 185.89.210.90:443 | tcp | |
| N/A | 178.250.0.165:443 | bidder.criteo.com | tcp |
| N/A | 185.89.210.90:443 | tcp | |
| N/A | 74.119.119.139:443 | dnacdn.net | tcp |
| N/A | 178.250.6.195:443 | ag.gbc.criteo.com | tcp |
| N/A | 185.235.85.39:443 | gem.gbc.criteo.com | tcp |
| N/A | 178.250.2.83:443 | ssp-sync.criteo.com | tcp |
| N/A | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| N/A | 20.73.130.64:443 | nav.smartscreen.microsoft.com | tcp |
| N/A | 142.251.39.97:443 | udp | |
| N/A | 199.127.204.162:443 | tcp | |
| N/A | 52.7.197.204:443 | tcp | |
| N/A | 13.227.219.81:443 | mediafilez.forgecdn.net | tcp |
| N/A | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| N/A | 23.23.35.108:443 | tcp | |
| N/A | 44.194.228.115:443 | tcp | |
| N/A | 89.207.16.137:443 | tcp | |
| N/A | 44.209.91.56:443 | tcp | |
| N/A | 67.202.105.34:443 | de.tynt.com | tcp |
| N/A | 64.202.112.127:443 | tcp | |
| N/A | 199.127.204.147:443 | tcp | |
| N/A | 198.148.27.140:443 | bh.contextweb.com | tcp |
| N/A | 64.74.236.127:443 | tcp | |
| N/A | 54.87.127.173:443 | tcp | |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 162.19.138.118:443 | id5-sync.com | tcp |
| N/A | 213.19.162.90:443 | tcp | |
| N/A | 63.215.202.140:443 | tcp | |
| N/A | 178.250.0.165:443 | bidder.criteo.com | tcp |
| N/A | 199.127.204.162:443 | tcp | |
| N/A | 52.207.113.179:443 | tcp | |
| N/A | 178.250.2.83:443 | ssp-sync.criteo.com | tcp |
Files
memory/1852-132-0x0000000001540000-0x0000000001AB5000-memory.dmp
memory/1852-134-0x0000000000C81000-0x0000000000C83000-memory.dmp
memory/1852-135-0x0000000001540000-0x0000000001AB5000-memory.dmp
memory/1852-136-0x0000000070940000-0x000000007095C000-memory.dmp
memory/1852-137-0x0000000061740000-0x0000000061771000-memory.dmp
memory/1852-138-0x000000006C8C0000-0x000000006C8FF000-memory.dmp
memory/1852-139-0x0000000000400000-0x00000000009FB000-memory.dmp
memory/1852-140-0x0000000068880000-0x0000000068DAF000-memory.dmp
memory/1852-141-0x0000000001540000-0x0000000001AB5000-memory.dmp
memory/1852-142-0x0000000070940000-0x000000007095C000-memory.dmp
memory/1852-143-0x0000000061740000-0x0000000061771000-memory.dmp
memory/1852-145-0x0000000063400000-0x0000000063415000-memory.dmp
memory/1852-144-0x000000006C8C0000-0x000000006C8FF000-memory.dmp
memory/1852-146-0x0000000005410000-0x0000000005622000-memory.dmp
memory/1852-148-0x0000000061DC0000-0x0000000062404000-memory.dmp
memory/1852-149-0x0000000000400000-0x00000000009FB000-memory.dmp
memory/1852-150-0x0000000068880000-0x0000000068DAF000-memory.dmp
memory/1852-151-0x0000000001540000-0x0000000001AB5000-memory.dmp
memory/1852-152-0x0000000061DC0000-0x0000000062404000-memory.dmp
memory/1728-153-0x0000000000000000-mapping.dmp
memory/1892-154-0x0000000000000000-mapping.dmp
memory/4360-155-0x0000000000000000-mapping.dmp
memory/1852-156-0x0000000000E20000-0x0000000000E31000-memory.dmp
memory/4360-171-0x0000000002B70000-0x0000000003B70000-memory.dmp
memory/4360-172-0x0000000002B70000-0x0000000003B70000-memory.dmp
memory/2768-173-0x0000000000000000-mapping.dmp
memory/4940-175-0x0000000000000000-mapping.dmp
memory/4908-176-0x0000000000000000-mapping.dmp
\??\pipe\LOCAL\crashpad_2640_PZBOZUHPESZRAUDZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/3152-179-0x0000000000000000-mapping.dmp
memory/4616-181-0x0000000000000000-mapping.dmp
memory/4852-183-0x0000000000000000-mapping.dmp
memory/4784-185-0x0000000000000000-mapping.dmp
memory/1488-187-0x0000000000000000-mapping.dmp
memory/460-189-0x0000000000000000-mapping.dmp
memory/1412-191-0x0000000000000000-mapping.dmp
memory/4044-192-0x0000000000000000-mapping.dmp
memory/3784-193-0x0000000000000000-mapping.dmp
memory/5068-194-0x0000000000000000-mapping.dmp
memory/2280-196-0x0000000000000000-mapping.dmp
memory/1728-198-0x0000000000000000-mapping.dmp
memory/796-200-0x0000000000000000-mapping.dmp
memory/4064-202-0x0000000000000000-mapping.dmp
memory/1824-204-0x0000000000000000-mapping.dmp
memory/3476-206-0x0000000000000000-mapping.dmp
memory/4924-208-0x0000000000000000-mapping.dmp
memory/3888-210-0x0000000000000000-mapping.dmp
memory/1040-212-0x0000000000000000-mapping.dmp
memory/940-214-0x0000000000000000-mapping.dmp
memory/2672-216-0x0000000000000000-mapping.dmp
memory/2040-218-0x0000000000000000-mapping.dmp
memory/1396-220-0x0000000000000000-mapping.dmp
memory/3448-222-0x0000000000000000-mapping.dmp
memory/4536-224-0x0000000000000000-mapping.dmp
memory/1620-225-0x0000000000000000-mapping.dmp
C:\Users\Admin\Downloads\jre-8u351-windows-x64.exe
| MD5 | 7542ec421a2f6e90751e8b64c22e0542 |
| SHA1 | d207d221a28ede5c2c8415f82c555989aa7068ba |
| SHA256 | 188ca8ecc44de1b7f602e883c3054dc392792c3631bf362b1bc4f3e1dba323e6 |
| SHA512 | 8987bf8aa1b401815fa9850e56954db6015bdd06ce78b65ba435724582ffa615dee4e1452fa237c53257dca8ee97b469d01c27757a5f070ce6f807a4f81094bc |
memory/712-226-0x0000000000000000-mapping.dmp
C:\Users\Admin\Downloads\jre-8u351-windows-x64.exe
| MD5 | 7542ec421a2f6e90751e8b64c22e0542 |
| SHA1 | d207d221a28ede5c2c8415f82c555989aa7068ba |
| SHA256 | 188ca8ecc44de1b7f602e883c3054dc392792c3631bf362b1bc4f3e1dba323e6 |
| SHA512 | 8987bf8aa1b401815fa9850e56954db6015bdd06ce78b65ba435724582ffa615dee4e1452fa237c53257dca8ee97b469d01c27757a5f070ce6f807a4f81094bc |
memory/1012-230-0x0000000000000000-mapping.dmp
memory/4676-231-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Local\Temp\jds240678140.tmp\jre-8u351-windows-x64.exe
| MD5 | dfcfc788d67437530a50177164db42b0 |
| SHA1 | 2d9ed0dc5671a358186dcf83abb74bfe39c40e9f |
| SHA256 | a90318bae7d99da633d9cac8ce322120d087e7b6f5eec0d1d0d7f9413fdd4dc1 |
| SHA512 | dbdfd02528c9f0e506232e8640a8602fade0d05f4139368187300ea2d537e41d2d167655ded30d938bd445a21c776a3c3721f8db4d3f03e3c06807a84cf232e3 |
C:\Users\Admin\AppData\Local\Temp\jds240678140.tmp\jre-8u351-windows-x64.exe
| MD5 | dfcfc788d67437530a50177164db42b0 |
| SHA1 | 2d9ed0dc5671a358186dcf83abb74bfe39c40e9f |
| SHA256 | a90318bae7d99da633d9cac8ce322120d087e7b6f5eec0d1d0d7f9413fdd4dc1 |
| SHA512 | dbdfd02528c9f0e506232e8640a8602fade0d05f4139368187300ea2d537e41d2d167655ded30d938bd445a21c776a3c3721f8db4d3f03e3c06807a84cf232e3 |
C:\Users\Admin\AppData\Local\Temp\jusched.log
| MD5 | 4df40bbb014391201c962a912faf9428 |
| SHA1 | 44ad4e8f8d84a63786d859b572b47e010c5cba82 |
| SHA256 | d5c742bf32a436bddedf2536f0ad990956ae0d203e22aab4b5e87483d3126836 |
| SHA512 | f38f0fae73c3d001edf5fc11e01950d38cea3586b8e0ef2ea96d5984567cd3c2aa546a44f3227840cd76f0666e86a571879bda371944b5eb6cd5f0cff09640e1 |
C:\Users\Admin\AppData\LocalLow\Oracle\Java\jre1.8.0_351_x64\jre1.8.0_35164.msi
| MD5 | 1794aaa17d114a315a95473c9780fc8b |
| SHA1 | 7f250c022b916b88e22254985e7552bc3ac8db04 |
| SHA256 | 7682233d155e6d19f30cf61b185a02055be0dbcacd2c9accf90a99de21547eb4 |
| SHA512 | fb9defdf73786528e82ffc7e1ccfa03cfb687365ec740e9620993da785414306f03a7e1fa523192a9d690a882b012d1e426afd1757639f3ef5f1e612c01e6516 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_4E75C8005B53AA371E24DB28B7200E63
| MD5 | d1bcb42865fa5837fee0808529ec748a |
| SHA1 | cc77646c3649b4d84c6755d260a6ca8ff10f76fd |
| SHA256 | afc524630520fb1ab82519527b837b63d89edb24c2ff6ef0a5b5c516849b497d |
| SHA512 | 291ad866052ab1b2d055fe838288b86abae89c16d77c9acc79233bcf32e63a7611b474929ffd8a2b839f058355f4a58331bd10e33d0a90a10cf2613f152d2750 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_4E75C8005B53AA371E24DB28B7200E63
| MD5 | 8f66ac4df6cc4fa2f988793fb61f7396 |
| SHA1 | 1021850d090574d2366ccca5543b633be632819c |
| SHA256 | 4769081409467b040e5a44cbda7f996fef484f4c4481d6117f5808298c221847 |
| SHA512 | 7b095647de8da0cd6802a8c36114b205e4feaf198e54f062055a2717775d67b0f8b68746d7378a14fa63bdb5cf28c7118ba511d615700af9e536519e696c7b7a |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
| MD5 | 299a427c3712f89dd5976cca4a952de9 |
| SHA1 | 7a2ade7a17ba70807e008b82404ab0cd2f3ee1e4 |
| SHA256 | 4efcc3822a629474c79e183e55f2b99364f974ce9ea460cded4f2e0f3fcc40b5 |
| SHA512 | e508b0fd8b45b5264666bf4fde29a803315fa6325779b6554225ff89cb68f5471cf1c3904fc7824d4c5b35b5924e68840c7fa96e23fbc351fe60193603531661 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141
| MD5 | 3e98034f5896b53ab7c2a4cb583a1c75 |
| SHA1 | 994eff46d5835c4ecda359fd20ec6b6b74d42a7f |
| SHA256 | 4cdefcb3b2c5a28f85c928c0a10ea7fcc42beaa7b84f651555076944fb470317 |
| SHA512 | 6b9211255cdafdb53798e2888516eb8289d411b09f5498db4af805a07bbc1c1dee0c1a3a34f1b0577ac8d39f93723a5cd6fc1f4ac99a72dfe3150ff67a30844e |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
| MD5 | da5a9f149955d936a31dc5e456666aac |
| SHA1 | 195238d41c1e13448f349f43bb295ef2d55cb47a |
| SHA256 | 79ac574c7c45144bb35b59ff79c78dc59b66592715dea01b389e3620db663224 |
| SHA512 | 60d7d1f5405470ba1e6b80066af2e78240acbea8db58b5a03660874605178aebaa9ce342ca97f17798109e7411e82466db5af064e39eaddc05410f2abe672f77 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB
| MD5 | d4cb63ed6f843a36af1d2ee9457ad949 |
| SHA1 | f7a4e5deec01106bc050c541c0c1d5ca121ae669 |
| SHA256 | 6dd7bbd657a9c4408cb6d98ef3bd881ca64e14dff151301afa55f048d3285fb2 |
| SHA512 | 5b546408678600542bbf1940f3928cada7ba26230b8f16594731dd2383792151d49b5cac1cdf2fb9cb3b22b3a26641eadad864440f1d6ad9dfef9d47b8302277 |
memory/448-243-0x0000000000000000-mapping.dmp
C:\Windows\Installer\MSIFFE7.tmp
| MD5 | 62cfeb86f117ad91b8bb52f1dda6f473 |
| SHA1 | c753b488938b3e08f7f47df209359c7b78764448 |
| SHA256 | f06cba20bd40e9d841add1877cf8d3b406f0acfa4800b80ae041ed3cc374eb7e |
| SHA512 | c1b0e76cee4e2c3ca604dcc8f5665e72e70008acc824e20d89404f139d7e7e789e99dff131dafd76409f6ea0a813aa136f96089fbdadcf90d6485b1807762e4e |
C:\Users\Admin\AppData\Local\Temp\jusched.log
| MD5 | cb6ca13c2d1ba3d7da6c5c65274d66d9 |
| SHA1 | c94aedce29bd1bfb845a5719607d007cd36d68ea |
| SHA256 | 3e1aa9883dabf01353568bdfd3766387d2ad0f5bed8a2b01dc9bd98c9e456f1c |
| SHA512 | 78911ed83667c650b1b9b25512db1c829352c2cfe6b27fbe43adf25d55047caaf4966576f030c3260cac9877aee847fde59377b1c17fc5e216e695fc04928e8f |
C:\Windows\Installer\MSIFFE7.tmp
| MD5 | 62cfeb86f117ad91b8bb52f1dda6f473 |
| SHA1 | c753b488938b3e08f7f47df209359c7b78764448 |
| SHA256 | f06cba20bd40e9d841add1877cf8d3b406f0acfa4800b80ae041ed3cc374eb7e |
| SHA512 | c1b0e76cee4e2c3ca604dcc8f5665e72e70008acc824e20d89404f139d7e7e789e99dff131dafd76409f6ea0a813aa136f96089fbdadcf90d6485b1807762e4e |
C:\Windows\Installer\MSIE2.tmp
| MD5 | 62cfeb86f117ad91b8bb52f1dda6f473 |
| SHA1 | c753b488938b3e08f7f47df209359c7b78764448 |
| SHA256 | f06cba20bd40e9d841add1877cf8d3b406f0acfa4800b80ae041ed3cc374eb7e |
| SHA512 | c1b0e76cee4e2c3ca604dcc8f5665e72e70008acc824e20d89404f139d7e7e789e99dff131dafd76409f6ea0a813aa136f96089fbdadcf90d6485b1807762e4e |
C:\Windows\Installer\MSIE2.tmp
| MD5 | 62cfeb86f117ad91b8bb52f1dda6f473 |
| SHA1 | c753b488938b3e08f7f47df209359c7b78764448 |
| SHA256 | f06cba20bd40e9d841add1877cf8d3b406f0acfa4800b80ae041ed3cc374eb7e |
| SHA512 | c1b0e76cee4e2c3ca604dcc8f5665e72e70008acc824e20d89404f139d7e7e789e99dff131dafd76409f6ea0a813aa136f96089fbdadcf90d6485b1807762e4e |
C:\Windows\Installer\MSI46E.tmp
| MD5 | 62cfeb86f117ad91b8bb52f1dda6f473 |
| SHA1 | c753b488938b3e08f7f47df209359c7b78764448 |
| SHA256 | f06cba20bd40e9d841add1877cf8d3b406f0acfa4800b80ae041ed3cc374eb7e |
| SHA512 | c1b0e76cee4e2c3ca604dcc8f5665e72e70008acc824e20d89404f139d7e7e789e99dff131dafd76409f6ea0a813aa136f96089fbdadcf90d6485b1807762e4e |
C:\Windows\Installer\MSI46E.tmp
| MD5 | 62cfeb86f117ad91b8bb52f1dda6f473 |
| SHA1 | c753b488938b3e08f7f47df209359c7b78764448 |
| SHA256 | f06cba20bd40e9d841add1877cf8d3b406f0acfa4800b80ae041ed3cc374eb7e |
| SHA512 | c1b0e76cee4e2c3ca604dcc8f5665e72e70008acc824e20d89404f139d7e7e789e99dff131dafd76409f6ea0a813aa136f96089fbdadcf90d6485b1807762e4e |
memory/4972-251-0x0000000000000000-mapping.dmp
C:\Program Files\Java\jre1.8.0_351\installer.exe
| MD5 | 1b7d3a2eb4a3893ea7fec68dbcc09a81 |
| SHA1 | 5abe3f871f41d9226f6b330e0d76f4aeb4987891 |
| SHA256 | 75fe10b94b9570bff04d8440340bead917ce46fc20f0a9795bca73053c3aa5d5 |
| SHA512 | b834ec60c4fba13e1065d248bede905f386e92207d91a2e1c7465eddc9767a5b0d27f49b19cdf64b241dcb7664ef5976f9367c90b10ff2ea7adb281e6aaf7953 |
C:\Program Files\Java\jre1.8.0_351\installer.exe
| MD5 | 1b7d3a2eb4a3893ea7fec68dbcc09a81 |
| SHA1 | 5abe3f871f41d9226f6b330e0d76f4aeb4987891 |
| SHA256 | 75fe10b94b9570bff04d8440340bead917ce46fc20f0a9795bca73053c3aa5d5 |
| SHA512 | b834ec60c4fba13e1065d248bede905f386e92207d91a2e1c7465eddc9767a5b0d27f49b19cdf64b241dcb7664ef5976f9367c90b10ff2ea7adb281e6aaf7953 |
C:\Windows\Installer\e58e5da.msi
| MD5 | 1794aaa17d114a315a95473c9780fc8b |
| SHA1 | 7f250c022b916b88e22254985e7552bc3ac8db04 |
| SHA256 | 7682233d155e6d19f30cf61b185a02055be0dbcacd2c9accf90a99de21547eb4 |
| SHA512 | fb9defdf73786528e82ffc7e1ccfa03cfb687365ec740e9620993da785414306f03a7e1fa523192a9d690a882b012d1e426afd1757639f3ef5f1e612c01e6516 |
C:\Users\Admin\AppData\Local\Temp\jusched.log
| MD5 | c05de1477105175354dd0064af2c766a |
| SHA1 | 78eb3794efc903c77426ec46e1006f9c1cba95fc |
| SHA256 | 2cd80ed943fda3178557529ef08fa74a94409b81fd608e112943cb3dffe15715 |
| SHA512 | 79ab528fe6db81838bc2e57d2e3f0b10d76761a4fe74d683cb86648dc78a6da13269bf72449cb37f5f735dbe58c25d35a06f37f85121392b011b9b7a0764599a |
memory/4296-256-0x0000000000000000-mapping.dmp
C:\ProgramData\Oracle\Java\installcache_x64\240716828.tmp\bspatch.exe
| MD5 | 2e7543a4deec9620c101771ca9b45d85 |
| SHA1 | fa33f3098c511a1192111f0b29a09064a7568029 |
| SHA256 | 32a4664e367a5c6bc7316d2213e60086d2813c21db3d407350e4aca61c1b16a1 |
| SHA512 | 8a69acae37d34930ed1b37a48012f4c1b214eacb18e46c7adc54aaa720b75c17ac0512206e7c7a72669c9f53e393b13ef9b7783f02482f19ea756c1022580f0d |
C:\ProgramData\Oracle\Java\installcache_x64\240716828.tmp\baseimagefam8
| MD5 | 22646919b87d1a6dfc371464405b373b |
| SHA1 | 2296c69b12c3e0244fc59586f794457a4735e692 |
| SHA256 | 0a01e1f33b0dd6af5d71fd26261b97eda1f9da77553704afd0a9d176de733c11 |
| SHA512 | b5cfe6640c3755f3094e248dcd852ade852f904e80bc7d8dfef5772620ef75eac788f503c3df4baa712e73dafcca51c4ef0c73659ae55c1e0afd59b73f90d3a0 |
C:\ProgramData\Oracle\Java\installcache_x64\240716828.tmp\diff
| MD5 | 926bc57fb311cc95bcefa1e1ad0ce459 |
| SHA1 | 8c43b4d7aa223eaf9c73c789072545da0b2c55df |
| SHA256 | 9ccf1e30069b4781362f85c4a30993d86da99f211c2aaad4447ad051cc61600a |
| SHA512 | 216cb6483598960f5aea83beeb37fa700d047352d0b3c6c2405a7ee668554e0ab15358c178a6a2fc8c067f4177a0452cde93783797c15fccf224e640715f0743 |
C:\ProgramData\Oracle\Java\installcache_x64\240716828.tmp\bspatch.exe
| MD5 | 2e7543a4deec9620c101771ca9b45d85 |
| SHA1 | fa33f3098c511a1192111f0b29a09064a7568029 |
| SHA256 | 32a4664e367a5c6bc7316d2213e60086d2813c21db3d407350e4aca61c1b16a1 |
| SHA512 | 8a69acae37d34930ed1b37a48012f4c1b214eacb18e46c7adc54aaa720b75c17ac0512206e7c7a72669c9f53e393b13ef9b7783f02482f19ea756c1022580f0d |
memory/4296-261-0x0000000000400000-0x0000000000417000-memory.dmp
memory/4296-262-0x0000000000400000-0x0000000000417000-memory.dmp
memory/4296-263-0x0000000000400000-0x0000000000417000-memory.dmp
C:\ProgramData\Oracle\Java\installcache_x64\240716828.tmp\newimage
| MD5 | 42f911bd9577dba41abfec153b50afdc |
| SHA1 | e75303e84e59c81105db4aeb0e09ba92c0edfaa5 |
| SHA256 | a81763f447f212a42eddeecc63c58e580f1e4fb695480d24fba0bc43aa8c17e0 |
| SHA512 | 40e22192db53eb84a117fbf729f83cbc79ff168509149b2281357295b72770816f260c9320cb7c5559f2242d7f7362dd7af4fa80d99a5db327cb2b690c9b6c59 |
C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe
| MD5 | 691f68efcd902bfdfb60b556a3e11c2c |
| SHA1 | c279fa09293185bddfd73d1170b6a73bd266cf07 |
| SHA256 | 471d70ebf91bdc762dcacbea9f6ca883f97921938e83269fef911dbf83598a70 |
| SHA512 | a4816ae0654f41bd130d56e44839d9f29ab48bd2f99c3d6db38ce3358ac46c1cef09da09184c6291dd378018a49f9e56173c35d780d3eaefcce459592c75de3f |
memory/4244-265-0x0000000000000000-mapping.dmp
C:\Program Files\Java\jre1.8.0_351\bin\VCRUNTIME140.dll
| MD5 | 1453290db80241683288f33e6dd5e80e |
| SHA1 | 29fb9af50458df43ef40bfc8f0f516d0c0a106fd |
| SHA256 | 2b7602cc1521101d116995e3e2ddfe0943349806378a0d40add81ba64e359b6c |
| SHA512 | 4ea48a11e29ea7ac3957dcab1a7912f83fd1c922c43d7b7d78523178fe236b4418729455b78ac672bb5632ecd5400746179802c6a9690adb025270b0ade84e91 |
C:\Program Files\Java\jre1.8.0_351\lib\plugin.pack
| MD5 | 2e5895b42f691d0b5ffbf762a855d57a |
| SHA1 | da5cf1070281dd0296dbd386c2b4acd7007bfde9 |
| SHA256 | a08b4b853224a3ce9b69ce89dd9aebdb965b08021dc56edce880ecf1708a7d42 |
| SHA512 | b9f0f38973c9bacb5b59764275af04bbbcb468e83e7396824607ff67b59386989b3e15dfe9365b1d7cfa0917e99010d3172206bf6962f868660bcd77cafc7df6 |
C:\Program Files\Java\jre1.8.0_351\bin\vcruntime140.dll
| MD5 | 1453290db80241683288f33e6dd5e80e |
| SHA1 | 29fb9af50458df43ef40bfc8f0f516d0c0a106fd |
| SHA256 | 2b7602cc1521101d116995e3e2ddfe0943349806378a0d40add81ba64e359b6c |
| SHA512 | 4ea48a11e29ea7ac3957dcab1a7912f83fd1c922c43d7b7d78523178fe236b4418729455b78ac672bb5632ecd5400746179802c6a9690adb025270b0ade84e91 |
C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe
| MD5 | 691f68efcd902bfdfb60b556a3e11c2c |
| SHA1 | c279fa09293185bddfd73d1170b6a73bd266cf07 |
| SHA256 | 471d70ebf91bdc762dcacbea9f6ca883f97921938e83269fef911dbf83598a70 |
| SHA512 | a4816ae0654f41bd130d56e44839d9f29ab48bd2f99c3d6db38ce3358ac46c1cef09da09184c6291dd378018a49f9e56173c35d780d3eaefcce459592c75de3f |
memory/5004-271-0x0000000000000000-mapping.dmp
C:\Program Files\Java\jre1.8.0_351\bin\unpack200.exe
| MD5 | 691f68efcd902bfdfb60b556a3e11c2c |
| SHA1 | c279fa09293185bddfd73d1170b6a73bd266cf07 |
| SHA256 | 471d70ebf91bdc762dcacbea9f6ca883f97921938e83269fef911dbf83598a70 |
| SHA512 | a4816ae0654f41bd130d56e44839d9f29ab48bd2f99c3d6db38ce3358ac46c1cef09da09184c6291dd378018a49f9e56173c35d780d3eaefcce459592c75de3f |
memory/4800-273-0x0000000000000000-mapping.dmp
memory/228-274-0x0000000000000000-mapping.dmp
memory/1780-275-0x0000000000000000-mapping.dmp
memory/1112-276-0x0000000000000000-mapping.dmp
memory/4952-277-0x0000000000000000-mapping.dmp
memory/444-278-0x0000000000000000-mapping.dmp
memory/4576-281-0x0000000000000000-mapping.dmp
memory/1652-282-0x0000000000000000-mapping.dmp
memory/4020-283-0x0000000000000000-mapping.dmp
memory/4020-294-0x000001BF00000000-0x000001BF01000000-memory.dmp
memory/4020-309-0x000001BF00000000-0x000001BF01000000-memory.dmp
memory/4020-310-0x000001BF00000000-0x000001BF01000000-memory.dmp
memory/4020-312-0x000001BF00000000-0x000001BF01000000-memory.dmp
memory/2312-313-0x0000000000000000-mapping.dmp
memory/5064-311-0x0000000000000000-mapping.dmp
memory/2312-324-0x000001F800000000-0x000001F801000000-memory.dmp
memory/2312-334-0x000001F800000000-0x000001F801000000-memory.dmp
memory/2312-341-0x000001F800000000-0x000001F801000000-memory.dmp
memory/2312-342-0x000001F800000000-0x000001F801000000-memory.dmp
memory/2312-343-0x000001F800000000-0x000001F801000000-memory.dmp
memory/1044-344-0x0000000000000000-mapping.dmp
memory/4020-345-0x000001BF00000000-0x000001BF01000000-memory.dmp
memory/2312-346-0x000001F800000000-0x000001F801000000-memory.dmp
memory/2584-347-0x0000000000000000-mapping.dmp
memory/1164-348-0x0000000000000000-mapping.dmp
memory/2628-349-0x0000000000000000-mapping.dmp
memory/2628-358-0x0000000004910000-0x0000000005910000-memory.dmp
memory/508-363-0x0000000000000000-mapping.dmp
memory/2280-364-0x0000000000000000-mapping.dmp
memory/2280-374-0x0000027EA1880000-0x0000027EA2880000-memory.dmp
memory/4576-375-0x0000000000000000-mapping.dmp
memory/2748-385-0x0000000000000000-mapping.dmp
memory/4576-386-0x000001F600000000-0x000001F601000000-memory.dmp
memory/752-388-0x0000000000000000-mapping.dmp
memory/3816-389-0x0000000000000000-mapping.dmp
memory/3692-391-0x0000000000000000-mapping.dmp
memory/1684-393-0x0000000000000000-mapping.dmp
memory/4748-395-0x0000000000000000-mapping.dmp
memory/2280-396-0x0000027EA1880000-0x0000027EA2880000-memory.dmp
memory/4576-399-0x000001F600000000-0x000001F601000000-memory.dmp
memory/3652-412-0x000001DAC54B0000-0x000001DAC64B0000-memory.dmp
memory/3652-413-0x000001DAC54B0000-0x000001DAC64B0000-memory.dmp
memory/1852-414-0x0000000004520000-0x0000000004530000-memory.dmp
memory/1852-415-0x0000000004520000-0x0000000004530000-memory.dmp
memory/1852-552-0x0000000068880000-0x0000000068DAF000-memory.dmp
memory/1852-553-0x0000000001540000-0x0000000001AB5000-memory.dmp
memory/1852-555-0x0000000061740000-0x0000000061771000-memory.dmp
memory/1852-554-0x0000000070940000-0x000000007095C000-memory.dmp
memory/1852-556-0x000000006C8C0000-0x000000006C8FF000-memory.dmp
memory/1852-557-0x0000000063400000-0x0000000063415000-memory.dmp
memory/1852-558-0x0000000061DC0000-0x0000000062404000-memory.dmp
memory/1852-559-0x0000000000400000-0x00000000009FB000-memory.dmp