Analysis Overview
Threat Level: Known bad
The file https://github.com/Endermanch/MalwareDatabase was found to be: Known bad.
Malicious Activity Summary
BazarBackdoor
Suspicious use of NtCreateUserProcessOtherParentProcess
Bazar/Team9 Backdoor payload
Drops file in Drivers directory
Downloads MZ/PE file
Modifies RDP port number used by Windows
Sets service image path in registry
Loads dropped DLL
Executes dropped EXE
Registers COM server for autorun
Checks BIOS information in registry
Reads user/profile data of web browsers
Legitimate hosting services abused for malware hosting/C2
Checks installed software on the system
Enumerates connected drives
Drops file in System32 directory
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
Suspicious behavior: AddClipboardFormatListener
Modifies Internet Explorer settings
Uses Volume Shadow Copy service COM API
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: LoadsDriver
Modifies system certificate store
Modifies Internet Explorer Phishing Filter
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Uses Task Scheduler COM API
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Modifies registry class
Suspicious use of SetWindowsHookEx
Uses Volume Shadow Copy WMI provider
Enumerates system info in registry
Checks processor information in registry
Modifies data under HKEY_USERS
MITRE ATT&CK Matrix V6
Analysis: static1
Detonation Overview
Reported
2023-04-10 18:09
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2023-04-10 18:09
Reported
2023-04-10 18:23
Platform
win10v2004-20230220-en
Max time kernel
311s
Max time network
766s
Command Line
Signatures
BazarBackdoor
Suspicious use of NtCreateUserProcessOtherParentProcess
| Description | Indicator | Process | Target |
| PID 1160 created 3144 | N/A | C:\Users\Admin\Downloads\MBSetup.exe | C:\Windows\Explorer.EXE |
Bazar/Team9 Backdoor payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Downloads MZ/PE file
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\SysWOW64\drivers\mbamtestfile.dat | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET6E75.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET95D3.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET95D3.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\drivers\mbae64.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET93BC.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\mwac.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET947A.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET93CD.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET93CD.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET947A.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\farflt.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\SET65D9.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\mbamswissarmy.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET6E75.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Windows\system32\DRIVERS\mbam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\MbamElam.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET65D9.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\MbamChameleon.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\DRIVERS\SET93BC.tmp | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies RDP port number used by Windows
Sets service image path in registry
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\MBAMSwissArmy\ImagePath = "\\SystemRoot\\System32\\Drivers\\mbamswissarmy.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\MBAMChameleon\ImagePath = "\\SystemRoot\\System32\\Drivers\\MbamChameleon.sys" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosDate | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\MBSetup.exe | N/A |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe | N/A |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe | N/A |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe | N/A |
| N/A | N/A | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe | N/A |
| N/A | N/A | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-0.exe | N/A |
| N/A | N/A | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-1.exe | N/A |
| N/A | N/A | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-2.exe | N/A |
| N/A | N/A | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-3.exe | N/A |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
Loads dropped DLL
Reads user/profile data of web browsers
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{03141A2A-5C3A-458E-ABEC-0812AD7FF497}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F6D29500-933C-447C-9D88-9D814AF73808}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F6D29500-933C-447C-9D88-9D814AF73808}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{03141A2A-5C3A-458E-ABEC-0812AD7FF497}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9DAB0CA5-AE19-41AE-955C-41DD44C52697}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D372F21-E6DA-4B82-881A-79F6CA6B6AE1}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32\ = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\mbshlext.dll" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9DAB0CA5-AE19-41AE-955C-41DD44C52697}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{03141A2A-5C3A-458E-ABEC-0812AD7FF497}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F415899A-1576-4C8B-BC9F-4854781F8A20}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E1AC7139-D1FF-4DE9-84A4-92E2B47F5D2A}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{17BE78EE-B40A-4B9E-835F-38EC62F9D479}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{D5599B6B-FA0C-45B5-8309-853B003EA412}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F6D29500-933C-447C-9D88-9D814AF73808}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{580243BF-3CEE-4131-A599-C6FED66BEB1B}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{DE03E614-112D-43E0-8E15-E7236CC32108}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{36A65E46-6CC1-4CA2-B51E-F4DD8C993DDC}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\LocalServer32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{251AD013-20AD-4C3F-8FE2-F66A429B4819}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{EE8A9269-9E6E-4683-BCD3-41E9B16696DC}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{376BE474-56D4-4177-BB4E-5610156F36C8}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9DAB0CA5-AE19-41AE-955C-41DD44C52697}\LocalServer32\ = "\"C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe\"" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{11D1E5E8-14E1-4B5B-AE1A-2678CB91E8E5}\LocalServer32\ServerExecutable = "C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Checks installed software on the system
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\07CEF2F654E3ED6050FFC9B6EB844250_6E4F36431D86962EFD432400DF65AC90 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\38D10539991D1B84467F968981C3969D_C92678066E2B4B4986BC7641EEC08637 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\117308CCCD9C93758827D7CC85BB135E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\FA0E447C3E79584EC91182C66BBD2DB7 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\System32\CatRoot2\dberr.txt | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\572BF21E454637C9F000BE1AF9B1E1A9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\572BF21E454637C9F000BE1AF9B1E1A9 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\07CEF2F654E3ED6050FFC9B6EB844250_6E4F36431D86962EFD432400DF65AC90 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\38D10539991D1B84467F968981C3969D_C92678066E2B4B4986BC7641EEC08637 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\117308CCCD9C93758827D7CC85BB135E | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\FA0E447C3E79584EC91182C66BBD2DB7 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MwacLib.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\images\needle.png | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Slider.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\BusyIndicator.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\MenuStyle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\TabView.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\plugins.qmltypes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\WidgetFileDialog.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\HorizontalHeaderView.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\StackView.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\pkgvers.dat | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\ItemDelegate.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\qml\icons.ttf | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\Private\PieMenuIcon.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\plugins.qmltypes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\mbae64.sys | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-math-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\EditMenu.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\ScrollViewHelper.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\CircularButtonStyle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\PieMenuStyle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Imagine\GroupBox.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Material\Slider.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\languages\lang_en_GB.qm | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\mbamelam.cat | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-file-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\plugins.qmltypes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\images\arrow-up.png | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Imagine\Dial.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Universal\TabBar.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\plugins.qmltypes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qmldir | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-string-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Fusion\ApplicationWindow.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Imagine\Tumbler.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Universal\ScrollBar.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Extras\ToggleButton.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-heap-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-string-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\MenuContentScroller.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\images\[email protected] | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\SpinBox.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\WidgetColorDialog.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\db14be55d7db11ed8b1272edbb006969 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\GaugeStyle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\MenuStyle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Imagine\ToolSeparator.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\languages\lang_zh_TW.qm | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Private\ContentItem.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json.bak | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-time-l1-1-0.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\sdk\mbam.tmf | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\AbstractButton.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls.2\Fusion\HorizontalHeaderView.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\ScanControllerImpl.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\Qt5QuickControls2.dll | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\ProgressBar.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Base\images\spinner_small.png | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| File created | C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\Styles\Desktop\TabViewStyle.qml | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\security\logs\scecomp.log | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer Phishing Filter
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\PhishingFilter | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter\ClientSupported_MigrationTime = d42e80ebae45d901 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "2351084352" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 50dd7c8fe86bd901 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{B71E688E-D7DB-11ED-9EF6-72EDBB006969} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000016b1b6fc7cfc59429b2ebf78760d5fe300000000020000000000106600000001000020000000e6f9e923b750ff98b1095c72ff253b0b141df78cc01d346bf5c00d7d86238cb0000000000e8000000002000020000000eabcc030f28e8a34ebbed8162860821c6832211fd38e57da47ac3545247652fd20000000e326881a264ed49e17f2895519a0564cf416a75f627c529127721eabc3eed52e40000000f4c71fc7f53cb211ca8ca354cefaa6caf739d240c9d11372c91ecf3c1e561c5c5510544314bbcde1291b2ad2ae57490fdb8564cb000fbae414c38d0ccf472877 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbam.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\IESettingSync | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\VersionManager | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\ | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "387922395" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbam.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31026152" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\RepId | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbamtray.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "2351064402" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\VersionManager | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31026152" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\ | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 00f33ca5e86bd901 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\RepId\PublicId = "{E88E2E1E-8C28-4532-8EFA-F29595AE7C0F}" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000016b1b6fc7cfc59429b2ebf78760d5fe300000000020000000000106600000001000020000000734d46929bdc0fd091231e2ee6567064355d1aa77cb81c0f4c8becc011afbe89000000000e80000000020000200000006a51b7868cd8625e603b0e52d0066bb36f00395df306932bd3a218ba74da6dfc20000000f89adf5fd8630146ec8ec77a5e2197c97866ecaa326cb6b341bb23adb3f7a4c440000000174e9491ee517d635b7bb221455d854b74ef69718af61b519b4f32b506f43fb15dafa492133315aa3c9c4fbfcc8a719abecee3de858ec7815d0d32d09d658161 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000016b1b6fc7cfc59429b2ebf78760d5fe3000000000200000000001066000000010000200000007dc8395b6347c07246943734c1cdd34e9fcd7365a8f51a8dc03e7c540d1b3263000000000e80000000020000200000009a7e53949533470df632dbf646fbc3e16ad7be595678ff316e7d786bdf57c8b2200000004e51b7876c88a189dbdbd245b43ff46ce8f49cfb925dd78c77430aa493b68cd240000000107f588562c755fb0ed7c7d7ae33b238ec2468d7b96cb70f1318c49dba77281e4e7afad70e171009de5d504267978ff6de30e56275e76182092cf0cb2968a53f | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 704df9aae86bd901 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\mbamtray.exe = "11000" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "2370714519" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31026152" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000016b1b6fc7cfc59429b2ebf78760d5fe300000000020000000000106600000001000020000000367eab97d77c49cd0d56fc76390231105c393cc1679cb303cbbcb994182b1e08000000000e800000000200002000000072f2aa0b1c211a88fce2625f1775801acf934be0f9da53c921afbd8c1e84a8c620000000230bb30e4cfce8c9da92c5bdabd130dbef8206f0d48496722a8ec75189d6942940000000daea44136dc7b5d3697c62ccba101b99220fc6ffb185fbafc75cf15b427a5c7bca4b0a38845a589b50376757be759c88be8f59d702344e9dffa0364690db9f03 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 7006988fe86bd901 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\Software | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1e\52C64B7E\@%SystemRoot%\System32\CertCA.dll,-304 = "Endorsement Key Trusted Root Certification Authorities" | C:\Windows\system32\certutil.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1e\52C64B7E\@%SystemRoot%\System32\SessEnv.dll,-101 = "Remote Desktop" | C:\Windows\system32\certutil.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes:\ | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\16.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\ROOT | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass = "1" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Malwarebytes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\Office\16.0\Common\Security | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\Software\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1e\52C64B7E\@C:\Windows\System32\AppxPackaging.dll,-1001 = "Trusted Packaged App Installation Authorities" | C:\Windows\system32\certutil.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\MY | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Malwarebytes\FirstRun = "false" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes: | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Malwarebytes | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\15.0\Common\Security\Trusted Protocols | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\SOFTWARE\Policies\Microsoft\Office\15.0 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-20\SOFTWARE\Policies\Microsoft\Office\16.0\Common\Security\Trusted Protocols\All Applications\malwarebytes:\ | C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\ROOT | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8153C0A7-AC17-452A-9388-358F782478D4}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E41AC038-1688-417F-BE23-52D898B93903}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1E3F0FEC-3E40-4137-8C7D-090AFA9B6C5E}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{44ACF635-5275-4730-95E5-03E4D192D8C8} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B9F73DD6-F2A4-40F8-9109-67F6BB8D3704} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6724C143-DE69-4A93-80ED-19B75DD2AA99}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4EA13DC-F9D2-4DB9-A19F-2B462FFC81F3}\ = "IUpdateController" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\Version\ = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DA5636E-CD8F-4F2D-9351-4270985E1EB3}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{04F8CDB5-1E26-491C-8602-D2ADE2D8E17A}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1691A7E8-B8D1-46D5-BB29-3A4DB2D809C6} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B9F73DD6-F2A4-40F8-9109-67F6BB8D3704}\TypeLib\ = "{49F6AC60-2104-42C6-8F71-B3916D5AA732}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E1BA0B73-14BD-4C9D-98CA-99355BD4EB24}\ = "_IAEControllerEventsV3" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8640989C-20B4-41BE-BFE1-218EF5B076A6} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E777BB2-8526-437A-BBE2-42647DE2EC86}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{90A62FAD-6FA9-4454-8CEE-7EDF67437226}\ = "IScannerEventsV2" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B38EDC4F-A2CD-4F76-8607-F123FE4031D5}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9CFA1689-38D3-4AE9-B1E8-B039EB7AD988}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{96C7187E-6EC4-49BD-88C7-04A3A8A97CC5}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2846D47E-9B85-4836-B883-6A7B493E2D6A}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DC2F8F62-D471-4AD5-B346-9F214FE941A7}\ = "IPoliciesControllerV2" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{278637DA-FDFB-45C7-8CD8-F2D8A9199AB0}\Version\ = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7995CBA9-83E0-4F28-A50B-DFDE85EBCCD1}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9F0067A5-A8F1-46BF-AA32-F418656FDE6F}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3DCF0F42-EF8F-4450-BA68-42B61F594B2F}\TypeLib\ = "{226C1698-A075-4315-BB5D-9C164A96ACE7}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{72F290D5-789C-4D8A-9EBE-63ECEA150373}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6724C143-DE69-4A93-80ED-19B75DD2AA99}\TypeLib\ = "{49F6AC60-2104-42C6-8F71-B3916D5AA732}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5250E5C8-A09C-4F87-A0DA-A46A62A0EACF}\ = "IArwControllerV3" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C9669A3D-81E8-46F6-A51E-815A0863D612}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{F36AD0D0-B5F0-4C69-AF08-603D177FEF0E}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8F1C46F8-E697-4175-B240-CDE682A4BA2D}\Version | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{EAD7766B-F8F3-4944-AFE6-5D667E535709} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{983849D5-BFE9-43E9-A9A0-CBAFBC917F39}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{698A4513-65F0-46A3-9633-220A6E4D1D07}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{698A4513-65F0-46A3-9633-220A6E4D1D07}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{566DC5CA-A3C4-4959-AB92-37606E12AAFF}\TypeLib\ = "{59DBD1B8-A7BD-4322-998F-41B0D2516FA0}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{767D2042-D2F6-4BAA-B30E-00E0CD4015BD}\ = "IArwControllerV4" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2FB37514-21FA-4B2C-94DA-1562126E9F5F}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0468FE5A-FFDA-4F57-83F5-79116160E9B8}\TypeLib\ = "{FFB94DF8-FC15-411C-B443-E937085E2AC1}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{36F3C7D7-BCB1-4359-AB71-0CB816FE3D38}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A5091804-600E-4226-BF28-80ABFDF4AFAB} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1691A7E8-B8D1-46D5-BB29-3A4DB2D809C6}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F12E228B-821D-4093-B2E0-7F3E169A925A}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4163399F-AB08-4E5E-BE28-6B9440393AD3}\ = "IMWACControllerV13" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B44D50B8-E459-4078-9249-3763459B2676}\TypeLib\ = "{332AFEBA-9341-4CEC-8EA6-DB155A99DF63}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F927AD37-BA5F-4B86-AE22-FE2371B12955}\ = "_ILogControllerEntryEvents" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{115D004C-CC20-4945-BCC8-FE5043DD42D0} | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{EE77988C-B530-4686-8294-F7AB429DFD0C}\TypeLib\ = "{F5BCAC7E-75E7-4971-B3F3-B197A510F495}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AFC6D7FD-62B9-4016-9674-53BAC603E9FC}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{5D448EF3-7261-4C0C-909C-6D56043C259D}\ = "IScanControllerV14" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8FEFED84-854E-4029-A986-1D7774D4CF7D}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A2C9E279-3E50-44F0-8C3B-606A303BA1D1}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{BF474111-9116-45C6-AF53-209E64F1BB53}\VersionIndependentProgID\ = "MB.CloudController" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{130CD414-6BFD-4F6C-9362-A2264B222E76}\Programmable | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2058A31F-5F59-4452-9204-03F588252FFC}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{89AE2EF4-3346-47C7-9DCF-ED3264527FDE}\ = "IScanParameters" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DE35F2CA-6335-49BA-8E86-F6E246CFCEA6}\TypeLib | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E90361FE-F6B5-43E8-99F7-1BD40500981F}\TypeLib\Version = "1.0" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{EAD7766B-F8F3-4944-AFE6-5D667E535709}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{46AEAC9A-C091-4B63-926C-37CFBD9D244F}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0070F531-5D6B-4302-ACA0-6920E95D9A31}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{108E7F3D-FB06-4024-94FB-3B8E687587E4}\ProxyStubClsid32 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E149FEF9-F1DC-4894-8A8E-AA53F6807EFD}\ = "_ICleanControllerEventsV7" | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 040000000100000010000000be954f16012122448ca8bc279602acf5140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa20f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e1900000001000000100000009f687581f7ef744ecfc12b9cee6238f12000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F40042E2E5F7E8EF8189FED15519AECE42C3BFA2\Blob = 5c0000000100000004000000001000001900000001000000100000009f687581f7ef744ecfc12b9cee6238f10f000000010000003000000041ce925678dfe0ccaa8089263c242b897ca582089d14e5eb685fca967f36dbd334e97e81fd0e64815f851f914ade1a1e030000000100000014000000f40042e2e5f7e8ef8189fed15519aece42c3bfa2140000000100000014000000c87ed26a852a1bca1998040727cf50104f68a8a2040000000100000010000000be954f16012122448ca8bc279602acf52000000001000000d0050000308205cc308203b4a00302010202105498d2d1d45b1995481379c811c08799300d06092a864886f70d01010c05003077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f726974792032303230301e170d3230303431363138333631365a170d3435303431363138343434305a3077310b3009060355040613025553311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e314830460603550403133f4d6963726f736f6674204964656e7469747920566572696669636174696f6e20526f6f7420436572746966696361746520417574686f72697479203230323030820222300d06092a864886f70d01010105000382020f003082020a0282020100b3912a07830667fd9e9de0c7c0b7a4e642047f0fa6db5ffbd55ad745a0fb770bf080f3a66d5a4d7953d8a08684574520c7a254fbc7a2bf8ac76e35f3a215c42f4ee34a8596490dffbe99d814f6bc2707ee429b2bf50b9206e4fd691365a89172f29884eb833d0ee4d771124821cb0dedf64749b79bf9c9c717b6844fffb8ac9ad773674985e386bd3740d02586d4deb5c26d626ad5a978bc2d6f49f9e56c1414fd14c7d3651637decb6ebc5e298dfd629b152cd605e6b9893233a362c7d7d6526708c42ef4562b9e0b87cceca7b4a6aaeb05cd1957a53a0b04271c91679e2d622d2f1ebedac020cb0419ca33fb89be98e272a07235be79e19c836fe46d176f90f33d008675388ed0e0499abbdbd3f830cad55788684d72d3bf6d7f71d8fdbd0dae926448b75b6f7926b5cd9b952184d1ef0f323d7b578cf345074c7ce05e180e35768b6d9ecb3674ab05f8e0735d3256946797250ac6353d9497e7c1448b80fdc1f8f47419e530f606fb21573e061c8b6b158627497b8293ca59e87547e83f38f4c75379a0b6b4e25c51efbd5f38c113e6780c955a2ec5405928cc0f24c0ecba0977239938a6b61cdac7ba20b6d737d87f37af08e33b71db6e731b7d9972b0e486335974b516007b506dc68613dafdc439823d24009a60daba94c005512c34ac50991387bbb30580b24d30025cb826835db46373efae23954f6028be37d55ba50203010001a3543052300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414c87ed26a852a1bca1998040727cf50104f68a8a2301006092b06010401823715010403020100300d06092a864886f70d01010c05000382020100af6adde619e72d9443194ecbe9509564a50391028be236803b15a252c21619b66a5a5d744330f49bff607409b1211e90166dc5248f5c668863f44fcc7df2124c40108b019fdaa9c8aef2951bcf9d05eb493e74a0685be5562c651c827e53da56d94617799245c4103608522917cb2fa6f27ed469248a1e8fb0730dcc1c4aabb2aaeda79163016422a832b87e3228b367732d91b4dc31010bf7470aa6f1d74aed5660c42c08a37b40b0bc74275287d6be88dd378a896e67881df5c95da0feb6ab3a80d71a973c173622411eac4dd583e63c38bd4f30e954a9d3b604c3327661bbb018c52b18b3c080d5b795b05e514d22fcec58aae8d894b4a52eed92dee7187c2157dd5563f7bf6dcd1fd2a6772870c7e25b3a5b08d25b4ec80096b3e18336af860a655c74f6eaec7a6a74a0f04beeef94a3ac50f287edd73a3083c9fb7d57bee5e3f841cae564aeb3a3ec58ec859accefb9eaf35618b95c739aafc577178359db371a187254a541d2b62375a3439ae5777c9679b7418dbfecdc80a09fd17775585f3513e0251a670b7dce25fa070ae46121d8d41ce507c63699f496d0c615fe4ecdd7ae8b9ddb16fd04c692bdd488e6a9a3aabbf764383b5fcc0cd035be741903a6c5aa4ca26136823e1df32bbc975ddb4b783b2df53bef6023e8f5ec0b233695af9866bf53d37bb8694a2a966669c494c6f45f6eac98788880065ca2b2eda2 | C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe | N/A |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe | N/A |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| N/A | N/A | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://github.com/Endermanch/MalwareDatabase
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3196 CREDAT:17410 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd7b489758,0x7ffd7b489768,0x7ffd7b489778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3196 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3332 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4524 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4696 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4824 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4708 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5064 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5068 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5260 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3284 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5352 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5804 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5752 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5640 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6132 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5824 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5612 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5912 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6208 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:8
C:\Users\Admin\Downloads\MBSetup.exe
"C:\Users\Admin\Downloads\MBSetup.exe"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\certutil.exe
"C:\Windows\system32\certutil.exe" -f -addstore root "C:\Windows\TEMP\MBInstallTempdb14be57d7db11ed882072edbb006969\servicepkg\starfieldrootcag2_new.crt"
C:\Windows\system32\certutil.exe
"C:\Windows\system32\certutil.exe" -f -addstore root "C:\Windows\TEMP\MBInstallTempdb14be57d7db11ed882072edbb006969\servicepkg\msrootca2020.crt"
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" /Service /Protected
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1828,i,5716870292372222747,10444627241322764918,131072 /prefetch:2
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://links.malwarebytes.com/link/installed?prodVer=4.5.26.259&prodCode=MBAM-C&lang=en_US
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2684 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3644 /prefetch:1
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x1bc,0x1c4,0x228,0x204,0x22c,0x7ff67c505460,0x7ff67c505470,0x7ff67c505480
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x31c 0x2fc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-0.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-1.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-2.exe
ig.exe reseed
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig-3.exe
ig.exe reseed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3456 /prefetch:2
C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
"C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe" /wac 0 /status on true /updatesubstatus none /scansubstatus none /settingssubstatus none
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]"
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /watchdog
C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]
"C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ.zip\[email protected]" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7172 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8112 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,17004005573881671539,8132806359166865340,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/memz-malwarevirus-trojan-completely-destroying/268bc1c2-39f4-42f8-90c2-597a673b6b45
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2268 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2948 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2256,53918255826442983,17360121921366507522,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
C:\Windows\SysWOW64\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2224,5443120340611825906,10065382240090747657,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2224,5443120340611825906,10065382240090747657,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2224,5443120340611825906,10065382240090747657,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,5443120340611825906,10065382240090747657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,5443120340611825906,10065382240090747657,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2224,5443120340611825906,10065382240090747657,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,6278193134351470620,8901848740973343042,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,6278193134351470620,8901848740973343042,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,6278193134351470620,8901848740973343042,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3020 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6278193134351470620,8901848740973343042,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6278193134351470620,8901848740973343042,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3116 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,6278193134351470620,8901848740973343042,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+download+memz
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,12107088378411205576,11590870127727822769,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,12107088378411205576,11590870127727822769,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2208 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2184,12107088378411205576,11590870127727822769,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2976 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,12107088378411205576,11590870127727822769,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,12107088378411205576,11590870127727822769,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,12107088378411205576,11590870127727822769,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2524 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2016 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2900 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6452 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6452 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,14045131609587771007,6669162476483345771,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7452 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=montage+parody+making+program+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,14921902066650654303,12499741359720138959,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,14921902066650654303,12499741359720138959,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2468 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2172,14921902066650654303,12499741359720138959,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3016 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,14921902066650654303,12499741359720138959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,14921902066650654303,12499741359720138959,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,14921902066650654303,12499741359720138959,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2172,14921902066650654303,12499741359720138959,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2236 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2696 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /7
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5076 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5076 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,677828491547473567,10959058471334490051,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
C:\Windows\SysWOW64\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
C:\Windows\system32\mmc.exe
"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4984 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4984 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=half+life+3+release+date
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,2154336479187310043,13711338874620170991,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2204,18342552849147492615,4882856663817426587,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2652 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2204,18342552849147492615,4882856663817426587,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,18342552849147492615,4882856663817426587,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,18342552849147492615,4882856663817426587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,18342552849147492615,4882856663817426587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,18342552849147492615,4882856663817426587,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=facebook+hacking+tool+free+download+no+virus+working+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xf8,0x12c,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3032 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3872 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3872 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=facebook+hacking+tool+free+download+no+virus+working+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd616846f8,0x7ffd61684708,0x7ffd61684718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,6817197199165067286,9341020112643613002,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| IN | 20.207.73.82:443 | github.com | tcp |
| IN | 20.207.73.82:443 | github.com | tcp |
| US | 8.8.8.8:53 | 82.73.207.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| NL | 95.101.74.139:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 139.74.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.255.255.239.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| NL | 172.217.168.206:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| NL | 142.251.36.46:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 46.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| NL | 172.217.168.206:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | try.malwarebytes.com | udp |
| SG | 54.254.43.115:443 | try.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.72.252.163:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 115.43.254.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | builder-assets.unbounce.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 69.16.175.42:443 | code.jquery.com | tcp |
| NL | 13.227.219.58:443 | builder-assets.unbounce.com | tcp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | 42.175.16.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.211.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185c650ccfd84b27aad189f19681365b.js.ubembed.com | udp |
| US | 8.8.8.8:53 | d34qb8suadcc4g.cloudfront.net | udp |
| US | 8.8.8.8:53 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | cdn.bizible.com | udp |
| US | 151.101.1.131:443 | 185c650ccfd84b27aad189f19681365b.js.ubembed.com | tcp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 18.65.39.81:443 | d34qb8suadcc4g.cloudfront.net | tcp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | tcp |
| US | 152.195.58.59:443 | cdn.bizible.com | tcp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | tag.demandbase.com | udp |
| NL | 52.222.139.53:443 | static.hotjar.com | tcp |
| DE | 23.32.238.152:443 | snap.licdn.com | tcp |
| NL | 13.227.219.12:443 | tag.demandbase.com | tcp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 34.96.102.137:443 | dev.visualwebsiteoptimizer.com | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| NL | 13.227.219.120:443 | script.hotjar.com | tcp |
| US | 8.8.8.8:53 | www.redditstatic.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | munchkin.marketo.net | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| US | 8.8.8.8:53 | unpkg.com | udp |
| US | 8.8.8.8:53 | www.estore.malwarebytes.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 151.101.1.140:443 | www.redditstatic.com | tcp |
| US | 8.8.8.8:53 | scripts.demandbase.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | cdn.linkedin.oribi.io | udp |
| US | 104.16.122.175:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| US | 157.240.5.10:443 | connect.facebook.net | tcp |
| NL | 23.206.91.189:443 | munchkin.marketo.net | tcp |
| US | 204.79.197.200:443 | bat.bing.com | tcp |
| DE | 13.32.27.65:443 | scripts.demandbase.com | tcp |
| US | 8.8.8.8:53 | fonts.ub-assets.com | udp |
| NL | 52.222.139.95:443 | cdn.linkedin.oribi.io | tcp |
| NL | 13.227.219.74:443 | www.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | d9hhrg4mnvzow.cloudfront.net | udp |
| NL | 52.222.139.86:443 | fonts.ub-assets.com | tcp |
| NL | 52.222.137.129:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| US | 8.8.8.8:53 | api.company-target.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| NL | 52.222.137.129:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| NL | 13.227.219.127:443 | api.company-target.com | tcp |
| NL | 52.222.137.129:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| NL | 52.222.137.129:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | tcp |
| NL | 52.222.137.129:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 131.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.102.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.238.32.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.58.195.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.122.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.91.206.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.27.32.13.in-addr.arpa | udp |
| NL | 52.222.137.129:443 | d9hhrg4mnvzow.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.137.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | events.ub-analytics.com | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | alb.reddit.com | udp |
| US | 8.8.8.8:53 | assets.ubembed.com | udp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| US | 3.221.88.80:443 | events.ub-analytics.com | tcp |
| US | 35.190.60.146:443 | id.rlcdn.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 104.244.42.69:443 | t.co | tcp |
| NL | 216.58.214.14:443 | analytics.google.com | tcp |
| US | 151.101.1.140:443 | alb.reddit.com | tcp |
| US | 104.244.42.195:443 | analytics.twitter.com | tcp |
| US | 18.65.39.4:443 | assets.ubembed.com | tcp |
| GB | 216.58.208.98:443 | googleads.g.doubleclick.net | tcp |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | cdn.bizibly.com | udp |
| US | 157.240.5.10:443 | connect.facebook.net | udp |
| US | 35.190.60.146:443 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | in.hotjar.com | udp |
| IE | 52.215.15.94:443 | in.hotjar.com | tcp |
| US | 8.8.8.8:53 | 185c650ccfd84b27aad189f19681365b.pages.ubembed.com | udp |
| SG | 54.254.43.115:443 | 185c650ccfd84b27aad189f19681365b.pages.ubembed.com | tcp |
| NL | 52.222.139.86:443 | fonts.ub-assets.com | tcp |
| US | 8.8.8.8:53 | 805-usg-300.mktoresp.com | udp |
| US | 8.8.8.8:53 | segments.company-target.com | udp |
| NL | 13.227.219.119:443 | segments.company-target.com | tcp |
| US | 192.28.144.124:443 | 805-usg-300.mktoresp.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| SG | 54.254.43.115:443 | 185c650ccfd84b27aad189f19681365b.pages.ubembed.com | tcp |
| US | 8.8.8.8:53 | 127.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.15.215.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.88.221.3.in-addr.arpa | udp |
| NL | 157.240.247.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | 185c650ccfd84b27aad189f19681365b.events.ubembed.com | udp |
| US | 34.207.21.228:443 | 185c650ccfd84b27aad189f19681365b.events.ubembed.com | tcp |
| US | 8.8.8.8:53 | 200.232.18.117.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.144.28.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.21.207.34.in-addr.arpa | udp |
| SG | 54.254.43.115:443 | 185c650ccfd84b27aad189f19681365b.pages.ubembed.com | tcp |
| SG | 54.254.43.115:443 | 185c650ccfd84b27aad189f19681365b.pages.ubembed.com | tcp |
| GB | 216.58.208.98:443 | googleads.g.doubleclick.net | udp |
| NL | 216.58.214.14:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | genesis.malwarebytes.com | udp |
| US | 34.225.80.131:443 | genesis.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | api.demandbase.com | udp |
| NL | 108.156.60.114:443 | api.demandbase.com | tcp |
| US | 8.8.8.8:53 | plausible.io | udp |
| NL | 84.17.46.54:443 | plausible.io | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.19.188.97:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 131.80.225.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.46.17.84.in-addr.arpa | udp |
| NL | 84.17.46.54:443 | plausible.io | tcp |
| US | 104.19.188.97:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 172.64.144.98:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | www.estore.malwarebytes.com | udp |
| US | 8.8.8.8:53 | 97.188.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.144.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| NL | 142.250.179.193:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 193.179.250.142.in-addr.arpa | udp |
| NL | 142.250.179.193:443 | tpc.googlesyndication.com | udp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | udp |
| IE | 13.69.239.74:443 | tcp | |
| US | 8.8.8.8:53 | 2.36.251.142.in-addr.arpa | udp |
| US | 8.248.5.254:80 | tcp | |
| US | 8.248.5.254:80 | tcp | |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 192.48.215.34.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | 233.141.123.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ark.mwbsys.com | udp |
| US | 3.211.88.206:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| NL | 52.222.139.63:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 206.88.211.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 63.139.222.52.in-addr.arpa | udp |
| US | 3.211.88.206:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| NL | 52.222.139.37:443 | cdn.mwbsys.com | tcp |
| US | 3.211.88.206:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 37.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| NL | 52.222.139.63:443 | cdn.mwbsys.com | tcp |
| US | 8.248.5.254:80 | tcp | |
| US | 3.211.88.206:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | udp | |
| NL | 52.222.139.14:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 14.139.222.52.in-addr.arpa | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 204.79.197.203:80 | api.msn.com | tcp |
| IN | 20.207.73.82:443 | github.com | tcp |
| IN | 20.207.73.82:443 | github.com | tcp |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 3.211.88.206:443 | ark.mwbsys.com | tcp |
| US | 8.8.8.8:53 | cdn.mwbsys.com | udp |
| NL | 52.222.139.16:443 | cdn.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 16.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | iris.mwbsys.com | udp |
| US | 34.226.98.217:443 | iris.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 217.98.226.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | keystone.mwbsys.com | udp |
| US | 3.221.126.239:443 | keystone.mwbsys.com | tcp |
| US | 3.221.126.239:443 | keystone.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 239.126.221.3.in-addr.arpa | udp |
| US | 3.221.126.239:443 | keystone.mwbsys.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | tcp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | tcp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | tcp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | e2c16.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c6.gcp.gvt2.com | udp |
| IN | 34.93.91.7:443 | e2c6.gcp.gvt2.com | tcp |
| DE | 34.89.141.94:443 | e2c16.gcp.gvt2.com | tcp |
| IN | 34.93.91.7:443 | e2c6.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 3.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.141.89.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 7.91.93.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 100.20.255.82:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 82.255.20.100.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | links.malwarebytes.com | udp |
| NL | 52.222.139.112:443 | links.malwarebytes.com | tcp |
| NL | 52.222.139.112:443 | links.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| NL | 142.251.36.46:443 | clients2.google.com | udp |
| DE | 18.66.97.39:443 | www.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 161.240.123.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.97.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | genesis.malwarebytes.com | udp |
| US | 34.193.143.115:443 | genesis.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 115.143.193.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.demandbase.com | udp |
| NL | 108.156.60.113:443 | api.demandbase.com | tcp |
| US | 8.8.8.8:53 | plausible.io | udp |
| NL | 84.17.46.53:443 | plausible.io | tcp |
| NL | 84.17.46.53:443 | plausible.io | tcp |
| US | 104.19.188.97:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 113.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.46.17.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.249.124.192.in-addr.arpa | udp |
| US | 104.19.188.97:443 | cdn.cookielaw.org | tcp |
| US | 172.64.144.98:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | versionhistory.googleapis.com | udp |
| US | 8.8.8.8:53 | www.estore.malwarebytes.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | munchkin.marketo.net | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| US | 8.8.8.8:53 | scripts.demandbase.com | udp |
| US | 104.16.122.175:443 | unpkg.com | tcp |
| US | 157.240.5.10:443 | connect.facebook.net | tcp |
| DE | 23.32.238.144:443 | snap.licdn.com | tcp |
| US | 204.79.197.200:443 | bat.bing.com | tcp |
| NL | 23.206.91.189:443 | munchkin.marketo.net | tcp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| NL | 13.227.219.93:443 | scripts.demandbase.com | tcp |
| NL | 216.58.214.14:443 | analytics.google.com | tcp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | cdn.linkedin.oribi.io | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| GB | 216.58.208.98:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | api.company-target.com | udp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | tcp |
| US | 104.244.42.5:443 | t.co | tcp |
| US | 104.244.42.195:443 | analytics.twitter.com | tcp |
| US | 192.28.144.124:443 | 805-usg-300.mktoresp.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| NL | 52.222.139.92:443 | cdn.linkedin.oribi.io | tcp |
| US | 35.190.60.146:443 | id.rlcdn.com | tcp |
| NL | 13.227.219.102:443 | api.company-target.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 144.238.32.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.219.227.13.in-addr.arpa | udp |
| US | 54.161.206.128:443 | iris.mwbsys.com | tcp |
| US | 8.8.8.8:53 | links.malwarebytes.com | udp |
| NL | 52.222.139.26:443 | links.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 128.206.161.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.139.222.52.in-addr.arpa | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| NL | 216.58.214.14:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | prod-www.malwarebytes.com | udp |
| US | 18.65.39.76:443 | prod-www.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 76.39.65.18.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | udp |
| NL | 216.58.214.14:443 | analytics.google.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | keystone.mwbsys.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 3.221.126.239:443 | keystone.mwbsys.com | tcp |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 216.58.208.99:443 | beacons3.gvt2.com | tcp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.208.99:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 3.227.148.26:443 | sirius.mwbsys.com | tcp |
| US | 8.8.8.8:53 | 99.208.58.216.in-addr.arpa | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 26.148.227.3.in-addr.arpa | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | crl.comodoca.com | udp |
| US | 104.18.32.68:80 | crl.comodoca.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| NL | 173.223.113.131:80 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 68.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.155.64.172.in-addr.arpa | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | links.malwarebytes.com | udp |
| NL | 52.222.139.112:443 | links.malwarebytes.com | tcp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| NL | 52.222.139.112:443 | links.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | blog.malwarebytes.com | udp |
| NL | 13.227.219.74:443 | blog.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | www.malwarebytes.com | udp |
| NL | 13.227.219.93:443 | www.malwarebytes.com | tcp |
| NL | 13.227.219.93:443 | www.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 9.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.38.195.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| GB | 216.58.208.99:443 | beacons3.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | sirius.mwbsys.com | udp |
| US | 3.227.148.26:443 | sirius.mwbsys.com | tcp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | versionhistory.googleapis.com | udp |
| US | 8.8.8.8:53 | 90.38.199.152.in-addr.arpa | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | 74.19.199.152.in-addr.arpa | udp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | motherboard.vice.com | udp |
| US | 151.101.1.132:80 | motherboard.vice.com | tcp |
| US | 151.101.1.132:80 | motherboard.vice.com | tcp |
| US | 8.8.8.8:53 | 132.1.101.151.in-addr.arpa | udp |
| US | 151.101.1.132:443 | motherboard.vice.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 8.8.8.8:53 | www.vice.com | udp |
| US | 8.8.8.8:53 | vice-web-statics-cdn.vice.com | udp |
| US | 8.8.8.8:53 | native.sharethrough.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 151.101.1.132:443 | vice-web-statics-cdn.vice.com | tcp |
| US | 151.101.1.132:443 | vice-web-statics-cdn.vice.com | tcp |
| US | 151.101.1.132:443 | vice-web-statics-cdn.vice.com | tcp |
| NL | 108.156.60.9:443 | native.sharethrough.com | tcp |
| US | 8.8.8.8:53 | vice-dev-web-statics-cdn.vice.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 74.119.119.139:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | sourcepoint.mgr.consensu.org | udp |
| US | 54.186.166.15:443 | api.amplitude.com | tcp |
| US | 18.65.39.68:443 | sourcepoint.mgr.consensu.org | tcp |
| US | 8.8.8.8:53 | images.vice.com | udp |
| US | 8.8.8.8:53 | oembed.vice.com | udp |
| US | 8.8.8.8:53 | video-images.vice.com | udp |
| US | 151.101.1.132:443 | video-images.vice.com | tcp |
| US | 8.8.8.8:53 | 9.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.119.119.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.166.186.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tags.remixd.com | udp |
| NL | 108.156.60.124:443 | tags.remixd.com | tcp |
| US | 8.8.8.8:53 | 124.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.npttech.com | udp |
| US | 8.8.8.8:53 | cdn.segment.com | udp |
| US | 172.64.171.32:443 | www.npttech.com | tcp |
| NL | 13.227.222.191:443 | cdn.segment.com | tcp |
| NL | 13.227.222.191:443 | cdn.segment.com | tcp |
| US | 8.8.8.8:53 | pubcast-files.remixd.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| NL | 13.227.222.191:443 | cdn.segment.com | tcp |
| US | 8.8.8.8:53 | 32.171.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.222.227.13.in-addr.arpa | udp |
| US | 35.190.38.143:443 | pubcast-files.remixd.com | tcp |
| US | 35.190.38.143:443 | pubcast-files.remixd.com | tcp |
| US | 8.8.8.8:53 | vmg-useast.gscontxt.net | udp |
| US | 8.8.8.8:53 | gdpr-tcfv2.sp-prod.net | udp |
| US | 8.8.8.8:53 | ccpa.sp-prod.net | udp |
| US | 8.8.8.8:53 | widgets.outbrain.com | udp |
| GB | 96.16.109.182:443 | widgets.outbrain.com | tcp |
| US | 129.158.208.173:443 | vmg-useast.gscontxt.net | tcp |
| NL | 108.156.60.7:443 | gdpr-tcfv2.sp-prod.net | tcp |
| US | 18.65.39.94:443 | ccpa.sp-prod.net | tcp |
| US | 129.158.208.173:443 | vmg-useast.gscontxt.net | tcp |
| NL | 108.156.60.7:443 | gdpr-tcfv2.sp-prod.net | tcp |
| US | 18.65.39.94:443 | ccpa.sp-prod.net | tcp |
| US | 8.8.8.8:53 | 143.38.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.109.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.208.158.129.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.tenmges.vice.com | udp |
| US | 54.190.107.168:443 | api.tenmges.vice.com | tcp |
| US | 54.190.107.168:443 | api.tenmges.vice.com | tcp |
| US | 54.190.107.168:443 | api.tenmges.vice.com | tcp |
| US | 8.8.8.8:53 | 168.107.190.54.in-addr.arpa | udp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| NL | 108.156.60.124:443 | tags.remixd.com | tcp |
| US | 8.8.8.8:53 | analytics.tiktok.com | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| US | 8.8.8.8:53 | ak.sail-horizon.com | udp |
| US | 8.8.8.8:53 | sdk.snapkit.com | udp |
| US | 8.8.8.8:53 | tag.aticdn.net | udp |
| NL | 157.240.247.8:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | sc-static.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| NL | 108.156.60.40:443 | ak.sail-horizon.com | tcp |
| NL | 108.156.60.120:443 | sdk.snapkit.com | tcp |
| NL | 95.101.74.147:443 | analytics.tiktok.com | tcp |
| NL | 54.192.87.248:443 | sc-static.net | tcp |
| NL | 95.101.74.147:443 | analytics.tiktok.com | tcp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| NL | 108.156.60.40:443 | ak.sail-horizon.com | tcp |
| NL | 108.156.60.120:443 | sdk.snapkit.com | tcp |
| NL | 54.192.87.248:443 | sc-static.net | tcp |
| NL | 52.222.139.23:443 | tag.aticdn.net | tcp |
| NL | 108.156.60.50:443 | sb.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | static.chartbeat.com | udp |
| US | 8.8.8.8:53 | sourcepoint.vice.com | udp |
| US | 8.8.8.8:53 | tag.durationmedia.net | udp |
| US | 8.8.8.8:53 | s.skimresources.com | udp |
| US | 8.8.8.8:53 | cdn-magiclinks.trackonomics.net | udp |
| US | 8.8.8.8:53 | widget-pixels.outbrain.com | udp |
| US | 8.8.8.8:53 | mv.outbrain.com | udp |
| US | 151.139.128.10:443 | s.skimresources.com | tcp |
| US | 151.139.128.10:443 | s.skimresources.com | tcp |
| US | 54.190.107.168:443 | api.tenmges.vice.com | tcp |
| DE | 13.32.121.125:443 | cdn-magiclinks.trackonomics.net | tcp |
| GB | 96.16.109.182:443 | widget-pixels.outbrain.com | tcp |
| NL | 199.232.150.132:443 | mv.outbrain.com | tcp |
| NL | 108.156.60.121:443 | sourcepoint.vice.com | tcp |
| NL | 108.156.60.121:443 | sourcepoint.vice.com | tcp |
| NL | 108.156.63.44:443 | static.chartbeat.com | tcp |
| NL | 52.222.139.38:443 | tag.durationmedia.net | tcp |
| US | 8.8.8.8:53 | 8.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.74.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.87.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.128.139.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | tr.snapchat.com | udp |
| US | 8.8.8.8:53 | 121.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.63.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.121.32.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.150.232.199.in-addr.arpa | udp |
| US | 35.190.43.134:443 | tr.snapchat.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.confiant-integrations.net | udp |
| US | 8.8.8.8:53 | z.moatads.com | udp |
| US | 8.8.8.8:53 | experience.tinypass.com | udp |
| US | 8.8.8.8:53 | d2zue0pgsssbc6.cloudfront.net | udp |
| US | 8.8.8.8:53 | htlbid.com | udp |
| US | 8.8.8.8:53 | cdn.jwplayer.com | udp |
| US | 35.190.43.134:443 | tr.snapchat.com | udp |
| NL | 52.222.139.103:443 | htlbid.com | tcp |
| US | 8.8.8.8:53 | cdn.privacy-mgmt.com | udp |
| NL | 52.222.137.9:443 | d2zue0pgsssbc6.cloudfront.net | tcp |
| US | 35.190.43.134:443 | tr.snapchat.com | udp |
| US | 8.8.8.8:53 | api.snapkit.com | udp |
| US | 104.18.34.10:443 | cdn.confiant-integrations.net | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 104.17.184.177:443 | experience.tinypass.com | tcp |
| US | 18.65.39.128:443 | cdn.jwplayer.com | tcp |
| NL | 108.156.60.66:443 | cdn.privacy-mgmt.com | tcp |
| US | 104.18.34.10:443 | cdn.confiant-integrations.net | tcp |
| US | 104.17.184.177:443 | experience.tinypass.com | tcp |
| US | 18.65.39.128:443 | cdn.jwplayer.com | tcp |
| US | 104.244.42.133:443 | t.co | tcp |
| GB | 96.16.109.251:443 | z.moatads.com | tcp |
| GB | 96.16.109.251:443 | z.moatads.com | tcp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| US | 35.190.43.134:443 | api.snapkit.com | tcp |
| US | 35.190.43.134:443 | api.snapkit.com | tcp |
| US | 8.8.8.8:53 | 134.43.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.39.251.142.in-addr.arpa | udp |
| US | 35.190.43.134:443 | api.snapkit.com | udp |
| US | 104.244.42.3:443 | analytics.twitter.com | tcp |
| US | 104.244.42.3:443 | analytics.twitter.com | tcp |
| US | 8.8.8.8:53 | pixel.tapad.com | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| US | 8.8.8.8:53 | ccpa-service.sp-prod.net | udp |
| US | 18.210.236.91:443 | ccpa-service.sp-prod.net | tcp |
| US | 8.8.8.8:53 | ping.chartbeat.net | udp |
| US | 54.196.13.201:443 | ping.chartbeat.net | tcp |
| US | 8.8.8.8:53 | api.sail-personalize.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 54.196.13.201:443 | ping.chartbeat.net | tcp |
| NL | 52.222.141.178:443 | logws1330.ati-host.net | tcp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | udp |
| US | 99.83.154.140:443 | api.sail-personalize.com | tcp |
| US | 8.8.8.8:53 | t.skimresources.com | udp |
| US | 8.8.8.8:53 | p.skimresources.com | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 99.83.154.140:443 | api.sail-personalize.com | tcp |
| US | 35.201.67.47:443 | t.skimresources.com | tcp |
| US | 8.8.8.8:53 | 9.137.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.184.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.109.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 35.190.91.160:443 | p.skimresources.com | tcp |
| US | 35.190.91.160:443 | p.skimresources.com | tcp |
| US | 8.8.8.8:53 | r.skimresources.com | udp |
| US | 35.190.59.101:443 | r.skimresources.com | tcp |
| US | 8.8.8.8:53 | mcdp-nydc1.outbrain.com | udp |
| US | 8.8.8.8:53 | be.durationmedia.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 64.202.112.95:443 | mcdp-nydc1.outbrain.com | tcp |
| NL | 142.250.179.198:443 | static.doubleclick.net | tcp |
| US | 3.216.217.223:443 | be.durationmedia.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| NL | 142.250.179.193:443 | yt3.ggpht.com | tcp |
| NL | 142.251.39.106:443 | jnn-pa.googleapis.com | tcp |
| US | 104.18.34.10:443 | cdn.confiant-integrations.net | udp |
| US | 8.8.8.8:53 | 91.236.210.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.13.196.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.141.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.67.201.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.154.83.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.91.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.59.190.35.in-addr.arpa | udp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 142.251.39.106:443 | jnn-pa.googleapis.com | udp |
| NL | 52.222.137.9:443 | d2zue0pgsssbc6.cloudfront.net | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | player-files.remixd.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 198.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.217.216.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.179.250.142.in-addr.arpa | udp |
| US | 35.190.38.143:443 | player-files.remixd.com | tcp |
| US | 35.190.38.143:443 | player-files.remixd.com | tcp |
| US | 35.190.38.143:443 | player-files.remixd.com | tcp |
| US | 35.190.38.143:443 | player-files.remixd.com | tcp |
| US | 8.8.8.8:53 | cdn.tinypass.com | udp |
| US | 64.202.112.95:443 | mcdp-nydc1.outbrain.com | tcp |
| US | 8.8.8.8:53 | mb.moatads.com | udp |
| US | 8.8.8.8:53 | geo.moatads.com | udp |
| SG | 13.229.6.132:443 | geo.moatads.com | tcp |
| SG | 54.255.135.162:443 | geo.moatads.com | tcp |
| US | 8.8.8.8:53 | d3oodlxb1rw3kg.cloudfront.net | udp |
| US | 8.8.8.8:53 | trx-hub.com | udp |
| US | 8.8.8.8:53 | images.outbrainimg.com | udp |
| GB | 23.44.233.179:443 | images.outbrainimg.com | tcp |
| GB | 23.44.233.179:443 | images.outbrainimg.com | tcp |
| GB | 23.44.233.179:443 | images.outbrainimg.com | tcp |
| GB | 23.44.233.179:443 | images.outbrainimg.com | tcp |
| GB | 23.44.233.179:443 | images.outbrainimg.com | tcp |
| GB | 23.44.233.179:443 | images.outbrainimg.com | tcp |
| NL | 13.227.211.9:443 | d3oodlxb1rw3kg.cloudfront.net | tcp |
| NL | 52.222.139.59:443 | trx-hub.com | tcp |
| US | 35.201.67.47:443 | t.skimresources.com | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| US | 8.8.8.8:53 | 660e8c3f97cb1aaecda7f203cf0906bc.safeframe.googlesyndication.com | udp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | 132.6.229.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.135.255.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.233.44.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.211.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.139.222.52.in-addr.arpa | udp |
| NL | 142.250.179.161:443 | 660e8c3f97cb1aaecda7f203cf0906bc.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | www.google.co.ck | udp |
| NL | 142.250.179.195:80 | www.google.co.ck | tcp |
| US | 8.8.8.8:53 | 161.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c2.piano.io | udp |
| US | 104.16.240.21:443 | c2.piano.io | tcp |
| US | 8.8.8.8:53 | 21.240.16.104.in-addr.arpa | udp |
| GB | 23.44.233.179:443 | images.outbrainimg.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| GB | 96.16.109.182:443 | widget-pixels.outbrain.com | tcp |
| US | 8.8.8.8:53 | cdn.cxense.com | udp |
| US | 8.8.8.8:53 | ams-pageview-public.s3.amazonaws.com | udp |
| US | 52.216.56.177:443 | ams-pageview-public.s3.amazonaws.com | tcp |
| NL | 52.222.136.109:443 | c.amazon-adsystem.com | tcp |
| NL | 23.222.46.90:443 | cdn.cxense.com | tcp |
| US | 8.8.8.8:53 | static-42andpark-com.s3-us-west-2.amazonaws.com | udp |
| GB | 96.16.109.9:443 | ads.pubmatic.com | tcp |
| US | 52.216.56.177:443 | ams-pageview-public.s3.amazonaws.com | tcp |
| US | 52.218.196.9:443 | static-42andpark-com.s3-us-west-2.amazonaws.com | tcp |
| US | 52.218.196.9:443 | static-42andpark-com.s3-us-west-2.amazonaws.com | tcp |
| US | 8.8.8.8:53 | 109.136.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.46.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.109.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.56.216.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.196.218.52.in-addr.arpa | udp |
| US | 54.196.13.201:443 | ping.chartbeat.net | tcp |
| US | 8.8.8.8:53 | lexicon.33across.com | udp |
| US | 74.119.119.139:443 | gum.criteo.com | tcp |
| US | 35.244.193.51:443 | lexicon.33across.com | tcp |
| US | 8.8.8.8:53 | static.noeyeon.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | t.pubmatic.com | udp |
| DE | 162.19.138.119:443 | id5-sync.com | tcp |
| US | 100.20.194.108:443 | static.noeyeon.com | tcp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| SG | 18.141.82.33:443 | id.crwdcntrl.net | tcp |
| US | 34.120.155.137:443 | api.rlcdn.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| SG | 67.199.150.80:443 | t.pubmatic.com | tcp |
| US | 8.8.8.8:53 | buy.tinypass.com | udp |
| US | 35.244.193.51:443 | lexicon.33across.com | udp |
| US | 8.8.8.8:53 | 51.193.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.138.19.162.in-addr.arpa | udp |
| US | 104.17.182.177:443 | buy.tinypass.com | tcp |
| US | 104.17.182.177:443 | buy.tinypass.com | tcp |
| US | 8.8.8.8:53 | 137.155.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.194.20.100.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.82.141.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.150.199.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.182.17.104.in-addr.arpa | udp |
| NL | 108.156.60.9:443 | native.sharethrough.com | tcp |
| US | 54.186.166.15:443 | api.amplitude.com | tcp |
| US | 18.65.39.68:443 | sourcepoint.mgr.consensu.org | tcp |
| US | 74.119.119.139:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | vice-dev-web-statics-cdn.vice.com | udp |
| US | 8.8.8.8:53 | widgetmonitor.outbrain.com | udp |
| US | 8.8.8.8:53 | p1cluster.cxense.com | udp |
| NL | 147.75.83.64:443 | p1cluster.cxense.com | tcp |
| US | 50.31.142.127:443 | widgetmonitor.outbrain.com | tcp |
| US | 8.8.8.8:53 | motherboard-images.vice.com | udp |
| NL | 108.156.60.124:443 | tags.remixd.com | tcp |
| NL | 13.227.222.191:443 | cdn.segment.com | tcp |
| US | 129.158.208.173:443 | vmg-useast.gscontxt.net | tcp |
| NL | 108.156.60.7:443 | gdpr-tcfv2.sp-prod.net | tcp |
| US | 18.65.39.94:443 | ccpa.sp-prod.net | tcp |
| US | 8.8.8.8:53 | 64.83.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.142.31.50.in-addr.arpa | udp |
| US | 35.190.38.143:443 | player-files.remixd.com | udp |
| NL | 13.227.222.191:443 | cdn.segment.com | tcp |
| NL | 108.156.60.121:443 | sourcepoint.vice.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.26.6.139:443 | btloader.com | tcp |
| US | 104.17.184.177:443 | buy.tinypass.com | udp |
| NL | 52.222.139.103:443 | htlbid.com | tcp |
| NL | 199.232.150.132:443 | mv.outbrain.com | tcp |
| US | 8.8.8.8:53 | 139.6.26.104.in-addr.arpa | udp |
| NL | 157.240.247.8:443 | connect.facebook.net | tcp |
| NL | 95.101.74.147:443 | analytics.tiktok.com | tcp |
| US | 151.139.128.10:443 | s.skimresources.com | tcp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| NL | 108.156.60.40:443 | ak.sail-horizon.com | tcp |
| NL | 108.156.60.120:443 | sdk.snapkit.com | tcp |
| NL | 52.222.139.23:443 | tag.aticdn.net | tcp |
| NL | 54.192.87.248:443 | sc-static.net | tcp |
| NL | 108.156.60.50:443 | sb.scorecardresearch.com | tcp |
| NL | 52.222.139.38:443 | tag.durationmedia.net | tcp |
| NL | 108.156.60.66:443 | cdn.privacy-mgmt.com | tcp |
| US | 18.210.236.91:443 | ccpa-service.sp-prod.net | tcp |
| US | 54.190.107.168:443 | api.tenmges.vice.com | tcp |
| US | 54.190.107.168:443 | api.tenmges.vice.com | tcp |
| US | 54.190.107.168:443 | api.tenmges.vice.com | tcp |
| US | 54.190.107.168:443 | api.tenmges.vice.com | tcp |
| US | 54.190.107.168:443 | api.tenmges.vice.com | tcp |
| US | 8.8.8.8:53 | sentryio.vice.com | udp |
| US | 34.238.206.112:443 | sentryio.vice.com | tcp |
| US | 8.8.8.8:53 | 112.206.238.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 64.202.112.95:443 | mcdp-nydc1.outbrain.com | tcp |
| SG | 13.229.6.132:443 | geo.moatads.com | tcp |
| SG | 54.255.135.162:443 | geo.moatads.com | tcp |
| US | 54.196.13.201:443 | ping.chartbeat.net | tcp |
| US | 52.216.56.177:443 | ams-pageview-public.s3.amazonaws.com | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| NL | 108.156.60.124:443 | tags.remixd.com | tcp |
| NL | 52.222.137.9:443 | d2zue0pgsssbc6.cloudfront.net | tcp |
| GB | 96.16.109.251:443 | z.moatads.com | tcp |
| NL | 52.222.136.109:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.39.251.142.in-addr.arpa | udp |
| NL | 108.156.60.66:443 | cdn.privacy-mgmt.com | tcp |
| US | 104.244.42.133:443 | t.co | tcp |
| US | 104.244.42.3:443 | analytics.twitter.com | tcp |
| NL | 13.227.211.9:443 | d3oodlxb1rw3kg.cloudfront.net | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| GB | 96.16.109.182:443 | widget-pixels.outbrain.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| NL | 108.156.60.50:443 | sb.scorecardresearch.com | tcp |
| US | 50.31.142.127:443 | widgetmonitor.outbrain.com | tcp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| NL | 95.101.74.147:443 | analytics.tiktok.com | tcp |
| NL | 52.222.141.178:443 | logws1330.ati-host.net | tcp |
| US | 99.83.154.140:443 | api.sail-personalize.com | tcp |
| US | 104.16.240.21:443 | c2.piano.io | udp |
| US | 74.119.119.139:443 | gum.criteo.com | tcp |
| DE | 162.19.138.119:443 | id5-sync.com | tcp |
| SG | 18.141.82.33:443 | id.crwdcntrl.net | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| NL | 23.222.46.90:443 | cdn.cxense.com | tcp |
| US | 35.190.91.160:443 | p.skimresources.com | udp |
| US | 35.190.59.101:443 | r.skimresources.com | udp |
| US | 3.216.217.223:443 | be.durationmedia.net | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 52.222.139.59:443 | trx-hub.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| SG | 182.161.73.136:443 | dnacdn.net | tcp |
| SG | 182.161.73.136:443 | dnacdn.net | tcp |
| US | 100.20.194.108:443 | static.noeyeon.com | tcp |
| US | 8.8.8.8:53 | comcluster.cxense.com | udp |
| US | 8.8.8.8:53 | 117.138.19.162.in-addr.arpa | udp |
| JP | 147.75.95.77:443 | comcluster.cxense.com | tcp |
| US | 8.8.8.8:53 | 136.73.161.182.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.95.75.147.in-addr.arpa | udp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | px.moatads.com | udp |
| GB | 96.16.109.251:443 | px.moatads.com | tcp |
| US | 8.8.8.8:53 | id.google.co.ck | udp |
| NL | 142.251.36.35:443 | id.google.co.ck | tcp |
| NL | 142.251.36.35:443 | id.google.co.ck | tcp |
| US | 8.8.8.8:53 | 35.36.251.142.in-addr.arpa | udp |
| NL | 142.250.179.182:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| NL | 172.217.168.206:443 | apis.google.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| GB | 96.16.109.251:443 | px.moatads.com | tcp |
| US | 54.196.13.201:443 | ping.chartbeat.net | tcp |
| US | 8.8.8.8:53 | 202.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | firebaseremoteconfig.googleapis.com | udp |
| NL | 142.251.36.10:443 | firebaseremoteconfig.googleapis.com | tcp |
| NL | 142.251.36.10:443 | firebaseremoteconfig.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.36.251.142.in-addr.arpa | udp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 216.239.36.181:443 | analytics.google.com | udp |
| NL | 142.250.102.157:443 | stats.g.doubleclick.net | tcp |
| US | 204.79.197.200:443 | bat.bing.com | tcp |
| US | 216.239.36.181:443 | analytics.google.com | tcp |
| US | 104.18.43.158:443 | privacyportal.onetrust.com | tcp |
| US | 8.8.8.8:53 | 181.36.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.43.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | answers.microsoft.com | udp |
| NL | 23.0.213.225:80 | answers.microsoft.com | tcp |
| NL | 23.0.213.225:80 | answers.microsoft.com | tcp |
| NL | 23.0.213.225:443 | answers.microsoft.com | tcp |
| US | 8.8.8.8:53 | 225.213.0.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.4:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | aadcdn.msauth.net | udp |
| US | 8.8.8.8:53 | aadcdn.msftauth.net | udp |
| US | 13.107.237.68:443 | aadcdn.msauth.net | tcp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.237.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.145.190.20.in-addr.arpa | udp |
| IE | 20.190.159.4:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | identity.nel.measure.office.net | udp |
| NL | 23.72.252.160:443 | identity.nel.measure.office.net | tcp |
| US | 8.8.8.8:53 | 160.252.72.23.in-addr.arpa | udp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 142.251.36.35:443 | id.google.co.ck | udp |
| US | 8.8.8.8:53 | hubble.mb-cosmos.com | udp |
| NL | 52.222.139.35:443 | hubble.mb-cosmos.com | tcp |
| US | 8.8.8.8:53 | 35.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | ocsp.thawte.com | udp |
| US | 152.199.19.74:80 | ocsp.thawte.com | tcp |
| US | 8.8.8.8:53 | crl.thawte.com | udp |
| US | 152.195.38.76:80 | crl.thawte.com | tcp |
| US | 152.199.19.74:80 | ocsp.thawte.com | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 142.250.179.195:80 | www.google.co.ck | tcp |
| US | 152.195.38.76:80 | crl.thawte.com | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | udp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.130:443 | adservice.google.co.ck | tcp |
| US | 8.8.8.8:53 | 130.179.250.142.in-addr.arpa | udp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 142.250.179.195:80 | www.google.co.ck | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 142.250.179.195:80 | www.google.co.ck | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | evcs-ocsp.ws.symantec.com | udp |
| US | 152.199.38.90:80 | evcs-ocsp.ws.symantec.com | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | softonic.com | udp |
| US | 35.227.233.104:80 | softonic.com | tcp |
| US | 35.227.233.104:80 | softonic.com | tcp |
| US | 35.227.233.104:443 | softonic.com | tcp |
| US | 8.8.8.8:53 | 104.233.227.35.in-addr.arpa | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | www.softonic.com | udp |
| US | 8.8.8.8:53 | en.softonic.com | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | sc.sftcdn.net | udp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| NL | 23.222.47.122:443 | images.sftcdn.net | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| DE | 108.138.1.25:443 | c.amazon-adsystem.com | tcp |
| DE | 108.138.1.25:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | amplify.outbrain.com | udp |
| NL | 23.222.47.122:443 | images.sftcdn.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| GB | 96.16.109.182:443 | amplify.outbrain.com | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | 91.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.47.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.138.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 74.119.119.139:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | tr.outbrain.com | udp |
| DE | 18.66.97.10:443 | static.hotjar.com | tcp |
| US | 38.133.127.127:443 | tr.outbrain.com | tcp |
| US | 38.133.127.127:443 | tr.outbrain.com | tcp |
| US | 151.101.1.91:443 | sc.sftcdn.net | udp |
| US | 8.8.8.8:53 | c.aaxads.com | udp |
| US | 8.8.8.8:53 | 10.97.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.127.133.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | c2shb.pubgw.yahoo.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 104.22.55.232:443 | c.aaxads.com | tcp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| US | 34.107.148.139:443 | prebid.media.net | tcp |
| SG | 103.231.98.193:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | fastlane.rubiconproject.com | udp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| SG | 13.250.192.86:443 | c2shb.pubgw.yahoo.com | tcp |
| SG | 13.250.192.86:443 | c2shb.pubgw.yahoo.com | tcp |
| SG | 13.250.192.86:443 | c2shb.pubgw.yahoo.com | tcp |
| US | 8.8.8.8:53 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 104.18.24.185:443 | htlb.casalemedia.com | tcp |
| DE | 18.66.97.53:443 | static.hotjar.com | tcp |
| DE | 69.173.144.140:443 | fastlane.rubiconproject.com | tcp |
| DE | 52.222.213.130:443 | aax.amazon-adsystem.com | tcp |
| US | 34.194.192.152:443 | prod.us-east-1.cxm-bcn.publisher-services.amazon.dev | tcp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 8.8.8.8:53 | static.site24x7rum.eu | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| US | 8.8.8.8:53 | qsearch-a.akamaihd.net | udp |
| NL | 13.227.219.46:443 | static.site24x7rum.eu | tcp |
| NL | 13.227.219.120:443 | script.hotjar.com | tcp |
| US | 216.239.36.181:443 | analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| NL | 23.72.252.129:443 | qsearch-a.akamaihd.net | tcp |
| SG | 13.250.192.86:443 | c2shb.pubgw.yahoo.com | tcp |
| NL | 142.250.102.155:443 | stats.g.doubleclick.net | udp |
| US | 216.239.36.181:443 | analytics.google.com | tcp |
| US | 104.26.6.139:443 | btloader.com | tcp |
| NL | 142.250.102.155:443 | stats.g.doubleclick.net | tcp |
| DE | 162.19.138.117:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | ampcid.google.com | udp |
| NL | 172.217.168.238:443 | ampcid.google.com | tcp |
| US | 8.8.8.8:53 | rp.liadm.com | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 3.232.126.128:443 | rp.liadm.com | tcp |
| US | 8.8.8.8:53 | notix.io | udp |
| IE | 52.94.222.140:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 139.45.240.92:443 | notix.io | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| NL | 139.45.240.92:443 | notix.io | tcp |
| US | 52.205.24.151:443 | idx.liadm.com | tcp |
| US | 8.8.8.8:53 | 232.55.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.148.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.24.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.97.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.213.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.144.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.192.194.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.219.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.192.250.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.98.231.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.240.45.139.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.222.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.212.199.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.126.232.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.liadm.com | udp |
| US | 52.203.43.195:443 | i.liadm.com | tcp |
| SG | 182.161.73.136:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| SG | 116.213.23.49:443 | ag.gbc.criteo.com | tcp |
| SG | 116.213.23.91:443 | gem.gbc.criteo.com | tcp |
| SG | 182.161.73.136:443 | dnacdn.net | tcp |
| SG | 116.213.23.49:443 | ag.gbc.criteo.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| SG | 116.213.23.91:443 | gem.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | x.dlx.addthis.com | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | mid.rkdms.com | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 151.101.1.44:443 | trc.taboola.com | tcp |
| IE | 54.154.169.168:443 | dpm.demdex.net | tcp |
| NL | 98.98.134.242:443 | pixel-sync.sitescout.com | tcp |
| NL | 173.223.113.181:443 | x.dlx.addthis.com | tcp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | tcp |
| US | 34.232.18.154:443 | mid.rkdms.com | tcp |
| US | 64.202.112.31:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | 151.24.205.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.43.203.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.23.213.116.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.23.213.116.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.134.98.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.113.223.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.169.154.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stags.bluekai.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| JP | 35.213.12.39:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | sslwidget.criteo.com | udp |
| NL | 178.250.1.9:443 | sslwidget.criteo.com | tcp |
| JP | 35.213.12.39:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | widget.us.criteo.com | udp |
| US | 74.119.119.150:443 | widget.us.criteo.com | tcp |
| US | 8.8.8.8:53 | 154.18.232.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.clubpenguin.com | udp |
| US | 8.8.8.8:53 | 150.119.119.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.12.213.35.in-addr.arpa | udp |
| NL | 139.45.240.92:443 | notix.io | tcp |
| US | 8.8.8.8:53 | acdn.adnxs.com | udp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| US | 8.8.8.8:53 | 108.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| NL | 23.2.211.147:443 | eus.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 147.211.2.23.in-addr.arpa | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| GB | 96.16.109.9:443 | ads.pubmatic.com | tcp |
| US | 8.8.8.8:53 | js-sec.indexww.com | udp |
| US | 104.18.11.47:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| NL | 142.250.179.130:443 | cm.g.doubleclick.net | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | 47.11.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | widget.as.criteo.com | udp |
| SG | 182.161.73.146:443 | widget.as.criteo.com | tcp |
| SG | 182.161.73.146:443 | widget.as.criteo.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| CA | 185.80.39.216:443 | ssum-sec.casalemedia.com | tcp |
| SG | 103.231.98.196:443 | image6.pubmatic.com | tcp |
| SG | 103.231.98.196:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | cdn.indexww.com | udp |
| US | 104.18.11.47:443 | cdn.indexww.com | tcp |
| US | 8.8.8.8:53 | 216.39.80.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.98.231.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.73.161.182.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.clubpenguin.com | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 185.89.211.132:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | 132.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| NL | 173.223.112.20:443 | contextual.media.net | tcp |
| SG | 3.0.0.70:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| SG | 67.199.150.85:443 | simage4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 20.112.223.173.in-addr.arpa | udp |
| SG | 3.0.0.70:443 | match.sharethrough.com | tcp |
| SG | 67.199.150.85:443 | simage4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 70.0.0.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.150.199.67.in-addr.arpa | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | udp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.130:443 | cm.g.doubleclick.net | tcp |
| NL | 142.250.179.198:443 | static.doubleclick.net | udp |
| NL | 142.251.39.106:443 | firebaseremoteconfig.googleapis.com | udp |
| NL | 142.251.39.106:443 | firebaseremoteconfig.googleapis.com | tcp |
| US | 8.8.8.8:53 | csm.va.us.criteo.net | udp |
| US | 74.119.119.149:443 | csm.va.us.criteo.net | tcp |
| US | 8.8.8.8:53 | 149.119.119.74.in-addr.arpa | udp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 142.250.179.195:80 | www.google.co.ck | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | udp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.130:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 142.250.179.195:80 | www.google.co.ck | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.130:443 | cm.g.doubleclick.net | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.198:443 | static.doubleclick.net | udp |
| NL | 142.250.179.198:443 | static.doubleclick.net | tcp |
| NL | 142.251.39.106:443 | firebaseremoteconfig.googleapis.com | udp |
| NL | 142.251.39.106:443 | firebaseremoteconfig.googleapis.com | tcp |
| NL | 142.250.179.182:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.co.ck | udp |
| NL | 142.250.179.195:80 | www.google.co.ck | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | udp |
| NL | 142.250.179.130:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | versionhistory.googleapis.com | udp |
| US | 8.8.8.8:53 | telemetry.malwarebytes.com | udp |
| US | 34.215.48.192:443 | telemetry.malwarebytes.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 142.250.179.195:80 | www.google.co.ck | tcp |
| NL | 142.250.179.130:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | udp |
| NL | 142.251.36.14:443 | encrypted-tbn0.gstatic.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 172.217.168.228:80 | google.co.ck | tcp |
| NL | 142.250.179.195:80 | www.google.co.ck | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.206:443 | play.google.com | udp |
| NL | 142.250.179.206:443 | play.google.com | tcp |
| NL | 142.250.179.130:443 | cm.g.doubleclick.net | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\favicon[1].png
| MD5 | 346e09471362f2907510a31812129cd2 |
| SHA1 | 323b99430dd424604ae57a19a91f25376e209759 |
| SHA256 | 74cf90ac2fe6624ab1056cacea11cf7ed4f8bef54bbb0e869638013bba45bc08 |
| SHA512 | a62b0fcc02e671d6037725cf67935f8ca1c875f764ce39fed267420935c0b7bad69ab50d3f9f8c628e9b3cff439885ee416989e31ceaa5d32ae596dd7e5fedbd |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\feo4h2u\imagestore.dat
| MD5 | 9d7253f6f0eef8829f77f8ba21dfd115 |
| SHA1 | ce51b4b7ad36d043a841d083ad6469cdc2c019c9 |
| SHA256 | 79e3a9755048b4394c218fdeaa6cfba0e9bac2656b52d142704564b1155633b0 |
| SHA512 | c7b9da27ec1b9ecbebb164c9bfe1a913f899d7e1157f7c33f13c860b79202a2dca0fb3810081df54c55ff961ac7c44341277d5b5c2c3a4d3e05a16ef295387ea |
\??\pipe\crashpad_3608_TEDXDIJFZABFTGPU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 227daa5f2bcf00f7743f167ef4c4511e |
| SHA1 | c26a5d0f0d0c39a6c397fb673d0ef12854ce3fea |
| SHA256 | df834ff1705af394b1c834e4844e0bcd2df0226b727ddb998a7cf465f7b94b2f |
| SHA512 | 3b88584999066e320cf0bd9f40a701a88b8f7fcf2ded14334282bdfb448a70646e48ffa84d21d991ab78f24b2eea7313b4dc7744932bd3e1c2adbc9c3925142d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b2472660ef65391175d30e2794948be7 |
| SHA1 | 557bae71d393edfc49c96ecd32350214db971f97 |
| SHA256 | 629553bd63315d9bf376316d3f5dc01469b95b4b8e5e8800b2e9ee0b15f7c551 |
| SHA512 | cfe05f26a1bf2e9497b826c6a3f0f1ee93c2c221bfb1f80b40d69b19cee351882882e23f62c7e8134322050a5c2f0c668aff6bc1c100e582752523eb0db77bed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\7e5286c7-d79c-4dab-b63d-5c509cb290e9.tmp
| MD5 | 01c51adcc132a977de8e9af2b9d33c9b |
| SHA1 | 87a0e8e090bac79c8e7d713a268594e0085dd142 |
| SHA256 | fd2556bc6ae7853e47b736a2d8385cd458d3a8d2840c60470737c91cec4b7b75 |
| SHA512 | d3dc46c8614470599914d12e2a94729d5dcd0cd28fbe926987c08af981594a666160bf731fa42be12f7d9cbf5296a2afea2b878da7c281d1fd499244b25e7e54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b58ed0db18040f7620f355853f2ad34e |
| SHA1 | cb19d67f5fc06d0dbddd4b2b2681890008e11811 |
| SHA256 | 33745514d2b5e0e4134021e98bb1efba4af5f98e12d0284c4575e405103247f9 |
| SHA512 | d2c9fe8c33aefe27d2f00ee872b98f90ae71bbb47aca02eafa2b9a026160d6230632ed62e46e7c4546973ab3950a2921b68c307b6eb635b267293b0da9645d89 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
| MD5 | acbc9c53c66f6227d3e13587ce3d34c2 |
| SHA1 | 6f64bc5d48f60fa7e26c64a42b31dd0dab5fc8ae |
| SHA256 | 47e4e5a5b3ff282a5ff5796b6a6149b53d79ad444cd71b74536d5bd56c077fdd |
| SHA512 | 1d07e95a5b98d15dfe261ab985d18c386023d3d40c9a8cb995f2d657ffb67e4ec5b22a99575b3232d4758170db4efeb7fe950d9db11c5237daddb138f0fb5093 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
| MD5 | 6bbf077736789b5bedadc0a566f5e4d3 |
| SHA1 | 7e45b5fb310c74ea121d7fcc5c8a17b34971631e |
| SHA256 | 0bd18caa70025e3de8b567c60245900392e36b696ccbb7ea97b7a8f043aab41e |
| SHA512 | e04c7ce81cb62d80f00e51d27cc09f20c67879b40542865d12573746e514f4ac0b47171d5b67f0e2c9a8f266547b8eb7fca0b8648f185644b21a9d6671f40940 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565
| MD5 | 316c85a3f73054a5a033625b4818272e |
| SHA1 | 2e84269f6f1dcd26810bc8ff01be83e1157019f5 |
| SHA256 | bfc6ad2e212b53e4f002bba984813141e8bb2c9acfcaca575e55eeae3035607b |
| SHA512 | 407d9f9254d3e07d92b91bc5152303443c4e5c0d57b2fd2f757167a2322e221adddbbbdbbfbc666bab68621add5b5ca971e193793d15f0069b032394c8eee5de |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565
| MD5 | d2887bb9f0317148aca1765c5a74e560 |
| SHA1 | cd9ebd80f31a391c3e649e7a3b48a5c0e7620296 |
| SHA256 | cba5e82ee69c6585982e70d24aaa0ea3bd68e88e0ff80f24fddf9ff7dce3e563 |
| SHA512 | 06adea3a5698159678de3e58b36c682b62c8ea3af0ff763372bb362d3ccb5b1e2d37ed0a49a32f0530771ad87121e150356f9fe7b1624f460ddeefce51308b48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 524f133aa63338935e1155483fb95aa0 |
| SHA1 | 089c25c73d401b25bdac1c082e6dfd2715a01895 |
| SHA256 | 3852015f41c88e03962d32cc86239374ee9b543cb7cc13c549585be854032034 |
| SHA512 | 3104f05d9943d967bda4d3a45010287e12e087ea57c519a6260c2e316c8905901aeaa33627f72fd7b32b3f3412364dda1dc47321f576ba24e3c15cf8d97194dd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
| MD5 | 9d7d180f2de0b32edd9f9ba978b4eb0d |
| SHA1 | 9bf1008285df462813b1e16c7f8076cd51845ea9 |
| SHA256 | a15a3c7ba09d8274c9ac4af92269a12079065383d57b0db0fae614a2936ef64b |
| SHA512 | 77b7b8f810d51f1923a41838cfe1fde471b03bd65e571e422f9c8ed8eb00191e536a61d4f82f42c27c03df87d4e497abedef00156e24bedbc57f9f465e0bdf68 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
| MD5 | 7b0df526ca1226b7d6177cc9aff77962 |
| SHA1 | b880c18dc93fc54231dd80f3003f3f6bef05cd4b |
| SHA256 | d4b228e98cdb10a2889fd39d448f4771de324107fc3c4f1e05d5c658d236c2d1 |
| SHA512 | 24e06c3d40cc82e296e59a5b0326ac892c8ff15971b468c924cd08b89d78fb550302baa09612fe3a3eca743a0c20381fe8b599e9bbf0f5489ed51e879c89e907 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
| MD5 | ca7fbbfd120e3e329633044190bbf134 |
| SHA1 | d17f81e03dd827554ddd207ea081fb46b3415445 |
| SHA256 | 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db |
| SHA512 | ab85f774403008f9f493e5988a66c4f325cbcfcb9205cc3ca23b87d8a99c0e68b9aaa1bf7625b4f191dd557b78ef26bb51fe1c75e95debf236f39d9ed1b4a59f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 32a18cbeecc4cff35267bfc5bfba7149 |
| SHA1 | a2a9911f5c39798179c90e6163b520eda9427847 |
| SHA256 | e3881ee3a3d46998083f2c4afb72decab12fadb6176a51359dfac5c9852d14a4 |
| SHA512 | b3719bc80c06c6aa7e38755dd40c9636eab75b0dd4c409e9401c48bf40a1099f204b80a0d41c1c6c646272d5c4daa6bbe1426f8d25cccd71cfaac99d6f947b18 |
C:\Users\Admin\Downloads\MBSetup.exe
| MD5 | 1ed0d8b2214a5d067d5422145689f747 |
| SHA1 | e671419cc7957c1118b9bb84251a40c03351f07f |
| SHA256 | 06a4bacdae17ad89c8fc93fc4ebf6603ca406e8bcc51f3fd32f700d18436be56 |
| SHA512 | e2a686efcb1bcda6b55c5d10654124fc2b27c426a979929a1e9de171794745abc9f0cd9dbd302a4e02d95269c7abee5dd051c1687e8f794da317b3fc4bf665b8 |
C:\Users\Admin\Downloads\MBSetup.exe
| MD5 | 1ed0d8b2214a5d067d5422145689f747 |
| SHA1 | e671419cc7957c1118b9bb84251a40c03351f07f |
| SHA256 | 06a4bacdae17ad89c8fc93fc4ebf6603ca406e8bcc51f3fd32f700d18436be56 |
| SHA512 | e2a686efcb1bcda6b55c5d10654124fc2b27c426a979929a1e9de171794745abc9f0cd9dbd302a4e02d95269c7abee5dd051c1687e8f794da317b3fc4bf665b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8bb16e39714f3e3adc87e4dd4e6277db |
| SHA1 | 69367b0ed26043f0e38616c381a6b492d49e8242 |
| SHA256 | 4cb7416f83cd3c63c04f9298efbddfa66b86c607119ce7653a4c72c4d35af76f |
| SHA512 | 55d3d6e78f7b933bcce157d1f92d13a587f9aa1340bff2d40b393ff0de46d007168ffa4a6472dc0c498ef22791dfa575620e5561a4c99ed1e1ac18d9a33968e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e5761e8492c91defdc8882848b7ebd1f |
| SHA1 | 1df0e43cda9b73038ff51e7213c0d8f749a5c171 |
| SHA256 | cde615ba1612a1e31f84361449b537df9b9b10673ae051ce74b97872c27477c6 |
| SHA512 | 1a618d6c2e54fe399f87cc5698df6f64ecf75afc22c10bca7ef91e97a2cf3492036a25d36d21e865e9311c9bda0f5b9299d3fa605185e65f439d3a79c792a960 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 7144783105bb17ba64460401fc67bed0 |
| SHA1 | 5b272a52318bba01d83b0c14f4193d702c414b87 |
| SHA256 | 7c0661ec04b12d7ef272d52164f702f2285d9a81c7822af784b5dd77ff0e9dd2 |
| SHA512 | a4efe89ef58ac936b3965d782a340a4e64fcfd4d08067e8d058bfba60afa06685e665864b580be20c8757c6cfeb410d33ed04e5b2f77c0c87cfeca9c148829fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5747e6.TMP
| MD5 | f48453dca24caa34ee1c6b10ba380f61 |
| SHA1 | 83a00aad476f65f543b0f6232f4ee76f07d36635 |
| SHA256 | 8bfff80e61f625396da00cb2b6fa36ebf013b2e44127e84e60af9b69e585c235 |
| SHA512 | c5c72b1f5e22c8c19c22e12d1c09f6347b30dd0132fba351556e01ad68267f13c23155ea42479fd6439d93c531954fe6572ba64a90de9e310ddc61810176e4d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 477293362c9b009287c0109772504f05 |
| SHA1 | 9764c5a43485572234fd0c3ed244079f64022e09 |
| SHA256 | 42dfb1ffe5ac69b2d0cd777beb88e9b36466c08d73fb3a03d4fbaf6f8d2c2579 |
| SHA512 | f82273ca8701bffc23c9f5de1fef0181908b7d0f6503c0d1991e93b358e78f02f9cd8bc946b11c29d259993a11111024788c7ff1b48d899ee1d3acd010bcc363 |
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
| MD5 | 579a6ae8838b6d228b7aed4ae9a0848f |
| SHA1 | 22d6edf328f104d64e02dc659ed7b38cb38f0d4a |
| SHA256 | 34701a6106be29c982869c9d5f6ff9e4f19067067ba115c5ed95159df357eb47 |
| SHA512 | c2d2967e66bfd658922aecb6a7e3f2d67260eed710d613a6667676c843ad98802c3c1f97a660c031ac0c869bdf91d934bfe08eedaf7f0b0314145f74b1455a74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c85cc2fb341559fc3cd2351a6531224f |
| SHA1 | c332d8864adc26882f9096183ce40aa25572298a |
| SHA256 | a5b86d255e007d932f58f118d2ce0f2d85da3724c68adbbae6228adc92666266 |
| SHA512 | d5e99ba78d89d10f90e156f29cd1b2f0b1b1f64805bef7995c8d0e4468fac8c79f3f73f09b30c514cb17012933528dd31624d19348a60e54ba6be8207f6b8fff |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\suggestions[1].en-US
| MD5 | 5a34cb996293fde2cb7a4ac89587393a |
| SHA1 | 3c96c993500690d1a77873cd62bc639b3a10653f |
| SHA256 | c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad |
| SHA512 | e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\light-0946cdc16f15[1].css
| MD5 | 5235e806bcb88fed6c8c8cfb53348708 |
| SHA1 | ab71dbe80857d73ce2ca21a45ab4a216ab1cbce1 |
| SHA256 | 89233262726664b22e2d2e8a742b89d7439d526394f7413b30a92f304a04775f |
| SHA512 | 0946cdc16f1502b0f9aad2daf13882a63691a93f7f9a6afb537da241ef6db703e1173a6591975026f826792a4ddbe79c07b863e2a6a41ec6e7894ef1fa920e40 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\dark-3946c959759a[1].css
| MD5 | 2820c4c7c0513590c53d244c42fb6fe3 |
| SHA1 | e7512521010a3afcf5ca395457473e7963a23ed9 |
| SHA256 | c2982a111fe3270b0feec1917715b73a1ad11e04a918c3748a129fbedff88370 |
| SHA512 | 3946c959759a620244e1e09847f1baaeb2e1aad20b8e0b84ca7652fa14a130d5b94af4047a1db76afa5abacc01bba4d87789d44f959e08f8524b864eb66f925f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\primer-489656187993[1].css
| MD5 | 139f4923247452688185bf3d633447a5 |
| SHA1 | 3ca134c873f9beaa50e5134195c9ac131ef2d95f |
| SHA256 | 8b3bc987c4a93293a843b9a31a20270cf8cfe2eb6d9f3d5bc0c4336682c7d37d |
| SHA512 | 48965618799325b03b58acf21191857abe99f6067b844448c977112907e4b61fa6e44c2559c4cbd75d8dc84b7bccd6f589c9993152efda28cf0fac77eb19fc9c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_mini-th-34a24a-01ff22798072[1].js
| MD5 | 387e7b7c88075f1cc262ce7762995108 |
| SHA1 | 8d4a776982195206039b9fa67db73b30a4308022 |
| SHA256 | e69981450663b3ee09eaa62baeac163f7c8e3546b6d629a16f77cb11a65f80f3 |
| SHA512 | 01ff22798072cbd083234ac32c9a3bdb5dae8bc388529fe83ca1440a77d2324f89bfa844d09e175756ea7c008a814d4da968c06ed4f89465ea2f3f1bc0982fa8 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\code-menu-699612a7bb50[1].js
| MD5 | 7ea0c06350594cc3720dd77bd7f3a3fb |
| SHA1 | c2600b934c656ef063f5bb65a81d879d2aafe6ec |
| SHA256 | d1e73500e9a5a6b3388a56f2aed65d1c88ab407583b9bd8baafa53eeccaebb5d |
| SHA512 | 699612a7bb50ed6b745cfabe0ffba666dd050ffa7f4c47807c94b92a9c390cbb2b8d0c6eb1a85f2b5072f3264b10ea6fd9a0c99e0407764ee07ffc55e0c490c4 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\topic-suggestions-12644bfb92d9[1].js
| MD5 | 2339d6f00c13728ec3e8c8ac5cc04103 |
| SHA1 | 65c6f65c183ed78afc8aba2fdb60dc95d6f04c1a |
| SHA256 | 8c20afc53c5f2182e2acb0978ff144fc986187a9d073cacc2f9ef47cee8f8381 |
| SHA512 | 12644bfb92d9e7a3de21c29fe81c9af40d4ec15dd25c745795484f7d8a00de30331c0803469d61890d2c00f42ae16878df38fa59eb437977a9a3653d39b99215 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\repositories-1e8ac8fa769f[1].js
| MD5 | e86ba5335479c9ff116ffb175065a222 |
| SHA1 | 38a5b71b6b19a5326ba6a5ecd5affb087532a877 |
| SHA256 | 138335ed297f4958231edb8dd26ddd9225ae2a86efa0b72def021f8cd33aaa88 |
| SHA512 | 1e8ac8fa769f11dcddd496c0dc5870f48fe84690f6d0f8d8a2e4564947c2fb7fd5bbfb1eb240bf85fd93f4393068f4d8c3f1572678e9c592134c5f51d3873cbe |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\codespaces-c3db6dd3891f[1].js
| MD5 | 2a4e030ae20ddd0d7fc6695e77a52892 |
| SHA1 | b490df78b209478ac7e5ff01a528da74160b4c91 |
| SHA256 | c5962c5a418ad72660262692f1635e9762997f2341902b6ba59eb66f8fa7056a |
| SHA512 | c3db6dd3891f9c3e235039f08cb29d6edd5d242b5cf83a9a67177582fb3e04cce7bd19aa5f2dabe712ab75332a1960914ff693eeaac472c5a7a5b87d72769fcb |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\app_assets_modules_github_ref-selector_ts-7bdefeb88a1a[1].js
| MD5 | d8d29d2bbd0f6b4f7d7c90ee97327932 |
| SHA1 | 79f48d95561b7184b59a35145f40e38288cf80d6 |
| SHA256 | 9364633a098614712c53ec35442adcbf0f59411a2bca17db12374e1e94a0fae3 |
| SHA512 | 7bdefeb88a1aaccf9b57f95f9e147289f4f8388ebc5f70da7e9b0320cfe96d603b597bcfec9f9bc12754f9c96d0489e76fa2b91048b20a8fa970788b5bffabb9 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-911b971-e714578c4cac[1].js
| MD5 | 7434f51ecfefa587a020c2ff47fae4de |
| SHA1 | 4c10f748619ac8b87f25e7bf4a9e48dafe74d517 |
| SHA256 | c3c5a40add538d81807d60aa46ba52c2b0368b80a4a73665cefa50b48413bead |
| SHA512 | e714578c4cac5de881bc79cbc561f68443c0d1d93e6d933b4fe67b7677bde8bf55bd635924d286fd09fce1f0b7f82c86867d7499f6493e5834c38bedbdece26f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\vendors-node_modules_virtualized-list_es_index_js-node_modules_github_memoize_dist_esm_index_js-8496b7c4b809[1].js
| MD5 | 844fc2167be483deee376371db56f504 |
| SHA1 | 6bba3094b6c0753f8e70cc9ed0d1dd43f36d267e |
| SHA256 | 4449596879e9737f1a216b91d8377dd0e2e5ee9b57f0df3d0f9ddddbccc4ca8e |
| SHA512 | 8496b7c4b80988d7cfe5aab2d7a4a3c70908544afeee50b7e7b836922f51ae8a3c499f094070b8a8385e092caee09f7f14b004cdfb9d63acb1d10dfa9f377f28 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\vendors-node_modules_morphdom_dist_morphdom-esm_js-node_modules_github_template-parts_lib_index_js-58417dae193c[1].js
| MD5 | 5c92d60934f35b5e8ad723d7f982d7ac |
| SHA1 | a9dbe8393e165ee73c9c2f15d9b9e25dee03ef98 |
| SHA256 | ab812475a704013e0662146bbc9075cffcec836d87c0507fd8c3649691694fd0 |
| SHA512 | 58417dae193cfa3899e4861b3aaf7143ac640625ee2181258f2d051d2e3d0ab4991c396089ddc26c781b687d2e78f2ca7df7b9282205eb5518f61e6eb6066fc4 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\notifications-global-86e9ba7bffb7[1].js
| MD5 | c81994fab4171728a9d56d598ca6c7f2 |
| SHA1 | 3560f347746006944133e499411235399642ebe3 |
| SHA256 | 9a5975c800bad812fef12760aba50f61f623303141088d685c3c167dd8515f78 |
| SHA512 | 86e9ba7bffb7eaf1a30bb975d0b72654de5b664845b07e543b96098b93de762e61096cae05fe47340a37d07d39708bc7894d5bd031e8fd6b37c6e03b79097398 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-fe0b8ccc90a5[1].js
| MD5 | b49149f4a5bb177d2a996d4dabb198ad |
| SHA1 | 7bc5e2cab51623c49b486fd3d809e277eca85d44 |
| SHA256 | b39d718bf90927b25fec09e7d70cd72b69adac6bd943ceeea106959922c230e7 |
| SHA512 | fe0b8ccc90a5b06dd44f859d6cde857cec873876b0ccef2ee3dcd1edf036b5d636487a134869c5e05f17f7fd224bb7ad47b063161eb1b85536a362b0b5d99759 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\behaviors-02dc1184ac49[1].js
| MD5 | 5787c9b73681f0a1dc706ffa0bc3e070 |
| SHA1 | 80e024bf2c12cb0d7cf3317816d4ff1855dfc68a |
| SHA256 | 4d2de4268df34d391c9b3f2ada4807570b85380a6ca05939e07f1170693a78c1 |
| SHA512 | 02dc1184ac49c869fefbd755d5773dfa1dec7f209fdd708bb50a2090943497866cc8493886249602ce1ffed0efb3052522a86c582114b3d4701ba1842e880d6f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-80a9915bf75c[1].js
| MD5 | 803de299ecc5672af443d018f8b7d443 |
| SHA1 | 23ea39a811d08acb34a991966c8a5b8381659636 |
| SHA256 | bf14d2467bc2f557486dd191d87534cbb7eeb2d84524db094aac54ec23ed77f8 |
| SHA512 | 80a9915bf75c01c9eda4b40965878faa2b4e51f60aa9e4c24953421f685a1aa2b49d7b86b2a68f29861973b96dde38faa9a659df2124824162549f04410646e9 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-2e2258-dae7d38e0248[1].js
| MD5 | 2ea4751c021cf86092225f87a5cc7ca2 |
| SHA1 | 3c3a818ccfb35a1cfa7b8c7793699aa9ab8a9d72 |
| SHA256 | 9d4c3a8ff89e9acd1218edd29506299cd6522610df7b06442704ccc318b24c2f |
| SHA512 | dae7d38e02483d4244dda02aa05e081ef94d31f30c8bba7f9581d5541abee149b092d5e216009ac4457fc28336a89373bc78e94a6ab513da516b15289c982653 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\app_assets_modules_github_sticky-scroll-into-view_ts-1d145b63ed56[1].js
| MD5 | 9c15e69f34d72ab01a25575780a3dc9d |
| SHA1 | 4834bff994ded22703fbce6e1f04d5a13838354e |
| SHA256 | a382c7be63e4761274ff6e21ef7e9596aa0eb700573a0ead42aea76c36e3e47b |
| SHA512 | 1d145b63ed56c1ca14a1cb8d7264bc56a9e0c3a7d11ce67b5b1954b034a9ab4c29d74f72ddf860600dfddbf1b73d38caaccecd5bc51dd4fde166f79d426aa086 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-dbc08c-c80bb6d2e713[1].js
| MD5 | f5f1895fd16df7ec5de1ac0cb59c1f2e |
| SHA1 | e65078e88775a6c7472eb5ef882b94eeb5d0ec89 |
| SHA256 | 077048a700f11d1f982097569e9b89ed2422293f323465967bc1e4f2d28fc0d3 |
| SHA512 | c80bb6d2e71370895a987cd12251bfd3884a8d8cf392374c65b76115a769e1e08c2987c8aff1a7094f72c48af4faed2564ac51622c089451e462d18bda4cccbd |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\app_assets_modules_github_behaviors_keyboard-shortcuts-helper_ts-app_assets_modules_github_bl-1f24ae-60413f6f3a61[1].js
| MD5 | 149d13dbcc51fa331e11cfabac92c70e |
| SHA1 | 9153519b565a843dee2e9c5c4a80ded810e193c7 |
| SHA256 | 9b2dec605c3d912a89cf87edb803b1110c7cfc2730bb90df7ea5bbd3edf29ef2 |
| SHA512 | 60413f6f3a618e8edd9fff6ebdd34b274adbe5289ffb3894d6df4efb0ac12f70ccf33c57104ed8a197c596af0ae5f89f3929d3657a63aa57628133424f0e4ec9 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\app_assets_modules_github_updatable-content_ts-70e6c1269039[1].js
| MD5 | 86a00ffb34c4d73e3f3c3ba24756c1c9 |
| SHA1 | e2c5edad571445b52f611db67fd2d7928c203a1e |
| SHA256 | 35617d8843005118fa116252bed39f77de0e967066c1ba3f9b665ba1f6246a04 |
| SHA512 | 70e6c12690398352b11576213e7e6908581bdc2fa7374409bface6053e05aef889e421bbb9dde3e566750677a166b0b31d8422e097ab52c7b11db8b589812fe3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\vendors-node_modules_github_paste-markdown_dist_index_esm_js-node_modules_github_quote-select-1bdbba-dd6debfb8eb8[1].js
| MD5 | 3300bb1e43e1f3e0b54b12ef8374c3a3 |
| SHA1 | 00827a47080d5a773e7be772db60ddc757c886fa |
| SHA256 | b057bb407ab2e68df16830361ec5d21e19f1df0f1d262852032f49ffca0586cb |
| SHA512 | dd6debfb8eb8b752c44b228fc2b4ecc97c13e4c4a70db3fd017c919dac8f8ace9c75a8857a8bcdce973becc3d3c1a6949934e14411219541343e1c06fa751d5a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\vendors-node_modules_github_remote-form_dist_index_js-node_modules_github_template-parts_lib_-273494-0fb4f42e57f4[1].js
| MD5 | f3ababa361da60a5a0850157f001e1f0 |
| SHA1 | d922d1351994e5bbb7300ff64fccbcd51d868efe |
| SHA256 | 3bbfa36699d3e10c2d6131124a6349bee69838b7c3bac42b23d7a4e95958ea3f |
| SHA512 | 0fb4f42e57f49b300ed87d266e866309fdecbd06d89ad6d91f4c89d7eee0302826654c890a040d595eb58eb27daa4535077fae5d50ff2d234124f829b2f92a49 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\vendors-node_modules_color-convert_index_js-35b3ae68c408[1].js
| MD5 | 9dc040f59be2a61a2c9e74568e81a859 |
| SHA1 | 7ea23e783cb7242b748c0630d5946c82777fcfbf |
| SHA256 | b05a7e19c59be8422fa87b0c0a3ec37a9aa64757092ee6afc887500c186324ee |
| SHA512 | 35b3ae68c408451d73656d48ecccbb9663b4e824ba12a41275a8878859bd48ce96612c54d7a72e8201b61efb6054187571d3da8d4db02418d54ed74cc0dd6126 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_hydro-analyt-f69502-d8672aa6f36b[1].js
| MD5 | e4012feecc28eedcd3e808d60e46b8ca |
| SHA1 | 9d9edfa379e126c74fd5d1d54b8ab44c455de132 |
| SHA256 | a1ca04d5bf323662e0954d2246375044d461303e6605b18dc7cfeae4e9f02102 |
| SHA512 | d8672aa6f36b0137c3a23b186456056455c7207cb815cc28e9b6b348e9f1ad25d34454d70af8610b3e1096707ec276a6378096d234d499c5a11f435f19092e3c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\sessions-4849c97a18f4[1].js
| MD5 | 2bb72936e57438f307ac1d83dafb518e |
| SHA1 | d8d0d2610fe499c2f2d6c4abad5c4ebc0387ce18 |
| SHA256 | 0e6bace12a3476af2364c8a3f1b89bea228491d0e59920ad3c229903ee9e8d90 |
| SHA512 | 4849c97a18f47cf864f8c5465a7959c2054b74401e82c1a7f66a290aa5ee89d60a26aaecc662ccb73187d3fbcca98e584ce697b4b1c7d3c8608fede252fbce2b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_hotkey_dist_index_js-b47a28757074[1].js
| MD5 | c276f423c6cb28f8343853e1ac010b5a |
| SHA1 | 178aadaa8312ab8a2df9f0e7e660a953906ee8a7 |
| SHA256 | a7f7e18e890a1b333483033f30ac36bf70498d6d8a45c8056aab7e2360ec021f |
| SHA512 | b47a287570740e0282d8e09ff1c842fac19f2f6204d0f92d6b4ddac83f54b577816b46c968ef333b83564c8c9652f904a6af678a767cf1b51312ba884ddf0332 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-ba0e4d5b3207[1].js
| MD5 | 80de3fe499fabcd32f3eb5a1c8a080b9 |
| SHA1 | 45c7a787dd927214b847550fcd44f37261413256 |
| SHA256 | 0f0b5c21ea9467b911d1377fdff0272addf7fccc7a588f2f30ec6f07ffbdcb6f |
| SHA512 | ba0e4d5b320783d52465d15d4a36113a8e10261eefc707314d7e6f211ebb57930b7cbf2568017febe5e47cb43749552e6992fcd652aec702110a330364e08506 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_alive-client_dist-bf5aa2-424aa982deef[1].js
| MD5 | fa2bd9163204e6ced0bf13f169206c40 |
| SHA1 | ea2d13287aef46af1ad0f04b04eada4e8a8966af |
| SHA256 | 0c2a6aa4860bd3d3a135d59418bf4e7a00173c3e974842ae436a0a2fbe3da624 |
| SHA512 | 424aa982deef4fc0969c58c54d1dfcf1b589d6c9da95575e4b5f88ffb03a8457954a19c03b00afbb5f4fa0d64a6d7b7361c0a4737c1d21490d2767eea227e0db |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\vendors-node_modules_lit-html_lit-html_js-9d9fe1859ce5[1].js
| MD5 | 29b126d180066f2cd72287a725af3dce |
| SHA1 | da1a0918b337b6bcda086580271306fbb2d41ea0 |
| SHA256 | 9417afb32e38d089ae0e18debddaec99629f25af815081ebf426a48066ef3438 |
| SHA512 | 9d9fe1859ce5c02054af70a2435b2b137398d7f41f2b71cc138333f706bf3c175eccc001e8ba717e80508a10590fd40c91468a9ee60839cf2cf5464c2601deec |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\element-registry-232b7187141e[1].js
| MD5 | 0616418cd2a86a108acb841ada777f95 |
| SHA1 | 73a4223689e940597f37189796aa211bfaff8411 |
| SHA256 | c0bbdc2a2ea28204266e885aeea4d003c4ac86cb86c224bd735f08fb438c7532 |
| SHA512 | 232b7187141e85857befc1433bad1f4504ae24f6913538a4d1f993ddb9609b5a0d762016b5bcb3e9751da34fd98f29791ae6b52f5fc90587f3659e7081fbab0e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\github-elements-5f0209c98275[1].js
| MD5 | cc26cd480b150f489db2fb850ba30252 |
| SHA1 | 29a7c8dbef41ff2cc9dfac54b76081cf687b3db0 |
| SHA256 | cb74dfc2260dfd597e852ea960b0ab0ead49ddc122ebfe82af3c7823008859bb |
| SHA512 | 5f0209c982751c652a64d4b8e695028423f16f6380eb36b7f905f1f0c971653749c8bb653579542fabb5b14266540de55b895b61f3b6e341d05fdd0517c15fe0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\vendors-node_modules_primer_view-components_app_components_primer_primer_js-node_modules_gith-6a1af4-68db00c62e33[1].js
| MD5 | 2de0975dfa6a7deb3210f0c45eecdca4 |
| SHA1 | 2b42da02d3679c5ce9931842a7193d988360fb0f |
| SHA256 | 6a490ab3a7b8c3d69f2a81455cee13f846eb36765766fd397825b08df29a1408 |
| SHA512 | 68db00c62e334ee79dc1e9cf40754676839e53d3df6709ec9736340208b2406b623d7076e1f8dbb7823ef6c5fb0c6a985d5f3e9bcb5277b0a725606903d2f40b |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\vendors-node_modules_github_tab-container-element_dist_index_js-node_modules_github_auto-comp-bf192d-81631767a9f8[1].js
| MD5 | 293d63f0050ea51645c8dacd1db64d15 |
| SHA1 | d4543677f93f8d3b6c0668b6e7f5bde78fb2d292 |
| SHA256 | 7246e4fdd4fce24e9d15002dfc9e07db899a1704598444f31b4f9b9a34372afa |
| SHA512 | 81631767a9f813fc0e4c5900d24c30e3824860bfdfe913cf11a6eb7356ab8e8b99c5cefa5492e3daa5e49e468ecd2a765461ff4ff10c127f404e101118851dc8 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_text-ex-3415a8-7ecc10fb88d0[1].js
| MD5 | bb1800636a88e2cf90f48ea181a1c3e9 |
| SHA1 | 486238b0e8fbb84b4f92e462ba7f337f8c6c091d |
| SHA256 | 7bfa93a6b92eb9a2f1668a9b16ea5e1f7f2591d3664351788a48107ec879bf84 |
| SHA512 | 7ecc10fb88d0dc86ce7d35b7a2be7b44f51904fbb1908b53c9afdf0d6d1fe9760753f6cf8f9ca1897bd537552d3f8238c68e9b993a167cc52f43b5f7a58b37e1 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_details-menu-element_-bb7a4e-8ca5bb7b5e7e[1].js
| MD5 | f8fd66fe242f868671c429712619f0ad |
| SHA1 | f11152ea44023423ceabae57e8aedd6e0a989cd9 |
| SHA256 | b5b19cdc6d7cc23c96ca4214a7f915e99a6a3db99af3bf01432831cbe35f137d |
| SHA512 | 8ca5bb7b5e7e52344931fc71eeb1c2f79b08df6939f6f2bb5f7bd78bd225ba05ab794ced92dd500f89e1b4767e8cb8f106c0be926210f2013d27f1c8e0070202 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\vendors-node_modules_github_details-dialog-element_dist_index_js-node_modules_github_memoize_-8664b7-b1d9fac72bf3[1].js
| MD5 | e8daa8ae1bace46578621c25ea0966dc |
| SHA1 | 83571037fa8b308c87e365911838bb8e459e30f5 |
| SHA256 | c181db979284686fdac27e16a750d2176b10c3224d4e59a7882a24cb5a9be31a |
| SHA512 | b1d9fac72bf386bd30e509cd355253b69060d7a72529b6272d53593f28237ccfc31ec334309638fc6c71e52c8fcc44294d3ecbe557013eaeb8f7dfcd71a03e32 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-44ef1e-ff95e778f461[1].js
| MD5 | 5e5e12b8aeabb4b09bd21a35791f7a9e |
| SHA1 | e327a6a2c4f32e0a459a6537017a379c31cdf7c9 |
| SHA256 | 3b3f02fd63bc69bc9137be434e4eee05a4148ebff584f8945d808e9615b63a14 |
| SHA512 | ff95e778f461f30e5f1c3c6aa5be1f824a59b5a137b0a1e6d2e311ed44cb5729097e6008238990838a6d291bff503af37d501c4bb96840e78e9fc36470b17eba |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\vendors-node_modules_fzy_js_index_js-node_modules_github_markdown-toolbar-element_dist_index_js-e3de700a4c9d[1].js
| MD5 | 186933c0117b94c9b8aade71f6f310c0 |
| SHA1 | ae67ade0e920b536137b6e98bb5e9e6c34b96925 |
| SHA256 | 1465e7c16987bcaf9bb6209172d23d157cba309e9c8b2e4751b77ce4feb1b14f |
| SHA512 | e3de700a4c9d4e1a490d2daa45c518f837ba0f6e065274231627b3911c43faf07e365ba42dc6d110627987662366ea1cdebc9ed4f5a8b88a04b64a7980c7b5b5 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\vendors-node_modules_github_relative-time-element_dist_index_js-99e288659d4f[1].js
| MD5 | f491d4f9b68507dfdf90a5ef6d4f70f8 |
| SHA1 | dac15fb588758d0cf24eb922931dc367d9f0458b |
| SHA256 | 6f7e23dd694a3e70ef7b0a8dd6b30161168039187a16bb1f8ad56c0e385fc2f2 |
| SHA512 | 99e288659d4fae2fc48756d2bc57e0bbe2add23ed9ff370f8f9643ee09585f4bcacc6688cfe6380e60dbe883f614bbe2c61cd7d52fd5109f20aa79b70df6f079 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\vendors-node_modules_github_selector-observer_dist_index_esm_js-2646a2c533e3[1].js
| MD5 | e5411d902c14114345232eab0b388a2e |
| SHA1 | a079ffbceba09465e2546881d6b963d05edd3add |
| SHA256 | 3dd71977f8bc77d1d340787b166bb300047f951a16e440f75c9fe2599659a70c |
| SHA512 | 2646a2c533e30cbd3c0ef653c306fdd6052f00fb9479ea664f791ee17c4a8d8321a0337dc9f79b9a0aa0a1d68a9cc84b46bda6b2285bc16a8434712b54794f75 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\environment-9fa8265d4c66[1].js
| MD5 | 0974196805e76d9e4241714b70e1ec07 |
| SHA1 | dc86f62d155288fcfb998a69bd9d0d40463c6907 |
| SHA256 | a0c66eb68f15054d3199cbae5e3219e95da1a81fba88c2113358e30721812d2a |
| SHA512 | 9fa8265d4c66461a7d04911b4b6f404d046ab47fa744933897c28d22cd523078b752b6f6a866369dd04f2a3c2d9c3ff04ecd2d61805a7a4af7a2c51f158d6f36 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\ui_packages_soft-nav_soft-nav_ts-de360abf3418[1].js
| MD5 | 028e12d4e783074c81652227528cb19a |
| SHA1 | 29e174284b2a6afaa23d82b2c1272fbff4a74426 |
| SHA256 | ef763158bd70c92c72c9aa194111f4e5f3e774d0fa8b57b1580289e223405388 |
| SHA512 | de360abf3418d1f7917a5fb6cd9f8a459e810bf37d0932727a3ef37047ae3f0b333a480febba701b622f7e893e981471cbf02b8c26510775fe5757440a3309d2 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\vendors-node_modules_stacktrace-parser_dist_stack-trace-parser_esm_js-node_modules_github_bro-327bbf-0aaeb22dd2a5[1].js
| MD5 | 9fc89fa65a58962ff1ef5ba6ab4b7fe7 |
| SHA1 | cd29e761b12b62c2fd89f78e46cb7a1b3a138319 |
| SHA256 | a65b97799b96dc96f1dc22f0a05c4d5e737ec6526545987154d982bcebc37ddb |
| SHA512 | 0aaeb22dd2a58feaf4bdcfba5d98a6f7241825a8f4049facebc4392ad1196e41a22a898e35c7ee8b59c87c76814f45d06e9c366bdaaa2446985a7f9b6756e013 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\wp-runtime-4469d34ab4b5[1].js
| MD5 | 3a26f235169b5d90608c0ef53c447a6b |
| SHA1 | 6aaf4baed7ae2ffa47ff3349f8c74aedd8260278 |
| SHA256 | 2b717b23cce426b807903cc084f8a8f462ae37615e1475acaa0b2aecb4f176e8 |
| SHA512 | 4469d34ab4b539a75d3b1ceebf297778f6c4cb503336830bb302cbf68c954a62b1b04b156a98bb5e67ce7eab4f397a4134fdbefeb13ab2d7977eee0b1d1d3193 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\code-eb757dedf4a1[1].css
| MD5 | 1509ed536a5689e730f80e6a63e40f4a |
| SHA1 | 8781101dfa895853165f8f8607a03636f4602005 |
| SHA256 | 1b07a0884e67b45947aba1ca661844dfd121e839c909933af78defd1848786ba |
| SHA512 | eb757dedf4a1e8a8a1f9cf566965c98fde3aaaefca12700990c837caed81f1277570d8ac24001e2ceac535ec45a8132f8cd76a370a746870d215cd0a92b57a6e |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\github-cec71f055b16[1].css
| MD5 | 6a5fe2abff6ac950537b59f29e863cac |
| SHA1 | d0e19430c99c140dda4dadf206d487cf7149cbb3 |
| SHA256 | 36f5a259b868f73a395fd60dc359f63332e3de758bd4946f836a5c93c3370d46 |
| SHA512 | cec71f055b165c717d05a7fad94804bb01d1702d70cf5adfa890bc6d44037ff1dca91185e042d656ad9e25ff0954f317d831b8a6cd1f06e2e697967708389b6f |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WPCK8CWE\global-8f2b2d4c7aff[1].css
| MD5 | 1be523bac034abaa378b67806ef01ae5 |
| SHA1 | 13577f9fe88ffe60e2983bbea7b773c5163a4e3e |
| SHA256 | 041e5c6ba3c4dd331dd6967ca2e3669a3c7d2b2455c06656c2c2e65676589a33 |
| SHA512 | 8f2b2d4c7affecc64f5079f6abf50d90f87ceea1643665e3730eb644ec49706623c6f367566dd3fbc5c6110d3e4a907b387c2e9a68ad072ec21872da880d70f6 |
C:\Windows\Temp\MBInstallTempdb14be57d7db11ed882072edbb006969\7z.dll
| MD5 | ab8f0c1a37c0df5c8924aab509db42c9 |
| SHA1 | 53dba959124e6d740829bda2360e851bcb85cce8 |
| SHA256 | 6e223b275b84d948cc5ae1f161f0bfff2adb34de04634c84d7dbe9305a4998d5 |
| SHA512 | ff8a26e8fd5a08c74e5ba93a564e0d3cd932754e7f06993a365bfad06670497889e69ec45bfba1378040b72f82d468e79682beba2439937bb29d2a41da940d4a |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\optimizely-88264c7905d8[1].js
| MD5 | e16477ffdbed182f428d984027e4bf95 |
| SHA1 | ccfa2b4acc1bad75764c78ef6282a687b91df3c3 |
| SHA256 | f740960a4fdaecda0672e08c889bb56c55fc948978f63aada9b1becc592f4807 |
| SHA512 | 88264c7905d8ffe38490d7eb16c30e4428f19dd543c2d6276188aa8c688b790d6b16f14ad3c5c09f10a9ddcddcefd2d6df3002d880bb893932f43d6d9628522c |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\6K3GJRJ1\vendors-node_modules_optimizely_optimizely-sdk_dist_optimizely_browser_es_min_js-node_modules-3f2a9e-fc88059edf41[1].js
| MD5 | 7528cb3c6d2f4e157f284598427c9d77 |
| SHA1 | 9284a13a46b40b5fba1d820ef5f3e84f943c2e72 |
| SHA256 | bc1269d6d3f2e936f729b04a73578432787ebb4ce737b9e05b167a029ed3eaa5 |
| SHA512 | fc88059edf414704493eac1e8b64a1a21665de715c404f57e543e6485aebeb4aabc4b586bb4acf9e141c8149c3fd76e815767df1570bf1ac5b0db12f05400f72 |
C:\Windows\Temp\MBInstallTempdb14be57d7db11ed882072edbb006969\7z.dll
| MD5 | ab8f0c1a37c0df5c8924aab509db42c9 |
| SHA1 | 53dba959124e6d740829bda2360e851bcb85cce8 |
| SHA256 | 6e223b275b84d948cc5ae1f161f0bfff2adb34de04634c84d7dbe9305a4998d5 |
| SHA512 | ff8a26e8fd5a08c74e5ba93a564e0d3cd932754e7f06993a365bfad06670497889e69ec45bfba1378040b72f82d468e79682beba2439937bb29d2a41da940d4a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7cedea5f6f6fe9e6cf08d4bc8bf4e5bf |
| SHA1 | c6a9d41328d60e527881df7f2f0e2f1ce3f4b2cd |
| SHA256 | c8340dcaa65adcb38844bd72e5963e7c452452929d6aa7bc36014821a2fdfaaa |
| SHA512 | 67e108bd4f85add8f488faa185357f27e96bd5d8d6e5841dc5b60550299a1225c682e9c08c427ed743b60efca540c7c25bdd5b17e7515e37e4b6a34a6ba5af1f |
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\VersionManager\versionlist.xml
| MD5 | 1a545d0052b581fbb2ab4c52133846bc |
| SHA1 | 62f3266a9b9925cd6d98658b92adec673cbe3dd3 |
| SHA256 | 557472aeaebf4c1c800b9df14c190f66d62cbabb011300dbedde2dcddd27a6c1 |
| SHA512 | bd326d111589d87cd6d019378ec725ac9ac7ad4c36f22453941f7d52f90b747ede4783a83dfff6cae1b3bb46690ad49cffa77f2afda019b22863ac485b406e8d |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UUIKWEAJ\MEMZ[1].zip
| MD5 | 69977a5d1c648976d47b69ea3aa8fcaa |
| SHA1 | 4630cc15000c0d3149350b9ecda6cfc8f402938a |
| SHA256 | 61ca4d8dd992c763b47bebb9b5facb68a59ff0a594c2ff215aa4143b593ae9dc |
| SHA512 | ba0671c72cd4209fabe0ee241b71e95bd9d8e78d77a893c94f87de5735fd10ea8b389cf4c48462910042c312ddff2f527999cd2f845d0c19a8673dbceda369fd |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8OI4IV75\MEMZ.zip.qytlrdd.partial
| MD5 | 69977a5d1c648976d47b69ea3aa8fcaa |
| SHA1 | 4630cc15000c0d3149350b9ecda6cfc8f402938a |
| SHA256 | 61ca4d8dd992c763b47bebb9b5facb68a59ff0a594c2ff215aa4143b593ae9dc |
| SHA512 | ba0671c72cd4209fabe0ee241b71e95bd9d8e78d77a893c94f87de5735fd10ea8b389cf4c48462910042c312ddff2f527999cd2f845d0c19a8673dbceda369fd |
C:\Users\Admin\Downloads\MBSetup.exe
| MD5 | 1ed0d8b2214a5d067d5422145689f747 |
| SHA1 | e671419cc7957c1118b9bb84251a40c03351f07f |
| SHA256 | 06a4bacdae17ad89c8fc93fc4ebf6603ca406e8bcc51f3fd32f700d18436be56 |
| SHA512 | e2a686efcb1bcda6b55c5d10654124fc2b27c426a979929a1e9de171794745abc9f0cd9dbd302a4e02d95269c7abee5dd051c1687e8f794da317b3fc4bf665b8 |
C:\Windows\Temp\MBInstallTempdb14be57d7db11ed882072edbb006969\servicepkg\MBAMService.exe
| MD5 | df6a796460b0f70a9a42cb1ab98e7ffd |
| SHA1 | 657c2c3cdef7325c6331f377fe0227760f6bde1a |
| SHA256 | 676f3c56d6e5c8dddd7f01d5d10baad352683a2cb8b9bd4ce526a7629fc8fa43 |
| SHA512 | 21b399a76845f81ceabc60d2225ddea30296f3ecd52a3668e60a51d9593c9444596b8ec041b53ae8d8f6f18ee54ab23db8678945e832355e9e76a6fbbfcc0b87 |
C:\Windows\Temp\MBInstallTempdb14be57d7db11ed882072edbb006969\servicepkg\mbamelam.inf
| MD5 | c481ad4dd1d91860335787aa61177932 |
| SHA1 | 81633414c5bf5832a8584fb0740bc09596b9b66d |
| SHA256 | 793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3 |
| SHA512 | d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830 |
C:\Windows\Temp\MBInstallTempdb14be57d7db11ed882072edbb006969\servicepkg\mbamelam.cat
| MD5 | 60608328775d6acf03eaab38407e5b7c |
| SHA1 | 9f63644893517286753f63ad6d01bc8bfacf79b1 |
| SHA256 | 3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59 |
| SHA512 | 9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7 |
C:\Windows\Temp\MBInstallTempdb14be57d7db11ed882072edbb006969\servicepkg\mbamelam.sys
| MD5 | 9e77c51e14fa9a323ee1635dc74ecc07 |
| SHA1 | a78bde0bd73260ce7af9cdc441af9db54d1637c2 |
| SHA256 | b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0 |
| SHA512 | a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186 |
C:\Program Files\Malwarebytes\Anti-Malware\srvversion.dat
| MD5 | 69b658fbeec3172c7399a81fca80be51 |
| SHA1 | 8f7b19f9428f3e53702209715d244f2516b7385d |
| SHA256 | 80f5bbe171839f4bc52616af01fe90931f72cba73c0008119e3046281c765b51 |
| SHA512 | 8f609422356246b8f88f88545fc496ad18829241ce52ad05a764342c9ba7fc39d0bd2f5025d8a1dfc050389c6724d5d7d313c1d230a5074ab1c0173472e2fb09 |
C:\Windows\Temp\MBInstallTempdb14be57d7db11ed882072edbb006969\uipkg\QtQuick\Controls.2\HorizontalHeaderView.qml
| MD5 | d8c9674c0e9bddbd8aa59a9d343cf462 |
| SHA1 | 490aa022ac31ddce86d5b62f913b23fbb0de27c2 |
| SHA256 | 1ef333b5fb4d8075973f312ef787237240b9f49f3f9185fb21202883f900e7d7 |
| SHA512 | 0b86ec673133f6400c38b79f9ba4f7b37ce5afdab1a2e34acbf75019e2590cc26b26d323ddc1567c91375053c9c8593be0615389db8eb1a8d1eb084ad4200b82 |
C:\Windows\Temp\MBInstallTempdb14be57d7db11ed882072edbb006969\uipkg\QtQuick\Controls.2\Imagine\VerticalHeaderView.qml
| MD5 | 829769b2741d92df3c5d837eee64f297 |
| SHA1 | f61c91436ca3420c4e9b94833839fd9c14024b69 |
| SHA256 | 489c02f8716e7a1de61834b3d8bbb61bce91ca4a33a6b62342b4c851d93e51e0 |
| SHA512 | 4061c271db37523b9dea9a9973226d91337e1809d4e7767e57ac938d35d77a302363ed92ab4be18c35ba589f528194ad71c93a8507449bf74dd035acf7cdb521 |
C:\Windows\Temp\MBInstallTempdb14be57d7db11ed882072edbb006969\ctlrpkg\mbae64.sys
| MD5 | 95515708f41a7e283d6725506f56f6f2 |
| SHA1 | 9afc20a19db3d2a75b6915d8d9af602c5218735e |
| SHA256 | 321058a27d7462e55e39d253ad5d8b19a9acf754666400f82fe0542f33e733c6 |
| SHA512 | d9230901adeecb13b1f92287abe9317cdac458348885b96ef6500960793a7586c76ae374df053be948a35b44abe934aa853975a6ccd3788f93909903cc718c08 |
C:\Program Files\Malwarebytes\Anti-Malware\uipkgver.dat
| MD5 | 74c6677020fc6b6c867aab117078bf5f |
| SHA1 | 8c46db37dc0b39eb963d4144539c8b591e122400 |
| SHA256 | cdbb9bc874d71e154c71b68b1fe959913d286036dac11e226e5620c919ba9708 |
| SHA512 | 3f9db8d9bb25322f8d8e750750bf92dbe6ac63d686eced65cddfcd61178cf0e947118a491058414d4d2cbb4892e39815565669aee0dfdda23aece72d278292d0 |
C:\Program Files\Malwarebytes\Anti-Malware\version.dat
| MD5 | 36be0508baac01f2e1f45cdce0b2c540 |
| SHA1 | c0b54d2b708abc622264691550e1dbddfa34fa02 |
| SHA256 | 57aef74d0a6ac936df7fd8f8b2f5d8980333837e7b7d68c89d4a74ca8a15b748 |
| SHA512 | 93807d780a52f550406612ee3e4078baeb4b72082ee687a004a2f6476b058fe022f0f143c6f2313d66125e992e271821b7fc8574189b881a56df5ad7e2c46466 |
C:\Program Files\Malwarebytes\Anti-Malware\ctlrvers.dat
| MD5 | 5de6761dfaf6bff8a566a80bad9c0aed |
| SHA1 | 7c513bf3de55d4a397b3f41e538fa4988c41820c |
| SHA256 | 74f655918435255fc9d1cc9a7be6750df82f5a5dc4d3e422c5fd40e686826d9e |
| SHA512 | 87d9a3a5a4d8153273b3504c86a3a54a693ce8f0b23c3ac7719bdc646b516d59aae4f4f25c4d16d7c3860111029f20dcc13be19c44cc8edc6ed05fac7e86a491 |
C:\Windows\TEMP\MBInstallTempdb14be57d7db11ed882072edbb006969\servicepkg\starfieldrootcag2_new.crt
| MD5 | d63981c6527e9669fcfcca66ed05f296 |
| SHA1 | b51c067cee2b0c3df855ab2d92f4fe39d4e70f0e |
| SHA256 | 2ce1cb0bf9d2f9e102993fbe215152c3b2dd0cabde1c68e5319b839154dbb7f5 |
| SHA512 | 5fada52ff721f4f7f14f5a70500531fa7b131d1203eabb29b5c85a39d67cf358287d9d5b9104c8517b9757dba58df9527d07dc9a82f704b8961f8473cdd92ae7 |
C:\Windows\TEMP\MBInstallTempdb14be57d7db11ed882072edbb006969\servicepkg\msrootca2020.crt
| MD5 | 77ac2a1ae404c2e29334c4d0ce29ac0e |
| SHA1 | c8eecd58d3b43a2ddec5054ef9eacdf0c2940e62 |
| SHA256 | 626727d3f4fb4c4ef816648217966d5eb2a028afe03c801788b1834a456b48e8 |
| SHA512 | 40bf30c83db166803798fdfbdcbc04d6d01bce7ec569d2f24089bf1b6d81f8694876d43c29ce78359d1101d40386044a0b9f11aedabb3a6348eb1a7da6762fd9 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | b02d6bd61c19c14c56f42ed44ebfc3b0 |
| SHA1 | 5ae34f9125032f4797d309d53362e821bc1cb951 |
| SHA256 | 64281f8df920dc267fbecd5f1a430442c3ea25bbf1fa6aae15b2f8b08bc55574 |
| SHA512 | c6d5b0bf224fffb90ea406813876a749772f5673c2261d5fb6d1dd8fd5e32feb62b3b8fc986d2fef5bb610568da375f7f1776ba029e246f194fc9f227ce803d7 |
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
| MD5 | df6a796460b0f70a9a42cb1ab98e7ffd |
| SHA1 | 657c2c3cdef7325c6331f377fe0227760f6bde1a |
| SHA256 | 676f3c56d6e5c8dddd7f01d5d10baad352683a2cb8b9bd4ce526a7629fc8fa43 |
| SHA512 | 21b399a76845f81ceabc60d2225ddea30296f3ecd52a3668e60a51d9593c9444596b8ec041b53ae8d8f6f18ee54ab23db8678945e832355e9e76a6fbbfcc0b87 |
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
| MD5 | df6a796460b0f70a9a42cb1ab98e7ffd |
| SHA1 | 657c2c3cdef7325c6331f377fe0227760f6bde1a |
| SHA256 | 676f3c56d6e5c8dddd7f01d5d10baad352683a2cb8b9bd4ce526a7629fc8fa43 |
| SHA512 | 21b399a76845f81ceabc60d2225ddea30296f3ecd52a3668e60a51d9593c9444596b8ec041b53ae8d8f6f18ee54ab23db8678945e832355e9e76a6fbbfcc0b87 |
C:\Program Files\Malwarebytes\Anti-Malware\MbamElam.inf
| MD5 | c481ad4dd1d91860335787aa61177932 |
| SHA1 | 81633414c5bf5832a8584fb0740bc09596b9b66d |
| SHA256 | 793626d240fd8eefc81b78a57c8dfe12ea247889b6f07918e9fd32a7411aa1c3 |
| SHA512 | d292e028936412f07264837d4a321ecfa2f5754d4048c8bcf774a0e076e535b361c411301558609d64c71c1ce9b19e6041efa44d201237a7010c553751e1e830 |
C:\Program Files\Malwarebytes\Anti-Malware\MbamElam.sys
| MD5 | 9e77c51e14fa9a323ee1635dc74ecc07 |
| SHA1 | a78bde0bd73260ce7af9cdc441af9db54d1637c2 |
| SHA256 | b5619d758ae6a65c1663f065e53e6b68a00511e7d7accb3e07ed94bfd0b1ede0 |
| SHA512 | a12ccf92bead694f5d3cba7ff7e731a2f862198efc338efc7f33a882fe0eb7499fb3fb533538d0a823e80631a7ca162962fbdfd78e401e3255672910b7140186 |
C:\Program Files\Malwarebytes\Anti-Malware\MbamElam.cat
| MD5 | 60608328775d6acf03eaab38407e5b7c |
| SHA1 | 9f63644893517286753f63ad6d01bc8bfacf79b1 |
| SHA256 | 3ed5a1668713ef80c2b5599b599f1434ad6648999f335cf69757ea3183c70c59 |
| SHA512 | 9f65212121b8a5d1a0625c3baa14ef04a33b091d26f543324333e38dcdb903e02ccc4d009e22c2e85d2f61d954e0b994c2896e52f685003a6ef34758f8a650c7 |
C:\Windows\Temp\MBInstallTempdb14be57d7db11ed882072edbb006969\servicepkg\mbshlext.dll
| MD5 | b7e5071b317550d93258f7e1e13e7b6f |
| SHA1 | 2d08d78a5c29cf724bc523530d1a9014642bbc60 |
| SHA256 | 467de01d7cee7ec54166b80658ff22f9feebdb1c24eaf1629cf40e4124508064 |
| SHA512 | 9c35293c95c1a9141740ac99315605964aa37c4a42d3a11cae9e5649ff1427a9480d3d5e7f763212cf13db3511c5ea3c84e68f95f0067fe6339a9d3fb7b27c54 |
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
| MD5 | df6a796460b0f70a9a42cb1ab98e7ffd |
| SHA1 | 657c2c3cdef7325c6331f377fe0227760f6bde1a |
| SHA256 | 676f3c56d6e5c8dddd7f01d5d10baad352683a2cb8b9bd4ce526a7629fc8fa43 |
| SHA512 | 21b399a76845f81ceabc60d2225ddea30296f3ecd52a3668e60a51d9593c9444596b8ec041b53ae8d8f6f18ee54ab23db8678945e832355e9e76a6fbbfcc0b87 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | b02d6bd61c19c14c56f42ed44ebfc3b0 |
| SHA1 | 5ae34f9125032f4797d309d53362e821bc1cb951 |
| SHA256 | 64281f8df920dc267fbecd5f1a430442c3ea25bbf1fa6aae15b2f8b08bc55574 |
| SHA512 | c6d5b0bf224fffb90ea406813876a749772f5673c2261d5fb6d1dd8fd5e32feb62b3b8fc986d2fef5bb610568da375f7f1776ba029e246f194fc9f227ce803d7 |
C:\Program Files\Malwarebytes\Anti-Malware\offreg.dll
| MD5 | 16663d125398773a90d0a53333b7cf5e |
| SHA1 | f92928ae3c9292588547ceaca1cb1d372bfd7936 |
| SHA256 | 38e6811b47262101759aa51a631263d9e3eee5d211164318a751e078afec4cbc |
| SHA512 | 091764b8ad80aa31eea0bbd91ee505ebdea2654bc8aeaa3081a061d0d37ab13d27dd203075fd0de10c6687591aa0e36139a38af846c4e34e6aa67ab81dc277df |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json.bak
| MD5 | b02d6bd61c19c14c56f42ed44ebfc3b0 |
| SHA1 | 5ae34f9125032f4797d309d53362e821bc1cb951 |
| SHA256 | 64281f8df920dc267fbecd5f1a430442c3ea25bbf1fa6aae15b2f8b08bc55574 |
| SHA512 | c6d5b0bf224fffb90ea406813876a749772f5673c2261d5fb6d1dd8fd5e32feb62b3b8fc986d2fef5bb610568da375f7f1776ba029e246f194fc9f227ce803d7 |
C:\Program Files\Malwarebytes\Anti-Malware\offreg.dll
| MD5 | 16663d125398773a90d0a53333b7cf5e |
| SHA1 | f92928ae3c9292588547ceaca1cb1d372bfd7936 |
| SHA256 | 38e6811b47262101759aa51a631263d9e3eee5d211164318a751e078afec4cbc |
| SHA512 | 091764b8ad80aa31eea0bbd91ee505ebdea2654bc8aeaa3081a061d0d37ab13d27dd203075fd0de10c6687591aa0e36139a38af846c4e34e6aa67ab81dc277df |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
| MD5 | c447ffc8af4633daf687e0a943061a60 |
| SHA1 | 2f0a1854d75a82929dcff5308befe3b83439259b |
| SHA256 | c01804c902c5532517fa0ceadc91beed01d5ac67adf062b7ce7eaba8272c40bc |
| SHA512 | e0d650c35a46063d0e3870e1888d95827050e7792391b8c6ba4b5cd0cf2501cf0eb3aeb1c4a9f524467b6efcc4cb44c8816ba91aa09858c3594d8334a3eb2edf |
C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll
| MD5 | c447ffc8af4633daf687e0a943061a60 |
| SHA1 | 2f0a1854d75a82929dcff5308befe3b83439259b |
| SHA256 | c01804c902c5532517fa0ceadc91beed01d5ac67adf062b7ce7eaba8272c40bc |
| SHA512 | e0d650c35a46063d0e3870e1888d95827050e7792391b8c6ba4b5cd0cf2501cf0eb3aeb1c4a9f524467b6efcc4cb44c8816ba91aa09858c3594d8334a3eb2edf |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | f9dd1be743bdf2ed9fdceb973269f51f |
| SHA1 | fb636ede31d1b300d7518e1b0036aafe3d011a08 |
| SHA256 | 96fd743c527c04d42d1ce23c488174f65452d0f18d23a31ec341eb58aacec51f |
| SHA512 | 86436d61a582eb32ca1eec8b858fdc6997f8229cecc4c7029ee9bb29466dfd06e8bac7b5a649992086e944ee06a7e2172d1d9f3787ed607ad86cd7a12d26352d |
C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
| MD5 | b7e5071b317550d93258f7e1e13e7b6f |
| SHA1 | 2d08d78a5c29cf724bc523530d1a9014642bbc60 |
| SHA256 | 467de01d7cee7ec54166b80658ff22f9feebdb1c24eaf1629cf40e4124508064 |
| SHA512 | 9c35293c95c1a9141740ac99315605964aa37c4a42d3a11cae9e5649ff1427a9480d3d5e7f763212cf13db3511c5ea3c84e68f95f0067fe6339a9d3fb7b27c54 |
C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
| MD5 | b7e5071b317550d93258f7e1e13e7b6f |
| SHA1 | 2d08d78a5c29cf724bc523530d1a9014642bbc60 |
| SHA256 | 467de01d7cee7ec54166b80658ff22f9feebdb1c24eaf1629cf40e4124508064 |
| SHA512 | 9c35293c95c1a9141740ac99315605964aa37c4a42d3a11cae9e5649ff1427a9480d3d5e7f763212cf13db3511c5ea3c84e68f95f0067fe6339a9d3fb7b27c54 |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\LicenseControllerImpl.dll
| MD5 | b7a9a7b44b82e954c1b77e7b7f71ee66 |
| SHA1 | 02f3eabef778d5641eea89d318268e79949da7c6 |
| SHA256 | ba97bf9a2a0c454dbd965ef7b6c12f582d49391d5297fe2ef4a94bb13d2d472e |
| SHA512 | 524dee007193cc13ee81e9734564e8a121715f7ecb27d113eb7d8265b7562ab60237aa64c556a819239ee9b4abdc8523a57ca666bdd48de82eca79efba771bc5 |
C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll
| MD5 | b7a9a7b44b82e954c1b77e7b7f71ee66 |
| SHA1 | 02f3eabef778d5641eea89d318268e79949da7c6 |
| SHA256 | ba97bf9a2a0c454dbd965ef7b6c12f582d49391d5297fe2ef4a94bb13d2d472e |
| SHA512 | 524dee007193cc13ee81e9734564e8a121715f7ecb27d113eb7d8265b7562ab60237aa64c556a819239ee9b4abdc8523a57ca666bdd48de82eca79efba771bc5 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | fb19cab7a79c769eb13a9514b7b34ad3 |
| SHA1 | 9db09f91286149dc607c5851b5b529e070eb593f |
| SHA256 | eb1b0cb0c61403255060985d2ca1e2c8a65905571d59b1faff8914362edf673c |
| SHA512 | 5510fe4cf6ebed4404245ff8592085175a8d391ee68ce0bdac4392cfc94de539f89c7f7d9d40aa001b3ab8f9629d9041cd5e56c76651a1180bcfc170726329ae |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\UpdateControllerImpl.dll
| MD5 | d0b204fb32962798ebd9ab0ad336a83c |
| SHA1 | f281b35553afa236a214b910c537ecad0e3bacea |
| SHA256 | 627db74adff5407a074e94997cb724434478801607c972ff2afdf10d4928bb98 |
| SHA512 | 5d3aa0851b7479d3c6d092052fa8271cb335f54ccac526a01c64745c222f906b6a5ece2fb6637e6dee878cf76af3ad89e0eb7e7686a7061c134a9e8e6d0d3eac |
C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll
| MD5 | d0b204fb32962798ebd9ab0ad336a83c |
| SHA1 | f281b35553afa236a214b910c537ecad0e3bacea |
| SHA256 | 627db74adff5407a074e94997cb724434478801607c972ff2afdf10d4928bb98 |
| SHA512 | 5d3aa0851b7479d3c6d092052fa8271cb335f54ccac526a01c64745c222f906b6a5ece2fb6637e6dee878cf76af3ad89e0eb7e7686a7061c134a9e8e6d0d3eac |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | e12fdf95d63e258caf38b6787229525a |
| SHA1 | 7284a312ef6899cb48b57c029f4066f53e55afa9 |
| SHA256 | a911c05d7bbbff401f06712e97e45d42429cc9a6a9f8b83fc585c554b579f8b8 |
| SHA512 | 81f76e6387fa90f0d45cbb1bbb8db20785661848c891e910aa4699378c15775f02447794925fe92835d0b26196f3144e93be5912b5d82bd85cca8ce8b2d36847 |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\pkgvers.dat
| MD5 | b37cbc5b675dad0410edd91e31cf96b3 |
| SHA1 | 0cfc78636afa64e3bfebccbbde459c59059f2161 |
| SHA256 | 93b45799c9def45fbe6d41b13140888f042a6bf0040fd79645b2787ed72e068e |
| SHA512 | ad217203620f7321bb604ed4db49cf10dabfeb31c3f3212f8807c7d64172909cc3789d0a4db92355542a74ff3ec61a1198f10d12a4c52f12017c31581aa07850 |
C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\version.dat
| MD5 | 36be0508baac01f2e1f45cdce0b2c540 |
| SHA1 | c0b54d2b708abc622264691550e1dbddfa34fa02 |
| SHA256 | 57aef74d0a6ac936df7fd8f8b2f5d8980333837e7b7d68c89d4a74ca8a15b748 |
| SHA512 | 93807d780a52f550406612ee3e4078baeb4b72082ee687a004a2f6476b058fe022f0f143c6f2313d66125e992e271821b7fc8574189b881a56df5ad7e2c46466 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 8445ec99bc684d5e1414e7041f5a9719 |
| SHA1 | 818fd8ce1fbe11f0aa6255c7afab638554bb9bce |
| SHA256 | 1b5e1620a9546e9da37f694775a0450842d3a02b6743e7df59a21f8a9a6a9a2c |
| SHA512 | f213b1abaf4a148df9e7e7f106fb443533ba33bc62fb0088653606ad47136c7548ae7d96ca44f34d39e7e3ad86bac1bdd0a1644ac08c0ccc5136a0089e6eeef7 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 40fb019e8f6890ea8a7788b1e7692e44 |
| SHA1 | 930eae9014688a24d5976da69202155ef3e4e0a1 |
| SHA256 | f53f7f53f3118ff51343235465cd5357fb2fda7067f0d1f720d4d78cb7c1d715 |
| SHA512 | f5e95ff5f1ea9d5b4636e1c6dc59a7f56983b77879ec008f36c9f347f6c840b877134d013bdb8b607b1bea3bbc3d7808881e318af4db5a6613756f5dab4a914d |
C:\ProgramData\Malwarebytes\MBAMService\pkgvers.dat
| MD5 | b37cbc5b675dad0410edd91e31cf96b3 |
| SHA1 | 0cfc78636afa64e3bfebccbbde459c59059f2161 |
| SHA256 | 93b45799c9def45fbe6d41b13140888f042a6bf0040fd79645b2787ed72e068e |
| SHA512 | ad217203620f7321bb604ed4db49cf10dabfeb31c3f3212f8807c7d64172909cc3789d0a4db92355542a74ff3ec61a1198f10d12a4c52f12017c31581aa07850 |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 42ef6e963dea5defe8ba7d3d449819eb |
| SHA1 | 79b08242cccf21e9ab3ad7076f9a50f8e4ea5ffa |
| SHA256 | 2f0c07ded64efa9a034473a8131641b7879ac5932bcb9034023688b6ba9fcacf |
| SHA512 | b42f866b809c00e482e5e69905b688f5123a0dfa43b1760b993a411df4a2a27f3b87a19a70be7ccfb2214a7326a5caafd46b7c2a14f542a225b3adb2c0382cab |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json.bak
| MD5 | 6c0fc7729dbe061bf963d5057a0bbc20 |
| SHA1 | e10506fd48d88589295ad76e69aeb50730aecf8c |
| SHA256 | 7896cfb34aa58c284c1d12e43e3d2cb64bbc7fb8c570a8d2a994337befa6bda1 |
| SHA512 | af4c56bc9d81923d5235cbf555ef44207063ebcc967a48e6d3b73e6b5797841d2cb7eacb84e622e568a0509bae590a71fefbe4fe75020a00afcd392d73185900 |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\rules.mbdb
| MD5 | fe80fd3f423307586da24448b02fece6 |
| SHA1 | 5de21d2ea67524e8bc62d1786a8a636a29a2d9dc |
| SHA256 | 2ee96aeb00055f298676b0bb68582d80d5671a4567a4b7926f233c1e5474be01 |
| SHA512 | d602dc81602378e72013228dd9f9b577a9c588ee96ce4f13d17379b794c982db5cb5b883d68d87991098fd62bd911dc3400ed8c1de277fa70e16d47c9bb800fe |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\rdefs.mbdb
| MD5 | 2f7423ca7c6a0f1339980f3c8c7de9f8 |
| SHA1 | 102c77faa28885354cfe6725d987bc23bc7108ba |
| SHA256 | 850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55 |
| SHA512 | e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69 |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\prot.mbdb
| MD5 | 546d9e30eadad8b22f5b3ffa875144bf |
| SHA1 | 3b323ffef009bfe0662c2bd30bb06af6dfc68e4d |
| SHA256 | 6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f |
| SHA512 | 3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\clean.mbdb
| MD5 | 139463e2c959cb40c3cd45d9fbde3d9b |
| SHA1 | 366d67d10d35cc969de0119c43793944810eaf21 |
| SHA256 | db2c789d5b6879a3a3ba9bae5a928be8f930ccca617daff4f2d14d148a232808 |
| SHA512 | 1a37f6bf3cc837a6582cedee5e72ec5af19dd9707015ca1ad12d20da6d5ab26efad8bf79ddecf3eb8e75f0c9b06edc7f9a6a0319e130496c10ef43713e0426b4 |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\mbdigsig2.dat
| MD5 | 1eae792873015a3c7eb28ba2ba3834f8 |
| SHA1 | db4b209eb0433c3363a0f473a6171bffee54b248 |
| SHA256 | b9ed5da8fde23e16680f7b7f84bfef8a5c7c6b3815b4c408672784b83f245433 |
| SHA512 | ca90c6d37b68be33a5d7c7472e0202d933bc2104e695224f48d2ad8a347eede8beaad064e600c027b341c1084c975f737e8cb4463745be0474175774d058de9d |
C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\dbmanifest2.dat
| MD5 | 2c42b5e51c2d9106a7897acfd00b2609 |
| SHA1 | 710a2113f4982cfd7b5224cacd9be60f9dd8ff79 |
| SHA256 | a629fa588c7a1fdf147f02b01bd0116acd3544d5233f61f29268027395cbbe60 |
| SHA512 | 662fded4ab22ee59a69dc6b476d8d3192ff7a642aefb307d96316f393f14058690f708921883f46a0f7cb375286f223bb6e79c0b984ccaab82a982a84e2bd94d |
C:\ProgramData\Malwarebytes\MBAMService\config\UpdateControllerConfig.json
| MD5 | 6c93bf4441478ac1e14435005b4c99a0 |
| SHA1 | 99b30d97bdfb8ffa409cd199423513b92c4f7740 |
| SHA256 | 0aa922a752f377dc7c0413aea7af55e8e43b126f41227205a5c342a7eddfff8c |
| SHA512 | de5467795814b2ab11a0120fecc5fc22e75d683c031efd06c25b0603224b04cf453193beeb58338bfa8a63d0a488969600a8be14740212154d6d45fec3160f36 |
C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
| MD5 | 579a6ae8838b6d228b7aed4ae9a0848f |
| SHA1 | 22d6edf328f104d64e02dc659ed7b38cb38f0d4a |
| SHA256 | 34701a6106be29c982869c9d5f6ff9e4f19067067ba115c5ed95159df357eb47 |
| SHA512 | c2d2967e66bfd658922aecb6a7e3f2d67260eed710d613a6667676c843ad98802c3c1f97a660c031ac0c869bdf91d934bfe08eedaf7f0b0314145f74b1455a74 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\prot.mbdb
| MD5 | 546d9e30eadad8b22f5b3ffa875144bf |
| SHA1 | 3b323ffef009bfe0662c2bd30bb06af6dfc68e4d |
| SHA256 | 6089fbf0c0c1413f62e91dc9497bedc6d8a271e9dc761e20adc0dccf6f4a0c1f |
| SHA512 | 3478f5dcf7af549dd6fe48ad714604200de84a90120b16a32233b6d44fa7240f5f4e5fe803f54b86bbdfd10fa1bfdd88fb85eb6a78e23e426933f98d0a2565ec |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rdefs.mbdb
| MD5 | 2f7423ca7c6a0f1339980f3c8c7de9f8 |
| SHA1 | 102c77faa28885354cfe6725d987bc23bc7108ba |
| SHA256 | 850a4ea37a0fd6f68bf95422d502b2d1257264eb90cc38c0a3b1b95aa375be55 |
| SHA512 | e922ac8a7a2cde6d387f8698207cf5efbd45b646986a090e3549d97a7d552dd74179bd7ac20b7d246ca49d340c4c168982c65b4749df760857810b2358e7eb69 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\rules.mbdb
| MD5 | fe80fd3f423307586da24448b02fece6 |
| SHA1 | 5de21d2ea67524e8bc62d1786a8a636a29a2d9dc |
| SHA256 | 2ee96aeb00055f298676b0bb68582d80d5671a4567a4b7926f233c1e5474be01 |
| SHA512 | d602dc81602378e72013228dd9f9b577a9c588ee96ce4f13d17379b794c982db5cb5b883d68d87991098fd62bd911dc3400ed8c1de277fa70e16d47c9bb800fe |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\tids.mbdb
| MD5 | d5c6118b9c8d985cd2d6cab62e00e421 |
| SHA1 | 35b1fd0d1469ae0e6dfc5e6fc80ed161de341898 |
| SHA256 | 0bca2aacc3d5bd02d36e6ff17c9a37aae755a84ad655d8d6c74d8a4fdff10ec9 |
| SHA512 | c666ad5f14c865beca2e53131564b20cb773113b8e100aace699ee5947211e2b3ef6e181d75b2c9f7609ae4e4367f44cbf56193447fc1e010e51f8256f81bc9e |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\scan.mbdb
| MD5 | 1ea93d79f3296bff87f1e9cb88574555 |
| SHA1 | 7c855224471936c14f95ae5ef7425cd7e6de6583 |
| SHA256 | 7ce99ad27af7a07ade3d1864e2c5752cc9949e0b6389beaa0e82d68945993387 |
| SHA512 | 9254705dc20fbec7ac02416754ecf2a86b6811ef386be11093fd7d0957e8ae32acde9bba84369a0159005392e61bda5ca1d2882358bd22d5ac03dd23c478b8c5 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\clean.mbdb
| MD5 | 139463e2c959cb40c3cd45d9fbde3d9b |
| SHA1 | 366d67d10d35cc969de0119c43793944810eaf21 |
| SHA256 | db2c789d5b6879a3a3ba9bae5a928be8f930ccca617daff4f2d14d148a232808 |
| SHA512 | 1a37f6bf3cc837a6582cedee5e72ec5af19dd9707015ca1ad12d20da6d5ab26efad8bf79ddecf3eb8e75f0c9b06edc7f9a6a0319e130496c10ef43713e0426b4 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.nm
| MD5 | a590b9a0392f031b7bf13b9ce826d115 |
| SHA1 | ffaf6113af9ac9ed1b75e9997470dd4611b7c1a3 |
| SHA256 | ac7181c2fc494823602cdab8c5321167f89684f63c12ed29ab08848645d550a7 |
| SHA512 | 60479cccce0b7f3431bb30d43a06ba26a2b97315f9d6de960895256b2ebfb7c8dcf67620576b28975358ede32735f04d74db088b5b4826a768ee414da8f05a27 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Global.sr
| MD5 | 82d31a2fc73ce67246287019f9268c02 |
| SHA1 | 970136601cdf054228a64d07fb28b0dd2a7c3289 |
| SHA256 | 13b869536724ed4ce54cb5c3aaaf5e5e63cd6fef558fe87d4e42e74043fafaaa |
| SHA512 | 3985a33c202e65c72483bec71845cea5fcae33c7f70a1f4762184c7ae087de0d83b4d87079860f64d86c5b81e14185a9a7b52d65785baec5ec9d1820e73064db |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\wprot2.mbdb
| MD5 | 3f2c1c195bb5b25a536aa76b5bd4fd37 |
| SHA1 | f10e90d3e277ec66cfe767a8c084c002d1c03cf4 |
| SHA256 | 5f114cb8c3d3def0ccefed8246b2dcb5fbaecd93cf5660fe5600fa6147d28e0d |
| SHA512 | 1217c28f1c3797641874166248bbfec8c140390329f06e2bacb46fa95be9157deb8242f0d7e6ae9620cd90ff0159003ea896174d6f4219e9b7dd6d959d7f1107 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dynconfig.dat
| MD5 | 10f23e7c8c791b91c86cd966d67b7bc7 |
| SHA1 | 3f596093b2bc33f7a2554818f8e41adbbd101961 |
| SHA256 | 008254ca1f4d6415da89d01a4292911de6135b42833156720a841a22685765dc |
| SHA512 | 2d1b21371ada038323be412945994d030ee8a9007db072484724616c8597c6998a560bc28886ebf89e2c8919fb70d76c98338d88832351823027491c98d48118 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\exclusions.txt
| MD5 | aef4eca7ee01bb1a146751c4d0510d2d |
| SHA1 | 5cf2273da41147126e5e1eabd3182f19304eea25 |
| SHA256 | 9e87e4c9da3337c63b7f0e6ed0eb71696121c74e18a5da577215e18097715e2f |
| SHA512 | d31d21e37b0048050b19600f8904354cff3f3ec8291c5a7a54267e14af9fb88dfb6d11e74a037cc0369ade8a8fb9b753861f3b3fb2219563e8ec359f66c042db |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\mbdigsig2.dat
| MD5 | 1eae792873015a3c7eb28ba2ba3834f8 |
| SHA1 | db4b209eb0433c3363a0f473a6171bffee54b248 |
| SHA256 | b9ed5da8fde23e16680f7b7f84bfef8a5c7c6b3815b4c408672784b83f245433 |
| SHA512 | ca90c6d37b68be33a5d7c7472e0202d933bc2104e695224f48d2ad8a347eede8beaad064e600c027b341c1084c975f737e8cb4463745be0474175774d058de9d |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\dbmanifest2.dat
| MD5 | 2c42b5e51c2d9106a7897acfd00b2609 |
| SHA1 | 710a2113f4982cfd7b5224cacd9be60f9dd8ff79 |
| SHA256 | a629fa588c7a1fdf147f02b01bd0116acd3544d5233f61f29268027395cbbe60 |
| SHA512 | 662fded4ab22ee59a69dc6b476d8d3192ff7a642aefb307d96316f393f14058690f708921883f46a0f7cb375286f223bb6e79c0b984ccaab82a982a84e2bd94d |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\cfg.bin
| MD5 | 544a36063346eeb1e751030008a9f7e3 |
| SHA1 | b5c44a037d16bfd5cfe0e6ba9cb770111b3aac82 |
| SHA256 | 33a822063dc53b5a693b5920f6a14bf4c9c1905c08b3257b7621c9f0c41d39d6 |
| SHA512 | fb86ef1c271d10da364654b244253a4492b8331d69e2a71479671a44f613b88a72822b5a849159b63b7b28c7cbe0c6b7ed35f82cf749a598b23676fae70f279c |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\Actions.dll
| MD5 | 1eff53d95ecaf6bbfffe80d866d8e1dd |
| SHA1 | d7ef7d7c77fd04b2c0eb8c16bb3cd08057f6742f |
| SHA256 | 6dd748f7ca56125cbe158fa3612f08e7312ef58ad5375e6b7ab5532cc16ca0ac |
| SHA512 | c59b8e6f0b238a247e64b9c7bb42213dadac1dada63542830a6292361174c935c0c662b2d1aed3fb6100cc4993297b1eaf25e328f2b4613458c4ffca63b9f02d |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\BrowserSDKDLL.dll
| MD5 | 1ed53171d00f440f29a12f9beb84dac4 |
| SHA1 | 4d9a1e3579b0999f1ab2fa818b588411e9ee920c |
| SHA256 | e659e687a872050f9e65d78992d16bd9b393cf3f8e8c94e0e15fb42b7065327e |
| SHA512 | 17161cfc672d1b996b8af4ebac17f9a8a3807f38c9a23e2e5b4dadcd9a21c3a64faec9bf59147022a9df88b80f89300f1b537091289bd7a42806bd206a317e6e |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\sample.dll
| MD5 | f712ebc5aa4cc78b7f1a0c8810ce7db4 |
| SHA1 | 48899721fbcd93b7d5440ce269b7777a62582eab |
| SHA256 | 46d6f6dad272240bcdcfc0d5c42f88a2784a5ebf31bb284555cf260b21e8a4d1 |
| SHA512 | 20ea70c3b4e3cdd3727207b9b13e54332bee15ca18cde5228c7f93982310d77e5f6ebccd1a8251ad4d8cbf9ac6646bf7f5856f1c82d3b3ef2390fa779ec06017 |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\MBAMCore.dll
| MD5 | 888b794737cd78e918486cd2a4116c65 |
| SHA1 | 335aa063439ee8c2242591dd4cfe6c9bc28531fe |
| SHA256 | 2194ea4af98e6ba23e14ac60860a6c727f4694a9d904025288997ad05f0859bc |
| SHA512 | f6a15dc86a89adcbf9ea6b96eb7d5671a2077696ef4cacf88c36d7c73c5f28d96f4a257ae8672981a24907e0583bb15c01dfe09ee1ac5837ffa693d5668dbbeb |
C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ig.exe
| MD5 | f4bcae29120428ab0d1b72acc375d7fe |
| SHA1 | 0970f103d74c634a91afd69388ab692f2df4819a |
| SHA256 | f6e63c104b5a3714a035d2272e4663b0d9599c405bb31e7f9e7e108205707d4a |
| SHA512 | 078c4a5a15882ad74eaae3539bb787f28a5b3bb18e8b3a33bf44cfaf98d7dae05bf73245193ad2d3075686b6405c25a6cecdad3d6bb36ffa8b3da5812ae675b0 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 0bed0f6f26ab2c0e6aeb0413ea2124f9 |
| SHA1 | 6f9eda0ad2359dfa2db38870791a174b8262b222 |
| SHA256 | 55676a373d85ec4e520019db210cb7253733fd6b707161b5f566c88249a166e6 |
| SHA512 | c23ecf47486dc925b4ca791c2e117ef6597807ad80fa5ce0292779a23ca7d3394d6cd68387e6f1a40b2b436d4916e9db06f0f97afe64419c2e295e929307d877 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 2a6e8898c1b3b5d6f3dfd9833660c6bd |
| SHA1 | 334e039e17f77db95457a1dbfe68b4e3a1f26389 |
| SHA256 | 3de8b319b1220efebbf6cfa391571f7279658a68c1e9379615e5f6f9d1c3b73a |
| SHA512 | 6ddd687be3d80484f88ed386e50f32d6a37e9c4b41c13516ac676195f0bcc1f639288f1da03edd6279985c80d1b6644b5f8c77a213b9963ec1304bf48cf802c5 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | fbc185ebffa11e2d531a485bf7fa2cc2 |
| SHA1 | 8c4522373dd0900403e14bba9fbdac29c4ed0c9d |
| SHA256 | ebb0fab2a07e8cc45c45f7daa9899b45347e70e784bc61353348b7059fdc9db6 |
| SHA512 | e3f539e510bd7522875cb30d2f40eba930828e8048e65d9751fcde6294b6d0aafc24336c631735182e46b8fbfc54f90335e76e9fbf99ca8ed5789a781cda775f |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | c34883290d4547db2546e5052d93928f |
| SHA1 | 548b43822136a080c864707e8b2a6a8a59ad0ddd |
| SHA256 | 0d6613dd03e31c43998edbb42e3dd082ce7c9e1ed3368c8152418a8994af5e59 |
| SHA512 | 6abba6f3e8e76aa66829a09b5069ac3c23fbf17d4035d33f0c09ea483e39f121cd15c2fd014922741324f511021b4719f3d80f818fd40a9e34152e4d6f35de46 |
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | ec42f66dfe19222641010448bb98d3a5 |
| SHA1 | 89c734aa14c725136fafc13824cb99af37a5b658 |
| SHA256 | 566e6a16220ee198fefff092adf278ada60a903b8d32718214a29cda71edc20e |
| SHA512 | 3692928c3350f1b937825ea5b81cc2442258a5d283085c959c50ef931a5728587c35bc1abdd6966de5489697a9b12c8e58ed6267b1a4115f28e8dcc7e1db33dd |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | b6c7738c176e4aba409a3bd1faf25d2c |
| SHA1 | cbacf7224597a6db885d01a46bfcf76f7363b5e7 |
| SHA256 | 99269a30fccb9363424ac9e582574227a19780e6591073c7108e34cbf8c2a9ca |
| SHA512 | c58f6dec295a53f0ce9b23ad47196957ede2a83f9d8b2c846c5a37f1ba3c3dd605d515725639624fe5459e9e84e1ea47e6e334f04f87d84f61d8eb41a0596eb6 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\MBAMSwissArmy.sys
| MD5 | 1dc6d344ee9b6b024ba23278891db9a5 |
| SHA1 | 519b792d11daa2bf9d127f69cdd603a236576e04 |
| SHA256 | 823e1c7321e177b006c1f3fd1ec8b99607a12d2c3c321f3a6cbbcf7030b6c240 |
| SHA512 | fb96c4ede03c3aa729d2ea5a72c5f14029f6d69a79b6e0d5449e371bf3acdbbd1cb2079e8bbac3a3140a257c71018bc7a2a31a45ad5c8b65382e67cc3431ab6a |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 51df0781096797179129a1d43441a133 |
| SHA1 | 15899eedd406d4826f9d22516193dc4c4276f9ad |
| SHA256 | b386710e726aa22adf7427d315e163ac462251e57a433830ed1d93b70da3cf22 |
| SHA512 | 397648ed6c4bf71604fad030994ae6170f0049fd08e21a9800e2715ce06dec7dbe4a9b62ce3726bc9fad083e1d8a2b85705f1c107e2c4169b0b8b2002d2229d4 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.sys
| MD5 | 6a21162e1c8a9f65787b14bc439eb077 |
| SHA1 | 1bf68b253edd6cae098144e24e09b4e22178784f |
| SHA256 | 8b7990e1c676f53918e41f6b18b20179d77e598352d9243b05e2ea22b2d9e4fe |
| SHA512 | a0dafe66479b9e68ebf04a7e2fa7c7cc352fb075356b7eccebee7af527393711e3cb36c7ff6466a5e28b17d1d003c1c49ef176b448f5de36a7c8177c9c8808c4 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json.bak
| MD5 | 7ce87fe4aaba4095e6df63cfcc57f502 |
| SHA1 | 71c38c55d670de4a2863edb1d295940921166bee |
| SHA256 | 0b7b5d08707d02eae2a97e1fe68c2032f484b4a1ee722158e53b95541958461c |
| SHA512 | 4060e0b531ff39bf480c3c1be9c1c536731638adab4473557aa48c30441b07789934b7db26d1f808ce1b26aa58324ed1dccab23df68e108e1715fa778eccb41e |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | 042faf2b0f3c03348a69b56c5408ea94 |
| SHA1 | 02b5fe5da87a126110ce373f29c7a99cae5de75d |
| SHA256 | 324f2e7e56677bcf3d372413c3c3cf20877c7cf7c695e5669d1973d186e547be |
| SHA512 | efe91a4c82adf560e341ca9b231ae2b44675504f4dbb4a28fcf538a9de635c896879dd8b9ba93368359a3156c801a289e43248ee34488c5524e56e68e5122d6b |
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
| MD5 | e6cdd912a69f5da7d06d179b645e142c |
| SHA1 | 51a04b04cd78fedce1a51a601e3e463834188965 |
| SHA256 | b3f87aa355cbef29ad16eef89f86cb5f1e56b2f00806b8cd347997a5819e74fe |
| SHA512 | 8bcb939c78a81a6c2d47213f0f40522793b3f0a9dae87ab5b5485fbe03795df878d79966f6ac156c999987849b8b4782c04b747caa805cf5c2aaad46f7a5a5fb |
C:\ProgramData\Malwarebytes\MBAMService\config\MwacControllerConfig.json
| MD5 | 4d77df5aeab284b81af0682c92f82363 |
| SHA1 | aec722264e7f71285ed568ae4d996cce0f95f517 |
| SHA256 | 32f851c6f0be81ee7e4218b8d9fa76c3211f4ea3ae793bab075f1efc777e7fe0 |
| SHA512 | 89c46600dc512e89f73507431ee3ad055c58ae093e10d49bb1e9b338e18bdd08a2dcb71519046fa4ec4a5f84a12592eff010dcb5e1dea30cea128ce501aa0929 |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | fa778165891efa02c5498b15aeef5343 |
| SHA1 | 1e0cb8facdcf47e84575b9356eb4d2970168fe1e |
| SHA256 | d5e69b3dbe91132f688dd5ea284762b0f3870a928582998b642a91bca3ad5af6 |
| SHA512 | d53ae4de3564450dbf43a68ce0018f2002e5bc68422c60e0243b4765c28a257c9036b0d54c64d800b8bc9220201e7ede18a418d8da0241ef70bac86ad7af8913 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 5574f5de75ea1ea1fd5f61b320c48c28 |
| SHA1 | c4a19e70bd4bca7ad35c352016d5d7ec860ea995 |
| SHA256 | 8768dc0a203b103ec7262224452f891d0b23fbc154c44d0f4145c080c7996c28 |
| SHA512 | eaf23911461a5af09c40de6a05c40f50a0b2ca29ecf34e053b78307cf3cef459d0d2cb46a425d448ca789167059c156ab19a39cd37ac5b54824e8fe59359c1af |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | bc9a1a41811bab3d01486635bcc4548c |
| SHA1 | 403f4019616bb4a06c4eeeba2858fd7a556dc1c4 |
| SHA256 | 517b7169e994075e7c2a715aee3832aa7a63b1432e996e2d853d23db32acf9fc |
| SHA512 | 0b84cf39219e2bc4d0405890854ea1cf49665faae340f0b38334493c98e636ed49ecccc2c8adff585634058d7d56a7c1db82db7c45ee62fb48f49025df0914cc |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | b2b2bb278b691ce1c06f509b80ff279d |
| SHA1 | 47edb8574baa339ea8e35f1bba0f0cee753bb207 |
| SHA256 | 2ca66770b2847c41f33b8e3123a68673b1893f476bc8b8bc043ac7cf6489c04e |
| SHA512 | 50f125103bd84c61fe075ec1180fdb25bfb365ad8d63e87eea06e1ceaf82a3fe8ae0e91be1e1b04bf7d4392552503b5e6df9ef2771075e6c9f44fbea1d0e3a46 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | a94729fd8a322d324a453ca732bb9d03 |
| SHA1 | 8b04488904ca04596a22245552df6db20c75b5ca |
| SHA256 | af0faa07d7bdac3954d9cf222d0bf3c06be5ae4a63fa7a0373fadc6e23ad6193 |
| SHA512 | 96f69b7e72d84057ad1df8fc62b999270678683a107ce885578b716e2372e20678c0b9689d5a665975292728c75580bac166f2f4f0621972898f5e984d8592b6 |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | c96fad3e48fbfdd3407c63d197250413 |
| SHA1 | 48245720d9786fd3fa7325ec887baee24549052f |
| SHA256 | 83228098c78e5ee6172fe57f51c8b12acacf30cef1743482e3be3d507501aa1f |
| SHA512 | 3065624d34666f701d8cc3240fda19d1a5d1f7adcd2204285f73e5fc7cf02d3943349a3f4a77fdfb7f5be071532f6be277b8e18191465dfb7547397eacf961c1 |
C:\Program Files\Malwarebytes\Anti-Malware\ServiceConfig.json
| MD5 | 901b9cb3425a7d3b2c5cad8f17ec3cac |
| SHA1 | 72e2c5e4405cd4ad121f3289744e6557a509330b |
| SHA256 | 80bb234b5f5cc9fbc200adaadb36b04ba9a7dfdb21c62ec16cc3a324f0aa0d0b |
| SHA512 | 94dde8424c394c1179b3d0fe2f1402c851601b6d45e1ba6dd3461fe4dd6554e993973d0e948e7bf3dabaa4b0fec00fd3112e249dacf224a3c8882c18a442be2a |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | b3dce12ff3ec9b9c50af2f74c1e3334d |
| SHA1 | 405e5e6132a5707e7e21abd09b794065bd52707a |
| SHA256 | be5437618074dae879bf4926f7d3327df4db7605a29ceacd6232d5b695c222f0 |
| SHA512 | 6301bd44e77c4ba98d8fc13520848a7a3e5d28eaa731f00156aa401cc52a8ce78ea28038f7f9b38870c4a3466eee46134edd2ad75c89a7c2aabb1d528323c6a3 |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | 5956da9c1deb07c2175b03fd5f410b69 |
| SHA1 | 2cd883aaa53d8bf8c1a7818c5bab21866c56be58 |
| SHA256 | 009ee570085edcf38e4e9db9b54d8e85a8383f4ba1f1fdf9e9bc188256eed36f |
| SHA512 | fffc2627f50d6d934fc1ba5d62a573416a39bec3712f3666a30d8460ee7697f9b8310c2b6b91c227d35a38f8ffb419aa7ae412db4a71d6da77b81f71b49a1ab1 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | d961e44561538c50ff889f978b16c1eb |
| SHA1 | ba0dd99a6fc9baf6604c9e99f08fb73403e69b82 |
| SHA256 | 2c77c623fb5d9ecb3535bb17f1da105bb603682d6a52a0b9ac830d6b98e7007d |
| SHA512 | 876b3d48f40b988464c7a3873d780d2866483928b2c151006c9e3cbc659e9415d6c1a45e9072b4e4f2ff02c2f3c8a282def453fae37f1495abbf81095de7a986 |
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
| MD5 | 0eae912523483b77c66ebefaa361fbcd |
| SHA1 | 28fc9c46b610ab4b94ee4e6d0c33d5b155fb5175 |
| SHA256 | cc3c1308301e3916a9bdc0c00aaaefc5f4e5207b4626364500d30d7d977d3a9f |
| SHA512 | d302b81a4f7bd9a8120e437b9448b36760cde3ec061b971895cb7ebe08ed7c502428302effec80c895237719323bddec585526665fc7cd8e2beafb67d7abfb1e |
C:\Program Files\Malwarebytes\Anti-Malware\mb4uns.exe
| MD5 | bafe0316a997b14cdfd91ea213c67542 |
| SHA1 | 5f15257200374c7f3fc7e8858578cf2edd1fc58f |
| SHA256 | 08ef4e9363d8117bef551cb3ebc1370c066ecfecd10781b64a6510b7d2d8247b |
| SHA512 | 931fa97c40e7a8822dda69af856343effa794e304b3d22f8c5489db1b05440c2d84b9dae37a0d0429987aa4f0dd5b2399fe228b494efd1b8c27c12a4a522abbc |
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
| MD5 | bbc2f701f6397724ec997def851785c0 |
| SHA1 | ca16d57b0defe2f4f0bb4d14bea9baab5bc6874c |
| SHA256 | 083c0d95f234f624559e19a3be6de5bd304e0d0c43b68a78487cf01240bc08ae |
| SHA512 | d0efe173217fcac12c0b1c366b7742ff8d8eeb4e8689b73562e5b1ec57427b0b94b249efe05d63f8b14684a1a46890c9f89896b01882ab31bb0a601d13b7a49b |
memory/5624-5143-0x00007FFD63330000-0x00007FFD6389B000-memory.dmp
memory/5624-5142-0x00007FFD638A0000-0x00007FFD63CBE000-memory.dmp
memory/5624-5145-0x000002E5E95F0000-0x000002E5E9A30000-memory.dmp
memory/5624-5147-0x000002E5E9A30000-0x000002E5E9C30000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 78c7656527762ed2977adf983a6f4766 |
| SHA1 | 21a66d2eefcb059371f4972694057e4b1f827ce6 |
| SHA256 | e1000099751602ae1adcec6f1c74e1d65f472936817b45239dfed4b043984296 |
| SHA512 | 0a8e58ae95163b3cdf8e81b5085887761e73cb7c836a1a6a972e837fb3df69b2ac70cfd6311d06d40656344ec35eb48e512f007561480f0345486ac2b329be0b |
memory/5624-5154-0x000002E5E8A70000-0x000002E5E8A80000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 099b4ba2787e99b696fc61528100f83f |
| SHA1 | 06e1f8b7391e1d548e49a1022f6ce6e7aa61f292 |
| SHA256 | cdb1db488e260ed750edfe1c145850b57ee8ab819d75237a167e673116a33ee8 |
| SHA512 | 4309375e10785564ceb03e0127ced414e366a5b833f16a60d796471d871b479e4c044db5268902d9dfd14715ca577cb26042bab8f7b0f31fe8abf33947feb9d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8c11c73f04f2d990d31290add3b152b3 |
| SHA1 | 0fe13aaef273ab4fa6e8e500a672b9c26a20137b |
| SHA256 | 85cf97b1ed413e5b92861c6d1d305d651d0e98a37079e459add4b2c4bd47e288 |
| SHA512 | 7f7b1b2a0f7ed996de483d135abcaff8094c02e53829b903b26517ed0ba83955cae8e613ee80bb5893b3228372abdb6156f3d5688e60e82910d0356fec8abca9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 02ee7addc9e8a2d07af55556ebf0ff5c |
| SHA1 | 020161bb64ecb7c6e6886ccc055908984dc651d8 |
| SHA256 | 552d3ed359b7a52278ce621674d16428d8a7969f6cd5663df18e240cce66aadc |
| SHA512 | 567989543c3848a0c3276d96b96ca761f750e4b71fb74f36d809f590ffe16a72fd5ece251737a8b1ffe65f0051e211bd7ad19d2b8b0b7ca1b7ffc86dd2a52883 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk
| MD5 | b16122cfa7621b4b8fe4916c0814af06 |
| SHA1 | 3b2a6d09db4e0227ec44dd8bf422f11d4896cd37 |
| SHA256 | 2d5f21727d8792edeb7b417fdfa14fc8bcbd139cafc1df26fba8a5f2676f3354 |
| SHA512 | f83c080dd76cc57a402d85d48e0e85071adc56c984265abc0aa1eee8956203cad2e9458d4fa5573a9457b565b1df7e6a167ded0c6341af7fe887043f5468a30d |
memory/6432-5248-0x00007FFD638A0000-0x00007FFD63CBE000-memory.dmp
memory/6432-5249-0x00007FFD63330000-0x00007FFD6389B000-memory.dmp
memory/6432-5246-0x00007FF7D0500000-0x00007FF7D1AF4000-memory.dmp
memory/6432-5254-0x0000016381F00000-0x0000016381F10000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 16109cda71c087e852d17a40eeba4ba7 |
| SHA1 | 8a30a51aca913b50d04ec07c13351ef0c4b00b2f |
| SHA256 | c521014dffd68bc028acffec5a03bbb1b192871c60e6f93fd75925452f6a70a0 |
| SHA512 | cbdb6a6317e8f78cf93e6aa6930f32603d126a20b0bd4d221ce749ab1c807d9364b060a1c02d147c04712c2da807d697ab63bc570a702f4fb5fcc736ee0b92cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | aace1657536d089b95aac410d96a28d0 |
| SHA1 | 735b65adaee9e136772ed37859a85b765c04d71d |
| SHA256 | a8280cc56cddb27709ab65cadadbcdd8cf03bfeb216f526c7d12801d019c4c7b |
| SHA512 | 8ed87df635703c5d8b0a27fc26b1d25d9e42303515d5a45b2837288ce568953552aeb1eb8c74fe7f8cd0b478c2b1e9cb7eeb27852bbb1b2938864474ce74d249 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 7716e124e19760049484d1bcde4a8af2 |
| SHA1 | 51d50c9e9b7fc658c1316d1844418cee0baffa2a |
| SHA256 | fa7968a9a888e1a6dc6ac6126b8edd6e73974c2b0629f669bfb74916f0e7d534 |
| SHA512 | 1ed454872f7b74892c20843446f914a6b0b985d6bc7579130188a07aca8c5fbf0a8759fa63ae33649b06001191e2637f55c22661a5c55a259971b409662be00a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | 4ab212d67df0d744f74a6f6a257b2653 |
| SHA1 | 7844504c6b52741b4467b98856b2da4d2e276630 |
| SHA256 | 6b5ed11f9d9bfad094e0177b6339804dbdccfece80ea0636343349543ca69c63 |
| SHA512 | 49007eda96079f2a85bda5836ee21c5e9e1812e4b2f286551e6935bb61534981b4df7dbbdedc6c1fce487406b934a674ef4dc69308bca6579b93c9c220065e6c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | f75024a7d56d594307f8960513ef2caa |
| SHA1 | 20bf6c585e8fc8013905aebe71b3badce53f2807 |
| SHA256 | 41fcb42cc04ac80cffc4311cb331c6dd07963390b7b2cc313ef50117c7ee6b0a |
| SHA512 | 02b7e216976a4f6c60dce92c7d683ae5103b6b4dd5b0e7ca7b833149c5d07d4209c3be42d66dd46ca204540829449cd7d33454f360ca57dd4f0d8024a47c6985 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 419f5f96000a86c0bc2b1d8827af0fe3 |
| SHA1 | 5debeeb31047c9c5c34fe9a648e61d9687c5d118 |
| SHA256 | ce1546ac0d4e5075e46e8e408d1fd2073cfb04684d3b5a5a975462c44c335fe2 |
| SHA512 | 4e428bec326181b42d5a97e1c1ec6b9af279b362dce31e4b6858961052ca2c4dd0c3b7e3a29a1b7900e34e51036ec8bd958822311c377dc8ef5a295de2f99e7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cfac2b3dfa88049363a0555ff46a983a |
| SHA1 | b9e22e151038b7fc8bc831707c4a97dce2750df8 |
| SHA256 | 49b65be47bd8bcc4af09db7f4d23116506d5b84d4b426478dd5e7400aa759ab5 |
| SHA512 | 765f90851ab49c26c74b7d22bfccdfc6d88c57f76b58b857bfaf67cfe0984e41366c2cf554f6f3bcdb0944b9c7d3f9925c3173cb81756241b30883d79c72f37c |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 28bdefb0a621abc3b9b1bae9be63e30c |
| SHA1 | 5b572ecc7cc2d2ded16b5ff293f15613f982453a |
| SHA256 | 0f59300a8b983d420bf76eda3de32e8bfbe4582255bc58bb15f3dddbc7408a96 |
| SHA512 | 5751a5be08cf823b527f8f0c52aac3545e3e022356ac4d2a2833b9ab1714e5921d947b2d43e7cf07dc542ff4c1691c7b860cebacc841e9e3330df76733e74a7f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 057ef20face4e9add03a87b182a54f40 |
| SHA1 | 6b057392156035a6d06b3fb0ba9895de280f9ee2 |
| SHA256 | c6b4eb209588e2769b61663d89879cc51bf314f59237c420cd4162bfc513c495 |
| SHA512 | ae2183d8f80ef2ae39528c8c98a4f028c7282117393739450c33c92f0512fa97a31587e02154661b2839d8f80112ea410455a1ad610dc0656da5d6c378edd0bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5c27b2f51fd9ab29a17ff1a08dd72664 |
| SHA1 | 7eaf2036a03f0daa680f72b44164073dd0e6756a |
| SHA256 | 59e7fbbfd85af47265d07319251b22dd6bdc5323d1e38a2d164bdd3537142be4 |
| SHA512 | e087537fc59bdeadac52f82e43ac864f8bbdc91ddba6b4400f378fc0b57e666690c3312a24623cc7db0165b435ad8cde1c0dc900c68a008d55fb6f6b2e9072fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
memory/6432-5561-0x0000016381F00000-0x0000016381F10000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 54a8eea4eaf7b8e1d37a45c46169d8ac |
| SHA1 | 805bf19d02993d92101c58da2c5fa81f69af5ba1 |
| SHA256 | 0e28b80e274e4ae748aadbb6ed3063ff68b6ae04f4215cd47eec00546f6004f3 |
| SHA512 | 765a660d027430178cc62194035dd280414a3b8ae7c06b71343274de24d54a737e349332060eeebd1c98f80179b9a225e650913e579a62365916e2fabb231b12 |
memory/544-5585-0x0000029F14200000-0x0000029F14349000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 81bd9282857b45fa61352a8c787e37e2 |
| SHA1 | 3d088f248815705eba3a54d5dacebb9069b3beab |
| SHA256 | 96d1a8c05c914965cfd270a3a191e23a12a5dd000d7ae47a328f7cf932b897db |
| SHA512 | d6e4400a275cb04083cda8f2ae978489775ff733a364aaec5f5abd76048da53d5822545a3906270da04df42ae072f29c96094c06b615ec88d0d689d42eef2033 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1bb3061f2f56d4b55c8c9574ba2c3d24 |
| SHA1 | 20e1efab09bf1307dcc2267b36699102f4fd83fd |
| SHA256 | 92014ee1a3341677e57ed86bd2a764493ffc057a2fbedc4fa8cbe55330ab464d |
| SHA512 | 2da10139864ff6339ce6ab4195bd3402ea574867a4378bc9c2c3dde82a9924194d4ac16d7b197bcacb74d29b64edd07014fc7ba215e61860fcc7d6c0da86d8da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 756ff205dffe6e8f7b0a5e1a943adc6b |
| SHA1 | 69168bd7db89bdcb190e79793a36ee2021d9a6e4 |
| SHA256 | 56cd86c02b31949f18dfd768f4aae9f731eac8745349b4bc2e760d58b837f0aa |
| SHA512 | 9a81033b47002a94f75f32eb1a04272a3a8d682a1aee6cc23750f096d07e2e1ac6e79cc53e551a9703ae3dfd7309eb457f126ca3d48ae8e01de8f28e77829797 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 35c52a9f76019d3f439b12751e8c1023 |
| SHA1 | 9f7982051472e60335fc81a9d95f9fb1638e0ee5 |
| SHA256 | 0ef967a1b48ccce65276e625e1c959c5b352cca6b612f243d4db814caae10b67 |
| SHA512 | 3613ffe54924299788245a2c56ea0c657ebf107b6e8391e4ebcb8c0a28322bd648616e157370cdcb9ae227443a6d18e10b192f3d3ece37ed32efd0c3d77d3016 |
memory/6208-5784-0x00007FFD63330000-0x00007FFD6389B000-memory.dmp
memory/6208-5785-0x00007FFD638A0000-0x00007FFD63CBE000-memory.dmp
memory/6208-5783-0x00007FF7D0500000-0x00007FF7D1AF4000-memory.dmp
memory/6208-5849-0x00007FFD638A0000-0x00007FFD63CBE000-memory.dmp
memory/6208-5850-0x00007FF7D0500000-0x00007FF7D1AF4000-memory.dmp
memory/6208-5977-0x0000029B65340000-0x0000029B65350000-memory.dmp
memory/6432-6008-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6009-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6010-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6011-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6012-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6014-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6015-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6013-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6019-0x000001638B060000-0x000001638B061000-memory.dmp
memory/6432-6018-0x000001638B060000-0x000001638B061000-memory.dmp
memory/6432-6017-0x000001638B060000-0x000001638B061000-memory.dmp
memory/6432-6020-0x000001638B060000-0x000001638B061000-memory.dmp
memory/6432-6021-0x000001638B060000-0x000001638B061000-memory.dmp
memory/6432-6023-0x000001638B070000-0x000001638B071000-memory.dmp
memory/6432-6032-0x000001638B070000-0x000001638B071000-memory.dmp
memory/6432-6031-0x000001638B070000-0x000001638B071000-memory.dmp
memory/6432-6030-0x000001638B070000-0x000001638B071000-memory.dmp
memory/6432-6029-0x000001638B070000-0x000001638B071000-memory.dmp
memory/6432-6028-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6033-0x000001638B070000-0x000001638B071000-memory.dmp
memory/6432-6027-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6026-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6025-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6024-0x000001638BAD0000-0x000001638BAD1000-memory.dmp
memory/6432-6034-0x000001638B070000-0x000001638B071000-memory.dmp
memory/6432-6035-0x000001638B070000-0x000001638B071000-memory.dmp
memory/6432-6037-0x000001638BAE0000-0x000001638BAE1000-memory.dmp
memory/6432-6038-0x000001638BAE0000-0x000001638BAE1000-memory.dmp
memory/6432-6039-0x000001638BAE0000-0x000001638BAE1000-memory.dmp
memory/6432-6040-0x000001638BAF0000-0x000001638BAF2000-memory.dmp
memory/6432-6042-0x000001638BAF0000-0x000001638BAF2000-memory.dmp
memory/6432-6041-0x000001638BAF0000-0x000001638BAF2000-memory.dmp
memory/6432-6044-0x000001638BB00000-0x000001638BB02000-memory.dmp
memory/6432-6045-0x000001638BAF0000-0x000001638BAF2000-memory.dmp
memory/6432-6046-0x000001638BAE0000-0x000001638BAE1000-memory.dmp
memory/6432-6047-0x000001638BAE0000-0x000001638BAE1000-memory.dmp
memory/6432-6048-0x000001638BAE0000-0x000001638BAE1000-memory.dmp
memory/6432-6049-0x000001638BAF0000-0x000001638BAF2000-memory.dmp
memory/6432-6050-0x000001638BAE0000-0x000001638BAE1000-memory.dmp
memory/6432-6051-0x000001638BAE0000-0x000001638BAE1000-memory.dmp
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | cbc576cd0785ff7c9a8e8ff96bd438f1 |
| SHA1 | e59e4477c2567a0595e3390438ce36badf5f1856 |
| SHA256 | e28cc3fa4492a0f50281c3f92d79e1bda2f1dcf2e95657f8541ff7c90cfc8486 |
| SHA512 | a3355bc29f87ad0d800f446f59fde1cbee65840957b52ef0367de12da3e525758a91d945cd3e9c6d42f39adf9db0fb9fbf5f381384505c972feacdf055e675c3 |
C:\ProgramData\Malwarebytes\MBAMService\config\telemetry.json
| MD5 | 65ee9f694894f0ebd3ace8af90134be2 |
| SHA1 | 0945dd27261c278d1ab9a3a8656a05c384ad78f6 |
| SHA256 | af2027cb845197bbbd37ee5cd4d3f04e520a382ef2120e4cbe260ff55a288d48 |
| SHA512 | a1edb314dbf8a09cea1e673f8723d41932df8efcb48b3f3e21efa957b4244fc5a6c37a3a4f2106b5e83642a4a218161ce46d6d9708de2848341f4b807e00146e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a22ca6cb41faa05fcefdd17f787b61ab |
| SHA1 | c8f5484c29756e88e61029963b0b332eaf9d4858 |
| SHA256 | 210e668f2e1fb865bf83247432c9659e6d580160f90c740351f3c4e531f5ac1b |
| SHA512 | 3e7d26df1bd07e59306e9bc930e36e9b142d07a47d7895c21df5b76232555f25955586a2fdfa47f040fd7de7e9be755bf6d61efc9d0e313092bd859060e5e239 |
C:\ProgramData\Malwarebytes\MBAMService\config\LicenseConfig.json
| MD5 | 9bc1a4a51ee97efd27f84de66f7fd756 |
| SHA1 | 6a10ed61fb3a8023d661a878779c08b223cb573b |
| SHA256 | 2c9906054b29eb1251debee6d9d55a7d3681708a7015241cd2faf79f0a834ad5 |
| SHA512 | b7f75632546ad70cadaf8b3b62cc9f9f9b06856a765107fade596e6ae9d06cc4b1b78f5d111391717eccfd4d46fc0cf7c2e0645e70a84ee469dd885aaf093de6 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 724a1df49fe8d0f22be97f20eb8b3353 |
| SHA1 | da029d5de27b8842c1a84e3fff5754317909e363 |
| SHA256 | 119a2c9af6a91a2a780e7a8b62d42fbba5f70737be74ecba64c7444f6f7ffd85 |
| SHA512 | 9f9d432615d269dfb8aa1678e70b48650ed6e65d293c4f1ccdd6719b955e248c102d7d663a56d4b491e838dc172b988f17cb6fefcf2639d1e1beeb857808fb1a |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | d3afc965fb0ef9853c24d48715dfbc5d |
| SHA1 | ef957ae3b815137ef6ecdba0c43e4f5464651c2a |
| SHA256 | 31fae9c4515c7b77ccf99688db34a66b6ed53e1b7a70ffc5a6f66bd8accd21ad |
| SHA512 | ff54ca7b097e08a8a53933351977519776ac28746d724f3a29f15fa1848eff43de80e53e3fb223d1d443a5236f78accc5631ee3bb2d6e2d315dd3a9ed9c4f151 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | c9b0a33f3728266fa94901d66e19cde0 |
| SHA1 | 7244c443f1642645a128fe7abb5220632df637bb |
| SHA256 | e7d04a09eb46486508a1ee8985975751c667dc4652b633f210c4eda9ec836737 |
| SHA512 | 5a920c20721497ef6a73ffffe4afb2bfbdbd81fe23ffdb4445d46c2e416d8455679632a6f5ac07614f7472cf17db59fb9df7a468d0443ed9a323c2935d989fbb |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 3ee3de734729c911b8348b3e90fb2d33 |
| SHA1 | 48b8af879274c88864d817b777fa656083a7f328 |
| SHA256 | 49b18b72c09cef9cefda7d690d2f3d7d1c013af8998a52615bf0747bb0178948 |
| SHA512 | ea91658a64ee113792af9fe881e05c8c9936dda726f223c4dbebb8aece3f1a8c897ec514f9c60a784ec05bbc1a98fd3514a37509d361d33aa42fb0af9fbbd368 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\a712c324879904b1.customDestinations-ms
| MD5 | 87f1b8593c8b4dd8dc4fab15641515de |
| SHA1 | 7192fbe9a8607bd8e0ce3c4448d9a7fd8c868c3c |
| SHA256 | 42ecc650243da65d04589d8eee1f3f89fe64e68c45f639ad56ab5a39344b9571 |
| SHA512 | c2678f2eb6fdaa952402aa3d631d59f97653eee7511f2a0461d3f46a32279f821a9e77b2a05da24338bc1e1dfd9214ad63c1878242a05062f346cb8c34ceff65 |
C:\Users\Admin\AppData\Local\Temp\mbam\qt-jl-icons\16385ff3d70.ico
| MD5 | 91a74c169917bee7cb2c8ef9dc74ecbe |
| SHA1 | 8633b44ae58c4b201078114d925f551b36c549b0 |
| SHA256 | 1e5eaee00708bb44d5d053ee25da5b273ad855b7f49456268dcdebac5d5d5710 |
| SHA512 | d5274c14e4f1aa99d5ead0cafa5f42fad074092944d6f48c3fb0cc6a311f958f97e23fdeba3c5639fae0751f692f9e5f85dd065baf2638291f2ba2a42c4afb72 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\a712c324879904b1.customDestinations-ms
| MD5 | 8550795df71d4fb9a8cd9980cc6921d0 |
| SHA1 | 973123d671146205ccf5abf2b08e5f848f9f0885 |
| SHA256 | a9920af7e2d860f5a6b2f9cd91f465c669d52b7a9da730cfd6072a834ba93245 |
| SHA512 | c662b47a2264c252a6a97372709ab02c10932d9f92b1f5189f2382c9c874aeb66fa144795bc34a8bdfec7d68bd503e60e43403bd62e71d5a6174af915d99327d |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 6401c1914e872dfe88f0f23a91bd3aa7 |
| SHA1 | 30b0cd8a74ad197d5c97c96ba06743864b376abf |
| SHA256 | 53cf0012c9c4cea4073da5fb7669767ae524509e752d14471bffc8ebc0c96ba3 |
| SHA512 | a4e29510869ec12b07ff7a681b6be2030fa92d2dd64c12b29d600f94a0f86e1d48bbe08667f9b9a1a37bc301df7ed05c2bccbbad662d0219e28443c7794eaabc |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mwac.sys
| MD5 | 1e12dfd5396809da1c6cc5bcffbea079 |
| SHA1 | db1aed7c81a618af1053e8c20a8f06facfc0835c |
| SHA256 | 5afffafc7392d7e587228b50862cbf2c435e45e596148fa05ac3c2d0af7721da |
| SHA512 | cbf33ba1c0af4ebe85764a969a8b60fe3e65162f6f8f4eb91790d8aee4c09a7d4e8ee6a438116103fbd966ba2c377ce538801140402711543c402e3a7a375462 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\farflt.sys
| MD5 | b97e91c67832f1ff52fea79bae37372f |
| SHA1 | 6b7d1151878730cbfd15bccf19026df88ef84b2f |
| SHA256 | 85dd0da0b7340652038c46237c14309bc8c34107353050facf552805f7d7853f |
| SHA512 | d1c012bb4dbb368cd149a49fa52aa5f9ae546956f86901e4990ef46af4b658680830ce3a0b3a52af5dca2deb86d2a5567eb79e968e84e5588dcc8a81b8f452cc |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.inf
| MD5 | e5bb98e4d7adf79cf7355aeb4a12d3c4 |
| SHA1 | c2996909b98b95863d54c6a2f7843e5c05015596 |
| SHA256 | 1f2ec66c3947802dd97abead84d71bacebf84e4a2e871852cf5291958d45a189 |
| SHA512 | f65ec684a21481c66f4571fec4f5cd17fb629fbc4b5fda88bfe00ada30573f3c74313311f5e8a164709824b8033a60fa2ae0f1643d0ee3ba8ae4fd558709aa7f |
C:\Windows\System32\catroot2\dberr.txt
| MD5 | 0c1901d6d589e4ccd9b9a910ecc6c489 |
| SHA1 | d9e9e2552dc3f642f70906ddbe797462930eafd7 |
| SHA256 | 6290fff8a83d9913099f89ca7647729f0ad0687eb25d9a16e1532b6842e0e6b1 |
| SHA512 | 9c1d2eb7e41004bd33f8b869d1aa7e5b61c5d3fb090b1adf927b09525fb61542d1eb55cbd5e1c53ffe1aa5d920aff8816ed73fd2ba9bd70afb4f1e11a224fd67 |
C:\ProgramData\Malwarebytes\MBAMService\config\SpConfigFile.json
| MD5 | 1c534d95abe786b75751f20cd9cbb3e4 |
| SHA1 | a55e267d490553644582dd5a701d37da5c58e534 |
| SHA256 | 148ac69285d6239a82a057ea5a6167a2f9febe3fdee7b7ed66c642e1de8b3f32 |
| SHA512 | 224f777644ed737f757bd9b6a334f300c310976558a9d2c1806e899bf3c1dfce1a415f40b226bc36e33fb83b6a5c2233714f4159c87823b1a00e04c68d73a0b3 |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.cat
| MD5 | dfe383b7b48853f4c3dd383fa40de764 |
| SHA1 | 68066a7ca36ec32699e645fed7bdb33be1e2b395 |
| SHA256 | 552a30fb8aa05793a5c78028c3e1ff9658b1a7c831c5b60a5c74a10f0f1127a0 |
| SHA512 | 21bea8f59bb7f02a52e16b5404ed522b6d1a8854f7ca6c9d34031bb02ccef11b0f1a53e36fb7031ff943add4028195d92de0732856465b1ae3498e1e1e50daa7 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | c6fb959a96139c7a7a0b98fd319beaf7 |
| SHA1 | f00567d6b8e91fba08790a17948793de13b14df1 |
| SHA256 | cd076b9b8d4d72b6c643c8c17dfc862744cd7871bdb38e276a78618036669ebe |
| SHA512 | dc831258cf9d44845919b77dab88dfba4b55afda639efde4516c7da20920f6f4478451ffbfee74d7ada9c0ca6c3004805052ec082d7db8482b38f410539dedae |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | c6fb959a96139c7a7a0b98fd319beaf7 |
| SHA1 | f00567d6b8e91fba08790a17948793de13b14df1 |
| SHA256 | cd076b9b8d4d72b6c643c8c17dfc862744cd7871bdb38e276a78618036669ebe |
| SHA512 | dc831258cf9d44845919b77dab88dfba4b55afda639efde4516c7da20920f6f4478451ffbfee74d7ada9c0ca6c3004805052ec082d7db8482b38f410539dedae |
C:\ProgramData\Malwarebytes\MBAMService\config\RtpConfig.json
| MD5 | f0a4f95cd43583801183f6a3498aa698 |
| SHA1 | aee6ab24fdc7dd210ec462c8d895ace0257a7ff6 |
| SHA256 | 2a3665d7e6fc84a62d4f4adf336b1cba4040f89bb4bcfa415a10a5a03392b481 |
| SHA512 | ff1983562de7c0bef23a73b7a3c7c91fba2481bcf7faeca4bad5995c3a1411e780b18e5f7c667eafa34e74ffa5617f93573ce76beb96d1110cbdceaf8a0f19ae |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 91d98a566c72c381e34fa52811642d96 |
| SHA1 | 3b0317d8afc40ecaf2674153878500bb180dfcc8 |
| SHA256 | 6eb704ec9046d90c203c2ad2af4b73376e991ffade6a5810e4131490491e0eee |
| SHA512 | e751b5bbd3c70e9810044e792c9acda9e61c382f3f25f1b752b637885152c7be629a920c3caf0df7468b82cbe75e61abf562559444bed4ee793da125773e87aa |
C:\ProgramData\Malwarebytes\MBAMService\config\ArwControllerConfig.json
| MD5 | f05f12c4c1dcee096b0c404806c0b127 |
| SHA1 | d92edfb97a4fb40d710c96976f38b144357f0c13 |
| SHA256 | 6e2f4132167fed9052e2e1a3634833bd5e3b8a2e3a67fee0d555729d3730a2c7 |
| SHA512 | 1fd50f9c609748edd46fc551e8ecbc5d52b0732878b7ea896dd318b1a104bdc397071cffc560dac93f6f72b5625c4ef0785a3dc6f38368cbf964f09baa57d183 |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 35e246be407262aab1d0308676879fcc |
| SHA1 | c065d7d96b7dfb18520941c36f09a537ad88a8d6 |
| SHA256 | ecace68fe2e777c7a15b7bf5fb8537480557e7db2b8d9421d42aecab93837b55 |
| SHA512 | 9ffd1e2c77035749807c48ac79d12a52560b0780717ca485132245c48d771b4896deb29434e5986dada6e6799c8b7c38e44ef6d08f7ce381a58b780854950602 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | b4960b98a53e347e0b5ee466ce26f8b2 |
| SHA1 | 323c744520e8db28cf943705b5ae83bb8f0ee20b |
| SHA256 | a2c08455a35d3b332b87bcd4afeb92ed74e59a78e36b05595a3b9645dabbd1d2 |
| SHA512 | a4d73eb8af74882b009330222f83a971bd1e74b9fc2c819936a19ff07a635e296440ed0d6078dcab4903b9cee4880ec9adbcdf4998bf45865ae2ed708c7a3cd3 |
C:\ProgramData\Malwarebytes\MBAMService\config\AeConfig.json
| MD5 | 2821be19f49c33d19ddee77ad1992aad |
| SHA1 | 398428b1681c632b69d7bcb9bbc6f9e3a98b4c95 |
| SHA256 | 27cfe5618905ed140695e2e50949dc5b49e0ffea1c07cc232f345f5a368941c7 |
| SHA512 | 75cf83849b04c3f7473b20d2538928922cd574200d5bbfb489f5bf1622174f7b41627fb6575acf8d4f3edf6197627dbc8899cce074721bf55e7ffe92160b585e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a8e0f172ebaebc4308d23836df5738b1 |
| SHA1 | 44b9bb34e7569fd26414b018d28529ce0ecd7a9b |
| SHA256 | ccaeb388a2d910c87c43cf0f95db4815d1f79b8b04d3a907eecdd08911499344 |
| SHA512 | daf011289dd0f1666649e5ca97bb83308d7a7d1f3fba5c9248ab4514f8c620bfb80409e5c60e55a7786874cae38b6347a1a8b400caaec1863767065a1e86492f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1e4ae61521a10183a0158a09b5703ede |
| SHA1 | d80055e07c90efe3d4124f378090fc6c401e8625 |
| SHA256 | c446c5d31ad429d4e917787bfbbdb00329ceef9cd9db2d09ff33aea8adc5d884 |
| SHA512 | 9fdc2d637179d6afb69b967b17b17bfacd468f188ddc43d54295da9b789b249f1f09cbda8ae3b2fae452d99ed04d29d9f3e373e11869b7e0f702238afd7bba70 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 908900afa5cbb4eb93721491ce66c58c |
| SHA1 | eb7c15b091624b2b9593a9ccaeadd3e178afe827 |
| SHA256 | 1eba6f31c816e98b3f7195b3e00e2e35a3f6948301bd30b2050e7fe0cf7a9da2 |
| SHA512 | 37b619a48f736f481024f157cc0d21d51aa3ab4e7112f5522078307eeb9973fe97620850044c737bf7475c7fa337d3e9253aed762b41ce0e595e5963a0b2c96a |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | d148f444729ae98ed662c029d8836eac |
| SHA1 | 71096b04fa66e36e5c1bc67b3f5c1cf0cf8c6c35 |
| SHA256 | 7e41cfb6e0bf263f884a96515d28320d4aaa31030810c6fe7d34278e37685504 |
| SHA512 | 04155e70aec12de8b622c12092bb3d7bb420f907788f5f4f14de40ef4cd680408903bb0ed80e5adb92be41c282c0eb2df0af67fcfd51b8081b26e8df0a909947 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\a712c324879904b1.customDestinations-ms
| MD5 | f7a7ff355524061d93555848e24fd411 |
| SHA1 | e9894030e6e7d02d256f3076ff1dbab97f2b461a |
| SHA256 | 64ba482fb11229b54ceec909ceeb6895a858cc52a3d00dcd9abb68fe5ee2d214 |
| SHA512 | 00d1ff3b93046a93dd267afb08f14fedd464f8807151fb9967fbcce2fa1ea15e8e94f26d0e4daf073b01ca3fb44cae6006b048b44c7a25680cbc683450060b7d |
C:\Windows\System32\drivers\mbam.sys
| MD5 | 4b4f4a100699d1ebe7f98af1411f6dd5 |
| SHA1 | 2490765c943e059bfdadebc300bba0e9dfe63894 |
| SHA256 | 9db95a82528f0f554677825dd50fe186f36fef26cc6b627afc82fd86a5803b69 |
| SHA512 | d6961baf162b3a9aa63365402d08728d6f832e2af07a4400abce30681b03697c561a28f8f35225b024dd454ae7e3910b0738ea38f89b230b472f4e88f9de9c37 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | f7c28f933d463925b150e128d555c2de |
| SHA1 | 3a6a5357290bb77460352f3f0c991b7aa4437214 |
| SHA256 | f153f3af7be21194b8b39c6716445ddb4753732cc27d1665daf6dc1f6decb658 |
| SHA512 | 3dcc9876de8afb32f16303413acd3bcce2cdf925869c9c8f1abb67c76e6f5f4b448fa749e4321d3323f6b14e23fd93ff06f81fca3ce18b0c58e623196b940864 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | 9c2c72db8c4dc528d661ab55afa35441 |
| SHA1 | e3f9844bb61021dd033e5f18ce983786c70304f1 |
| SHA256 | 1e8544b082fce755709b30957a48652707da9868e4e71914244b55126fd2d279 |
| SHA512 | 6d6285e959ef73ac9b45497342e2a98d24c14018a4fa2854895ac1f0c1009882988fd21da9d41dbd6937763db2926c10621f79964c5470ddb16fe7f80c6f00e5 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | 62b263b28a3be1b7347a67269961590f |
| SHA1 | 590733814a11b14a9d3c3571bee9fd3b50d8c5b7 |
| SHA256 | a951cff793d04dcf11aa4aea3dfbdf190f8815c3571956a1c743e4254b82ee29 |
| SHA512 | ddcf895e9412733850843a9718c0568ed87930b0cc408da372653164c80be5a6409596d7516e6b216a5254e047d453d7a972155b8ca66d0d31d1416394aab44c |
C:\Program Files\Malwarebytes\Anti-Malware\sdk\mbamchameleon.tmf
| MD5 | 5a1907db4e5a38aa11e5784c59642466 |
| SHA1 | a0f94411bb910fa8c494f3665c2c8d345d9f06fc |
| SHA256 | c80389df55940986bbfc8ef6ddc9191f10a8cca9500fc73722325973acba4d62 |
| SHA512 | 05c0fcda376d34f62fc401c4fa6b2ab5ff978fa8c51037de9490ad5e6c28716ed9a488709c5b85fb4d4a94ed5424229c225107cabfe600a8abe18f3a484a5c3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 59488d37836222fb4ff7bc2ea936ccc8 |
| SHA1 | d8d5711839b406469cb5f13ad78efe5df6975e36 |
| SHA256 | 0c1df826e1b7fea7c434eee491a0bc97b465f0743639b1d41eea67afd407ba56 |
| SHA512 | b4f6b50e3d661eb13a369bb8fd51038f5a7d73ad7b03955c1e7f2baf0a22fc9d3686c778040388ebee7dd6ff3590d8c59ec85e178517737d9ee9808ee7b8b15a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cee658bbd665eb27978e17dc2b13d1d4 |
| SHA1 | d18d734f088741561800c2f7e84c10e6345c04c4 |
| SHA256 | 2c42f3f598776fbc3533b322e3b30d0e7966bd6eb9561a4038cb32ca59c45c23 |
| SHA512 | 81d7795e6a6e6f27173dd2b7c4fbc046796b2674b6b665ed9b95497a5cc9d7fee01d5f786db34cb2b46c3776f5d5cfa95c282b32db303faa612ffbccb672dfbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 12d1ec66931e5d1838cd2b86fe830175 |
| SHA1 | 263a295c39cdaa970807d766df6aace11deb5994 |
| SHA256 | 8b895e63f7608cdc3c621d6155def175c6447db18ccc6a7e308b870b94279727 |
| SHA512 | c999712ba09f3c52c0f7f72e6529c37175de3d3f27c9b0aee61419617e2e4bd6f63c36cd4a384dc77083b841a08d27cf6815c81a559cbcb62e25ea6778ffe240 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5c335c.TMP
| MD5 | bc72c12aa3417f902c09263799f5ac90 |
| SHA1 | b298809047292ca3155013a97c8ca8f2452234f7 |
| SHA256 | ec33c5fd4c17fc98647685fe837b77e20fb8c3b6e79be0110590d7305573798a |
| SHA512 | d4c4601e676b4f4c937bd8a6af9702a40d659ad98d58cc68e0922be5cf52526924d62cd34f396d7b4a396e850754f9570b00b02cb25b7fd2bcb553573d7af9a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1b3f62d24e2e8fa773b798db7ec6e4bd |
| SHA1 | 98af7e33ccb41d9d4599e0d5125272a6b03c658e |
| SHA256 | 7ea56be3cc93ca2647764ebb78c01e8a04c40e24924fea7f1ec598765dd36458 |
| SHA512 | 66274aa2bc8d66d4d74c56048187b5f7c876b9c415d34374f8ad790a8a8d760c13d34862f9ede303b8f720de8158c3959df0b37e9671e82cd069a417a985e8c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3cde37df6801092209894bc7e2fcfc03 |
| SHA1 | 058f62fe2e2ace2e28b616171a265553ccef4b13 |
| SHA256 | b7baf4dd39ac660fb7c001bcdd4513f541cd412430d39cf49f82c7f059f2f714 |
| SHA512 | 0308098633263a7cf7da5a2618343dd4af9f4a8b965693344411211058b10e944784ac7815ff7c3b913239f3a6cda0849ad1c06fb8a4875291cf8cbd95ab7880 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b
| MD5 | dd28213c26d7454c81fbd5b30a8d7e0c |
| SHA1 | 3302f4c78cec0366b9d3cbb5905dc9c8563d9a01 |
| SHA256 | 58940eacc696caed03f44910a7db04e8b4193134e3a36ee54b8b057c6c340c7d |
| SHA512 | c2c5ae96fcdfa0aa89eae44fcd0d87ad83b2407213d5cab5da4ec420038d21422bc3ecc1c86804ae3ce27eaa6d670f44f231f6ec9a5c456229e4bd066a060a48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d0b0f3acde4b1ebefb8cacfad3be0a52 |
| SHA1 | 2e9049e84a625bf06c617f52fd13632cdfc8a516 |
| SHA256 | 605369b2389c9a97a61476cdff6325a7754876963633b3404a2dc660f7827510 |
| SHA512 | a207929f7e3af6ecd556fd8bf790f02908599c5bf7b726341540c2fcd9165c487bb4fb2c84ad29de9c90c52376fd5da43ff29e9e76edfe608829ab64c307b9dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 62c4a18ef630d6ba028d5edb1ef1cd98 |
| SHA1 | b85cb63e6239a9a8eee87bd8d14725775a8817b9 |
| SHA256 | ee97baeb8473267b78ca579e2e83825e8ba5f9272ce0035d903a81298a0b0787 |
| SHA512 | 19228d8f1a513390efccd25f7498601b8da1883ecb6157b31a39bd86d6dcb9e1e670a24bdbe8e4910132da8ba2067fc9581f7b9bac9b6505599b65adf1519428 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050
| MD5 | 4454d4694e4d8f6253205c1ae4b95b37 |
| SHA1 | eff6ad1203cfb74b55243c9a4da73817fe865e13 |
| SHA256 | ba396cfe77f268d7e144bef4b37e8b66511112da3f5ac39a2c6b1b4e73af6ca6 |
| SHA512 | 4afbeca38c5ac1ee88864c138cdb827f72408258112389c76fc50ae849e6cd68bb952cb7883ff9111e5c08e3c1ef669620aec5ace273ec8ba7fbd3ccd7334c8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 51f45e5218334be28303f404044f02fe |
| SHA1 | e3d06720fe7b29f437ad82962be07fcc3ccea390 |
| SHA256 | 377de9a936f9de7a5d62b07e657e72e87b83ebb4c706b1b3e7b16fb725b0399c |
| SHA512 | 52fdacecffc82d87fe1227933da14fe7e9a13ecf4f37f61360c03c259461e8601c2e7d6a484afa41e7591fe17522f99c2b2b40be215e0a540f3dc39892689733 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0ee95c33dd431a3fadb9ca917cbe278e |
| SHA1 | 4257dc28c6f662b7f4e0dca3c83b9ff282268988 |
| SHA256 | dae5c5e1fd89b62fe4284b03ea54eabea481c92b4c45abd604c704704c2dabdb |
| SHA512 | 2c4575855091a311c841975ad651aec8682ce53fe2e0a559622d1b783b393ec439ac3331e8edf0ad72e4aa77e344db7d8e2a6f5397b5ccd3c39c47c5279f87c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d65b906ee76a2517b05a80c002b50718 |
| SHA1 | 7d5291e2e4005e47147751e26399ec47551c9e95 |
| SHA256 | ff5479f20868acfd07cdd07181a6136eebf0473caa16bda3159deb01c446378a |
| SHA512 | 84d70878cd1772ee2f35399e64de907b28f820f6df3c07cefc023ee05543afe561cfcb9e81eb6c601fc0459e6d2cbf2f3dd64926f5363d1b1ceb4ac4c8fb043d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d
| MD5 | 47ae9b25af86702d77c7895ac6f6b57c |
| SHA1 | f56f78729b99247a975620a1103cac3ee9f313a5 |
| SHA256 | 9bde79a1b0866f68d6baa43f920e971b5feb35a8e0af7ffadc114366f8538224 |
| SHA512 | 72b5296e3dd1c5b4c42d8c3e4a56693819779167b9f02bc2d5f5a626b519a9cf10bee59846d614c929c42094b65d13039f6024f6cb1c023e740969aaefd060c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 17cbe59fa846cfc13cdc87fb938d7bea |
| SHA1 | ba9ec25c80d41a6b2201be227be5a25611689a4f |
| SHA256 | 8e85f4e7ebbe310c8e6de6a04870b54a015c79da221d9c989106c1056989fc0c |
| SHA512 | 2efd6d0792ec5cc2b61f34a87b3eef27fe46608cb177ca67ace537ea27b27f1f492a0db90a5892d57e3acc4fbf2aaa3afc7f7466558b841a21c98074372e2d16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2afee4bc2031785370cf5da887460a92 |
| SHA1 | 7428d8869ca79bc9b1e02edd2b96a0eff7218ca6 |
| SHA256 | ab41bccc00a7617201a8a2f97c540a428bac8dbe499aa1831e4acda220374847 |
| SHA512 | 34ef81628023ac24df0df62bd3a06c0e440b65257782dd6cad81139ec34da5220f453c938e44c210bf711cb2079bd9dbf960c9b3392d9d3a8e36539e075e07ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | e65bb0b4591c3517d1bcb3d2d8179e07 |
| SHA1 | f3121e7a06b3fdca1eda9c67b12adaa2830d036f |
| SHA256 | 764234d0ff71af420b3c103fdfc0e0cc3834c5730624411f533650133f666db9 |
| SHA512 | cd7bcb899728c34506ed9de474922b8bb4d4ccd0906dee21e63f195e77170d22176226edf4bf4e54a0957ee789bdf446055f3ece181dbc5dab292e1b270f347f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5d188c.TMP
| MD5 | e812a6fd9d6994f69a6c68a80845af76 |
| SHA1 | 766e5d38724736e13f125ad2051ff193537d6dbd |
| SHA256 | c02afe80246191de9e29c1c82db7e51dfab008779de5dbbc95ee16449a52f824 |
| SHA512 | ee150d6f1d209dfaedc1dd8dc01ba0e43350215127f0562b516009042da0f8e2dcb1a7b1c63eaa8d2d373388a21faba3798e99fd34201000d3f1305ba6d115bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt~RFe5d1918.TMP
| MD5 | e0d4914d916617023cc42481cf684000 |
| SHA1 | c879cb450d9ef44584ead6dbca68d406956dbbee |
| SHA256 | 2bf1864fd321273a0a916d83089b27a292b01dc37b4733bdd68ee8e7d3d4b349 |
| SHA512 | 9a4e5e06fd2c7fdebe5885dd0381db6df692d4fbbfe45c899de52321dca5d7f20027d53ca9609975c13616ad60883b730350aa6bc7f1bd7206fbafaaed03cd02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\c5ce88bc72edbf8813410e12eaafa3c8e5ceb644\index.txt
| MD5 | dc9bd5ae5671150422217a17e2c8126d |
| SHA1 | 3c6be90487e901f6c24788b6e718cc494729b07c |
| SHA256 | 37f36368a21731d2952d4c6f0e1802c3a356ccd798ba3ca1f11ae411edd909d9 |
| SHA512 | 872da68f89c32dc53a0c5f8c18437a531fa85dcd5be21ed62a2711273fdf2eb0912be7102e146435dd70cd6909bd3415cd04a39caa47f5c3a3819cc23666b6f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 695fbab06df94a9f5b29156e013129bf |
| SHA1 | 7ebac1bef18fd410967aba3d5863b79b227e325e |
| SHA256 | 1ab63abecd461b9863d0f36188ea3a4f7d2af11eb16901010c7f9e308eaca895 |
| SHA512 | 282f4cd57b1869cbbd04ac9b2fdb06ff80b7357b04d9a3060e339e8b5954f23583e15dc16e7d402cb6e7371c90c2ec78a298fd9bc92b89c83cb22400bc88bceb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 270a187f8c85a9b55f0d6e97874fda11 |
| SHA1 | 25ba205e0cb5cb21b83ff05ac5781bc6ead96545 |
| SHA256 | 05b62565f8e6e118f1f03b51a2eae8e73378829cc4e189236c27482a9b12e2b1 |
| SHA512 | f54c9759cee97321c06d4f6c06a3cd919f2cc02efb21c08a48140d4e60f9759ee8bddaa470546972b36422459f6512eea8f34318f070737d9c228a34db921863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 66609fd70a942ba10d62e53388ed942b |
| SHA1 | 3c5972fcd9e0af339564ce975a502537f62bf353 |
| SHA256 | d5b155549db3e0842c6e1384aa9c166a1b69e7228d65f3daaa49b6589ff19b71 |
| SHA512 | 4cdde62e0216606499f6e4e3203660d44ff7892c0ba16aeec669a97d023d0e9317d9cc48414db75340c37a9fc686a43f451b20c6aba07642e3b94c8f36c9bf10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9d07dfc28f66ecc28db2c9830ecf0af5 |
| SHA1 | aabfee1d7a72daca235e3a103594bdf767ae11ea |
| SHA256 | 91af54af9bc4801661c3d34f330c149938d4db7fce2645fa3647cf079eb0398c |
| SHA512 | 8a2d8adb39393f73bbd3a994c9f5e3ff74bf425cb1ba79abdb687fb2edb3d4906e58f6590d835065e755981d44e8995208a53422b40a1159ce215925481abc00 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2c33af627b423dac0f898090ba7de3a4 |
| SHA1 | 3fc635dc968d1c1bb762f9d7a43dbb8ec5c4c3a4 |
| SHA256 | 2b1c2956affab20242b1b44a6f10765927e2645a865d2b1c65c88f9febde6365 |
| SHA512 | e0cab82738f21f72b73062456c5af064da4b33b622fa0cf09b25a1bcc800ce28898dfe78578744a73cf75d3fd92036c7e1ba7f2d03ea71183ef789de5656abbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | 2cd22e8e71607c89726964cb85608be2 |
| SHA1 | 4772cf894d43fc57aa5125401b6bf3afa32a59da |
| SHA256 | 2a833622469732180c07ab27eb30f2e2dfd26012e87f608dfae1bc154e1e5257 |
| SHA512 | a929f85c115df98e4e4c0f0a5005bcb797a5abde34801e093355a602739218c3550491e4344809cef16683caec1ca47d3ae4b9e3a99f35cffd408884b7ffaecd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c9efa9c46e3aab8cf8a7aac46d9b52a3 |
| SHA1 | 5c84a92ece7fd2db9477149995329fed2206f7ee |
| SHA256 | b22dcb024f0dee79db681a0d74429cd12ceb17e8c02211da5cd81dc2e6e9f274 |
| SHA512 | 45ed8da958f778aff9a445172399dacbcb68c72e1411a59a94a1c7394b3ab3279d781f3f937a1e5938dd982876b905b559ed679e24eb39b4ae449dba8ad50dd1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0de484c3-97f1-4845-8a41-19a10a4f2645.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2e96c1bc125bce0a9cbeef0cf244ffa1 |
| SHA1 | 9213146dce0868d76486df9aca8509bb303d495a |
| SHA256 | b75ed12dad5e9dfd76001051d0e265b6afb784dd97551348a919bed5b6e87267 |
| SHA512 | db5ad823bcc25935c553a2406cb0ce40d202b823d33937bd5b6a4b7ab233dcc6e81ad9101c4ed9046fcb2e8352e40ae1357ee0556e6df9d3da9fd84310a323de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fcfb2cf16df909fd6062ef97262802cb |
| SHA1 | 210fc600bd592be2b47027a47f85041387840811 |
| SHA256 | 6c5d673fe2474af4f37193ec5a286b5e570b75bfc3cff87118d5b3f03a3ff2fc |
| SHA512 | 87d4e03d1fcb1f89f789191cc60dd23b8a0df4698ccdd4e9f836a586729eb0df312561bfe9be423be4d3fe97a110998f5e1bcc7e645431537058bd436a62c0ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e726349ea574f6332b4b98a1b1d108d6 |
| SHA1 | 7a0fc71968c99b90063048e8a179ff5b21562e0f |
| SHA256 | 7c1ae73e2f239fc25613c2db410a38e6ed84df801406439dc24d345ffe43a8e7 |
| SHA512 | 9f5cd36c686b83f27b84438a2fba70d55cde45c7d942d4aa7e88866aef6c53dca03b4a6a1ad76de8a6629dadf57b26efb3be5da6aafa55a69de8da406f2f35c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a73e82800ca4fd21f543bc2cbd701b69 |
| SHA1 | 6c13788367063aa58e2050516d4526260ae899f3 |
| SHA256 | c3d86adc063a829a68996caf312ace1d70abf70cf77cdc7b83ea2b9c1cc1b430 |
| SHA512 | 7e6a5d55bc88275d4d745597699239cdfd9cd1f8ac27b4c8a3550b9764f1a2401db294248376bee0e683407938336d63471cbf249c6b11d10ab7e52161fa53a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 241535b2ef18a513b10c3af07237b8b6 |
| SHA1 | 2233c64fff9baa437d07886c9400bbb804d755ab |
| SHA256 | ef7fede5e2829f37c0225f9bc0187099dbbfa6ad32c2ad027f87a2759fb3f528 |
| SHA512 | 03a9b0c68c4a4e1bda617f8b36402d231c8480c53b42852345f3b519c07aa1c5cfac56fcbf39f4f114e9f2d8c8beffbd23b56e18c9de94406b03b29143296155 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 60062d06e37055b4d45036a1c78ed973 |
| SHA1 | 675bca92d69209ad061369dbe42d2ef2dd8f4a29 |
| SHA256 | 0140d0811636ffc970ab39ae52422cb60b3cedd90e7ba640a9ec327035d94045 |
| SHA512 | 158f266dbd4ce5d0a19a411bb201ea4e237d78dca5036e467e6d9196e51488bc952b703737a71a02fd229fc948e4494434d816bd86e25c2de454f681ff119e58 |
C:\ProgramData\Malwarebytes\MBAMService\77b7f49f-15fd-c759-37de98abc8c7e904
| MD5 | 856f6ba813d0bd232817be42d277fe0c |
| SHA1 | a9f8be1ce91f9b8fa7e967ad30dc5c50cd6b9b5e |
| SHA256 | f4fced4fbba70a23e261cba1b765d734de2cbed3c8996095117375906f6b8a23 |
| SHA512 | f5f88a23541f25ad880b30758fe835001a2f2fa1668ff524eb7e7d6c8c4e03b6c319101d5cd7e7a0117bbb648b7e2543d75c823814492b5d655adade4bd178df |
C:\ProgramData\Malwarebytes\MBAMService\tmp\d7a8561cd7dc11ed9b9472edbb006969
| MD5 | 1a0d497d31dd5118afe9b87952e05260 |
| SHA1 | dcdb6a641b5d8be1201de93b18435185edd83fb8 |
| SHA256 | 4a93be6cc85f80b39dbc8fac88c0494f5ee5ce4b27693e52fa99549451cc1249 |
| SHA512 | 6da38585986c91e60e5622b20d90dc83c2332224d6eb097f57b0c2e481894a9bcecbde4c7c05bbaecb2883c520c4787ce46c1658ae6a9e9c4f50675bb810af7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 82c46a0caa68f83eb78d412bb4b24805 |
| SHA1 | 70a977923caa9b51fed02c94febdfb4e30208b9b |
| SHA256 | 295b680ebdd9630d88e6e33ceac0700ed93fb761cf26c2b2138cd26a4ba1913d |
| SHA512 | 3d53623d00cdc0388eabe68186090515305de434508fe772e7feda517d1774264872597b2a01a1ad16ae883b14bb31ee993efa0f1859d77885ca75beaae30f70 |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | 4089cd4cfd59c69444f3b2a0f792f171 |
| SHA1 | 50932832d6fe636b1aa19e889e588c6b04861f6e |
| SHA256 | 11f6ad62dc5fa3f7ee77921c54de1f6bdd0411e31cb8bea2fe0ffd837ae406b4 |
| SHA512 | b2d7c767e89fdb528dfa4b15dadd8afdfbb340ec690be327372149ae665e8ba920fe6cb2006d62b899926225358ff93c56923bb67c9e1dc93b7169cdc7fab758 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 657c1e602248961d9ca37593d3e2e9ae |
| SHA1 | f67cc7f448bd3729b6d3900edda809651b1a49aa |
| SHA256 | 6ca22e4bbb6b8d273e44638f94f17ec62d9246cf90df21f160a08f80c460430c |
| SHA512 | f471fbfe461378fc41fc69f2381d8734054078ff88a4c2c7ea3c2f821223ed3fb3011f635d50229705d05efec8754f0b8543e46a2a46e866c42cb149251bbe37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Temp\~DF571A4C9444E88067.TMP
| MD5 | 166573081d6d72cee597b9372d93c66c |
| SHA1 | b3d55e5098659cb3425ae34cf3016ba29e19712c |
| SHA256 | a61a567500417c086f280c5991190822d32e6da2e3ef5d634178f104c58855d4 |
| SHA512 | 1fa6c9eade91bc6ba341562683802c3c7a62b2192ca5bea80168e25d46fc9bd0c7f8e28842f3e6b5c6e03c1be58a27bcc72223bb4447e543a2f522bd6dd24e7b |
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\BAEBE581FCB73249406FC21094EA252E_BC0CE803EF41A748738619ED7838EEFC
| MD5 | 5bfa51f3a417b98e7443eca90fc94703 |
| SHA1 | 8c015d80b8a23f780bdd215dc842b0f5551f63bd |
| SHA256 | bebe2853a3485d1c2e5c5be4249183e0ddaff9f87de71652371700a89d937128 |
| SHA512 | 4cd03686254bb28754cbaa635ae1264723e2be80ce1dd0f78d1ab7aee72232f5b285f79e488e9c5c49ff343015bd07bb8433d6cee08ae3cea8c317303e3ac399 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 64885b2a1fe20d5eca11a12e62d52f68 |
| SHA1 | 46d00d927b827acd6c7c1bcc23b1ef55773f97b5 |
| SHA256 | 68cdac1c1907f4b6a5c93ff4b0a5f8abaddd751935d7f5fed0cd0a392a858f30 |
| SHA512 | 59b4390c34ea03f358af15ac96441637bd82020869e4e524868d9e240c37f8ff6070db10503fb27dfc126e65b52e47a9051fcdf41f4b8ac3c6be55f263df10cd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 30b8a7bb9aac5eba7329d734c4d24983 |
| SHA1 | 3890f34cba2185a3c3807f43fcfff8ee42b17a82 |
| SHA256 | 90e649300c236572571f618ca4a850bc4ea9ea37d74abdd87d4776d7b9e1f06f |
| SHA512 | e9ca88d7ef87ef9921126a36e6341369a234599eeb5213fedfee04338659fa467f23f75cbd1cdd5e2210393eedea191d10abd06944e355a9a583e95f710bd579 |
C:\ProgramData\Malwarebytes\MBAMService\version.dat
| MD5 | e45eebee17ee249b591a7adde926fb71 |
| SHA1 | c032ea44c7e3f6399032ee722ae9e31548933df9 |
| SHA256 | 8fa72522a6949eb5bdd26db1f602b2178929665cdc256474cce1ccd551123dbc |
| SHA512 | 2c02485d797c79b599e65076d93c085d4c0711a5250417ba986d73859d4fabab4736b5c1f62afec7768366203c24d7eb9bf34487ea6dcff43223577a4ff8ac78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2230abb3b80f54aa88d70f675261d63b |
| SHA1 | 89db8252f8a64f5eb3f2307b3c9bf4906edbd477 |
| SHA256 | 3afa780643323aa74bbc970e9252393b41d29fd831c9f586223fc587432c712f |
| SHA512 | 7f5846820993fa9979808d7d35733f87a8530d6e9e1f7a34cbc0115a64ed8c5a61bdd797bfbc059589da59d8a4936a625fa732e4a0a78be295385a615e3d1706 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 803aa00a14b6741fbaf7f7d509fbf37b |
| SHA1 | 80fce4b322a09a7f56a29a57f5b7b5b0167785d5 |
| SHA256 | fc77ab64f37afe1adda3b284baf56229342be302c173a37649de5872f3b30c11 |
| SHA512 | 19e2450c4c3e10704c91f8ad8e9534458a38d1054e8881168659c754ef4e17b9dc493c2b7f6356776f120251901cc9b602e8ef6c49778aaacdfed2d3feda9397 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9325300f7521d77491ead0c8cb24a2dc |
| SHA1 | 14e7773a92a2ffbb1b9fb81cd38e1476645463bb |
| SHA256 | 2030bf60ad7d2e323dd081a81e4a7b647b1914dc078d67df9a83c70c8e69bf9d |
| SHA512 | ec27189886033119c85e55e5afca9e94be8a8e29900630c316596221d03a83df47b75d9176a830cdf017a2563d4addca5eef0f12a81dd67d1fb9466d3ff7b9bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 226de5685b72f041e4dd332f1c8ceefd |
| SHA1 | 89954506be5e609c88bd514299bc25d7caf19088 |
| SHA256 | 2684c654ef081471be0c5e0a8de3ce6ced1ff5d641a2371c433f0acb19957338 |
| SHA512 | 96ad79680d519b67cf286818e827e774533abf0a169a74e3c5f586526651117da182cf67364f1140468fc5e6470f1f0616b24ea1fe6232c4a4211bdc580d613b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 913cc4b24062503af65cccbb41a31e4b |
| SHA1 | 07e58676e90d4d48d1fbef77b0fcb5e4349d1120 |
| SHA256 | fce87f3e6819286c1b707b2b3506d65cc963e9ea7e25191d3b3b747fd33ab7d3 |
| SHA512 | a14f72a25632279b926cefd9cb427d5ff3e22f57009ccb41a1af4d19329d67c3ac23a3c7efd9d7df6993fe623e335e8e8eca25a49db2723963d8f72db331a388 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9f26f2cc9cee8e60c742be25d1567f3f |
| SHA1 | 743129f703302c13150afc4a336c6c7a006af483 |
| SHA256 | c91199831f5bda61f290e548be35d25f8ecc8ea75f6f1750c45084d46d7e5f97 |
| SHA512 | e0354e2b5efea869268a79751267d9870fba43cea58110f9b31dd2519cbbfd33a68e4c352785a3f6fc8e708bbf29208cd70ce7e213f513d3bef9279d5637cbca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 16883c03549207cb7c03fa5b2320fd23 |
| SHA1 | 497da2c0614f159f0b3b39433618f641fa43cca0 |
| SHA256 | d3f9bb79cf810a0accfadc8010b49341a3620eca0bed81d017c43b40c3f3060e |
| SHA512 | 890bf863dc0544affc97aa7f805c39a8051ef38987bc9cff197a271aaacee8a1a5ea29776b2825444fd14abbb029d58a85aaea6aa658134590d11bfb38a7d3d3 |
C:\ProgramData\Malwarebytes\MBAMService\config\IrisData.json
| MD5 | b2fd1bde1c212218161d9d8c9becd8f5 |
| SHA1 | d1d84b0c33c65c2481e359e6d499b27b2465b78a |
| SHA256 | 0103e77ee19a3031b1ea890180a9b5d6cb78b83f8056e3f6146559e48bd1064a |
| SHA512 | ce172d1efa8aa228a5db3cba2276c44ebdd29e3ae210328fdbb1b58036ef8721edfdd224dc80ee88d97a6be42746588ad684409c8f6b4f99e418fa12b92c9937 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f4f023eed959467b609733968ba7d91c |
| SHA1 | e17773aeaf87b44675e56bbbd7633f6ff84207a3 |
| SHA256 | 71ff0da83e7001e0478759945ec1720ec304db9cbfd6dc5e8b1004293aae1179 |
| SHA512 | ab5f0c2fbe237fc4b92b83f5d3c0ba9d7cc400627a65e7b00753d9db5f838590c3d43f740125a12e8fcee8e5d92e23673fbc844fe9a14be444ecae8d5089786e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9205de85546418e79c12cc1ed73e6a15 |
| SHA1 | ab64742aa08083f42b8ca23338968c1752dc2425 |
| SHA256 | 5cb906807064f3f6eac96c04c7e7502d9a07036e6da479448d345a67bf1115ae |
| SHA512 | 6113ab54e6616100ef6c3667b8db7176a1e671abb22fc17616c9e046757a181ee30e9e6839c131290878ee87f04b135093fffe1ef28e38eee321890251d0ce13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1c5929644b7c38d3799ab49b2d3b2d9e |
| SHA1 | 6810113ee5007dfaf2c75dc2f5d246023a7c78bc |
| SHA256 | beb376adbf563d28ec2adba62c05f0a1a8203db88381403beb9eef02409b6292 |
| SHA512 | 7000375b89ac7baec0030e1f81b5433493f43e8403c96ec1ebc87ef7b262a81365ade812f455f35ff2fbaba54c6c9b1f464ba4d51ab9fa8d7bc4c5c63f0003d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | d8a75e3d9af7756667f556b2a88d31f9 |
| SHA1 | ac433059d7ccc32acf872aad4c52a8bc0ec405a4 |
| SHA256 | c75bb5f4fe6ab915c71c9c945b45a262072cee2c65b66d9c76e67b536bcdbd63 |
| SHA512 | 0406e7cde61d2224cd1b1d5dec418fd7563bd33829ffc6520a602cdb8c2a7eaf406ae6c61b08c009ea23eee569ab45d54deb34d8cf6c3a81d01f660f54ac89bd |
C:\ProgramData\Malwarebytes\MBAMService\config\CloudConfig.json
| MD5 | a735878ebed78070fceac9604de8d426 |
| SHA1 | df08516affe0154841641fda5fba6bf78217a420 |
| SHA256 | dfd99521dc6da6341520a886c61b131b4c394102048812a7546f7473f0e53c95 |
| SHA512 | 016a036b6fad0ac0aec280e6c12e8e6f3a77dbc5aeacbb8c801575030f50cccae78a4a81f07592d6318ce383250cae0f96f86e83c1bdfdb37e3c05a5e93f0d43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d4601c78eaa95a69617ce0d22c24b060 |
| SHA1 | 107612923a68cb6e4cd4a5bcb41df354e4e22b22 |
| SHA256 | f02c081795f1b6132f6fee3dae04be807e6be9febf5edaff84c7575fbffcd26f |
| SHA512 | 916da6b137f9bb0bf18283c256a1bfff94e7c0cb0b3e648974f02996d23fe5763a39653417f602687d88ab60322279d163b397aeeec55023dfb935edb2643996 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 63a80574c231862a3e92c762eeac4de9 |
| SHA1 | f1a57cf87d2acf6a23a882d3a15e049366a543ed |
| SHA256 | 9d702589529188cf81ff12d0b1ad5c622b9e84fbf141d0ca059638113cf87f58 |
| SHA512 | f89469e2987ede445f23a9d722543927ca8bf6c6392b25f89b9e8b3488009a1c095291256c08896a46d0eb611c009fed47f0137f1267745cc8cde560844c84cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 101e09668b8570722b670dfe7ff53918 |
| SHA1 | 8bc4b9748b034d9c6cf172afbff9611f8feff2e2 |
| SHA256 | 5384d192e58075e036769b9a30dcadd3107fa65695cb80e9cd269786b1d284d1 |
| SHA512 | fb8d9bfcdce44e9a45ed250179e7188c10c8147eeb92f66526cd50472505cf7b22bf9654c54fb80dc27d78266da4f290377e1b2f637e408af978e3836d6534ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 815437ea8f37ca46ec098c8f0d102647 |
| SHA1 | fca7d9bf8b96adb6022422c811aff418a5d7c91f |
| SHA256 | 446c6e12729d907f4a7710dee8b6af86d9bf7f685e5b54802f6c05cda3df6e22 |
| SHA512 | 6cf152d3b2e9c03c2cdf702205b52eebd3e73ffba03c1ba5fd5a901fe6dbf8de076dbac192b5a980da115c5928bc76e7ff4b24fa4b2f02781f60a3c80ec4d4fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 69bb5afb18844da585247304b70c217a |
| SHA1 | 414dbf19d3054a828729ad656e34df3da8dfe4b2 |
| SHA256 | a35f5a253e3ae1079904277b572880544b2fe8e51110a7c50b2dd5cac8b9bd75 |
| SHA512 | ecd821677154b9c0c3cba3a0d852d40632ee7c206f658ddadb7866ba2c90ec455f04ecbd523a5dc95101933ae68f3412600b75ecf0f56e4649086b0d6244207c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8e7514d665e32fa415db9fc27bc3e784 |
| SHA1 | 6af61aca978b32deed0605706d3121410783a222 |
| SHA256 | bd00f943dd2b2527401bf1c4d90b4329e77fcdf7f2d9227b4983756959631148 |
| SHA512 | 98a45c0d05f308918d5a452cf0a2d52f099c0079c63cafefed08bedd8eb47a26a916c170cdb45f1859d2766f584a436e790ec44e941568facca0ec1be931d7f7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3881f1b9c5a1dd586f658743c1f01514 |
| SHA1 | 854010acae9fa2e28ff3ebc691926e65af5b56fd |
| SHA256 | 424a85f2a4659369097da6125056a6bcc3b497646c36d95cacb272d7b5805835 |
| SHA512 | 7fdf0c3caaedd224f4a60ee14e34f46594e5c690c9f325a7debef6dd724571d4e7fd57fbe4525d53ad2db8b9a5c17a4ac24ef6ca21b02d2f223fcf1aa58e0f3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | 05d4af3c7177fc6ef59bc757362189e6 |
| SHA1 | 9bd382b8256e9e4fe5904f7e9d4b165514224f87 |
| SHA256 | e521fb8a0489927b21f6a8d2b09ba516fa205e4ad641b3b573c201cc2eb1f4f2 |
| SHA512 | 8d2b30e2f8c209ac94653bd8ace132a2e4089556b6da4f15ae6e74712be89982ebb8018d1180f991b783295ac49888a35a42b213e67bef73a55520b8957b58fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 61b4a8888f51477ee2a7c02438f311af |
| SHA1 | 938f0eb469c0f9beab338607bd0fc63e6c4df562 |
| SHA256 | 9979a388a7d05b7f9388f6f7c8469a2ecf8e820ff78598858827539a1d42bdd0 |
| SHA512 | a900a2cf6336a21c6ca560fb9a3024cd70580556491ad8842ef5279106df56ada203eeb15e15e5df57ebe27de42388f0f038ef024a30286044dbb176589a8ee8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 89f94c9effa5174bc1f4f3049d04afaa |
| SHA1 | d35b5525c4b7c9154ede56ff5c32aa1b2dc0d27a |
| SHA256 | 0a9c1379f29628f6ebde3906f53e1f88fee775d48dfb990989918b237092ba07 |
| SHA512 | ea464191143b6daf50faa541e744b7e547ff8d5ff84f646fdf0bb42a8efa4d74ac9bb9affe7fe98c09175f1a7e0bb054c188aedd305c7710cf92e102aeb07d14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 72b4ffdae2809d9290558b02c2215ad0 |
| SHA1 | 6abe6ede22400f02be75e9c0ad2e7fbc8e85d082 |
| SHA256 | c50e49015e3f009de56997f89c0cc2453bbeb52fdd3056473613b5aec6748814 |
| SHA512 | 602ef64ef93734cc69379baf80898833343c481bfbaad8337a6c31b967e7ad1dbbfec01f3a36fe8122133b7ec1d53d27bdc553e181376278688cfb741b031d22 |
C:\ProgramData\Malwarebytes\MBAMService\config\ScanConfig.json
| MD5 | c018752aa0eeadae06cd4add8198f7b4 |
| SHA1 | 63b949c75777f08c618f8b3d6641e12fed52efbd |
| SHA256 | fe381810bd1e92e4852701086cd8bd0adc3d4a5e00bf6e5bb0317d85ae21b1d6 |
| SHA512 | 91a0471bd931d495b7e368992f93c1b673ae9c0dd861738e3c3ee4abe479b512935ca4d554e7ec59651ca4dce608561f03768d606a30fa553fed551198a96eee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000078
| MD5 | ec3cec405190f46721873a8b2a13e07f |
| SHA1 | fc36862879343d95753a74c0b3b3b8bebf1086cb |
| SHA256 | 0b78b7decd34ac4e254c1511621fc9fd5762e15cdfc826a9edb7442143f932b1 |
| SHA512 | cea01c7eae962da712d151a293a539fd622e7b298aa3caa85126e3aa06b98b6ccabbe50837ae96d1a2614295c6f524a5e9aa4b804a667adac457f3cf7ee2982b |
C:\ProgramData\Malwarebytes\MBAMService\config\TelemCtrlConfig.json
| MD5 | 64c0dbc6f621b7a439d1301d95c6f87d |
| SHA1 | d6255f0d96cb01ebc8d47ded89941e014db40cb5 |
| SHA256 | 34ee5bf968ed5cd8d8a12f05abc216b750fa40b2deaa125ee27a36ec8dd5810e |
| SHA512 | 2ee0790b13776dc2e8d27a2b435a21e463c03c5c8525908ef2177a61ffceaacedc7c26848cead52f7993640743d6e2fa9981a8eb2718ba60f3ea351465312e4a |
C:\ProgramData\Malwarebytes\MBAMService\ScanResults\6e4aba20-d7dc-11ed-92f9-72edbb006969.json
| MD5 | abb64bcb7e98c7f5f0db2b333749b241 |
| SHA1 | 9e9ac3f819d168d10e833b867cfa900a53f8cdf1 |
| SHA256 | 393b4bc7f803b1c4817996b769fc5d3c72fea35357d507997c9235a73fdb91e5 |
| SHA512 | 148b129ea43ea0808d597dbc7286678401d772b068497c7d5adc4a15fe2ec05ddcbd277a08a5b2eca1724d9933bedf2182a14903cc10e5682efabf59fe6fe5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\ProgramData\Malwarebytes\MBAMService\config\MbamClientConfig.json
| MD5 | db3128516e069ae2f9b02eab1001b800 |
| SHA1 | 260db0141f060c35149cb379a0257097be944d88 |
| SHA256 | fe98fa0ef0888527c2e29b98791c855f6122e19766e92067c33c566a8445e202 |
| SHA512 | d1f844237e3c09e0ee71c7c0e56285914728d7919fa481f66e93d849c306e673e37ba43e8fe145ba5122adab92b52c676ce94c4103603deb01dac71433bd1e95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8f827338d36d11721d4ce3f188527b4e |
| SHA1 | e0f1845f15fa06b9bc525dac9f275109798de44d |
| SHA256 | 0de719a4ca6549aa41bd1662bcdffecf1dae068fe26d954a0d5a57c614c59845 |
| SHA512 | 1a818670db8c865d76145f335f734cb2e5c939085a6e40c5437371966248b7be62405d68f00a27db69affc9fae2af02f9e73035c277ed288dd8f414e9feff2bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3d4789f5d19962a55c72fdbb5ad28402 |
| SHA1 | 6c823454a6bbe6968bf3a76bc6244b2aed20f36e |
| SHA256 | 396995c8c6620fc82f4733f10c9473fc1ef68e0b8fb0697f41ae28972b6153ac |
| SHA512 | adbb6ee13f7010e4d8b641702218e4eee88187a8538bf9dbeb00f3b413c3bf772a1eb4c3533c2114e6f4f5ab215ec77d51460d678b291ec6084d9a856f614f35 |
C:\ProgramData\Malwarebytes\MBAMService\config\PoliciesConfig.json
| MD5 | 1fdf9d64afedb52ad67a4bd62a4e4cb3 |
| SHA1 | 9ab0bd5e4a0e62b8ea11faa9cd2164c3009adca4 |
| SHA256 | 1d14b1df4f85dbd1f1ca364206936b29f606ba7daac11da04423877cc72bace2 |
| SHA512 | c2ce1a1d0880ca21063d2e219fd7c0b3ff1c08c3e76566757a07613f75bc78fe05da9fc9b557ac7baf64b17a21284be30c051fa24f36237b3c5173839db335e3 |
C:\ProgramData\Malwarebytes\MBAMService\config\CleanControllerConfig.json
| MD5 | 63e0223c44f7463fe6ea646dce1a0be6 |
| SHA1 | fea5842a26889fe7520c2ae34fa93bfcd3793774 |
| SHA256 | 95b6755864aa3b5611571a2e60854b330c51610cd4926a970d7bd107f91965af |
| SHA512 | 6dee61b841058d177140a46b3b9f35054577d83a15fa882aac0236161bdf3be60e271a7f7026b78ec60f215129dcf32bc4ba6b6b6abaf5abd3c4773b4a7b1af8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 66c522ad9d1a6f9989936b54a35827cf |
| SHA1 | 1f377f96b9635f7e6bfc1536decb024de464f071 |
| SHA256 | b3a2fed8461c10643ea43b709e83b3b06f22cb1c4108869f7f7c1d1fddc685ea |
| SHA512 | e48c8a37b9bd89b4c18a0d6cb491a42df64fdc9528f0db8dfe52b3d1c22674363b1b93c3eef74a8de7db586504f060e5eccf5f66a535b5a001cec85acba7c9e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a063056147ad3f4f9c994ac981f9ebd1 |
| SHA1 | 72fe39e72815249a0ec68ca3e30e0f32cc5ff940 |
| SHA256 | 2e3c3e45c881fa73999e868e081bee006c1e354631e3d5f239869dde8202ddad |
| SHA512 | b18a0f09477aa9930d00b35b4bfd4357591552f50b6231ea345fa95a157a3329a7389c2b34e68bab78ef744092adca0d523c4fcbc6e9c90c8862f27c5944c23b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8f4ed13ad94ceff014367a52d8920920 |
| SHA1 | 9bc4545212c26b99b3c5f9fbb6993715350e22b6 |
| SHA256 | 897613623bfad024736427589d3d105ba477f3b9b259ca108292850fd7f9d604 |
| SHA512 | 75ae44ccbdf5d1c6863964c0c9a3ff5c054a7a101e19fc3492cf05ff80b0dcdf8c185451efaa0832c850e45edd289090f4b98c99f46e2c2c97a9d8a1080a443c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5fd6b2.TMP
| MD5 | 9eefc7aed08595447bdda4d26ae1a519 |
| SHA1 | 33a55c3c11c9ecc07a7ee6baffef9ac595259efd |
| SHA256 | c8607f375c1c64e4cd087a9e01722cf5fb6a0edf25005f5919352ce5a44b2136 |
| SHA512 | 6d1241f4e452acdc83fa55392a8bc00e66b5c830f2f7c6d777795476016e18b14f28e9444f64dfc461e0324b8af88f3c3cbb0e69b47de6c5636cac2d0c843273 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2892eee3e20e19a9ba77be6913508a54 |
| SHA1 | 7c4ef82faa28393c739c517d706ac6919a8ffc49 |
| SHA256 | 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2 |
| SHA512 | b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13325631607964110
| MD5 | f30d2470263c8afa5aea3cac6742e479 |
| SHA1 | 0b71c983afeef5eefe4b40abc794788cb678353e |
| SHA256 | a8178eef68beda021e6d1c82e7913454b6b55658f585e0c9bdb09023bdd805d1 |
| SHA512 | f14f3afe7d42c392fc4f338293391325cb1139137db19591abf25fe9752af35f56a3f05992da7a4413d3a7723d5f09cc22f9c11804ded4614ce266d06d62e654 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f60b1f080518832d62c4df920db9fcab |
| SHA1 | bbfd4eb70fe52941069ccdd93a37bb16b06772b7 |
| SHA256 | f4c425d18b6491c72e0f9e84e978bd1fe89e1342dbf50452f361ff672371fd00 |
| SHA512 | d95f82555a6e9c380dd19f48c1aaaee25efe79d2978cc506914f46629fc5be63ede5502ca6e05d41eadd11f7541f88ea22a3be680114d260204333020b085899 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 55b0a1c24afe6eafa50b6dbbdbf62d5c |
| SHA1 | 4147e8e185d6b3695f3415ed0b040e611319608f |
| SHA256 | 6fe55aa7b19cf09000a6300329d2ad9c7e33acdba57ff3437404dd9e9ebd8268 |
| SHA512 | c9acc48aadad75e5e0a776081dc0616e7842de9560d9caff365ef93d0faf781d5b11207f9be2d59d55ad511732e1916e86b029cec3ea275321b8a9b36f37727d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c04499d5fe26150a572311478abf03ee |
| SHA1 | b0455d1ef530a6c2f7921739203c0c0ad7a82671 |
| SHA256 | c9c7e974b9e8fc1f332d65d2eeb2fdf536c4a99279bbe920579236515552475c |
| SHA512 | 865ebd4ee87c6d73987fa2c313e939ed9bc684b733bcfc627760dcae01f7d8bbece1f61443d97e1dcf983d9c6235cc7e54cdb50438fa1da3685e73d87064c39e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0fe8b7656db779c5bb92db128686e59e |
| SHA1 | 7067c01444d076c695d1b77cf51cf7f0696196ad |
| SHA256 | bf0d7ce4ac69f5188af8847af9f12b966d958f1f9cc668f0b1f78745a51a729e |
| SHA512 | b3c4c038246501b60402b8bd946c960e02090415b28a7b80c42f00b0faad0c7a051a28bc62218f5ab0b72519c808a2c9ad31b24430a8f59b8c97bbb2ca06df86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d73b95570abc66f8340a6ff13a4819fc |
| SHA1 | 83274cc324a79742fd4cfbbf0ec57b2fd85a04cf |
| SHA256 | f7767eeae278457ddf9d1a547f19c75743b07f3e0549683472ef29f1ae868a02 |
| SHA512 | bd54500a2adda7b9bf8beefaf76bde586fcc7b4e6ef30080afe08fbe1190048176eb6e669632637d9a6db262feed3c3ddfe037673830d8400d486a32a6ab1735 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1da9cce2a80c024cda4a444882cc9332 |
| SHA1 | 805b63ff1e8539e406510352afb088636c7b2b5e |
| SHA256 | 11663a1bb30e67e28e5d158f38827d4ce5b077513b4bad5fdac92a1fa069c025 |
| SHA512 | 8adecc41b4fd5ed609d3f5ea636b1a32483c96562506a6b33bb0abe9a537cc682fdb50e8a4968387e3fc99d431063c4eede8f5e0aa4a0d9f9cb6d95e365d0679 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 903127afe7bfd9c3361dbbe8bd82d834 |
| SHA1 | f784a301b49aa8c97cd58c959b49af1a95f00ab4 |
| SHA256 | 9a9e9b0d660bfc79ab7934b90a5070dba3c0f1a9d9c11d13be23b6513d92ec16 |
| SHA512 | 024eeaa4e56a8ca3e63976cc43f1e6a04e2d3b22157524a25d6093b488c1030e0b47a3c74ae9446642c1d27324e288ae664dcdc62f939f3902944148cc119922 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7362921191fd90a8f67ba0d264a607e6 |
| SHA1 | 8f74e5182507a812ffea2599cd86795b3b44bba7 |
| SHA256 | 168fbbae1aaf80cdafcf39190b752e11c24869bb31b78ae334ddebd33634a09c |
| SHA512 | cb481ed6c98ddbe04c97998a8a2e3cc91cac3bb14977fcfa2e9b1e5db7eaca78bf1fdbf75befd85f02ae63068af6afd73e462e76c191a5b3939732b786795b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7aef9c719cc13fc06ce999854b03b374 |
| SHA1 | f609e788b089b15318e3464b0e077fdfb6f44126 |
| SHA256 | e229015a85acacdf23abf658408f78b6a7067ce36d457b98e41930d689770db9 |
| SHA512 | 21d528ea50c9d9cf9e7dbbc5f60d3a5949f2fa07e0dd18a4d6421479fdace4d6ef9b09d0d456be73053a7e89491b33401af4d120545e7d42ad00a0476b8c3842 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1e788d0a84fcaef46fa79088379192d6 |
| SHA1 | 949f04a8c4abd1ffcc0f8249b54e22e683b5fa8f |
| SHA256 | 43b79ecbbc541aca07491a7901e7f53fb2f86396945ce9e9e0e9f3f53b12983a |
| SHA512 | 717b0353e6e0c968157b803c02f36788f17fb1dab65d4138ceb005d3fb1fab617e32503bb7bc18ca50de0f233700aab038547b89e6e61f68399ead931fb35d51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e942c3ef7797ad799ebc7e1d7461d96a |
| SHA1 | 5aafd1f924ce73ec4c3163a9d6413c942857f589 |
| SHA256 | 0485608ec34c7cf4f507db59a0decff76d36eb1267793f228bbd03571355c3e7 |
| SHA512 | 121b3f60e7a9f6cf968192d324c0bffd8290e96d1c756c5584d7fadf1cc951401100f9db5bbf1c98e3f16516cb81af101b76ecbe33182977ceb20d9b9d456b55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f25596b0f24f41cc1a3322006764690b |
| SHA1 | 960b1dd6d5745e7e53b2c4c73d7323e6b7eb66fb |
| SHA256 | d05974ed6e63dd8a01271d90b7bcd23dbcf41e775d1a5549f30ead926cc1b8d3 |
| SHA512 | 128234dad4a3ddb7b781ccd10ee25658c9e961e193f0f870c69660c198f4e64eeebe83c0d5949fa69e3013334e55739eaee0024328bbc8ac46078f171870cfaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 589c49f8a8e18ec6998a7a30b4958ebc |
| SHA1 | cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e |
| SHA256 | 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8 |
| SHA512 | e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 6149808022d50524c53365210303a8ae |
| SHA1 | 4991463957b233e1aecbd6689bef48216833af6f |
| SHA256 | 92d5c8a4b2c5aa9ce0ee02a27ba008d5d86c7e0b78d9a2f7712e632a31a2a1a9 |
| SHA512 | c235e004eb6f6bc5208911bf710ea90b18567c4c67b47f9106da58e1cee91acfc73a44f4a6692cf42f6cf3febb5567380852d28d0b2ccf327a28f5c092c8aacc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c7c86aae273c6f72ed68f38e60e3b3c3 |
| SHA1 | f370ce1e9d04b70704d423a93b6cc09e61bf9d1e |
| SHA256 | ef11fc7ca5fc69f4007f00d58f921bc37dd2af36199b82f037accbbfdb4f6b77 |
| SHA512 | 81775bff2dcf242dfcbe89ab690d5dd86aa12055ae9ceaff7e3d86deef57a5289364ca78b57ab4683e570321dbd2a1d1f2bb9d9c2b96ce67cb538583496d3e1c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000097
| MD5 | 8c6dcc6fe77d8f3c73d9edfe51cb2603 |
| SHA1 | fc3397f9e7f9386eed5c8f29664dcd9b9ecad179 |
| SHA256 | 31ac1c5e3bcb44d4ebd5a2cf1ab75773761507d334e116b8a4ac14e6ae86bdad |
| SHA512 | c38b7a084cb28e735577a5a4485d50be6605304a4a6479383a1939c802978451d7489fd1d36647c0c57244cf8b064752ac281d546d209f4caf500421a6c0cfca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c732372dbfd5c7a124fe4c7ec25e7255 |
| SHA1 | c4195871a1ee72319f5bc3cd24655b7f74e57917 |
| SHA256 | cd12043761ef4099dcefb4413483276cef5cfe45a5bd4cf6982a81baaf2c04e7 |
| SHA512 | aa087605e639e5ba3c895713d82588e57ab8366fca0fdcc9496a98e2eef87740e54789fae2c44751063a641d3ced731bc03773df4e9d2800569bca4046cc78b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 04951b47eaecd955fbbb89bdb640776f |
| SHA1 | 1da6aca267689933ef961fd969608f867250590a |
| SHA256 | 8acaa43c75207b6838b2f7ec882a1d1244f9b496a9715eb7332319f460277622 |
| SHA512 | 958baec20d79042586096f87a3651e53390a5e7f371dab46272ecfcb8d98af1e7e3f95b19ce57831cbc03ad1d5367803426c4a09b3e6c662ecc828439f26b910 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e16a27201df9d5a3f07fcedd037943d4 |
| SHA1 | f63a6e90bda067072f45e1173353cbd47333241a |
| SHA256 | 0cc91a9001c43113c40c83cf4028f4e959394f390b335a3d36c331ea0ef43767 |
| SHA512 | 4e3037731fbda08ff229748f8e5385af3742cfabb5097af57c580d069d592ad3de97dd23f2effb3cecfb1626b5b28457b7e28258b8da264bddabad174a77d89c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c13b83c0c6b854f17ae76dbf7e0eae11 |
| SHA1 | 2d9b8a0c35a8af21c663e8f3fc6d68869a80ad85 |
| SHA256 | 35d0693f62c9fbfb8f3ce79e1e11b300c60c62e90621a1a36198000d2f4c654a |
| SHA512 | 299019ca8d6bd14c3325b554dc425d8f9520ef6466f4de624b8227bd82cff7f503fdfe662d651a174a2c475014d420e441a2b250f5cbb2ccea0e29270d48a821 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fa31677806b8afd34252b1d6084a5d1a |
| SHA1 | 695dff5cc6f629c0f8cf9e307fb08b2f91792574 |
| SHA256 | 7e80f394821e5355e360ab793b6be487ca63a06bb9eefbb28f10f938ebbf5c52 |
| SHA512 | 5c61f2cb4f07ff54e86576fdf770682fa6121608e908d96b7256dc6cfbff8b636058a7200c1d9fb916a08c92a23bb9cf7342fb8b510891faf2d4002572de216d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 51f18e69c574683575238adcadd55c77 |
| SHA1 | ab7e9a4c02962245020a05962f742d5c211eae01 |
| SHA256 | e7537896f35cee4b24f7985dc513db03c51ffd2b3f7c42f425471044e2c89edc |
| SHA512 | 0a4ca1ff22a1aee806c9a3a53607a0c99dc2cf4e5ebec5026830a44f1e8f8c127c892da2a14c96ac76ee1d8b25c65c96859ebe5209bbf97803af7e1d0d39728f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 60e3f691077715586b918375dd23c6b0 |
| SHA1 | 476d3eab15649c40c6aebfb6ac2366db50283d1b |
| SHA256 | e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee |
| SHA512 | d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9e4924773b7ddad53d109db502cdf357 |
| SHA1 | 5b71edc7f0e35ac43267e5e42fc9ad1f516f4e75 |
| SHA256 | 0375bfb0f0d9d81dec2931edf158ca0f537cbb3d23e05c90245a247d37f28890 |
| SHA512 | de9b83b691fe639bd7f4d8db594856fce24c393096ce03b2ae482afe1eff98813515926ed06450fa8c3104417e942763e4ba6bc3af494c43bd20f49246b5386a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bd14a2ca733a04fa72a8190cb6c4667c |
| SHA1 | f7e096a6dd4bb2fb2dcee51dfb489ed85d199014 |
| SHA256 | 014fb4982712a1461744afed580f5c3a2845fced657ddc9a3b07f3448a394136 |
| SHA512 | 9bd1deac52a678d7e6994ab23893a79e66c1e6a208b1af1e51d449184c9b144abc65406b558ab7618c05b2fc5151199d42b620aff0a6112b2d61d2701e580ee2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7ce6e9c1dac6a9b6a1461ea2155e63c8 |
| SHA1 | 874a66d046d2033b9e0ebc6458477acbae74155d |
| SHA256 | 2dae5f2f28ee5572699c1428ecf264a58428b821b30d4d4930bd015e182e0947 |
| SHA512 | fb51754be24950b055ef9571b17949959e934edacbcd1b684646c17baa331ce83b7bf3d92cca33e07f9b2770495ac29f23c13bbf78f19f9974f329091df3bcb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fe2a75157c97220d64a8ae877df6d134 |
| SHA1 | 9191fb3153b303209a2f00464a8054d0dd3afc6a |
| SHA256 | dd821216b8a1299c7ee3246077fe5d1168ba23a8e363857d6b0b133801174cda |
| SHA512 | c0df427953150a6376ed7260d4912851f9ccc1b15ee36c15e7dabe446fcbb93b98546d8db80933ea852514105e969888ee030e6158ae2f1a1307794cb0008e80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2d8bead5d278f0934ee77805f4940815 |
| SHA1 | f436667f7c85255be79b0f2bbdd28b171f598115 |
| SHA256 | 2b65ebb2638909aa1b78e3991c0b807b499908e3c8a9a0df1ad474ea676151a3 |
| SHA512 | cc28f88bb648881382ad979b914220130a78712530b723bf9602620f2b4ead4fc6bbf721a8af9a260e4a83730ce66c912bfc1091333c67c3185a9925266a3a57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 98c5d116a281269addf9fc6b0ab68806 |
| SHA1 | 1e057149b7847d8d9ae580d7d48929b209542297 |
| SHA256 | a7df3c5c785f854d5a06fb8b78b024fabe6ef18853b79a865e5a3a9cb13f2c5f |
| SHA512 | 4609c64db17bdd3f79d1f622b4886c6aba343f689a5f57e967d341411f29a6b6c3e898067a80628609feb560395d33ee6ad25a90110e31e100cd46c633f82a0a |
memory/6432-11550-0x0000016381F00000-0x0000016381F10000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 333a0a4b65933479dd406757897bd86e |
| SHA1 | 84e27cdbdcde7cba7bd48fe41611f12e513eb86b |
| SHA256 | d8fc4ed424208768a8e25793ce1c65cc02a6deb372ce840c898df456a1e45fb1 |
| SHA512 | adfcea748716e36c9800417d887a9efed5a4d137fde20e08f6e05ed240a1058abefc04092f43a8be6c12d4196da7829fd5e5e8b22291bc3e4f557679eaa71191 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7cf9554364231f5ae3a46724b3f1f512 |
| SHA1 | f20e3ee08c465f06131b777da0f3a993120355d3 |
| SHA256 | 23b2d828be1ad582e5218a02452bc83c271510acf821326a34cc73d35df85037 |
| SHA512 | 8c4031c45a7799115e7d10975eff26e864a3c6a13df722e5b7e53abf80ef5666fa90dff97742935c296832ee8d836e486e804fa7f14f694d64d664a4eec864c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e63b6c7a5d28f79a3da88c46ecdca67e |
| SHA1 | 029329306acc33faa73216cc3059495eaa529d52 |
| SHA256 | 142dab109b0784f7eb8275aa10867cd545abafe27aaa2202dd8c17b601ffdc5d |
| SHA512 | 27fe63005cea44eecdaefb1c82af1d7c7010b5997f1f0503a49d137fdb1945e05d08e844c5eecd8d2c0bb4e2d8e1945a6544728102fc1c8350ab2f4c0ccaf5d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2d57ee4a74d93add61cde22cb915016d |
| SHA1 | cadc1ef72e589dd2b08c5441c2b44a016cab4d6b |
| SHA256 | 37dfe431eaed7be8f999c9c264f77e1f34b38aecddfca94cf88f514183af0c48 |
| SHA512 | 765a5f46c914e98df2042cfaf4cded28e8a5c669d56086b5ad4a35c8aea47dc869c893844a1353c2e546c6c7ecec6a7df8ba2a17aa41befd305fcd8b7a9ec25a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e9c32d779c258d13eaa45c3f4bcc0d2b |
| SHA1 | 8d633aaa66b3476507ff27986d15c57f2befdb0d |
| SHA256 | 70c25a067f65517d9c65bb33819d4b769a2ca4f3cbd48a8e2efc3d915df1bf60 |
| SHA512 | 0edd7e5235e3ae0bd3a7243b533878369b3f723147bb1e31892c7226f301b97dc203de186710ccd025116919c547fe887d2e9133432ad105abf34938b728daa5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 98992f2df1c7155f0ff5a2ad5d5188e6 |
| SHA1 | 71653ac526e35a8752373b6476d48b314e756d4f |
| SHA256 | 70301d907757604ef9bed563050043729ebe660f15c588c134906a75bad986e5 |
| SHA512 | f189d2733a3caf9e7a72d164c9737d61fae0bbf4a208bebbd35b7f679b74bd6b1655ea175c6dac13d2d2aa4b27cd8ee39322e614f29166e4fa9f8fc6f4c4731c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 53a6d4017787ecbd6dcba83098d40802 |
| SHA1 | aa4849ca4aeeb7aa4cf169f640c5a7831b8c5fa9 |
| SHA256 | 82799544a14d7a49ab7e9fcdd8a3c83a9de57e982f3b4e8b35b8061aed414254 |
| SHA512 | 206b24ec43753d3d31b6ce618dba645b5a5c9fee502260c5ef7c5456dfa961fcc0be53c91225fb06918e0006709eb48b208f415298102517e6047e7bf06c9400 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | add08f54295af8f2362bc98a499bf428 |
| SHA1 | 0a4b28c738ee2a39efa6e52348e20ef75d316c13 |
| SHA256 | c1f6e8fc803a5422aa9b73f72ce42a86ceda6959ed6a691650b4afdb4128f0bb |
| SHA512 | 295f9fe0fb72949694b0cd2939628559566d9a351465073bf76f989eab5ac6d92a46c0805c371f10946d2763ca78c86f54e19d6867b799fe85bc4c7a031e2fe1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | ab6ab31fbc80601ffb8ed2de18f4e3d3 |
| SHA1 | 983df2e897edf98f32988ea814e1b97adfc01a01 |
| SHA256 | eaab30ed3bde0318e208d83e6b0701b3ee9eb6b11da2d9fbab1552e8e4ce88f8 |
| SHA512 | 41b42e6ab664319d68d86ce94a6db73789b2e34cba9b0c02d55dfb0816af654b02284aa3bfd9ae4f1a10e920087615b750fb2c54e9b3f646f721afb9a0d1aea3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser
| MD5 | a397e5983d4a1619e36143b4d804b870 |
| SHA1 | aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4 |
| SHA256 | 9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4 |
| SHA512 | 4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e7f94e9ad4fe1476e59c95519c348044 |
| SHA1 | 307d507058254c1b3d47afcb796bf4c65ab3904d |
| SHA256 | 282b1863b4e7501e33962590aba8ae076c7648765a7c32cfebef13f41e6ca4a9 |
| SHA512 | f143aa996882849c1f4d044c8189812e6866d482d10946380216a8ed7a5d53d849383e5f8dce1924fb046eabe17f73fad017cf54d624474b2132d48dce1d9bc6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a6
| MD5 | 94e281ade5ef2175af33e44cde5df633 |
| SHA1 | 06175bb052e5d44d982431a0f3f8dbf9457f1339 |
| SHA256 | 098574bb7b2b9778de53b5936994e5213747a982aca2a11d5306b689cadcbd37 |
| SHA512 | 40a83317c86d93a11062df3e684c302e43212f27d9d9bc3b52412155e9d45d4480c521ac4c859dde919efdb3a35869f0cacf5407df4bb1576964d9c1b55c4efb |