Analysis Overview
SHA256
4931f6e4d65c362743d3233661a08aed3f2161ae7961e17ead74c9288ad8c36b
Threat Level: Known bad
The file 11135191670.zip was found to be: Known bad.
Malicious Activity Summary
Azov
Renames multiple (396) files with added filename extension
Renames multiple (2861) files with added filename extension
Reads user/profile data of web browsers
Adds Run key to start application
Enumerates connected drives
Drops file in Program Files directory
Unsigned PE
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2023-10-18 12:08
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-10-18 12:08
Reported
2023-10-18 12:14
Platform
win7-20230831-en
Max time kernel
178s
Max time network
129s
Command Line
Signatures
Azov
Renames multiple (2861) files with added filename extension
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bandera = "C:\\ProgramData\\rdpclient.exe" | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
Enumerates connected drives
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\cacerts | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Dhaka | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Microsoft Games\Hearts\HeartsMCE.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_bezel.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\js\settings.js | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\ZX______.PFB | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File created | C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\RESTORE_FILES.txt | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Thimphu | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\COPYING.txt | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\js\picturePuzzle.js | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Africa\El_Aaiun | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\London | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleUpdateBroker.exe | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoBeta.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\clock.html | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\is.txt | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sampler.xml | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)notConnectedStateIcon.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\es-ES\js\highDpiImageSwap.js | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_cs.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Anadyr | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File created | C:\Program Files\Windows Defender\en-US\RESTORE_FILES.txt | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\15x15dot.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7 | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Europe\Tallinn | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\css\settings.css | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Gibraltar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-awt.xml | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-applemenu.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File created | C:\Program Files\Windows Defender\it-IT\RESTORE_FILES.txt | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File created | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\css\RESTORE_FILES.txt | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_m.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\ConfirmGroup.odp | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jre7\lib\zi\Asia\Bangkok | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPTSFrame.png | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_CN.jar | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File created | C:\Program Files\Internet Explorer\en-US\RESTORE_FILES.txt | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
| File opened for modification | C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe
"C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe"
C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe
C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=80.0.3987.132 --annotation=exe=C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=80.0.361.66 --initial-client-data=0xb8,0xbc,0xc0,0xb4,0xc4,0x13feeb840,0x13feeb850,0x13feeb860
C:\Windows\system32\wermgr.exe
"C:\Windows\system32\wermgr.exe" "-outproc" "2140" "336"
Network
Files
memory/2140-1-0x0000000000210000-0x0000000000214000-memory.dmp
memory/2140-0-0x0000000000020000-0x0000000000027000-memory.dmp
memory/2140-2-0x00000000000E0000-0x00000000000E5000-memory.dmp
memory/2140-4-0x0000000000210000-0x0000000000214000-memory.dmp
memory/2140-10-0x00000000000E0000-0x00000000000E5000-memory.dmp
memory/2140-12-0x00000000000E0000-0x00000000000E5000-memory.dmp
memory/2664-17-0x00000000000E0000-0x00000000000E5000-memory.dmp
memory/2664-28-0x00000000000E0000-0x00000000000E5000-memory.dmp
memory/2664-25-0x0000000000110000-0x0000000000114000-memory.dmp
memory/2664-31-0x00000000000E0000-0x00000000000E5000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\throttle_store.dat
| MD5 | 9e4e94633b73f4a7680240a0ffd6cd2c |
| SHA1 | e68e02453ce22736169a56fdb59043d33668368f |
| SHA256 | 41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304 |
| SHA512 | 193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e8e127658c045b4e3bf46a0a4f994c2e |
| SHA1 | 870b0b6f7c98d5e1433d5759ddaf0c2dd66e5df8 |
| SHA256 | 06285e2b435bd7e6462e31a4d2e71e3c25587ee2ff0444fa35e6ce7fddef36c7 |
| SHA512 | 748ade9621121929b670e285116a9b7d3c918a550b64117d833566f94aedced4a33b7a3d2af48f59aabd649cd44f18a4f40c4defffe8f40ce60ff296587fa36c |
C:\Program Files\7-Zip\Lang\RESTORE_FILES.txt
| MD5 | 78ede93114e65f9160fd03d3357c56e6 |
| SHA1 | 88d531b101e57655f1d0d26c6b3257aa2468d460 |
| SHA256 | c97412fbf88da8f91099a52888dea4c3f222cd95af3e681e3271cbca8b6b7bb5 |
| SHA512 | 074a4c741273902ccacb6f573b96d8accedb2ee405dbd04350cdbf54d180c1fd577a4e90c2aae26bf72f3782403f4494db6e3501a04cfd9d7d81a6bc14884b9d |
C:\Users\Admin\AppData\Local\Temp\OutofProcReport259444095.txt
| MD5 | 35b7a4c142b2e00519084c7d26af3484 |
| SHA1 | 1c3b8bf161eacf3f256e0aa75cff516edb41233e |
| SHA256 | f2e2c2b0d08b3a1b89b93aa5aed759d78084360e8f59f7d69b8e52fcd1e76077 |
| SHA512 | 122280e98cff8e8966c8c49657f242f2f61d26f2efc133723cde50355eb4a8234e3d56bbcfa8b72c22fff2105e7781271405a2747e1c731dee1f313068c7f502 |
C:\Program Files\7-Zip\7z.sfx.azov
| MD5 | 97ee8ef53d56e42c6398a232e06e35bf |
| SHA1 | b054f5f27a7ef2f30fda6f9db176140842532eb6 |
| SHA256 | b0cb9dc05d96ed552398ec3f99d79af9ff126220d3e5478129e1ef2d70094cef |
| SHA512 | 32134abad770516e54dadd2d345b4d77efe34edc0473245d38c030423c0c1f42770988916b0d035a19e0b5b41a257912e06547be6e6e7d35cb558f07b0329c70 |
C:\Program Files\7-Zip\7-zip.chm.azov
| MD5 | 45024c0ad3cc2469dfabacfbd7909887 |
| SHA1 | bae7008ace6abc8d851ed5cf7dae50e67ca7f053 |
| SHA256 | 112a6fa703ccf6f0e39b7018e25a9955ec1e744551cfa221296141cabf422b60 |
| SHA512 | 730f325017a6814fe4a607976482bbac3f7780ac0b0cc2cfbb681c5e7b31faf18b9299d510e6547728f37394590cadab578229f342f35d605d3c2d8dff6e6bd3 |
C:\Program Files\7-Zip\Lang\cy.txt.azov
| MD5 | eefe423f5a1dbd44bf88ce23a9bab153 |
| SHA1 | 3c076b2f275b0b8c94b2a807eb8984e6373889ad |
| SHA256 | 8f2f897de1a13cf051ab1154bc3432704c579017f0c23f3400005f5d166859e9 |
| SHA512 | 1ea4a85e722319aa04549a3d2db8caa4c382880c39d005d40ee58f1389457104dde8a281cf7866aa3726f35bfccb9109d65c23fed584fb0c8db730fed971b9ee |
C:\Program Files\7-Zip\7zG.exe
| MD5 | 2ca799c4f9d77271858fd65956fdfde5 |
| SHA1 | 3c20519910e23f389f72bbe7f5c4842f60f67123 |
| SHA256 | e469b68e42b1c82be8a1cb571e3fa3c92dc11367f4003ba3a42c4cc752030250 |
| SHA512 | 81711c4451b81a6199f8f6f4163fa8c6c3d4d000748343b9dd6ac62094bc4bdb4d53c7be70e152a780496d600c296a4bbb64db05cf34f0d0af2e958e0aa3baa6 |
C:\Program Files\7-Zip\7zFM.exe
| MD5 | bc4513d09a7a283ee106ef77db7b5a61 |
| SHA1 | 2b026218afcb03238bc7d31f9187b92793a4950b |
| SHA256 | 8436fda32993273a53ae7f33c30e5ace66243c591fc789b579e686e3169a8301 |
| SHA512 | af4dbbb5bf66b4cc26a13a04478a8b2dfbf486a075fb0e525c651e96b552d2bac70c9195e74ace02747cf73fa6d0e5e847ef67ef3f797149753d58664b50d543 |
C:\Program Files\7-Zip\7z.exe
| MD5 | c0ddb44ac169d54df6ff03973752710f |
| SHA1 | 3667433cdb2717aa17d0c569f8f40b89c922737b |
| SHA256 | ab2b69dead60148f3e30647f6be88f0db581d5d37e2e0223357828e19dbd270e |
| SHA512 | 95cf1337d34fa4c762c2cd3de08163d3720eae7b1f64cc5f229ff79e91750a28f20c95a1132793ea5220071456dce54580a3d08a62a8448b5d16dd52537aff71 |
C:\Program Files\7-Zip\Lang\eo.txt.azov
| MD5 | a5b075e1f055e44db720b7eeb3fbde63 |
| SHA1 | d0817a28ff7843b97ff18c3e48065da912b3cad7 |
| SHA256 | 9fc0cbd4e72c30c1a5fdd0ee8ee69c0d354eecea3eff36822b91ef28affc95f9 |
| SHA512 | a7b3a7eb7a4b25648e2d9a73ba029ac0a63ec91b0cb92828c6e0ddd501de07435ce01e16d6c05f34743b7dd37bba22d5b65b98c4a60b55813a794fff62dc9508 |
C:\Program Files\7-Zip\Lang\en.ttt.azov
| MD5 | 3b72db5df1b4376dc5cc58e85bcd32b2 |
| SHA1 | d853a679562c021e1014354e3a626b452ce01ba2 |
| SHA256 | 0c1b87ae611b5d0c9ad7ec19deaef156462849daad251420135eb75285ff9b93 |
| SHA512 | 0c8544c6ea0b22a61e630bbe2b12d38f44dafcb876a4dc717ad2c1b1e9d038bf55331476eea2a665ddd4fc1863bdff7fe837df9aec4b811b4f483f7476e1228d |
C:\Program Files\7-Zip\Lang\el.txt.azov
| MD5 | 37214d111b2984170515aa1fa8611e8f |
| SHA1 | c0d192d0a8ed1acd5e647006c47c7458c8870c84 |
| SHA256 | 869fa64f3609a2e61a4672a69bb3f19f2dc92ca845ce4586fd534b884abf422d |
| SHA512 | 9a0de0742a75c528ed9b5645795ddbe06905012a5d7cd8bbe4571668e1cf911508c9acf3a099f3bbe479c2cac4b13f31a5412c516dc34df2d9833350a044c16f |
C:\Program Files\7-Zip\Lang\de.txt.azov
| MD5 | 4a4d7a801ac531a286585a1ccdb34409 |
| SHA1 | 0e5af841217568b868de893cbe01c555c95c4a5b |
| SHA256 | 159a1d4f307b630d05ae5da4b998f1ecd516fab07acf92f331866c5bb45738ba |
| SHA512 | da3207732c1cdc90b81942b4502754c3014b98f46ab0a9ab6f2afebcfcf179aa366cda3ef0906fc74855a520d2906d6a134d71c1b8c41c3eb93ebab4d3bd06a9 |
C:\Program Files\7-Zip\Lang\da.txt.azov
| MD5 | 58ba0e73c27c72f2e3c9f3a5ccbe2c71 |
| SHA1 | 48f384de0fb3ea07046cac563248df3a6bbbe8c0 |
| SHA256 | f09e36aa318db47fc4331c2dac352d796d2d3278950d58d73d19debc39916286 |
| SHA512 | 74841e751a0a8a20e0bccdfb12d6d40b7a03d44bf3ad123df2a9a7b0131eea3c1694ef9de53b7b92a84bd2b500838a6b0e4ffc3683e6cdff7bce14deef92a172 |
C:\Program Files\7-Zip\Lang\cs.txt.azov
| MD5 | e811a58d253d87e65a25f6b25b92e83a |
| SHA1 | c1e865e3aa24d48d4a38cb347091203b3d503364 |
| SHA256 | 3e446e4a6fc6dff8b38efbd3e108b9be00cb75e992b492b30c0775ac2c6c0f11 |
| SHA512 | d2cc8956a58d691f7490a86b10c3a252b4cca92c140572633803f88d05dfb6485c36d34d71f97c85634620da8ac74f905396169dc39c2b65250863a291998453 |
C:\Program Files\7-Zip\Lang\co.txt.azov
| MD5 | ecae7c516e4589364fbd2c08e84f0dc5 |
| SHA1 | f358ceb0fbf40e3c0db769e690c9bd5802843722 |
| SHA256 | 577227ed1d92cddfceb58325c99ae2bbec6968925f2496aa3f8bddfcbcbe052a |
| SHA512 | ae70050bb98e0073573bc50019ca9d43268ae5de5c40182d8065c0d295f9c62f61a223bb761a233ded864c7ed207813bac02dcf2706e99db342cfeb7d5242a5a |
C:\Program Files\7-Zip\Lang\ca.txt.azov
| MD5 | 4b7d2d0b8e88cb6fd3d662c1bd84ff2e |
| SHA1 | d0f8f021121c6c610e9f9947d815461c2a90b5c9 |
| SHA256 | 35b102ccc9c28065a481eda36d628e5902ca6fdc253365d916e168d9232b3c87 |
| SHA512 | 69a9a4f0247becfd906d66d4e1630de980206aee82d8848cc45bef1a9fb51d508fc17385d9919cb0caeae4ce2183a7eed29f7245732a4778ab91a62cf70cdbf9 |
C:\Program Files\7-Zip\Lang\br.txt.azov
| MD5 | 0d79b58e3817161259527ab0520d166c |
| SHA1 | 06ecf61f4ff6018cc95db797819796ce405aed87 |
| SHA256 | 390659bb1a1b36e108eb09102f1dc4550e283d4a9283a113d9aef2b38b794832 |
| SHA512 | d7f49bce8544b8e660c8f5aedafbf8ab33b4db6169fd494569630febe9070c3df3d100a701c051d02057abd223da649d426054276d787d292275c2cd5a607b8c |
C:\Program Files\7-Zip\Lang\bn.txt.azov
| MD5 | 8cf893aec9bc21d6cdca737ec0e6641b |
| SHA1 | 39ca7024b8659478af7fd0abf85cab108518379b |
| SHA256 | 76d1128b72c404ae67e828584a22ba8a30b4bf1ab6658a86e8c11ec052b97564 |
| SHA512 | 1d48a3427d62d6546a24f1d207bd4bd16b8c248a4c6dd2890dd54220a60edaa6763b929c6bb1f0e12bb1a52196ec394991d36d5098897772aae58702cf68df35 |
C:\Program Files\7-Zip\Lang\bg.txt.azov
| MD5 | dd6c648a03cc46da651065da73d3831f |
| SHA1 | 3cf03f5f188c4a0978933a0308faf1c5ea4ea206 |
| SHA256 | cc7b3ea7ed327b94eea02bd00975bf01371a5d65e5250491a5aeedfea2b883c7 |
| SHA512 | d47056d305f6171fe47cc96b81e39f289fa70a7a074893124c173768e0bf54980895a4ba41619a66c660228568ffaa7ab0a156c53bef0574967dc087fb139772 |
C:\Program Files\7-Zip\Lang\be.txt.azov
| MD5 | adf1daa111c62e0b72ff6bdcbf91ebf4 |
| SHA1 | fb3893b7259724280be5bd5c562ad5f4718d60dd |
| SHA256 | 3340c2200a61bbe29e3c6f1d7161bcf4bbc6aabfc5fee277599f1f28229e035e |
| SHA512 | 5a8afcc8e92737aadf5893a0cd62cba7c0356b114ae9ada749ae83c5cbb4166b4ec7dc147a378a38a05bcf138ec3e4d9eac017baedfc9c2b2c343b703dcc9e9a |
C:\Program Files\7-Zip\Lang\ba.txt.azov
| MD5 | 1f99668e05bb4f4edefb3ddb50b6ddb5 |
| SHA1 | 21940ac438d0ece30206e5a3d48635098af9cffb |
| SHA256 | 6e619d80c39761ddd2a8ff6cc8274d50335c93f83c4e7c8f1b61bcdf8cf0addd |
| SHA512 | 241a3f8fe030b320be8d8dcafc09c875d398d02cf599836f88b82de69a1e3577d41b59bf583287632cc0f99f3e64639dd8d93faffb9689e734827048a3fe9d51 |
C:\Program Files\7-Zip\Lang\az.txt.azov
| MD5 | d62b700077f795acccf2d2ae141f56c1 |
| SHA1 | 966bf5fd5696a907fcebf6885614b034c47f2224 |
| SHA256 | d0f2ead2c6089c65a461c4941743339dae033e2581589910d8cd6f83ec1e1d15 |
| SHA512 | 897745009f2e256934da2a6e7cbbc98b8e913eb6e2e127d9a080cb4420b2b59926f037530ea05b558592591feb249731abe46b9b3e8d45c4ef338a74db76de1d |
C:\Program Files\7-Zip\Lang\ast.txt.azov
| MD5 | 96936fbe0f07da9be060e5aee5341c34 |
| SHA1 | 085b9bf411535248c86c76b5a31f11141b3f832d |
| SHA256 | 0589561b7ae9975875d95e27057c2c319cc9f4e37cc08ceedeba2b79654bbbe2 |
| SHA512 | 46068dbbbf3fae089fc6c9f64415a228180006828da470d47a9e9d8ada84dc28764fe9abcfbc76e2a35fb14f1e70b4841feee90d8c7547fe9b849bce2073337e |
C:\Program Files\7-Zip\Lang\ar.txt.azov
| MD5 | 366b02a7a4303caa4129d2830239bd08 |
| SHA1 | ad6533138a6165db843a36533fbcc8b8b403a160 |
| SHA256 | aeace94b344b261d400b957ba1c4656c2a16c591a009ed89ed7b5c57409cc448 |
| SHA512 | 320987262bfb313ce09ed7029834a0153177cd9fbed7248a08a635b73218197fc8a5ae6d8c4855a19b0f236e447e16d1dfb6c7052ce3c2d36e611d4e0fb5ab43 |
C:\Program Files\7-Zip\Lang\an.txt.azov
| MD5 | 8ccaffc3939d518b6bd67a6194f58796 |
| SHA1 | 5e98b95f2b30913b94752731d5edef49a106db42 |
| SHA256 | 62a7d5b926afa49ab6459c45443e6cd65aa3ea851d7b04c53fc340f2451319f7 |
| SHA512 | b845a428b79f4f1678845536c5389864ba881f9f15ef991c9b4738ab515a8e694ede0108a1e20baee274a4a80dbe7a06ba0a8f0af59818db14acc14a3c3fc531 |
C:\Program Files\7-Zip\Lang\af.txt.azov
| MD5 | a6b3faeeefdce78134d2a217ac793f8c |
| SHA1 | 2eb9c879677305fb89b3f795670c1b2580a8dc2a |
| SHA256 | ecc36d09e435808bda24f253b2bf891c23327bfc50f20562a8e91ed302093195 |
| SHA512 | 1763797c660099d4f1f98099888e82275cdb556070906fac8a143b374b64c45b11ae5e509558bb7b77361e4a6e7a7d15279b8f9a78e9930c88fa934466413cb6 |
C:\Program Files\7-Zip\History.txt.azov
| MD5 | 6c67709f8813ee4d668984acd354bb5e |
| SHA1 | a70c8291fbb8cde3ddada4d052f1d48b7fe4d9b2 |
| SHA256 | b521027256bf2cdf05f643ecf9d4359200a8800760e40c44f0be4f5b7d049628 |
| SHA512 | 4f8b446464a3d0d7442d594918b47a911496c72424baa1ac97fee3a557340da3b9ebc23fe89ef4297d3c455853ef376d8bfd7e3e733d7f5ac51a6dbe8d42350a |
C:\Program Files\7-Zip\descript.ion.azov
| MD5 | ccaf71d5168cd68e84e9ba969c82b0e2 |
| SHA1 | 3f24a4db93aee00b39454b7edb1caa2d513fcc0c |
| SHA256 | 5ccb9b49de844996f34e80c0e6c16f5b9db73e160066b8484717c1fe5095113b |
| SHA512 | 8cc79f143cb9dd6887e4bf9e2d4fb28aa909f1d750e889087ed5f55700b169b1d4694c0467f38937d0d44235f15bb01adafd66a3b83b977b2f2376e0b6d73ece |
C:\Program Files\7-Zip\7zCon.sfx.azov
| MD5 | d1a6e754d8dc42f4bd836f93191750e4 |
| SHA1 | a45561c14047445fcabe90a0824fed09ebd856a0 |
| SHA256 | 3c858894513773a89754d54760af638994de988d00a911065a5607516f52c7c8 |
| SHA512 | e85880c5b437fee2ef0f453ff8fe8a69ab6fa40a7f44c0dd17a52a849da777f2d4ba48f42c72da8507f473b8407a7a848b2fae73252b26f1df02a66214f76588 |
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe
| MD5 | aadf2493421fdd20beaa9a4e638dbb8d |
| SHA1 | d4bef9f8b0347ff4ffba6a1a5398c15e3f9f47b6 |
| SHA256 | c08029717dfdc3361f03147cb1f577eed6b199a37448e01764696c8c5d1559ee |
| SHA512 | d9eb8a2e3308ee8771c801abb18ac50422a26f66fc7a0a79860f3c280f0c50699456a119d3509c7b79a9368044b37eec7c3b6c1e3f8a347231912b178315a722 |
C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe
| MD5 | 4dff66384229a4b34147d1e24e1b6f62 |
| SHA1 | b4e6e777e7b7d32b09b4fbf27228306fff574795 |
| SHA256 | b446e95df7a37edd9be2d691daa29549d45b8785f3ecd3ac8113f1f35715c9ee |
| SHA512 | 633de8a4788e398eee90f709f5c0438c1b42267e58cd9da5cb9482eccdef93820fb8d9df74d1d7968fd435bc6082c19ee43286ebd6c74913bf59981b9629f38f |
C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe
| MD5 | 2ff6bb760bcd124740e6576ca952d7a6 |
| SHA1 | 93332be7ad838c195fdfbbd956d54d32d1d4b28a |
| SHA256 | 81b328451daf19e2625d0f3fc46859c3847ebc2f69ff42dcdc4e649e0a20ffde |
| SHA512 | 0f2debdb364a992a6875b101b745c88b89c26764992e012684dade4ec4715fb89bc8f1d188e88136eaeadc8147ba3d4c2f41528ba767b89e95d3dc875761d74c |
C:\Program Files\Google\Chrome\Application\chrome.exe
| MD5 | 537cd433e079f44db86f9707f6331802 |
| SHA1 | 7199fe502e8010e31e1baeb36c53661d4c3bbeb8 |
| SHA256 | f33ba0de90956490392d5f0608132eb1a3c1103fe61b12f0f457f891672fbdb9 |
| SHA512 | fa47bce1d525ced46663480b33098790a913d0049184065473df06e13850a3b9b28034734017c4d45375db91598369318b988a99b39f59d63c87d8dab1cdf536 |
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
| MD5 | 6b1e63375696d9e0055f1b9273eb3edb |
| SHA1 | f0534def3f695ae9bed1b36ab44b8c9d4575d20a |
| SHA256 | fe9f21e2e4342489473913a29c4ada8c4ded96853807fb6dd4a8ad036c26c977 |
| SHA512 | 2394534ad0892e8b4b21c811f3a8e3542340396062a9c8ab64f5bf2714fe72ddf7a2d09d4112fb798d74f2cfe3701b7736508bec3610f22ddbbdc1a828a8c7ce |
C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
| MD5 | 6de64f2c0c4983c6c933dd5df3f5f661 |
| SHA1 | 662709ef564ad2e5c02c6aec396068d0f32edc5a |
| SHA256 | 122eefe781ab6a001d5d4a8151956904df2825f8d82cac8c4df412cd6895f992 |
| SHA512 | 54e1d4f37b77fcdb27bb21e8971b0ea5bdac93d78b8bfaad32b474cb3d89ddcf983b73e591c44a1671f506feef361e4c97d56c96bbd19df4265e94be7b58f54b |
C:\Program Files\Mozilla Firefox\default-browser-agent.exe
| MD5 | 6b82562e1e2b0a35965139fcd1484797 |
| SHA1 | 1e91cf91b6fccdd5926ce4a47b69bf65b334091d |
| SHA256 | 4f2e8113a612eb61846e0bd4acc4184004261e4e545c40049c44be91d13b96e1 |
| SHA512 | fe3f7878d3604825ff778096aba1e09b5349eb1064dd40ce10714a4d9a655a170fdc8109f37dbb0788e89ce6425f08a18c86476b37055be7e94ea6de4de1a37e |
C:\Program Files\Mozilla Firefox\crashreporter.exe
| MD5 | 689c8e6addd9226270a0f6e8180fe502 |
| SHA1 | f8f51791e7a71a6a7e3351e3dce4858db9cbad5b |
| SHA256 | 43d163576b808e43e186a3584c51d3e57fde17dddf433208c72c27b54e49e87c |
| SHA512 | 41ff83e0e6332236e9633ca704152b893cf95e3194fd7d807d5d121e21f42d62f86bd72b7529f5a55b4c936124305637c79eb9b27bb69d1dc91ebd83adf0e69a |
C:\Program Files\Mozilla Firefox\firefox.exe
| MD5 | f806e453184ae6912c909742459c9ab7 |
| SHA1 | 61454dea140458c90ffe7a1b263dccfaa96b4255 |
| SHA256 | f4c2edd643873325ae3e313a36cb8a875b26d3eba261a9adb3343e987266630f |
| SHA512 | 9e88556a7167a0b64148b14a7724734308564da47f5ba325674459facd56a81ddaedc649a3fec8486cd1504c2da7fd17ab41c25993841a189f0b9038d30a29dc |
C:\Program Files\Mozilla Firefox\maintenanceservice.exe
| MD5 | 63db0be056acc020d69a2cf7f626664f |
| SHA1 | 3ab43b13d7c4204a7d7f6d01112f06bd57a6446b |
| SHA256 | 34faef890db0798a305d8670f8bdafc91026d6eca47d37e7a224be49a7a0fb6c |
| SHA512 | e05cfb901c820ff07123ee49278bf597038e1d9e4eef9c2b88143793ccfe3d045fd8aa315a0efaacc7bf75743cbf43f8feac1b71eac61b81731b3c80f4189da0 |
C:\Program Files\Mozilla Firefox\minidump-analyzer.exe
| MD5 | 71286d4e9847d1b0f9df708e5b35e62d |
| SHA1 | cedcedd8908f9c23df56ca29ae40a858049a42f9 |
| SHA256 | eb79402f6a1e268a27cc7725687a3b95b836ad713b97f6e5107c73f42eb21c91 |
| SHA512 | 01774e72694f7570ec07cf1a9fbb2d1e7c703eac6251d46431ef69e39785d40c2eef77b2200eb910f2aef96a33dc4291a2b636061f6315958b093408c61727a9 |
C:\Program Files\Mozilla Firefox\pingsender.exe
| MD5 | 2ba6754bd25981cec7e5c7b86fc5b31d |
| SHA1 | b95b89b73a5fa71c6ba60723a1e80807ac41881e |
| SHA256 | 7fdcc54de666f9c74a7ec495f170a71d6c20d1aa577f1f9657b51835c56e0d27 |
| SHA512 | a5733439b6bd58f6761ad3edceda448c4d82b39f53f7f510c1674568750ab4ec9bfd577acb8c8eaae28dacae00dd650c9afd4653b9834d5815263291d31c66ca |
C:\Program Files\Mozilla Firefox\updater.exe
| MD5 | e1306125d4d58f3cfd31d425b8de3ebf |
| SHA1 | fc13c099e439555bba5a4f23bfbfc8441b76a5b0 |
| SHA256 | 7fc0823f79adf61332e09162bebc8d379b6d7984f2a5ce2c1d4619314e75ba88 |
| SHA512 | a6f368832c19d5771de0d23e0ffbc4f0ec2068a72dee0e1d8ba3c959014f372e7c45d4633282348db5cd5a56ba32598c5acc2bed3a0d59f9f416532f09ae43f5 |
C:\Program Files\Google\Chrome\Application\chrome_proxy.exe
| MD5 | e19623145fd2f4454a301ffb056e035d |
| SHA1 | 80114d0adb3c05df508a76aff75905dfb7e8cf51 |
| SHA256 | f2beb0c596487f5368c3c60fc026db73b561108096842419dab3f806f2a6e0a0 |
| SHA512 | 0aa4fccfaf80042f651e36288666ca0cb16fcf593f5b834510393aa22adeb12c21d467d80ac7aed3e448b9deab42a2f419bfa977b818c8f0f10a0ffa1ecfdf1a |
C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe
| MD5 | a312d00bfaf0826525ec05c4f1e6a792 |
| SHA1 | 0f90e5835d977d554680b93f5c9300709b1b9282 |
| SHA256 | 1bc64c1973195e3a617369bd189c4441518b1f0a66d90e8b89a972a01c23a6ed |
| SHA512 | 3a1cf7996e454cdfcdc4e551459a0cd97bf27a32683690cc2410413f725f54b7b81d799da58db7e29c3337e68b55f1666a5cc73363a059fabf760efcaf2ee35b |
C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe
| MD5 | 811465c93fdd8c38de52b1b08baad44a |
| SHA1 | 13d596884e9a957178ebda0baafe909cdd9951e2 |
| SHA256 | 25c55a742cf7ce26ce855e6c8d22faac79cadbf363e87f334c46ec305a7a8200 |
| SHA512 | 3f7dc7cf6f430b00eee264fc674491111f9c63b92c2473d1fb3b152f35c725a9cc06568d2c097b9344927dd6dcb33f24d643303b359ce1a009be1a04f3f2661e |
C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe
| MD5 | 7ca053288a27a6397dce2d7af1807b9b |
| SHA1 | 91525b2452b4490e59fc9465fccf23c067f80ca7 |
| SHA256 | e7310bd49de5dbf7edb4598965709cfe67d1555e64efcbba37a229306c8d150e |
| SHA512 | 9c7dcda3f27585324c06cafba4d711f158d064fc344946df301bbb0519f05d85702805aba98888f770adf36654918570116af67851aa540275e997ef7c88bca2 |
C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe
| MD5 | f944bab361433c33b826eaf4ccd3aac9 |
| SHA1 | 989091cb3e440ebbca9c1cdc3b3c74f70e22c217 |
| SHA256 | d0fb3d5797186e4415be380ca2c7f710811a951f8bdf705e234597dcfd636695 |
| SHA512 | b714871c2f5ed335b9415c6fc8c81ba9613f7744c77cec1eca2b42d577c4a3ab30d6d3e70bbd78dfee02c3f8e024f1a48feadc4e83978bb0b78503a88da3d733 |
C:\Program Files\Java\jre7\bin\java.exe
| MD5 | 61ba016105b9de1adc3ef0594ad2c083 |
| SHA1 | 53134a2ba3e6394d3ad3b504d897ff32be07fe57 |
| SHA256 | 650482515a13d76f23c5523228aecf8f750eacf39303c3a2c7452d9c38e83c0f |
| SHA512 | 9130effa97f9470f19fcbe61126e01379cf1b577d3313f1fad2723b1293da4dbeaf95294dc0087914039bc1fe8254748bb555542e374d213c7e6354cb6569659 |
C:\Program Files\Java\jre7\bin\jp2launcher.exe
| MD5 | ffe27927bf6b9b6dffff509dca139e45 |
| SHA1 | 6ba110feddcad0c3d23dc3bd940ff7b3a39f6803 |
| SHA256 | 444ba7084a823cc321315087414b56e867083477c70441c51083d0ce383217d6 |
| SHA512 | 0d95b1d5e4f904ee34acfb893189d9e9c9c3413192868ddc3f109b774b235bbd1a1afe81f62934c63a484b6ac4d12cf35e48849e998c59273e6198a7de925da9 |
C:\Program Files\Java\jre7\bin\unpack200.exe
| MD5 | 8f15c4e7ceafa72b09d45537a6d500aa |
| SHA1 | d762d032d1c2859f4a1699ee81e57f181dead8b8 |
| SHA256 | 8764dd7d95918e73e9a4e920d60ed033689a8affe5bc39da22b777c18f6a3f82 |
| SHA512 | 2bf9be2c367885e31a7c45d08e6d348d763fb998fdfc5942b4b41e98338b3c28f457e65a05b1b1b7dc39a5d9acf7fd0f53a4c80d30dc0142f85a00418b068a64 |
C:\Program Files\Java\jre7\bin\ssvagent.exe
| MD5 | 41d09e140cc986c056ac21919aeb21e6 |
| SHA1 | 80d84903ee027e4e7a072d5a5f9777023fe9b066 |
| SHA256 | 5bd15c9d23335e80365cb833b1340865f948320daebc196a5bae99fcfb81b402 |
| SHA512 | ed54a491c915062c10c6304f604916cb35af4fa62d88262615b26923ce6d19bb6016dd98f0144344cf9371298dae1fd31f406716302349381a00e328a0fb5926 |
C:\Program Files\Java\jre7\bin\javaws.exe
| MD5 | 897b60d27fa65eb4cb306af92e0d8807 |
| SHA1 | 9dcb7c5de10d6a2b06736aa690f43b342e018793 |
| SHA256 | 0820f8177a28b1717c07a027d75d272fadab8e2fff77d4922e5b31ebbfdf360b |
| SHA512 | 1382f806e40d73fe76c10331b48384c8236382abacd63851ed485fc7432caae636fb42290a983a149e799b1086bddca5fa6472b462d29d08b3a1bb3d50be5fd0 |
C:\Program Files\Microsoft Games\Hearts\Hearts.exe
| MD5 | 539657a0b3a5298521d389a4e47c27b4 |
| SHA1 | be094941a49c335d99f348a64c1a0fef8d8c2662 |
| SHA256 | df88a9b1603d075c1caaabcd9a03e6b45f171a80a96ba15a0f39fa98fea4b29a |
| SHA512 | e9d20a374c715541d733505f9beada889b4814807f6ce711dca77e1db3be41fd3ab1f88207307c1c19759cf238a9a4505634cb79c8588f8843a93dc8f3752170 |
C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe
| MD5 | 06eec8a4bbd28cbe0fb9160849fa2a37 |
| SHA1 | 6cb1dbfb408183e58a3c23b9ed9d80e0e7439982 |
| SHA256 | a2bc4e5718c337af1404ace659a20ac6d834c60e79e89794032a608a012e6663 |
| SHA512 | 2abd6517c444386730734012f3ea464a2efa30c2111f06ada1cf4af6edb0f6087c9fddfb243dff0545d20f3895b5905ff21d33c0e3c13d535c76f0bf11aed3bd |
C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
| MD5 | bf3c31db102c7bda18dc29d355dcb726 |
| SHA1 | b07f4c993e46bdda82509f76c7655cc3af15ecee |
| SHA256 | 5c9b2daf1de95deb6e3da2b7037af6376bfb2dc6b346e4f08fd672b40123fdc4 |
| SHA512 | d03be1f698ae1f878ac9a9a5b40d4284e587188dd9dfdd71f0fe287f17c213841e95fd23774e0c858fc365f00326734da42c37c90940dff4fd1073d9118e2a17 |
C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
| MD5 | 618d217842bb534c72d203ddf95261ca |
| SHA1 | 3cc0661356f92762343e2397e95c6648e423045b |
| SHA256 | 573a8a382438daa75fe2b7cbe7cd3699a37b991d5b50e686952ce9072d1b6999 |
| SHA512 | 89c4e35c26285ddf1d01a854f69f23f227dc9c987091d446da5db63a883b3106e6215a4825df23e0fc66107022fda362682cb3f887a0cf880e9b851ba47e1874 |
C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
| MD5 | 07e7eac6272d8d11169d332d0a21475f |
| SHA1 | 9b7090d0233ce180829257c38d2ae7a00d7c380f |
| SHA256 | c3d6aae77f7a6ae8608d0219b8bc2326c1af1581402179818461a9f97cdeae45 |
| SHA512 | 3ac6d248708217393765e61ab594a46ec2ff9a1d4bb5069883b9043e25ed0d244bf5c79cb42f15592d4043038d009efcf8bea3dd1ed78e03370fc9ca6b5a8d70 |
C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
| MD5 | 4a5f53e0926eaeffbf163e1bc2135f4d |
| SHA1 | dae68de912eaab0aff8af22373b43438adee82cc |
| SHA256 | 84dddbc1bf368e7217110be519b6239b3e2920d0bbb13d7de7b77347299c0e1e |
| SHA512 | 4d48bf7856d01dcea184f4ce789eed4ab1bf493850b9f0a6868cd285b7cb654e9e345013e3f5a06de445ea677ba146ad5f7b0a585f46189317801408130d80b0 |
C:\Program Files\Microsoft Games\Chess\Chess.exe
| MD5 | 5b5c0ba40e1747685aa9dd95d4ae9dbd |
| SHA1 | 33b666118a7a4982b0c5b6f7ed416014c2547bc5 |
| SHA256 | 83bf86f1e43966f1f25b5520a471907103082f7bb433500467a552b2ff541c37 |
| SHA512 | b2893d2b58ea4e8e994f3617561215deac51690e55caffcab2e22d74c4ba35c468ca29f4b5af07066fc7e918545d6d63893bf747d85bb0b1aec17b5704998025 |
C:\Program Files\Java\jre7\bin\javaw.exe
| MD5 | 95c3f10c35381aa3362d095ebfe27970 |
| SHA1 | f1a7a7de2fd289557b0a760839efdd22d30aacb7 |
| SHA256 | 0aca4b973c4b79a8d6dfd917343715b9d5ce1c25cd4351193f1f8833a7e1cc26 |
| SHA512 | 87fb964ac93be2ea3e6085ab3c8ea983d8ec4f801c14ad740cc1b436ce3e271603ae2fed014880fda8eca1c271670e9b68838935f63182e47503ff6f7847de7a |
C:\Program Files (x86)\Google\Update\1.3.36.151\GoogleCrashHandler64.exe
| MD5 | 5ec43166da179228e0879e70d9f5b5d5 |
| SHA1 | 5377ed31778ae4707355e2690aedcb37c2f8a6da |
| SHA256 | 1c6c74d2b2b611a6d34d918c66fa5dcca64bba214d7373e3085f8861b9590471 |
| SHA512 | 1854b7bb99aa498101904269d359960faad3d4f047e9e244be945e944abdbaf7b48c421708a8e08964ee11b5ff7d8c6f3d502d54609883ab27e6e8790c2a7cf2 |
C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
| MD5 | 9edc59ffa1358b09a0060a9d43c85266 |
| SHA1 | 3070dde1e2a6dd96e16b2201354bc5b1958d7113 |
| SHA256 | f78bd100e3dc0fd7721f1deb7aa8a2444547d6cff4dee5f56abd617c70330c26 |
| SHA512 | 9d4c4996c73afff9e3f4408554cbc00d59be9c3e14e903dbc4df88ac5f7f8669a96a2e783b77a0bd85370d1e06909faa1f2d1beb4523cf4d8879f48f3a7b83e2 |
C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe
| MD5 | 60d872df862c2d5d48caa88a6c540fc1 |
| SHA1 | 856d2c40441d7c6b63c8793e38c8f15f758de5e2 |
| SHA256 | 3eafaa3c3f9b241d8a1d10ce9d09b5146ff64d88226648b1a01bc4e43d1f2785 |
| SHA512 | 83b081c173eb8a67eac4092faf4b9b6ba55b9b503692141362d73b500834b15e1df68babc6b943fa0c763a3395bad818af99d1e716b131bc406b79d844824655 |
C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe
| MD5 | a3fdda103f59291e27a3b6f0a408cd9b |
| SHA1 | 5240688d9b87c6460b1a8eb12976b65233d711b8 |
| SHA256 | 0377cc64dc1a9fabbdb1097feea7a1e2b62e0a992d2355d1bf2f4b3254c7cc05 |
| SHA512 | c74bfcd85df9a44cfb593fd04ac85a9b64020c8d5b95cff9505fd665446dca3519d83d94bbbc9eddbe0e8ef5b724b3e62638e6494217f3236a40ea2f315b222a |
C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaws.exe
| MD5 | ed972b7ada1e9f8f2b1f58d669297ae5 |
| SHA1 | f5f6765f7334a6fe265aea2932ffe9d24e4ba85d |
| SHA256 | 9838a6a3ad07b820e317c3dc71985c334f3a5a6e15f8d5e4f8e1c484eed25d25 |
| SHA512 | eb836917f029587accc3598cb745374d7545c2f1e46fdb6e89c2406c2c4e89675ee41050d1a3109429b917f9c74acdbb94eb5ab3ee134b6b150e8e94804f5855 |
C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe
| MD5 | 7fe3a4da1cbad2a44d5ed41bfe183fb4 |
| SHA1 | 1b53458514e7d4041d265a07d6eaa494f489ddf1 |
| SHA256 | 245c0c455aa48a260dff635b8e14fecaa150df0b85c79bf6e1d0ca3b51d86d02 |
| SHA512 | 170167682477bad00fffc2143759faa742c041b743a870a79ac523bda1c550e179148ba363b2fecb0b2d6dbb082edc695fccb6a89a850cf4a7b5d34be3fad817 |
C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe
| MD5 | 403c73c1f5f7a0e8429c5719796846f7 |
| SHA1 | 750000139947be65258a312c9b16f5e995e9ca70 |
| SHA256 | 19cde1c2612b9bf119fa7378735b44f8ad57c793d024d53970e300308cb85d68 |
| SHA512 | 8fee205c21e0593eacee0822404eb862b0cb0524416e66543649e365e8c2ee0dc5be6db47347f8b6df61b1dbb0d12abce0f772c2847620f111a0f9ad0421d17c |
C:\Program Files\Java\jdk1.7.0_80\bin\java.exe
| MD5 | 1c5be9fc69cd523391bb4e80d8c1f56a |
| SHA1 | 968fecf31aa29cf82b095f2d3b8d7d2aa93c50b4 |
| SHA256 | da41a5c560745a7a783a478ac58efbed461b94dcbd6a3b6979b274bdd3b77846 |
| SHA512 | cb15d9c1fd35a6ef0aed4d0a3172d64d6b9bbae5ffe1600e695e3505fe3df9c13acb03213e60ace9fb2d7e676b22b20d37fc21e4af91fb37fc3a90b730573b67 |
C:\Program Files\Mozilla Firefox\plugin-container.exe
| MD5 | 20c8c5ba26bd92b0210050edf11d23dc |
| SHA1 | 9fe5d1881be9e09780280ad43799b0ed439e6270 |
| SHA256 | ba142f2ebc41cc2c78435840df68ccf923d996c4e060b66e48327c455926d016 |
| SHA512 | 65b78bbc3678ce33aa4402f517bd79ae53a790dfbd7c2733477e9b8678c008ef05e4f80dd759519e667ff7ede2990f47c74db9123a9604855cbb93f21f24fc28 |
Analysis: behavioral2
Detonation Overview
Submitted
2023-10-18 12:08
Reported
2023-10-18 12:14
Platform
win10v2004-20230915-en
Max time kernel
147s
Max time network
161s
Command Line
Signatures
Azov
Renames multiple (396) files with added filename extension
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bandera = "C:\\ProgramData\\rdpclient.exe" | C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe | N/A |
Enumerates connected drives
Drops file in Program Files directory
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe
"C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe"
C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe
C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=80.0.3987.132 --annotation=exe=C:\Users\Admin\AppData\Local\Temp\edb12949255bb127a3e9c280181d1e227e1e99e445381b5b1cbde57bc7070260.exe --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=80.0.361.66 --initial-client-data=0x1f4,0x1f8,0x1fc,0x1ec,0x200,0x7ff7b37cb840,0x7ff7b37cb850,0x7ff7b37cb860
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --force-first-run
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdaeaa46f8,0x7ffdaeaa4708,0x7ffdaeaa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2676 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4612 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ff766fd5460,0x7ff766fd5470,0x7ff766fd5480
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4612 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,14359689070380744136,5825889212397450295,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3288 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.136.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.211.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.202.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.109.69.13.in-addr.arpa | udp |
Files
memory/4344-0-0x0000019E8ECA0000-0x0000019E8ECA7000-memory.dmp
memory/4344-2-0x0000019E8F000000-0x0000019E8F005000-memory.dmp
memory/4344-1-0x0000019E90810000-0x0000019E90814000-memory.dmp
memory/4344-5-0x0000019E8F000000-0x0000019E8F005000-memory.dmp
memory/4344-6-0x0000019E90810000-0x0000019E90814000-memory.dmp
memory/4344-10-0x0000019E8F000000-0x0000019E8F005000-memory.dmp
F:\$RECYCLE.BIN\S-1-5-21-1926387074-3400613176-3566796709-1000\RESTORE_FILES.txt
| MD5 | 78ede93114e65f9160fd03d3357c56e6 |
| SHA1 | 88d531b101e57655f1d0d26c6b3257aa2468d460 |
| SHA256 | c97412fbf88da8f91099a52888dea4c3f222cd95af3e681e3271cbca8b6b7bb5 |
| SHA512 | 074a4c741273902ccacb6f573b96d8accedb2ee405dbd04350cdbf54d180c1fd577a4e90c2aae26bf72f3782403f4494db6e3501a04cfd9d7d81a6bc14884b9d |
memory/4344-12-0x0000019E8F000000-0x0000019E8F005000-memory.dmp
memory/4276-369-0x000001ABA6FB0000-0x000001ABA6FB5000-memory.dmp
memory/4276-374-0x000001ABA8A90000-0x000001ABA8A94000-memory.dmp
memory/4276-388-0x000001ABA6FB0000-0x000001ABA6FB5000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | dfe10809a1a3bce1a75f1348fe8f9655 |
| SHA1 | 93fc4ea370f02224fa4fe9dede06428736a57c1f |
| SHA256 | 4d86687035c277dcc6204b8d7368c3efccbc82dc49ee7d3df37f99b991d04fca |
| SHA512 | 22b05284bbcd608e2ee280ee8f590f0aa6ea81a92806fe45e48a529627cfc433c25a874d0911d8278194a611f84dd977ebc2dcdb11df3802e95b064d5d834aab |
memory/4276-375-0x000001ABA6FB0000-0x000001ABA6FB5000-memory.dmp
C:\Program Files\7-Zip\7zFM.exe
| MD5 | 9df11add9209a9d6216a02f435ee2730 |
| SHA1 | a9b85ce1c6b49c6fe66bdf2386cd172291bbfd12 |
| SHA256 | fc17636f4f6223aeb2a74ffb83c494dd78f48db4ad9334ac4758aa6cc3eb02d7 |
| SHA512 | e63d4ba607a9bae60bc3d455aadc4e5b7de695e5b20c89479b775fc44e43dbd0e296b658de45011bbddb68a76198954e58d3dfa38373919fdc4187e90241e782 |
C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe
| MD5 | 89b12ad4adf3e0a3f6333e59e4067630 |
| SHA1 | c83a7cfdd280c1436e74f3d4c4497877f93de030 |
| SHA256 | 3f7e3b62e3593744a9523cd73c7b7db7d165cbbeedd622962ac9329f147e0070 |
| SHA512 | 8e54423919e6b84e456e76ab8b67976b412c11adac87de1852f51c78bafcd9d1fdd026eefe1bd628653785c60f1db7ebd60d1ac53bd315916c87fa616e6d1ede |
C:\Program Files\Google\Chrome\Application\chrome.exe
| MD5 | 31383fb75927cfad4e76054b1398784e |
| SHA1 | 35476b1e71f9d45f05e9ee062a656c42c2a4994b |
| SHA256 | 8b090cea21dc0587ff97f701c6f3a9897e21c0fc185fbef671d61fb9c35809da |
| SHA512 | 7d7a20feb7ffee26ffe4eaa9a0245f0e3560b90aabe98c926f03f142ca5c3fb6c5be4256381cfef60ee1f569c075e0b377ec63917da3bfe6ced6b204a49af907 |
C:\DumpStack.log.tmp.azov
| MD5 | 8c942f9494c03db5ae085742f4d19d16 |
| SHA1 | 2742aa9f460617562ea3abae928fd41221161442 |
| SHA256 | a2507f9bdefcfa47fa9f19748e3c110b80d92d59f003880711ed0ba9e1913762 |
| SHA512 | 719ea89546bf02ce7b90f22a0e3944e10943f7837146b4a04ad3066f49d38388e5b58fc7902a3ea8fe2dbea0eefa3cc2199dd6fa1be2334290b1fe37b5fc94a7 |
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
| MD5 | 92db826f2f878c2638deab35c97e985a |
| SHA1 | 365efc33ed2048d63b04df09efbdc7c79768a119 |
| SHA256 | c169282c6da1f5586b492575997cc8d213b4d9f50d45a28c25543f784c380ad4 |
| SHA512 | 8b239ce104a5711579ce75cfb777d5d285fe37f2432bcf3dfc6f7fbc83e0f7947c8b6860531c9846b94928742a69565fc0e1a4016a821ca9462c227ce3bd16da |
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe
| MD5 | ab9074800ae3d066910c5b30573e142a |
| SHA1 | 3c857b09da58b684de99b36fe752e1578b6a394c |
| SHA256 | 3013935521d4146d7a89d74d349c6f925901136ba6f0b0672d575e30a6250bfa |
| SHA512 | 95b378d218a3c96105e61a02cf13bac04967be513a976c4262777d52379ea39745e3dda924eee7bf574984aa549a35355649a22928e0ee502aaadc19a67c8e78 |
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
| MD5 | 658c9c203aae6b2cac86cfb629f0a0e5 |
| SHA1 | 67649eb651ec3499df26ec1572ab604c393e9da2 |
| SHA256 | 45cffad9ab65995f1a849a308168cf3631b4e3d14c705728e4d52852243403c1 |
| SHA512 | 53087a589c2f6e24507e6732a3d82168c6def6cd118e9400c661219bae53ec8391e4635ce751e7887508b8e618c22a125196226bd462948df7162dfde2fae865 |
C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe
| MD5 | 1daae24f832571c50c6496ccfc938430 |
| SHA1 | d0e28f14a00cbb4d3996710dbf609d3514a4f05c |
| SHA256 | 73980e35c0060157daa97c9138b89886384fb1e34beaff0090fb7e6f4d694d1f |
| SHA512 | bcae8dd9370f100fe8f18dde592f21b354071c3c85f489a0514fa364cb732f1eb684b95cd3aa65ef498957061d0ac5d4e8e9f31e6971cd901b38811176ac74e7 |
C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe
| MD5 | 2d436bca4516fd9926426496a6800e77 |
| SHA1 | 1b1834d8b00791db64a5425396b862eaf900dedb |
| SHA256 | bd19b47553c16ba5b1d0186ba884fe61dd16c909340fb89b2ff46530b36e9f78 |
| SHA512 | 44edeaa7bd4d48924aba23cf342851b56e1c36a9cf78377502ab450d04c2453980e87994ba0e1f561552f5a1018e22739b8d7e951a17f5f74d90631f77033409 |
C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
| MD5 | 0fef1cfb28dd37f257255cb24e6d891d |
| SHA1 | 79690a5d6decec205e011c9cfefe4b8d9f51e2dd |
| SHA256 | ec9e608700e964e47e483c49e14bbce10ef3015e27c5c57e49fb83448a8d4f5d |
| SHA512 | c396d8bf4033c0bf545ac8b8b4d9b382af4f6b125e540189d189cde9c1848084a7876df6e30ee0a72828d2bdf9713c4012d7a7e999647a04be66f9d7c8860fed |
C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe
| MD5 | 93bab33eb2781091703c99503d12ce18 |
| SHA1 | cccb49ff6ebbd0e7b0ace3c01eb72f46bcd1be20 |
| SHA256 | 3ef3ad788bb8d5cda20392d6588c7851643bb57c21c93586601f50c5bda05d1d |
| SHA512 | 416aa5d42a89ab971f6cbdc07e72d8c8ce46a494f44ab07adf4f3cbbe33c990cc1cb61fe77e8cdc9f07fc643624c981fa6fb7a48ecfda385c60f0e50b6c91483 |
C:\Program Files\7-Zip\7zG.exe
| MD5 | 03c8578c7f459e31572bf2106ec6e20e |
| SHA1 | 27034d4277f8e41cb1b4d607563819766b284d94 |
| SHA256 | 41736743c4938c8b282299cfa151a748c01271737ac03d9bb5c76b84bb5df494 |
| SHA512 | d788a35df9b1f5fabcdc14a4133110923d6459f5016dabe820f0cb55e6438684da4ad649cef650bf29b37a53ced153d264ca2c2d22a85f6ff4356ae61b2ec268 |
C:\Program Files\7-Zip\7z.exe
| MD5 | 8ab7f2167418214366753018df610d64 |
| SHA1 | e059c1f32ea541880b979757ea801cc087880d50 |
| SHA256 | 925fc7a279b3c9daaa9897c14958ca78775e8ab6a439204bb3e717a0950a655d |
| SHA512 | 8cc2c6662b7b0d2f479776b6ee77760853a622c63bc90b5ef1b793157de2b11d9bcecb9cbb75adaca2009bf5d6114b53bf0c5000bc55a6e0ea6fbd633ef707bc |
C:\odt\config.xml.azov
| MD5 | 15d21ead22149a1f5238f4e26f8f890a |
| SHA1 | 4f9a5712116f73e5897972e2cd8aedeac66f6d96 |
| SHA256 | 03c19d56d6577014c2c0e996c9260be40740811b99ce4dd0e3dc8e45ec7ea266 |
| SHA512 | 12b498d4479e8c0ee7ca3d9f09defad2fd56dcc2db66c0648c123249c6c6cebbb3ea442570f2ad84ab8b60ae2395d820b46b5c7d94c55c8b9df2539146fb9bf4 |
C:\Program Files\7-Zip\7z.sfx.azov
| MD5 | 466d9f76ff974fc56018fe5535cd7d58 |
| SHA1 | 0afbc293f9966eff58b2825c9dc3c6396d233d41 |
| SHA256 | 886bc62ec393f1a7aed06fa471fb969e7f452120dcedd1754d20e2001810bdb9 |
| SHA512 | 806400d9ff1e7e1299774bab56435b8742964dd72680239687372cb6c63a5f7ebe7d12735bf460f595e94d725778339b4303f024a22f0bccfc0eb1116c450415 |
C:\Program Files\7-Zip\Lang\an.txt.azov
| MD5 | 28868c213e42c7f6d96c9c1d1c8e5aec |
| SHA1 | 4c3ac363d7119f01811493e154aef22af649e228 |
| SHA256 | 666742b4bb4dbfde4394bc815a6a29aff30fc94f79b67da591b6978869750cf7 |
| SHA512 | 7e81cfa4d381afe0b0b1fa6f4a35dcde637e4c83a082e63d72a62088c46879bf29b69941934b2eaa9b32db8e4d36a0063d67305073dce72d56e6e389a15cc25f |
C:\Program Files\7-Zip\Lang\ar.txt.azov
| MD5 | 7e8377e4af31780b1349b1083aad711f |
| SHA1 | 449b2231a9d78aeda1881a26a562bd2718a209a8 |
| SHA256 | 5b01d7910c9fbfdc433e13b77338bc8ff7fa9afdb5d78afff5938f3a767c1bcd |
| SHA512 | 5283b9684b235a4883bd86d32d423f4c4b38bf5deee8a8a86cca1ef1812f74dfeff82318c57e9243439cd849203448f254e98f675b80221b6126f3db4bffa0d6 |
C:\Program Files\7-Zip\Lang\af.txt.azov
| MD5 | 8c0f7b4ed8f230d2743a009476fc945a |
| SHA1 | c02201d68ded755f7702b82be3bbe6050bf8c2aa |
| SHA256 | 7a6d1ef41485262fd4202c565eb83ce618d73d89347bf7f69f61ef8c2f615672 |
| SHA512 | 8d651a155c6760ddf9fd0f0dbbdb7f44f1ec17638e0fa94b1f29f042dcd0085a38431d82d793d8a26e2dabdc0f2ad9169115305d3b130b9338ba5524abb1fd25 |
C:\Program Files\7-Zip\History.txt.azov
| MD5 | 9d82aa0c64ff8ce5252ccae17198993e |
| SHA1 | 5c708f8e99fa33dc12c279b35ee11c9dcdb327ce |
| SHA256 | 747ef3dd9375516a3305346ba130384a01d9c7f8f9e679d371ddb313c468eafa |
| SHA512 | ac8972ec1dfd5cf9fbc4378f42e575863c27b670657b1ee6f5c80834ed013682848f2051d33727d6b82f417ce9993d96a8c4e6a565fe11df4e4fec9fabe6ec78 |
C:\Program Files\7-Zip\descript.ion.azov
| MD5 | c04004778c41aa3909376ede50610598 |
| SHA1 | 484be09d258a8a100fa41497c0ebcbaebde242bf |
| SHA256 | 00b4e00ac87a878c7c41b02cee1511567fe06050970a54f35fb6a4a77a11b81b |
| SHA512 | 6b1ad38685328de4e944985303399be63987b07a87bbc6e95192790b3fbda9e3947168584d5e2bde354999f32001756dd492bfcfd87fc5a669447e00d32806f4 |
C:\Program Files\7-Zip\7zCon.sfx.azov
| MD5 | 7fedcf3d19a0c05bc914130c6da8b60c |
| SHA1 | bc4f9d76681bab347a4036e0d04f105059b82274 |
| SHA256 | 81e014f41df641ddb5d8f37f089ced63279ef3a50677a88f70118d25f9f56667 |
| SHA512 | 919279d62610f7572f4136332939dd066165d2eb98b8bf16721159ef1abdd86afdcffb61f1177d3430ddfe18c2307dfffc5bd1303fd694469a8948bc4c43a4de |
C:\Program Files\7-Zip\7-zip.chm.azov
| MD5 | 61719b5fae0f843a1e4c51f62a0763a3 |
| SHA1 | 90e437bf08e9c2f464ccf9b3973f9a4bf7033d03 |
| SHA256 | ac8277f22d5fee6507ca57e816bc721ed62c1d0b3806196ae9c827d5ea003295 |
| SHA512 | d5433523deb444e3bd5a002b7f83282a1e063e234bc7e0e665f42bdefad00a3223a7631d289c949eb9b9765f97f16ffb0195e88170afaea4080fbfef80ccb4aa |
C:\Program Files\7-Zip\Lang\az.txt.azov
| MD5 | 54223bddb74c9687cad6ab839880d28c |
| SHA1 | 73f551c8584e3a4a2518188a02f80ddba7a7a944 |
| SHA256 | 6bccafdcdddf44ae57cc76985990513abe89749cbe8135a05c6f882061b68473 |
| SHA512 | 0926fa87c72f5e523f55df2be6e1c2434963fa0b735aa2f8d8054449508627a6d85888d4383bfd6236e2f759878de331069297db996226c75b97d5f8cdab9eaf |
C:\Program Files\7-Zip\Lang\bn.txt.azov
| MD5 | b37a031524b9d02e0b6475c566d749a2 |
| SHA1 | 1cc011ca58a8a81278d099294cf257f23ad2877c |
| SHA256 | 59b2b6a00909ce52413b564161bddb627f9a93208bd9bad057fc426d428174b5 |
| SHA512 | ac867389cb382e7fd4b50ea6efcf9231b73d91f735d37cbd6c023c7deaebc26ccdb9023769317b6c2200768c0aeee82cec8632a59e23d270ad64bbc53ffe87c6 |
C:\Program Files\7-Zip\Lang\br.txt.azov
| MD5 | 77a48f2bb031fe42f847e63670f7c62f |
| SHA1 | 136fffa9d399fcb1e9904c136e4aee8627c3acfe |
| SHA256 | ab176f3142bc2d2dd395b960c162f4d4eb9d254013274274bcbc981721666be5 |
| SHA512 | a4f9912f6760e8c869af9708d50f52189bd3c389aac3239ffa5ff63f85d589238fd5170c18c6208b24704352bd75f6a8adba59a8bd08ec9a120425a4600d5212 |
C:\Program Files\7-Zip\Lang\fur.txt.azov
| MD5 | 34618fe74c73458e836dc07c1168565a |
| SHA1 | c9802f27feef49cf4826066dd12d1e6e02269265 |
| SHA256 | 7fe602cda320f8bf099800d722f2b2d8d32f418411dde9d174044fa5837d1b6a |
| SHA512 | 4bf4438e27de975415bf3060b8087d8268fdac6dfe677a28d4a5d66640c2000d059d85b034ecbbf94fe1d31316e290c2c4d6125ea23699d762659d578b307a10 |
C:\Program Files\7-Zip\Lang\gu.txt.azov
| MD5 | 23fefc02c7287be6e56afbdfa439888b |
| SHA1 | 0abf367ad375d62646b14e978faa12429734f041 |
| SHA256 | fffb76355972089060a4bf10e4f7b4f30c9ae23485340138c3330f5242523b97 |
| SHA512 | 47892f815ee6ad152a5f93a80d983923afbb2d33c2f7622c64eea4abb85d115da62d7a0590e927cac403e99de038acf8bb5552d83c9fab97fe319a6268397d12 |
C:\Program Files\7-Zip\Lang\gl.txt.azov
| MD5 | b55a668c2d09ba70f54f181f3273fa98 |
| SHA1 | fccd889fa20e6e34889e1da5bed3a89b4046beb2 |
| SHA256 | 31f1c18d2e55afdc933aa022a6726cf0de7e10c38c075d6557549c6d224e85a0 |
| SHA512 | c51730db931abfbd25955986fc6a2c6dba47d069d97ea2d61b9feefb022fc0215cf934de69e260474131bf407c82f141671e7fb0cd367c4c8f6ff738bf053d88 |
C:\Program Files\7-Zip\Lang\ga.txt.azov
| MD5 | c2b2861c60fb2e787f1aedcce58e429a |
| SHA1 | 87908e449702b4b39c656f7d9bf6419382d8d0a1 |
| SHA256 | 6fe517cb1e24aa1dd8672bf5617458b9b3e47ba16d271f9565d15cafc7a5bc4e |
| SHA512 | 1aa4487cfb50e7fd0d51cbdc59afcae69b5e6bf81df34cf78a10a644c9175440502dcd611466252b4f674e92bc47d2a679807bd84186ee298295cf2f1dcafb21 |
C:\Program Files\7-Zip\Lang\fy.txt.azov
| MD5 | 714f83940d0589fe5ac2efbb0df495db |
| SHA1 | d52d073bde0f61b1394cb8139f58bd8993bf8f91 |
| SHA256 | edd06f1ee954ee13f1251d01a13f8b1fe38519dc1aef1c06df9fedee5414fd1f |
| SHA512 | d397dd29774abc698a4392ed7116174637587e01862a4fa633e02d72f9950973a0bb65137fdef9295f9b58cdad921c6b23b3e564b2662a1b69589620c7047d4d |
C:\Program Files\7-Zip\Lang\fr.txt.azov
| MD5 | 7a3964639f63f582afccc44da92944db |
| SHA1 | 398bc9d8516f9eec8457af198c195b617b16848a |
| SHA256 | 0b49f94252a34243b74ebb30592ac229973a65828534dab410446600d840cade |
| SHA512 | d928a29fd279c77f7c3fb714138b373a4b0824b471fc214bc32cff5b2d987950e16ec0734f37788160f72dd46824e1fef837a6549cf2345bd45cbfab7d62d21a |
C:\Program Files\7-Zip\Lang\fi.txt.azov
| MD5 | 3a9351793447e69d649d47920882e8c7 |
| SHA1 | 294f528de1459fd0113ae80cb14e5c43a47d59cf |
| SHA256 | dd77a1ce91f4213d4bbc727fd8f6957f1c8529415a7abde73e48bb67a474a3ac |
| SHA512 | 177676b7b2659dd2311e1f7d5cf637549f67eb3afbef7416d3407fe981faad2bd52405ce6e917e9a63f2da32e384434ccfb29920c50018d7ec99f4cc4ce51c0c |
C:\Program Files\7-Zip\Lang\fa.txt.azov
| MD5 | d4c9d578bfbe6e0c6d7b23af540e61fe |
| SHA1 | c8a00187bda9dceec6cbe09397e3ba1d957c548a |
| SHA256 | baf8a941b60340202da381ec308727b1db2a8d707ea389a5340e1474d895e647 |
| SHA512 | 54ff206d576a5569ac486327dd4fc5a8e2a121909f9d5bdc9c56c9bfa486283a1283860a45d0987859dfa8a5ddcbe72300ac151d972fe83bbd55509494ab0846 |
C:\Program Files\7-Zip\Lang\ext.txt.azov
| MD5 | 478a2b6c00dc47f8755debe5abb34479 |
| SHA1 | 0a8e8fc8e5b88ad8efaf557de0202567dc5a9319 |
| SHA256 | 146449d10b532485c0dd0448a8e4ae68acaf6c6bcfb75cedc196c38ffeefbf41 |
| SHA512 | 6cff2ff66d260e7586b9579c239eb7f6d70d29076574c986fc123cb018914d6d7c48e466f530f70a4c7a56424aed4946e4196bf7318b8c3a058b2e2809a9a123 |
C:\Program Files\7-Zip\Lang\eu.txt.azov
| MD5 | ded306bd630d21def64cf6cc0d33d26b |
| SHA1 | 8e78207ff617736b8bf47171261a6b20a00ba1b4 |
| SHA256 | e03560178f973221222564540d1d2258f00d7aaee9ffd8e39af20ed87bfaf807 |
| SHA512 | 794e89e9db29750c0469e0c49e6370805c658fda34c23085a3b0331a6628c4ad67365c79bab1b60b14c77630e0baaa6c82ecaf22be379417bfeadf946271d501 |
C:\Program Files\7-Zip\Lang\et.txt.azov
| MD5 | b8d030bda87ac1a26f5b4cb6bd7809ca |
| SHA1 | 51e4829dc3ddfcc810c2b683f50a8407b035debf |
| SHA256 | 2b0e12325f7024dee07d4684ae0ea22b9d01787a7b5741689d9eb02bf975e7e8 |
| SHA512 | dd50a9da8ecdba948a646cc9f14d4649732949b34b4aeef9ffcb1a95366f801f81b504b69b946fd16e29b3212318b990daa4b1d7b1839f0c043828217294ed95 |
C:\Program Files\7-Zip\Lang\es.txt.azov
| MD5 | d7a03973ac4745497e8f3b8b9b1536fb |
| SHA1 | 881d89831be55674c91408e305cb02af3cca006e |
| SHA256 | 060bb62869900f8c7c93667b287caa002e027673e355bebe584c1888ab2eab52 |
| SHA512 | ed01630f946bfd5bb64af78c315fdc3a26212b2a925b4f6189fd1631a9145110fc18c778fdbb87c69ab28abbbe53e57f0bd88bf21cc22b03ecbce8e22bb7d687 |
C:\Program Files\7-Zip\Lang\eo.txt.azov
| MD5 | cebf5f2dd79bb505be0b42d60bd85689 |
| SHA1 | b1071db94518df36700d481c05c1cb42169fe3e9 |
| SHA256 | fe08d2c251a921f23fd7421081d0a811576509d437aaa003a28fe5c74de44f5a |
| SHA512 | e5564205fd9d69b324fcc3129cfa2b70dbab128909b6eadbb95da21d94f0dce68142f95f90cb76e8805da7f4775eeda2bbd2d4746dfed0b62d4b12a665229b8c |
C:\Program Files\7-Zip\Lang\en.ttt.azov
| MD5 | a8830bae68d123edd517bd7a1e154e83 |
| SHA1 | 90d9cc5035fc16107e7c29bb702de199eb74f0cc |
| SHA256 | d6d29a1b41e3c532ca826fa3dc5aec575cf680b0bb5ac03e6e2bfc93efff83ce |
| SHA512 | a43dadb55ac9ee01799ec00db38156aa65d2f4da01fb4ea677aa50797c17ef9356f84fe7c2795b24c4ba10d95fd3e5681044b4cd99e5e0fac2f98fe43af6336f |
C:\Program Files\7-Zip\Lang\de.txt.azov
| MD5 | 55f54a2c98e567e232d2eeff182f6ec1 |
| SHA1 | 9ef532cda87b64873a5e9f1b3bf55645801ac314 |
| SHA256 | f1bb78d0bc4678c021b8b3f0309f4541f7e9f94f1b903e6f6752356805eb60d1 |
| SHA512 | ae3107c87f3ca938b96d2d779e64f34cbdf7cb5bf914039cb50fee3af494b305bc3871e20ce50434b4865d9b84b5dc76f5f1eec07915a3ed978bc5b09ca01b5a |
C:\Program Files\7-Zip\Lang\da.txt.azov
| MD5 | 45821d1bf01d3da1875ef4e2d020bbe3 |
| SHA1 | a04dfd553354a6dec3fcabac70433bddaf516726 |
| SHA256 | b452ee9d4f3644f8033f0671a5ff8474a4597cc0fa42753d0b73db5a0d4762ba |
| SHA512 | 2ff2b5295c69d8224754c2554478a5105b433e595ba28fc1d28f3778f9cb042dc99c203e07bb23b196b1506cb84e51779c9a1eb04dff7dc18e335e38484d30f1 |
C:\Program Files\7-Zip\Lang\cy.txt.azov
| MD5 | fe4fe8ebfbdd4640c865c19e56c8d3a6 |
| SHA1 | bae815b856f41f66be21ba692678dfe10e7bd3b7 |
| SHA256 | 006f6398803cd683f8848acb397a05d0bb0e8a2d1724ffb551b8920c60bce3a6 |
| SHA512 | 926ed6fbff4b2b727e5ea083d264c46bb22a43bae9b97a77c49ef0a1203a591de95ab730087fc106d9f3ad410ad1a143543227310ee1258b2a4fcbfdddbfddf7 |
C:\Program Files\7-Zip\Lang\cs.txt.azov
| MD5 | 43c541c3404460d61c2c0f04fc15696a |
| SHA1 | c98bcf0b98bca5cfe36abded21fab86a986dab23 |
| SHA256 | 0710e5efd009d2081b1d0c166314817589b8befe93bff32c05f04e360ba22e24 |
| SHA512 | 7beecfa78ae31d215910eed6d0adc903513e45b31a1c7e85644e1f7b2101bb11e30fa84b1ae7271a5061132dad6b0e01a67cc32bed391a6eb276da90443e146c |
C:\Program Files\7-Zip\Lang\el.txt.azov
| MD5 | 0b8eaa884655fd36ec787276ae6d374e |
| SHA1 | f082b081c955a29f116bf5dd37148a428b35ad99 |
| SHA256 | 74123a2da890eafab48f329c238400d1b160a6570d8099c2552d53959f96417d |
| SHA512 | 43f747cd4797328d653d77709a846c18eaaf364ebea084b60b910a88d6617ac57e6d1330e56e71df8e242003882bbf34e79b53967492f0e37a0cd3e51c1e5333 |
C:\Program Files\7-Zip\Lang\co.txt.azov
| MD5 | 92ffabf07f1edd812aca664c07887f52 |
| SHA1 | 0bd9dd6b1cc87d89e33777555d0724eea8412c0c |
| SHA256 | 8f7bf6af05aa0b6c296c6cbfb344845435324efa6ff0e2a27115cd0f7159c3a5 |
| SHA512 | ba73676718302797604758484c2dade95f30e03de3d2e3f5ddd685904415aac36faa0744cd58b213173a75d66bf1afb463af0da4a6e05411ee82261a15b43d5d |
C:\Program Files\7-Zip\Lang\ca.txt.azov
| MD5 | 5f2427a88b2f99d1fc23a325469b8332 |
| SHA1 | 00f52af56d6fa27afacbd9fd0ceb8f2cd66d7d14 |
| SHA256 | 8a3edfcd9951af494abc37c20a004f975031d521d9a31a6c49aa53045e2100d6 |
| SHA512 | 86f0f9fbb9b03e9058351823d1b348150cf36cd648dccd00f62aaf505b13eded2492ceb36f8cc80ca1cb90e8f7c01580efdd5f1913925ec309d34b1e5f763e43 |
C:\Program Files\7-Zip\Lang\bg.txt.azov
| MD5 | da244cdd6acbdca92f9c89c91851eda8 |
| SHA1 | 7d6f619ae1de2346ecd79fe4f5f7deedb8a369e9 |
| SHA256 | 62e49c5b5947d19be2c83f32d35e2c8ff9daf3b8481777e261650f0812c3d1e1 |
| SHA512 | 4f9d1c2293bebcf91a59b8bedf7b7cc4422e55948c6b61622024e66a5da4d4949afbaacb4b96795ad11c1fd5c1cb98e6fdde353751a2bbd8c16fb94d1777fdec |
C:\Program Files\7-Zip\Lang\be.txt.azov
| MD5 | 8501e4bf201fffb8c8db46149c2d739d |
| SHA1 | 9891ed259e74661696222225716805f19585e832 |
| SHA256 | deb61fe5b5403e78d0db1a6555ed0031bd8727d4ad97af62db273c46076982f6 |
| SHA512 | fe03054e236817219effdb79153a8983a086df62fc74934009cf579bd7f97286b3e5e96e959a5fd91a56e3d3ac95f9983617e84f642ee446e54263e947cb7aa5 |
C:\Program Files\7-Zip\Lang\ba.txt.azov
| MD5 | 076a6e3d351b19a3b43d995c28811e31 |
| SHA1 | f229fc00d9de4c7efbb83272d9b8142818c6c5bf |
| SHA256 | cb284ef2bd5e0d74828444ec58e294183a8247687dd5a7e2eb0c2f1d116cc455 |
| SHA512 | cbeb4343d2cc0d118a7ff861bdd3423875879dc647793ad19ce8eedaa2f088c5604b9442403da0bd54663c30b8c5f8bff9f33a40fa7fffc18ae4b9c6b21f7503 |
C:\Program Files\7-Zip\Lang\ast.txt.azov
| MD5 | 058212014766b5c85fabc5118ccd8690 |
| SHA1 | 7bfb202092a61debbcabb27c1551f399f0fb69b1 |
| SHA256 | 6c0443ebdb6ad7fe5bef0be8cea4c7932b0afa907938f9532110d2b5c245f747 |
| SHA512 | 1d6de46caf5d074f11a1637e7e59e948309e5ecbfb3e52c67e9a6f4e0d045b68148303f30f69fbcaa0f591c9de1a481b351b9010f837d4df2f05196a1dab053b |
C:\Program Files\7-Zip\Lang\hu.txt.azov
| MD5 | d22164b109a3d1540a95f3c17308e97a |
| SHA1 | 2a974535311a76e010f470b86d920544e8ac77dd |
| SHA256 | 13af266ed2c9be7e927b99199f6d71d010b87f7285484085670eb6b69b114d81 |
| SHA512 | 93fa00dd9b35e6008bf5a0384f6f87dc4c970def8468f9f14bb27386bba3d7b8bc82c87db7533093edfdba35dd2143ed10ee081c216a3dff0e87fe8d0a220edf |
C:\Program Files\7-Zip\Lang\hr.txt.azov
| MD5 | 82affeb9b3a6428095c318a24105d18b |
| SHA1 | 9d7554712d31cb09f66a028c55bf8d6d0846f925 |
| SHA256 | 4e02ae7b520c0e720e9a177bc84ecce36e07c8d22b9a3f0086ea4d08822a29c4 |
| SHA512 | f80300507cdaa0973dbc0e12d0d5063e4d6a83c0bf94b153afebdaf08c87ca34374c7f96ffc5702091b20d77af869cd76a91b6da2eb5718e269d02df4f5c7abb |
C:\Program Files\7-Zip\Lang\hi.txt.azov
| MD5 | 6dae3e5bc3723bb97e4da924ad5511ff |
| SHA1 | c66327de994a3a840547cb176688caf95ef60074 |
| SHA256 | eca1b1643cf3a4b80e7c40dd61c9999ab0ad070b4eac346dcad192d87cc977cd |
| SHA512 | 5a202bf8a01bcdfc32a86efb58b6d627d311be599b23c9e5f24e6171be4155e90ffb92646a64804df949fff443ed1f71aa14795faf8d26b664351a21897859f2 |
C:\Program Files\7-Zip\Lang\he.txt.azov
| MD5 | 7dfab970f4c42e8cda23a3f4b0ae33f2 |
| SHA1 | 93c90c1c6ae0e4000cd83940ebb3e71fd646e59c |
| SHA256 | a8cbef46cd7b995d6af446406a3a0176634655108245f738e4279c91a3fe0d1e |
| SHA512 | 310dc576cdde3ce0e9c04806c82bd11f291a8f734b72fdb40a77c02d4fd2b029b66c4e068d6a0e3c515c2f5158968c2d49d00006fad10633dbc09038376d1ac2 |
C:\Program Files\7-Zip\Lang\ka.txt.azov
| MD5 | 11cc63bb98c50e353568f449c52f5d49 |
| SHA1 | 430b563ee4f16c97b69b03580219dbc7a97513e1 |
| SHA256 | 63717013aa5c97abe54106bac781abe78d802602bef8e7af83f4f6b1c6fa7e2c |
| SHA512 | 04e8b949540bf1e2e7a8f457c778caf73f121616ab2ae28d254490690dec22600b07b680affbe111e4ba2eecd4d46fe7f7c13972ada2d301facff4a76c5fa0cb |
C:\Program Files\7-Zip\Lang\kab.txt.azov
| MD5 | fca80186b9562b25a1c78ef2b0e301f6 |
| SHA1 | 13a5a28be48a71a6524143fd93ca6025441c929e |
| SHA256 | b378fa6b81ccf6d2530828b05c3e83f89904585b5b0636f6ac3c1d7269276e47 |
| SHA512 | 5d615d60747026fe7ecf050176733e9cbf58825f1bef5f08352dfe6d403783a7154fa54f5cf3adeb0351e9859f85cb7b57056f16ead3c120512328ccb7b6f4eb |
C:\Program Files\7-Zip\Lang\kaa.txt.azov
| MD5 | d6642c0fde5b2aab1b048e407160a9ac |
| SHA1 | c9510bff925e53dca59c9fbfd3c0de62e6183504 |
| SHA256 | 1ef0b0bdf7308aaa5a4986b213187989cb6586479b69ab5202064429fa9f656f |
| SHA512 | 780168b8ed99f439885329e9fd5c3d7ce580d52c120d92b37edae51e74ec4b259cb8203e10dcfb21a95ad2b3ec871084dea951168a6c680e444e6fd986c08a56 |
C:\Program Files\7-Zip\Lang\ja.txt.azov
| MD5 | 547bbfc52db321a0a697f4d72dbe0a21 |
| SHA1 | d25707ce17943c934a71e3aeed611e19cbaf3701 |
| SHA256 | ca7f323f9570470d19d2072571b1370a131c09c9782f35e51c3c6186887afd32 |
| SHA512 | d1d7f905ae0de48193a91847132d7ce4acd686eb1834710011f87e5756cacbdb36e2f4b36a869ba51ca5fa72bbf575d0528f0e8b172a9f1055627f45f467b613 |
C:\Program Files\7-Zip\Lang\it.txt.azov
| MD5 | f763408378b56a4296bdef64ee72cdb6 |
| SHA1 | 28a7a599b0bf9651668ae7dfabdba0e5c2ffe091 |
| SHA256 | de5b2c70378fe002308f74261879ef163ea1595d0fc997496aa8f05a298fc642 |
| SHA512 | 58f013cabc7164948fc856dd8681e5b6ae8b105c2d4d19238c2b0a319ef88d40516848dbd3b2f1a7ecefa8b3dae6be88ddcb752ab75b62355951d45f840e95e0 |
C:\Program Files\7-Zip\Lang\is.txt.azov
| MD5 | f8cb7c17b8a0552b08c873240769994d |
| SHA1 | 794a71238d6953d4a6e035fcf32fcf457d0265d6 |
| SHA256 | b04a46e6a771903f126e58b6df8343884962fec0db4d653f9005c0142d0e0db0 |
| SHA512 | f5509ef4710a41aa22570d56d2642c2d9eaee5d4b7c48797f7cc1f6244df053998c164f90366cfb81322f737cd95ae7dc5122378e468367c2cdd4632093e6f85 |
C:\Program Files\7-Zip\Lang\io.txt.azov
| MD5 | 26d9f25ad918e991f932e863b0f3ad90 |
| SHA1 | dff55d54a9ad8a65ee58b59aff7bd986621c5359 |
| SHA256 | 66837489a0a5269014c83df512f3df563d8e7a4842a123454332040c44c96211 |
| SHA512 | 3e092cdba3a643dd81f3e595c1ff4cc3fa4212d07bd294b3968b977dd9fb67c9e987223d51aa40b416987c5a401816658350a0e517eaeb47a576849f2c77fd47 |
C:\Program Files\7-Zip\Lang\id.txt.azov
| MD5 | 1ae9e77ebe44a53e015177982a5d4fc9 |
| SHA1 | 0fd9152464a05c969b3f4bdbbac3c1ff8c7f6b0c |
| SHA256 | 463a40767b9a8af48b9899a15c2318f76fae25e03caa6127c18591cad4555529 |
| SHA512 | ad2c5899b62757bf8d744c2b3bc7ae730cd6b646791582e76c59f8f094ca915f1c498857038247849fdc398653ee33d79306201079e001c7fab16ec829b28f6c |
C:\Program Files\7-Zip\Lang\hy.txt.azov
| MD5 | 5950d2b257c9fd6e7aa4ed8f509332c4 |
| SHA1 | 9593504ba93592a19280265ccd3e30de0229bc80 |
| SHA256 | f2c5daed488cf2b3f4ed3bd40a22095d1161b176f5f8b8c22e070734adf0619b |
| SHA512 | ee7431945db72478aea5e19ab9cc8fce2b920449f1bafba4e22d028aa09503617a96eacb73b80ffaafb6cc1e0cd1b720ee4a8c5b97451e3b073f32abfd256efa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 461ef97e34625f7c9b4494b21da753cb |
| SHA1 | 7225ebf0319ec3b6e78e5de5a22f3d4f5f699613 |
| SHA256 | 991f52d58ba880c92e1a2bda0b3929d1a32e6d534ff45cf4252cc82bccc5af8f |
| SHA512 | 03646d79e83bf8ada66dbb629a22c102edea23ea6342e15ad9fb5bafa5b2b602e43659c083749498d59329a0856cff2673c51afb5afcdfe4fe701a430b5c0c41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c4718dbcf03b6d421fe0b8f5665b3282 |
| SHA1 | 31bf57e94983ceff2923092d2bf9a6e64ddc521b |
| SHA256 | 3882d6d984467f1c91707865704b483e1dbe69b0375cf94ccfc22c43784b093d |
| SHA512 | 0b87bb3e491154482028bee867b3c2e96fd135dabbbcbfc5b5dc57ae16736aac80abee4dfb526a2c77a178d407a4c07b91ee78a9452fa12d6c3e4d62409bffef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4074a99582e7ffe8b3fc5f6c41874497 |
| SHA1 | 81b675257d05238998b8676a6d437d28c07af208 |
| SHA256 | e55662e74c1ea3c1375757eed37f47fc8566c1cda7a062a7ed4315d683a490ff |
| SHA512 | ae586651243bf27615edd3e774ea80043a8398c5811d82e252c2f134320be38237bc4712d7151c41ec6fa01243e48402803c2b5b419b2b4c855c317926650052 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 91a2f26c41c6c91f2fdc68f5885098d8 |
| SHA1 | d93a88d3ca77d2f3cd89d8ef468d51849cef3610 |
| SHA256 | e6e71559ae330cce6baecd05afee620d2534855e3fe6a6b8345606cf4cb6bb45 |
| SHA512 | 2fe7283ad962ca4f32feb89fe0d973b800641e99e629c27d4fc6db97cc9ef48809286695a59d032dcd8d4f893aeca15af452435975eb522a74d2f8ca0b5c84fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a6d612b5020ae9f1f0850d1152a726f6 |
| SHA1 | 9db77048ade5f532f3826c78cc4baf9c23af8cba |
| SHA256 | 607c7f6b3d8785c2e04f135455658b168f4a7df33f18edb86b20168fb246a164 |
| SHA512 | d38dd69946ccd798c7c4489d97904454f8e4ec8dbc3df24c0c37fe46653e4920745eff83da9f2aa6767abbf34e92eeafd034e566493bc15f1fbc89d7a62f2df3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 904ce1c4369c0a0dad01c528f482a763 |
| SHA1 | 4ea192332d5413c457c3c697cf3305f17c9577e8 |
| SHA256 | 4e777ba3f914df2c1548b10ba832849bcfa1370f61a54cb037117a8c559eef3b |
| SHA512 | d4a41abd606d0e29ac00d6b41df0672d15743aed482a8b803c6f7ef32479a4813c5efccb6837ad1b50c56fc3e2142b5eff137f61b794f02f4b5addf94a19a9f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 4a078fb8a7c67594a6c2aa724e2ac684 |
| SHA1 | 92bc5b49985c8588c60f6f85c50a516fae0332f4 |
| SHA256 | c225fb924400745c1cd7b56fffaee71dce06613c91fbbb9aa247401ccb49e1ee |
| SHA512 | 188270df5243186d00ca8cc457f8ab7f7b2cd6368d987c3673f9c8944a4be6687b30daf8715429bd1b335391118d0ce840e3cb919ff4138c6273b286fb57b2b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2c3972a1-3548-4c41-830c-331e93286881.tmp
| MD5 | 42a8f7e7c8052039eafc7f80694cdb21 |
| SHA1 | 765b9738ca38a67091c3e23520299964788f9f18 |
| SHA256 | a7ce73bd58194c73ff578ba6967d6ff89c6ee4decfd2520506cca8d07f867216 |
| SHA512 | 02e302e805cda30a26a7d7c63278a0e3370047f67333b8b8cd7b917b172a6588979276764cb5e99fab563c63f08d75b760637168e287b0d74c8884d6e81ff981 |