Analysis Overview
SHA256
632dd5cb61117136cc2dc9d18a045d6c5c5a84bbbc8a2a2bb7a2b3be2b3bc10e
Threat Level: Known bad
The file 632dd5cb61117136cc2dc9d18a045d6c5c5a84bbbc8a2a2bb7a2b3be2b3bc10e was found to be: Known bad.
Malicious Activity Summary
Mystic
RedLine payload
RedLine
Detect Mystic stealer payload
Executes dropped EXE
Adds Run key to start application
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
AutoIT Executable
Enumerates physical storage devices
Unsigned PE
Program crash
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-11-11 03:32
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-11-11 03:32
Reported
2023-11-11 03:35
Platform
win10v2004-20231020-en
Max time kernel
151s
Max time network
161s
Command Line
Signatures
Detect Mystic stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Mystic
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\OJ2qG77.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1RQ43Cx2.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2MA1693.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3hh91UO.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\632dd5cb61117136cc2dc9d18a045d6c5c5a84bbbc8a2a2bb7a2b3be2b3bc10e.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\OJ2qG77.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 4412 set thread context of 5776 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2MA1693.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 7024 set thread context of 7068 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3hh91UO.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\632dd5cb61117136cc2dc9d18a045d6c5c5a84bbbc8a2a2bb7a2b3be2b3bc10e.exe
"C:\Users\Admin\AppData\Local\Temp\632dd5cb61117136cc2dc9d18a045d6c5c5a84bbbc8a2a2bb7a2b3be2b3bc10e.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\OJ2qG77.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\OJ2qG77.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1RQ43Cx2.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1RQ43Cx2.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ff9e5ec46f8,0x7ff9e5ec4708,0x7ff9e5ec4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9e5ec46f8,0x7ff9e5ec4708,0x7ff9e5ec4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ff9e5ec46f8,0x7ff9e5ec4708,0x7ff9e5ec4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x16c,0x170,0x174,0x148,0x178,0x7ff9e5ec46f8,0x7ff9e5ec4708,0x7ff9e5ec4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ff9e5ec46f8,0x7ff9e5ec4708,0x7ff9e5ec4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x16c,0x170,0x174,0x148,0x178,0x7ff9e5ec46f8,0x7ff9e5ec4708,0x7ff9e5ec4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9e5ec46f8,0x7ff9e5ec4708,0x7ff9e5ec4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9e5ec46f8,0x7ff9e5ec4708,0x7ff9e5ec4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9e5ec46f8,0x7ff9e5ec4708,0x7ff9e5ec4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x140,0x16c,0x7ff9e5ec46f8,0x7ff9e5ec4708,0x7ff9e5ec4718
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2MA1693.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2MA1693.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1824,15286960861438262803,1835054303877083366,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1992 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1824,15286960861438262803,1835054303877083366,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2388 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,1652996056398019767,15647999908440981236,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,1652996056398019767,15647999908440981236,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1992,4289815317279621163,14042291103502246995,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1992,4289815317279621163,14042291103502246995,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,1641934184465045564,9439192352220004268,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,17649662995386918957,11991280054677468842,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,4878499590195754274,4923769240592031724,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,17649662995386918957,11991280054677468842,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,4878499590195754274,4923769240592031724,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,1641934184465045564,9439192352220004268,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,10704671841921452930,13666975700394421277,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,10704671841921452930,13666975700394421277,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,8192440829922577798,5768671767442881058,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,8192440829922577798,5768671767442881058,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,2554888561042657083,17012760163283225524,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,2554888561042657083,17012760163283225524,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4224 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 5776 -ip 5776
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4260 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3hh91UO.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3hh91UO.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5776 -s 540
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5776 -s 540
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8220 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8220 /prefetch:8
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8832 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,1340273727023219965,9908575365409055593,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 /prefetch:2
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 20.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.142.81.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.136.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.78.124.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 157.240.201.35:443 | www.facebook.com | tcp |
| NL | 157.240.201.35:443 | www.facebook.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 35.201.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 104.244.42.129:443 | twitter.com | tcp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| US | 34.203.135.243:443 | www.epicgames.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 104.244.42.129:443 | twitter.com | tcp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| US | 34.203.135.243:443 | www.epicgames.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 101.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.49.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.135.203.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 88.221.25.169:80 | apps.identrust.com | tcp |
| NL | 88.221.25.169:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | c.paypal.com | udp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | 169.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.25.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.179.250.142.in-addr.arpa | udp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| US | 8.8.8.8:53 | b.stats.paypal.com | udp |
| US | 151.101.1.35:443 | t.paypal.com | tcp |
| NL | 142.250.179.163:443 | www.recaptcha.net | tcp |
| US | 64.4.245.84:443 | b.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | 35.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.245.4.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dub.stats.paypal.com | udp |
| US | 64.4.245.84:443 | dub.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c6.paypal.com | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| NL | 199.232.148.159:443 | pbs.twimg.com | tcp |
| US | 104.244.42.66:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| NL | 199.232.148.158:443 | video.twimg.com | tcp |
| US | 104.244.42.133:443 | t.co | tcp |
| US | 8.8.8.8:53 | 159.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.194.73.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 8.8.8.8:53 | static-assets-prod.unrealengine.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| NL | 142.250.179.163:443 | www.recaptcha.net | udp |
| US | 44.214.245.214:443 | tracking.epicgames.com | tcp |
| US | 18.239.36.73:443 | static-assets-prod.unrealengine.com | tcp |
| US | 18.239.36.73:443 | static-assets-prod.unrealengine.com | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 73.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.245.214.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| US | 157.240.5.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 104.244.42.130:443 | api.twitter.com | tcp |
| US | 104.244.42.130:443 | api.twitter.com | tcp |
| US | 18.239.36.73:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | 35.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| US | 157.240.5.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 160.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 34.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | talon-website-prod.ecosec.on.epicgames.com | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | udp |
| US | 172.64.146.120:443 | talon-website-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | 120.146.64.172.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | talon-service-prod.ecosec.on.epicgames.com | udp |
| US | 104.18.41.136:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 104.18.41.136:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.219.90:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | 136.41.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.219.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | sentry.io | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.72.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| NL | 216.58.214.14:443 | youtube.com | tcp |
| RU | 5.42.92.51:19057 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\OJ2qG77.exe
| MD5 | 53fd01785d85ba56698592dc66a53f0a |
| SHA1 | d61cd186e90ee32b71ce4bdbe714f58fe2fa8ca2 |
| SHA256 | 672abeed912ba250abbe0ed0829be4bc5111ce4640eeb5ea8e98b7fda98b8045 |
| SHA512 | f3d5360c5ca64be35173e690b5c020f5dab34a4a92bfa0cce59fbea53571ac59c2f709c1d21e4635561a0979a244188132048784dedfc60fe0e7edac6049303c |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\OJ2qG77.exe
| MD5 | 53fd01785d85ba56698592dc66a53f0a |
| SHA1 | d61cd186e90ee32b71ce4bdbe714f58fe2fa8ca2 |
| SHA256 | 672abeed912ba250abbe0ed0829be4bc5111ce4640eeb5ea8e98b7fda98b8045 |
| SHA512 | f3d5360c5ca64be35173e690b5c020f5dab34a4a92bfa0cce59fbea53571ac59c2f709c1d21e4635561a0979a244188132048784dedfc60fe0e7edac6049303c |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1RQ43Cx2.exe
| MD5 | 92c65edac9e864aeebb0fa4de9d9197a |
| SHA1 | 6add65419007e3c16db09f6350dfc61173dd3d6e |
| SHA256 | f94678c2cf335128b795cd703006899459aa774ea7a609dd224f8e89392138af |
| SHA512 | 65cfc9f6268f806cfde3ceb299a7e67891b744188e9126515a0a38a818a1e432394017ce40d584c67751787c567950586eed4baef74666f354182d6fbab0c00e |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1RQ43Cx2.exe
| MD5 | 92c65edac9e864aeebb0fa4de9d9197a |
| SHA1 | 6add65419007e3c16db09f6350dfc61173dd3d6e |
| SHA256 | f94678c2cf335128b795cd703006899459aa774ea7a609dd224f8e89392138af |
| SHA512 | 65cfc9f6268f806cfde3ceb299a7e67891b744188e9126515a0a38a818a1e432394017ce40d584c67751787c567950586eed4baef74666f354182d6fbab0c00e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2MA1693.exe
| MD5 | 3effbe6daca8d744257f6dc3be752656 |
| SHA1 | fb43cf0d5a4564dd44db55e04b9820e4cbd53426 |
| SHA256 | 07c1c30df6cc94ff7889c99143c172c71b68c2fcbecc41288b0983ed72ba6e78 |
| SHA512 | 1818e6b62120cf73768140a43f71c104cec87a25520c222b49641e577457079742b02c567e92c60ebbcdec1710c3d3e481dd23d1fb5f7bcefd024a1e36f7570e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2MA1693.exe
| MD5 | 3effbe6daca8d744257f6dc3be752656 |
| SHA1 | fb43cf0d5a4564dd44db55e04b9820e4cbd53426 |
| SHA256 | 07c1c30df6cc94ff7889c99143c172c71b68c2fcbecc41288b0983ed72ba6e78 |
| SHA512 | 1818e6b62120cf73768140a43f71c104cec87a25520c222b49641e577457079742b02c567e92c60ebbcdec1710c3d3e481dd23d1fb5f7bcefd024a1e36f7570e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
\??\pipe\LOCAL\crashpad_2912_TXFNGVYQQSYKXDAW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
\??\pipe\LOCAL\crashpad_4224_AVCASLJOEDZYMIFW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_3796_YTGLGHOSVHGIYXWF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_872_GIYZJMOCZSEPSIIO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_3840_KIEINWTEIEEBARJU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_456_FTZWHNQZMNZGXKUK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_2672_YQDXOJBUNWGDAALJ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
\??\pipe\LOCAL\crashpad_4396_HMJUQRFZZOVYWKIM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_1112_NYDACFUNRMTKNJOS
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/5776-152-0x0000000000400000-0x0000000000433000-memory.dmp
\??\pipe\LOCAL\crashpad_644_BGLUFDYZCYGUJBVA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/5776-154-0x0000000000400000-0x0000000000433000-memory.dmp
memory/5776-156-0x0000000000400000-0x0000000000433000-memory.dmp
memory/5776-153-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b5a4c3a20168555036ea5afb978352ed |
| SHA1 | 489598222de5cc65eafa54a37c67ddf31632258f |
| SHA256 | 3f578acfb4e634a64898f28922e5c7f9804c516d8895f05a3bda3583ec87daaa |
| SHA512 | 3303d40c91e8985473ea5f374261ee2593aa0705a7c3d247b8a5c1b4ed48eb8e7cd4c2f453f2e6a2187140fe53b81758d75630365b2094e83b986cff6796b6e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\5fdcb036-efb5-4165-99cb-d6fcea3b9679.tmp
| MD5 | 234d3f95c9e5d4f666ce402468084d39 |
| SHA1 | 1ae955f662aaf91747c26230ecec0e1b13249b19 |
| SHA256 | e60edc0cae67988cd0dfe9f0e4065ca7789b76758f2f166c3bcba744e3cfc0e1 |
| SHA512 | 35e05c333da2b0e99f1226f02859c5aacaac60a8ec12d4c45d9f7b080ab0ba6345060cd912e6aab55ac6a8d10a17b81c82bfbb1dc7553172592d0535b68ac01f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\3c93bd06-9277-436e-812c-c98abf20714b.tmp
| MD5 | 67bd729014692ed6ca0dfeaafe6bda90 |
| SHA1 | 295c326e4ae3d8189b3509edf70d16f34602b473 |
| SHA256 | 034825f190987a0950efae95dd94f56abb288055a818b3778bdda5cf8b1f396c |
| SHA512 | db591a7e751d450f4ae03536b33dac15960620ab9c27b66dff26f56a9952966cca1627e169517e608a8fb5c168c369e6e543cf29e4474ede3ab6165c9c939146 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 090b8a5f8a983f56e7bb079a17d8eefe |
| SHA1 | 319a3ca48a2792d06af72a542f2169a4fbe40b62 |
| SHA256 | 42b8989450f9446a9972ba6fc9846cb58c4f8cf357abc0b09987cc59df0c0dfd |
| SHA512 | bd54ca4f3e155285b30e27552dae64c67e50259efe9b0992105b38ddcebbcca7b9e4e7cd9e6cc37a9353c7067ece843e5e102bd4b94ad380fe5a89d7805ed8d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 090b8a5f8a983f56e7bb079a17d8eefe |
| SHA1 | 319a3ca48a2792d06af72a542f2169a4fbe40b62 |
| SHA256 | 42b8989450f9446a9972ba6fc9846cb58c4f8cf357abc0b09987cc59df0c0dfd |
| SHA512 | bd54ca4f3e155285b30e27552dae64c67e50259efe9b0992105b38ddcebbcca7b9e4e7cd9e6cc37a9353c7067ece843e5e102bd4b94ad380fe5a89d7805ed8d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\f1d40450-c802-4f60-b6d6-a21900db9482.tmp
| MD5 | ce11a1e32e84d6dc1f1c5e6351588ee2 |
| SHA1 | 39a811c3fbe9ede1684b4c5a8355e4410acb585c |
| SHA256 | dff73e22f107fb478c5b112fc747f4f4c8d043fb6b16681c15a4142c3df28095 |
| SHA512 | f9db00a80564b90365d4b0089767d90a37f6a859ef753c3c274c35bdc3abaeda98442df0134556c6a7869f93c3a2be6b25dda55de5c8e9b113111969fedc865a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3hh91UO.exe
| MD5 | 4664ff6cc58d250bfa9922ce2d3c9ea4 |
| SHA1 | 3ad9f22546816cc7acbdf884a994a7fd0e01a987 |
| SHA256 | ca96f950f1fb158ec6354de9657d28113befcde88292f0b16dd807c97dac091c |
| SHA512 | ce942f6b690d334ded4c2def0034bf229cc42755d21af07d519e60de7d12594769e1a881d598bdf781e072e7f06c7952f5e5f6dc48ab1b437a7b9970bfc1fea9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\3c403bc8-964f-4589-a7ac-9f640a0e971e.tmp
| MD5 | 70ee38ddbe1a079fc4b90fdd5ba3701e |
| SHA1 | 1aaa22af1b27d3ae3a54601e65be4776641b6899 |
| SHA256 | cc13a9e6825d929bdd1ed7aca32a9743d01acb2a4d828cdd5b037d972e85b673 |
| SHA512 | ed312b8ae502b2aff141f00b1d88a1674325638dfe959afa79fdbe9e79c5020ac38a2d980e85ecd2b879aed15dc25a22bc9b0aa021a8706c98add5433732a8dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\be7bcb70-d262-4e60-8788-96356cb6bb7b.tmp
| MD5 | 693ea2f26f1dd656a4032b1975a5573a |
| SHA1 | aabdc02d6faa9e0259e7bc9df4b0842b26a74317 |
| SHA256 | f08bbc736cc39cc6203657c8cea2eb2a6b9492574e045838fbd571becef081a1 |
| SHA512 | 63c36fb050bc83c59518e541a28f0c4cc80a1c1200732924a8acecfacd82b246cdb879560f1b41ee80c399637e551232fdb3c258f56688404aa40921dfaa699e |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3hh91UO.exe
| MD5 | 4664ff6cc58d250bfa9922ce2d3c9ea4 |
| SHA1 | 3ad9f22546816cc7acbdf884a994a7fd0e01a987 |
| SHA256 | ca96f950f1fb158ec6354de9657d28113befcde88292f0b16dd807c97dac091c |
| SHA512 | ce942f6b690d334ded4c2def0034bf229cc42755d21af07d519e60de7d12594769e1a881d598bdf781e072e7f06c7952f5e5f6dc48ab1b437a7b9970bfc1fea9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\0d53728d-f6c4-46df-a57b-b836d347f0ce.tmp
| MD5 | 9d650cc76c1ed75c96af5af40cf5158f |
| SHA1 | 4b601d36d5417d829256c3eef930a73142bad68a |
| SHA256 | bfeee9916e99d1677cd7ec57d7c37582ed33c401142b67179d0f199dcfc183be |
| SHA512 | d81df67a8a0ebf34a5effaf247a6ee9339406f0ebb559f4d0be97b8a8f1f287f03ba1dd3f97bbf77b313e639faa9422c07297d1d1563ac5cabd5ab0e037c93f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 090b8a5f8a983f56e7bb079a17d8eefe |
| SHA1 | 319a3ca48a2792d06af72a542f2169a4fbe40b62 |
| SHA256 | 42b8989450f9446a9972ba6fc9846cb58c4f8cf357abc0b09987cc59df0c0dfd |
| SHA512 | bd54ca4f3e155285b30e27552dae64c67e50259efe9b0992105b38ddcebbcca7b9e4e7cd9e6cc37a9353c7067ece843e5e102bd4b94ad380fe5a89d7805ed8d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\f7d57df1-27d2-4dc2-af1a-39e5e99f7820.tmp
| MD5 | bbe6e887fa80a3291b43c88ecc6da53d |
| SHA1 | deb48b87dd7c6f46e487658f453d43224af17bfa |
| SHA256 | de1da29eacc55ba996ab2d7b38f27fc3789266a5c4435c5b356c6bd1e8189859 |
| SHA512 | 07ec2621682a95650fae9a82121f812d37d7b17e6b32d98a9b3243a3fa3a8093c1e390c8a3452434cec9af8d8e30bfb92aabda4b7b12dc3c25de5aee05a70dbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 234d3f95c9e5d4f666ce402468084d39 |
| SHA1 | 1ae955f662aaf91747c26230ecec0e1b13249b19 |
| SHA256 | e60edc0cae67988cd0dfe9f0e4065ca7789b76758f2f166c3bcba744e3cfc0e1 |
| SHA512 | 35e05c333da2b0e99f1226f02859c5aacaac60a8ec12d4c45d9f7b080ab0ba6345060cd912e6aab55ac6a8d10a17b81c82bfbb1dc7553172592d0535b68ac01f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b5a4c3a20168555036ea5afb978352ed |
| SHA1 | 489598222de5cc65eafa54a37c67ddf31632258f |
| SHA256 | 3f578acfb4e634a64898f28922e5c7f9804c516d8895f05a3bda3583ec87daaa |
| SHA512 | 3303d40c91e8985473ea5f374261ee2593aa0705a7c3d247b8a5c1b4ed48eb8e7cd4c2f453f2e6a2187140fe53b81758d75630365b2094e83b986cff6796b6e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 693ea2f26f1dd656a4032b1975a5573a |
| SHA1 | aabdc02d6faa9e0259e7bc9df4b0842b26a74317 |
| SHA256 | f08bbc736cc39cc6203657c8cea2eb2a6b9492574e045838fbd571becef081a1 |
| SHA512 | 63c36fb050bc83c59518e541a28f0c4cc80a1c1200732924a8acecfacd82b246cdb879560f1b41ee80c399637e551232fdb3c258f56688404aa40921dfaa699e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | be2abef021672aa91f956a883271cdf8 |
| SHA1 | b56e3dd77af77df2feffd952f088a84382f61615 |
| SHA256 | 18f3575d63480fe6b7becd98b0cf1ec01690469276727d52d1a66514013588d3 |
| SHA512 | a9db6eb7b7125b7cb0cf77d86f0390df44b24678e760645b5f9b829c214005e4f57a56852195cbd433c44c1ffab2183741f213fd25a45d04e3fa7c65ef9ae0ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | be2abef021672aa91f956a883271cdf8 |
| SHA1 | b56e3dd77af77df2feffd952f088a84382f61615 |
| SHA256 | 18f3575d63480fe6b7becd98b0cf1ec01690469276727d52d1a66514013588d3 |
| SHA512 | a9db6eb7b7125b7cb0cf77d86f0390df44b24678e760645b5f9b829c214005e4f57a56852195cbd433c44c1ffab2183741f213fd25a45d04e3fa7c65ef9ae0ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\94f449e6-cb9b-4163-8346-9d4a7634b37e.tmp
| MD5 | b5a4c3a20168555036ea5afb978352ed |
| SHA1 | 489598222de5cc65eafa54a37c67ddf31632258f |
| SHA256 | 3f578acfb4e634a64898f28922e5c7f9804c516d8895f05a3bda3583ec87daaa |
| SHA512 | 3303d40c91e8985473ea5f374261ee2593aa0705a7c3d247b8a5c1b4ed48eb8e7cd4c2f453f2e6a2187140fe53b81758d75630365b2094e83b986cff6796b6e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e2c7339f77bafc543ee84cc0724868b0 |
| SHA1 | 5b102049ae7893c12fb0c1e09e9abcf4f8851cdb |
| SHA256 | 651af4a1c5fcce47697a3bb611de0e280a1b1ea440cfc0fac52114b2ab304185 |
| SHA512 | f47ce15d1e99e90244efc3e45308f73ed309b346944b0278ae8bcc88b336a7ab9a9fe31932e60c8cd33ed3b77da84cdb8ca7fe967819c84aa4b031da18a3fff3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bbe6e887fa80a3291b43c88ecc6da53d |
| SHA1 | deb48b87dd7c6f46e487658f453d43224af17bfa |
| SHA256 | de1da29eacc55ba996ab2d7b38f27fc3789266a5c4435c5b356c6bd1e8189859 |
| SHA512 | 07ec2621682a95650fae9a82121f812d37d7b17e6b32d98a9b3243a3fa3a8093c1e390c8a3452434cec9af8d8e30bfb92aabda4b7b12dc3c25de5aee05a70dbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6930ae17e9a52d84003ca1539fb87f92 |
| SHA1 | 229312ae9b224c7f8002004bdc1ae5649d405136 |
| SHA256 | 62aee72c1137b6eaf58381df32c12ff6167d74b5620deb357d4e0b75cf85d2d3 |
| SHA512 | be28321a1db7d1b57e568f3338120e77d4c79a094b2492a7c6f292c12b987d8bc4f5736003ac8ff291af2c97b1d03f319df6fcbb2bae217b6da95e92732c9346 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
memory/7068-536-0x0000000000400000-0x000000000043C000-memory.dmp
memory/7068-546-0x0000000074500000-0x0000000074CB0000-memory.dmp
memory/7068-547-0x00000000081F0000-0x0000000008794000-memory.dmp
memory/7068-548-0x0000000007CE0000-0x0000000007D72000-memory.dmp
memory/7068-556-0x0000000007CA0000-0x0000000007CB0000-memory.dmp
memory/7068-558-0x0000000007D80000-0x0000000007D8A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4ac40f5070cbe5a44f032ed30ea9369f |
| SHA1 | 4879a2546b3f02568eb73376e79e921b775ce926 |
| SHA256 | c1a9ed23abafc6f311bd62ebdefe05eaae80ba84933a096a39955edc30839b8e |
| SHA512 | b53d6bf9ffe5697317251f79dfa325f4ddd21f60abc31d752ceacf69400faa53162eee25269b9f0289aeea60eb974c6d0ea856b17fe20262cc704a43674d4efe |
memory/7068-607-0x0000000074500000-0x0000000074CB0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f0b4fb90022930b6289c341e449e012d |
| SHA1 | 333fee98b970f56d5fb096d0079c91f0bf9ef52c |
| SHA256 | 27b3c0672270e62d967ebc868d58a90694e69dfd5f07e86f61812b6344e342f5 |
| SHA512 | bf2ba2677d948502681c921d8f3a2a13f34c37020cf4777a9c5d5c76e00ed5c7468fe25d5e1927075d60219064e64ac306095aa3e71af9bbde4a8f293392f84f |
memory/7068-623-0x0000000007CA0000-0x0000000007CB0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 1c706d53e85fb5321a8396d197051531 |
| SHA1 | 0d92aa8524fb1d47e7ee5d614e58a398c06141a4 |
| SHA256 | 80c44553381f37e930f1c82a1dc2e77acd7b955ec0dc99d090d5bd6b32c3c932 |
| SHA512 | d43867392c553d4afffa45a1b87a74e819964011fb1226ee54e23a98fc63ca80e266730cec6796a2afa435b1ea28aed72c55eae1ae5d31ec778f53be3e2162fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1154d75d1119cb7f56e1a7c8649cb180 |
| SHA1 | c030fc759ba4c58a7e3915fb1613945271e9a3ad |
| SHA256 | e069ae84840d11a29741a0fe5b3e3b0fd168cd1a8f6d39c4cd54a2cbfee7fd48 |
| SHA512 | bb8d189953731ea8d6b758bbc04a39780311950a74df809827d4c9290137f34233fbb5be0e30cfec20476257fd2cccd27c5cb84e98e9c3aff9b09c5b57775ba6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58f383.TMP
| MD5 | 2eb510ddec47f547b5e26813070235a7 |
| SHA1 | 3498e0642262ac4395b8f61e00ed9f685568670d |
| SHA256 | 4a17c63468f1c678fae120ab59dc01479096fd72b304b09554aeaf4a714502d4 |
| SHA512 | d169026fd47395060760fbf2ded65c12d8799238234e13a0a6c596df798948b30e83def8b2852f0f69595ef9fb5d35abd75b4d3907cb5dd221a7e3038b5c8a2c |
memory/7068-826-0x0000000008DC0000-0x00000000093D8000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | 740a924b01c31c08ad37fe04d22af7c5 |
| SHA1 | 34feb0face110afc3a7673e36d27eee2d4edbbff |
| SHA256 | f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0 |
| SHA512 | da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c |
memory/7068-849-0x00000000087A0000-0x00000000088AA000-memory.dmp
memory/7068-850-0x0000000008090000-0x00000000080A2000-memory.dmp
memory/7068-852-0x00000000080F0000-0x000000000812C000-memory.dmp
memory/7068-874-0x0000000008130000-0x000000000817C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | fa41c05be65ac026fce99ad8283ed9e1 |
| SHA1 | cabdb9475511a330fbe16a540c665ca2d19ee792 |
| SHA256 | ab80ff7a05a24a73de5b37edf82da616e6b2f399a2b05ed98d7636c12f8aac9f |
| SHA512 | a40a48457e8a7809eedfe2a86b3c663e22585911a8c541b4fea9dd6a4a90b304dd643ca872ecd8296fcd90ad3a4926915ed3300334f9941ca4c241fbe6f953ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe591052.TMP
| MD5 | 08a55a606d1330b5ba234870aac5126f |
| SHA1 | d3bf90d28e6b5cf379ab6d9096397dfd818c4c45 |
| SHA256 | 5a3b60dfd84a40c8a023cf917131b77b52a70e52f93f82b96c26b27985537e5b |
| SHA512 | 540943df2b059b694aca9cf03f715723aef90a4c3725ded8a2ca3ca5c5c509d1c88baf00654aac509a1049f97d1b8d9f51534e770a0f9b4843483e8c1e3bc339 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | f55280fda2581fd07d184ca51b579479 |
| SHA1 | 062634e2372d06ab67df16495eed03a892432f52 |
| SHA256 | d35d68677a10ce8341f8cac812aa64180da93d8258af812e3338fb6db253b0cd |
| SHA512 | a0bf66cc45b0653eff1b205bca65816fb4b22c6d2d0575fe84bda516ae99ee34ba41ce2b24f92ffa2415c245e9c249c5edd313362d5bb662794e6b0572472126 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | be1fe70e7e5992be0b846eed22e9990c |
| SHA1 | 941a08204f6a1db8785dfe887139dac4eddcc44f |
| SHA256 | 32445966c38f1b7101f73ecb3e0f185d0db51723e8c7cf2d2f8f83454803a95d |
| SHA512 | bb37cd6155abb0322e08a1ee25591af9acfd5c9272ca66c7c1b28840fc70ac64334cd41687a8dad3d8aafd4aaa4fd196e993ba45f14a0537d5ed4ec8de8e3d02 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 8cab719227724b67396d73c8370b32c2 |
| SHA1 | a1928d01c49263f3f8452882d95626a49801ccca |
| SHA256 | 3b10cde56417a390d1cc5a3ce5a17680fe71d5d5de55aa2c5ec97d60cd7eb574 |
| SHA512 | a299ed87aac6ffe037219abf470b1ae42b8937a202ffe516e14a5b79fcaba37c627fcb3600243947571c15331ea5a64f41c106497e127a8afaa52a19bc0ad4db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\eef769d9-3b20-459d-8711-ad4486bad3ab\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | fddc017508af6209a72bc795ee53387e |
| SHA1 | de65d6cef66e714a185aa5860cd7cb9790781498 |
| SHA256 | 0e51e89454ae76409c983f178df2d150736c9f32546e494302edcf83994f870a |
| SHA512 | 1f1284f59865d205f94ef7474a94c759077f9e37433c017a49975a590b345f0103b35274478007daaaf8678e22351eff5aad7b6e3650c8fd9ac47dbfaa8f799c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 8b31fabaccf629c1c47affc966fc191e |
| SHA1 | 0ebdff1d6fa51876f5fbc8bc73ad8613cd49a47a |
| SHA256 | 325a4b73ec2b04e0d7ac052c1d409fcfcee81cbe5ebc6a3933ce9d9d9d1aeb92 |
| SHA512 | 102555fba0320e086c1d9dd4d54f7175d0b5c67b1a8dd45a1f9feae7a42e0a63d0865715dc4148ed35a40c6725379149b9e132f254ef00e58029fa9519c54f87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\9014b958-f07b-4671-bd90-3f6e61dcff0a\index-dir\the-real-index
| MD5 | 8a62c0040451967dd258e6b165cd09a2 |
| SHA1 | 4e66e4fa8b8bb33f0fa0835ac4d345a4527c066d |
| SHA256 | b45eb4ca81448155868dd980a4b33f7f4c779959a87e24c3541eb21443b30040 |
| SHA512 | a5b49722d722d742ae6565797cb09923d0ea49db51f5506b86d252683cd77ac7b270db9cf160cfa89de7a1e7f2e3c8f945e37809b8019b53547baa0bdb1aaf72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\9014b958-f07b-4671-bd90-3f6e61dcff0a\index-dir\the-real-index~RFe59ae18.TMP
| MD5 | b9709853c5801a79b2cd230e1e834891 |
| SHA1 | 5cdc1f2548804e30d38e0f8424942f0d38142069 |
| SHA256 | 7ea357203d3181b7db5ee649c67eeebd7b34083196407915b31b38c376f1004a |
| SHA512 | dd4c37d719b02db7c000a5357525a4c1fc1be6edcaa83675952a05436448a4bc270a8fdbd5dac66b92399ca5cceb99274115ddabc045d9fa8e77597a15a9164f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 343b3af509c4d58d764a5c0e8d1627b5 |
| SHA1 | 5934eceded459ce86c2d59053b8ffbe893f3c2d2 |
| SHA256 | 5756268ce2098ed47d7097115ab586f719ca4af61f6c4fd2122e4ba24f0fd414 |
| SHA512 | a727a5c75410edeb2219536343d27b52faf0336d638c9499102c5a6787bcbfb19dd65c8be10896f52b0376be3f1e75879d6e19f7f0f44acbc381d8534c37e033 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 005c4d13623d8ad1158d2de6336305ee |
| SHA1 | 0b2864c4bcfb3285b5f4ff9d4f21f4a40818e49f |
| SHA256 | a3a7dde980de6ce8005585b7219f337b9f54072e08b9185ad956127b5ed7bfce |
| SHA512 | f77ffd673528bbaae89d0c1698a947bfd10bc73bdb2483e96347ca1de7ab3b3f5f3d41c02a532eacc67818fbdd88cefda0616940b9fceaf964184604767ed43f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe599b5c.TMP
| MD5 | f1d106b0d62a837d9eb0ea6a6cdb00c2 |
| SHA1 | 6d08e65a2b5c210d2977583de979588a1da14f88 |
| SHA256 | 15bddd6a8a6642f5aa32912bf86ff4482b350c5ba41a83bc8a4e03eaa93fbec9 |
| SHA512 | 3c6e0b218e29768e74bb1b1833c8d40e7b9f633dbae52288aff4713a63827e82f2fa2b069199e2c7b93e5b8d434510658336d87995a31785f43dcbc3558e170e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 03f4220d448db6026a603ccaa3793c08 |
| SHA1 | 9f94ab85fabe68960ddf7d9e19aa7c0e7358df6e |
| SHA256 | 7e2f5f145d376c8ce97369adddacc04e87ec1df7b43c06e90863402b7bd0193b |
| SHA512 | 61dc8c45d91dc135e521f93bc27b2db47e377299761764ec34e00dbe8a6497918944dcc9353dcb7b8517a21a09324c602fdb6f7edb42759141e89d45f31be082 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\a73f0536-59b0-4b4f-8aa4-5a15d65c2a7d\index-dir\the-real-index
| MD5 | 074ee0d788d05521eef722eab39604c4 |
| SHA1 | f01853550d6bea11db0962b7502dd35223d51e59 |
| SHA256 | af67eca40a3b3430e2e41fdc7dc7866904b4e6f12e114c46f27226191c94d111 |
| SHA512 | a22b24af4b9390dc015c3233aa00c5a06ac86b11c57cefb050dc61df4c5f42f60848736781e2fe9d3fb0e825ccc2f29d0c906683a53c8b8c4886bd8ce27e1763 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7449c726795f9969c3219f560329e7a0 |
| SHA1 | 291e15cf96e7982dc2283ef378770b9d2fc81b97 |
| SHA256 | bd3a6498a15c5b99e0b90916a509cf7635bb9c40a0dc2e5222724c6362bcde0a |
| SHA512 | 6cbd35ad8705b41621d99138b7098952413f8645d9cd9b0f72bfaf1a1a834329722ab7b74c14a531aef6e325a8b2f2d82fc707297b2991469dd0e5e2a57758f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\a73f0536-59b0-4b4f-8aa4-5a15d65c2a7d\index-dir\the-real-index~RFe59ae18.TMP
| MD5 | 97ab6473b51e9bd93a333e1a41b30ddc |
| SHA1 | de59430b1bfcb4cb6d4f594b65e3579c36880192 |
| SHA256 | 5ec83cccda3fd5fff4d9b1afd5f2989379c78cff8bee42f4f6be6b7997de337a |
| SHA512 | b18f094bddd3c6f63636ef116ae96e573a22575397eec6878268815f4a603a9e33c00532fae12a3ba781e38523c469b29c48245705b19f19cf2ac58c76797a8b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 54185489c10ebe6860f840ceef0c3ff6 |
| SHA1 | c844c5028cfb8ce42ff91030ff5af816e8dafe4c |
| SHA256 | 4770047391178ad3ad95caf59f1cbd377fbd5bedd9ce271724662a52ea7a91c3 |
| SHA512 | 5b99f235a4dbf3d6f1e28f507e74963c7f246408e15c9277e187865360dba7d92fddc8ae6a6530e7a220ea81651ae99721bcea0135efd21999e7ed84182a4acc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9f48ad39206c882cba572cd96769ba3e |
| SHA1 | cb0094a81f43c370193533f5f5724bab935a4707 |
| SHA256 | 50fd1059976e08d71c149a5f755f16bfa5736e0f15c27db0ad2879ede67e4b1b |
| SHA512 | e0bdd305e47402091cbf447d2f7bae8b5c8a3f32bf6724084704281b7ddc16b892b7b66f67d87e94e22afa41f79c744200466da55ab5a3a06c683f3ec8308401 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 72970343cf17a318eb972468069ad58a |
| SHA1 | 966b17b6afa846cd246f6599789235d19bea168e |
| SHA256 | 5c3230b249c4adac51e63bec6ea9158f215cc9032520df376f57b943f1cc8e71 |
| SHA512 | 792754a40965d6e0bb7f594a686debf6fa0fe260257b17339719e57ac234bac129a8657b0258f02c1ae515fa0470397bdfa1126ff9415b7a571add8fb9060c1c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b9d607a0a29c7b9be52e6b8a5122bf18 |
| SHA1 | e8f97f8c8d93bf18a5884b937138589c2b2bcdc3 |
| SHA256 | 89262778139025033c04b419591cd745674093d27aac505e8d3e136a82fdf481 |
| SHA512 | 384cec6e53ad488524dfe2f8c8d38598b353f761d0b0270fb2eb71311982e7529c7ba2c084baead57c0648119408f5071c1b90531a2bdafcb8bdafd8ba276548 |