Malware Analysis Report

2025-01-02 05:17

Sample ID 231111-e5dcmsae21
Target a70e240d6318d81d5a77a07e5edf9d62.exe
SHA256 b059c933236a8fb4090e189992f70e925bdee71814c2064642698b41f3c32c8c
Tags
mystic redline taiga infostealer persistence spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

b059c933236a8fb4090e189992f70e925bdee71814c2064642698b41f3c32c8c

Threat Level: Known bad

The file a70e240d6318d81d5a77a07e5edf9d62.exe was found to be: Known bad.

Malicious Activity Summary

mystic redline taiga infostealer persistence spyware stealer

Detect Mystic stealer payload

Mystic

RedLine

RedLine payload

Executes dropped EXE

Accesses cryptocurrency files/wallets, possible credential harvesting

Adds Run key to start application

Suspicious use of SetThreadContext

AutoIT Executable

Unsigned PE

Program crash

Enumerates physical storage devices

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2023-11-11 04:31

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-11-11 04:31

Reported

2023-11-11 04:33

Platform

win10v2004-20231023-en

Max time kernel

151s

Max time network

156s

Command Line

"C:\Users\Admin\AppData\Local\Temp\a70e240d6318d81d5a77a07e5edf9d62.exe"

Signatures

Detect Mystic stealer payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Mystic

stealer mystic

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

Accesses cryptocurrency files/wallets, possible credential harvesting

spyware

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\a70e240d6318d81d5a77a07e5edf9d62.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Js6iD55.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup2 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP002.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe N/A

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1048 wrote to memory of 3840 N/A C:\Users\Admin\AppData\Local\Temp\a70e240d6318d81d5a77a07e5edf9d62.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Js6iD55.exe
PID 1048 wrote to memory of 3840 N/A C:\Users\Admin\AppData\Local\Temp\a70e240d6318d81d5a77a07e5edf9d62.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Js6iD55.exe
PID 1048 wrote to memory of 3840 N/A C:\Users\Admin\AppData\Local\Temp\a70e240d6318d81d5a77a07e5edf9d62.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Js6iD55.exe
PID 3840 wrote to memory of 3488 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Js6iD55.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe
PID 3840 wrote to memory of 3488 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Js6iD55.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe
PID 3840 wrote to memory of 3488 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Js6iD55.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe
PID 3488 wrote to memory of 4356 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe
PID 3488 wrote to memory of 4356 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe
PID 3488 wrote to memory of 4356 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe
PID 4356 wrote to memory of 1608 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 1608 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 3096 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 3096 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 1704 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 1704 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 2568 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 2568 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 368 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 368 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 4136 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 4136 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 4608 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 4608 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 4592 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 4592 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1608 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1608 wrote to memory of 5092 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 3936 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 3936 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2568 wrote to memory of 4664 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2568 wrote to memory of 4664 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3096 wrote to memory of 1736 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3096 wrote to memory of 1736 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 924 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4592 wrote to memory of 924 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 3868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 3868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1704 wrote to memory of 3156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1704 wrote to memory of 3156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 368 wrote to memory of 3584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 368 wrote to memory of 3584 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 2824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3936 wrote to memory of 2152 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 3628 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4356 wrote to memory of 3628 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3628 wrote to memory of 1812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3628 wrote to memory of 1812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3488 wrote to memory of 4256 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4Nz8zg3.exe
PID 3488 wrote to memory of 4256 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4Nz8zg3.exe
PID 3488 wrote to memory of 4256 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4Nz8zg3.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4608 wrote to memory of 5240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\a70e240d6318d81d5a77a07e5edf9d62.exe

"C:\Users\Admin\AppData\Local\Temp\a70e240d6318d81d5a77a07e5edf9d62.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Js6iD55.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Js6iD55.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ff8b45246f8,0x7ff8b4524708,0x7ff8b4524718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff8b45246f8,0x7ff8b4524708,0x7ff8b4524718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff8b45246f8,0x7ff8b4524708,0x7ff8b4524718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff8b45246f8,0x7ff8b4524708,0x7ff8b4524718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff8b45246f8,0x7ff8b4524708,0x7ff8b4524718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ff8b45246f8,0x7ff8b4524708,0x7ff8b4524718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff8b45246f8,0x7ff8b4524708,0x7ff8b4524718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x13c,0x140,0x7ff8b45246f8,0x7ff8b4524708,0x7ff8b4524718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ff8b45246f8,0x7ff8b4524708,0x7ff8b4524718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff8b45246f8,0x7ff8b4524708,0x7ff8b4524718

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4Nz8zg3.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4Nz8zg3.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2924 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,16718972240692007433,3545380959763157514,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,16718972240692007433,3545380959763157514,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,7237949454684245939,16413657003571742735,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,7237949454684245939,16413657003571742735,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,4265011459821427065,5656256639703485581,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,4265011459821427065,5656256639703485581,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,8205793933163391418,7003098659014136313,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,8205793933163391418,7003098659014136313,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,14155109939277832585,12172193841062560796,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,14155109939277832585,12172193841062560796,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,9512972023880741361,9505524602449786195,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,9512972023880741361,9505524602449786195,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,11296406724269934578,2903501511384324190,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,11296406724269934578,2903501511384324190,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,13040441018215877629,4809155916759000923,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,13040441018215877629,4809155916759000923,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,5180566585527908047,11272144611224892412,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2220 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,5180566585527908047,11272144611224892412,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4304 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4772 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7580 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7552 /prefetch:1

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5sm31sw.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5sm31sw.exe

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 9132 -ip 9132

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8852 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8852 /prefetch:8

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 9132 -s 548

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6xC383.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6xC383.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9028 /prefetch:1

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7056 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8720 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,3795260132247555907,15799448365193152174,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6604 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 2.136.104.51.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 www.epicgames.com udp
US 184.73.197.72:443 www.epicgames.com tcp
US 184.73.197.72:443 www.epicgames.com tcp
US 8.8.8.8:53 steamcommunity.com udp
US 8.8.8.8:53 72.197.73.184.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.paypal.com udp
NL 23.222.49.98:443 steamcommunity.com tcp
NL 23.222.49.98:443 steamcommunity.com tcp
US 8.8.8.8:53 store.steampowered.com udp
NL 157.240.247.35:443 www.facebook.com tcp
NL 157.240.247.35:443 www.facebook.com tcp
US 151.101.1.21:443 www.paypal.com tcp
US 151.101.1.21:443 www.paypal.com tcp
US 8.8.8.8:53 158.240.127.40.in-addr.arpa udp
NL 104.85.0.101:443 store.steampowered.com tcp
NL 104.85.0.101:443 store.steampowered.com tcp
US 8.8.8.8:53 twitter.com udp
US 104.244.42.1:443 twitter.com tcp
US 104.244.42.1:443 twitter.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.179.141:443 accounts.google.com tcp
NL 142.250.179.141:443 accounts.google.com tcp
US 8.8.8.8:53 98.49.222.23.in-addr.arpa udp
US 8.8.8.8:53 35.247.240.157.in-addr.arpa udp
US 8.8.8.8:53 21.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 101.0.85.104.in-addr.arpa udp
US 8.8.8.8:53 1.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 141.179.250.142.in-addr.arpa udp
NL 142.250.179.141:443 accounts.google.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 142.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 15.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 195.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 100.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 community.akamai.steamstatic.com udp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 88.221.25.153:80 apps.identrust.com tcp
US 8.8.8.8:53 169.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 153.25.221.88.in-addr.arpa udp
US 8.8.8.8:53 abs.twimg.com udp
US 8.8.8.8:53 api.twitter.com udp
US 8.8.8.8:53 pbs.twimg.com udp
US 104.244.42.194:443 api.twitter.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 t.co udp
US 8.8.8.8:53 video.twimg.com udp
NL 199.232.148.158:443 video.twimg.com tcp
NL 199.232.148.159:443 pbs.twimg.com tcp
US 104.244.42.69:443 t.co tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 tracking.epicgames.com udp
US 8.8.8.8:53 static-assets-prod.unrealengine.com udp
NL 142.251.36.22:443 i.ytimg.com tcp
US 8.8.8.8:53 store.akamai.steamstatic.com udp
US 18.239.36.73:443 static-assets-prod.unrealengine.com tcp
US 18.239.36.73:443 static-assets-prod.unrealengine.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
US 34.195.142.151:443 tracking.epicgames.com tcp
US 8.8.8.8:53 141.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 158.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 194.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 159.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 69.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 22.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 106.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 73.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 171.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 151.142.195.34.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
NL 142.251.36.14:443 play.google.com tcp
NL 142.251.36.14:443 play.google.com udp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 www.paypalobjects.com udp
US 151.101.2.133:443 www.paypalobjects.com tcp
US 151.101.2.133:443 www.paypalobjects.com tcp
US 151.101.2.133:443 www.paypalobjects.com tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 14.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 133.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 10.5.240.157.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 138.175.53.84.in-addr.arpa udp
US 8.8.8.8:53 static.ads-twitter.com udp
NL 199.232.148.157:443 static.ads-twitter.com tcp
US 8.8.8.8:53 157.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 facebook.com udp
US 151.101.2.133:443 www.paypalobjects.com tcp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 static.ads-twitter.com udp
NL 142.250.179.141:443 accounts.google.com udp
US 8.8.8.8:53 www.recaptcha.net udp
NL 172.217.168.227:443 www.recaptcha.net tcp
US 8.8.8.8:53 227.168.217.172.in-addr.arpa udp
NL 172.217.168.227:443 www.recaptcha.net udp
US 8.8.8.8:53 c.paypal.com udp
US 192.55.233.1:443 tcp
US 8.8.8.8:53 t.paypal.com udp
US 151.101.1.35:443 t.paypal.com tcp
US 192.55.233.1:443 tcp
US 8.8.8.8:53 numpersb.fun udp
US 8.8.8.8:53 killredls.pw udp
US 8.8.8.8:53 b.stats.paypal.com udp
US 8.8.8.8:53 35.1.101.151.in-addr.arpa udp
US 64.4.245.84:443 b.stats.paypal.com tcp
US 8.8.8.8:53 dub.stats.paypal.com udp
US 64.4.245.84:443 dub.stats.paypal.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 84.245.4.64.in-addr.arpa udp
US 8.8.8.8:53 c6.paypal.com udp
RU 5.42.92.51:19057 tcp
US 192.229.221.25:443 c6.paypal.com tcp
US 8.8.8.8:53 25.221.229.192.in-addr.arpa udp
US 18.239.36.73:443 static-assets-prod.unrealengine.com tcp
US 8.8.8.8:53 login.steampowered.com udp
NL 23.222.49.98:443 login.steampowered.com tcp
NL 23.222.49.98:443 login.steampowered.com tcp
US 8.8.8.8:53 talon-website-prod.ecosec.on.epicgames.com udp
US 104.18.41.136:443 talon-website-prod.ecosec.on.epicgames.com tcp
US 8.8.8.8:53 api.steampowered.com udp
NL 23.222.49.98:443 api.steampowered.com tcp
US 8.8.8.8:53 136.41.18.104.in-addr.arpa udp
US 104.244.42.194:443 api.twitter.com tcp
US 8.8.8.8:53 254.177.238.8.in-addr.arpa udp
US 8.8.8.8:53 talon-service-prod.ecosec.on.epicgames.com udp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 8.8.8.8:53 js.hcaptcha.com udp
US 104.19.218.90:443 js.hcaptcha.com tcp
US 8.8.8.8:53 120.146.64.172.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
DE 172.217.23.194:443 googleads.g.doubleclick.net tcp
DE 172.217.23.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 90.218.19.104.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 194.23.217.172.in-addr.arpa udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 8.8.8.8:53 www.epicgames.com udp
US 8.8.8.8:53 sentry.io udp
US 35.186.247.156:443 sentry.io tcp
US 8.8.8.8:53 rr4---sn-hgn7yn7z.googlevideo.com udp
FR 74.125.11.233:443 rr4---sn-hgn7yn7z.googlevideo.com tcp
FR 74.125.11.233:443 rr4---sn-hgn7yn7z.googlevideo.com tcp
FR 74.125.11.233:443 rr4---sn-hgn7yn7z.googlevideo.com tcp
FR 74.125.11.233:443 rr4---sn-hgn7yn7z.googlevideo.com tcp
FR 74.125.11.233:443 rr4---sn-hgn7yn7z.googlevideo.com tcp
US 8.8.8.8:53 keewoolas.pw udp
FR 74.125.11.233:443 rr4---sn-hgn7yn7z.googlevideo.com tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 8.8.8.8:53 api.hcaptcha.com udp
US 8.8.8.8:53 156.247.186.35.in-addr.arpa udp
US 8.8.8.8:53 233.11.125.74.in-addr.arpa udp
US 8.8.8.8:53 188.24.21.104.in-addr.arpa udp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
US 104.21.24.188:80 keewoolas.pw tcp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 youtube.com udp
NL 216.58.214.14:443 youtube.com tcp
US 8.8.8.8:53 14.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 67.112.168.52.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Js6iD55.exe

MD5 1de409d225a7ab00be5ce00b24b4ac54
SHA1 a5ce4f59f0c46d4316ecf18bb705e77470b79f34
SHA256 0e65fc43a3bf61385d3c2ddade57e1097685031c7088bb6595ac80bfb078f402
SHA512 423e2779c1eda959eaf590ff079b18702b0fd5f679c40ace4e16420cf03eff75689b620a4d23b9071dfb61dc72d42258910fd75890d881bf0f75dba9f5c2f877

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Js6iD55.exe

MD5 1de409d225a7ab00be5ce00b24b4ac54
SHA1 a5ce4f59f0c46d4316ecf18bb705e77470b79f34
SHA256 0e65fc43a3bf61385d3c2ddade57e1097685031c7088bb6595ac80bfb078f402
SHA512 423e2779c1eda959eaf590ff079b18702b0fd5f679c40ace4e16420cf03eff75689b620a4d23b9071dfb61dc72d42258910fd75890d881bf0f75dba9f5c2f877

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe

MD5 21fb79dca11a5dad70de2e023f9004bd
SHA1 4e5ffce8e3ac642b7c06f143cfdb8591766ce96f
SHA256 070fdca957dbc211caae6270752d39f38fb9a027b763b0f90b33ebbd03bdcb9e
SHA512 14be93c951f21454bd4604dd849d38d9c473b52b8daa4802932cd0fdbb03e1aedd55864e9742eebed98b0c3b1aa302e55f7785f6d57d52ac54d1c81992c06432

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\yb1VC68.exe

MD5 21fb79dca11a5dad70de2e023f9004bd
SHA1 4e5ffce8e3ac642b7c06f143cfdb8591766ce96f
SHA256 070fdca957dbc211caae6270752d39f38fb9a027b763b0f90b33ebbd03bdcb9e
SHA512 14be93c951f21454bd4604dd849d38d9c473b52b8daa4802932cd0fdbb03e1aedd55864e9742eebed98b0c3b1aa302e55f7785f6d57d52ac54d1c81992c06432

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe

MD5 44140d04425421e8a902688f30bfc290
SHA1 459129760a5347e65046acd2100880fc3653f6f4
SHA256 c7135b4c5d59bb65c0bb715794bcc74cebb9c58b803d89dd655db30bfca7ac37
SHA512 a82a43b258033e2c77e24f3a36c184f9b9efdd8519dbcb17276d4ec146443fd81895c941fa776baa44a71b791ffdcb7b4a5bcb2430ad8ea871e5bd0dde5bfde2

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3bX101Dc.exe

MD5 44140d04425421e8a902688f30bfc290
SHA1 459129760a5347e65046acd2100880fc3653f6f4
SHA256 c7135b4c5d59bb65c0bb715794bcc74cebb9c58b803d89dd655db30bfca7ac37
SHA512 a82a43b258033e2c77e24f3a36c184f9b9efdd8519dbcb17276d4ec146443fd81895c941fa776baa44a71b791ffdcb7b4a5bcb2430ad8ea871e5bd0dde5bfde2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8992ae6e99b277eea6fb99c4f267fa3f
SHA1 3715825c48f594068638351242fac7fdd77c1eb7
SHA256 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d
SHA512 a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8992ae6e99b277eea6fb99c4f267fa3f
SHA1 3715825c48f594068638351242fac7fdd77c1eb7
SHA256 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d
SHA512 a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8992ae6e99b277eea6fb99c4f267fa3f
SHA1 3715825c48f594068638351242fac7fdd77c1eb7
SHA256 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d
SHA512 a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8992ae6e99b277eea6fb99c4f267fa3f
SHA1 3715825c48f594068638351242fac7fdd77c1eb7
SHA256 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d
SHA512 a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8992ae6e99b277eea6fb99c4f267fa3f
SHA1 3715825c48f594068638351242fac7fdd77c1eb7
SHA256 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d
SHA512 a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8992ae6e99b277eea6fb99c4f267fa3f
SHA1 3715825c48f594068638351242fac7fdd77c1eb7
SHA256 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d
SHA512 a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8992ae6e99b277eea6fb99c4f267fa3f
SHA1 3715825c48f594068638351242fac7fdd77c1eb7
SHA256 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d
SHA512 a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 8992ae6e99b277eea6fb99c4f267fa3f
SHA1 3715825c48f594068638351242fac7fdd77c1eb7
SHA256 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d
SHA512 a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4Nz8zg3.exe

MD5 7f8984684e5794af1ce53e79a4fb6e96
SHA1 82770bc6350f387c62efc97aba122ae6e303d170
SHA256 afa4dad90d95ef9041f061631089710c658fb1f412baad6446c7475a833f5196
SHA512 0851786065d446dc0aa2602a59c152b97a98e784ba882b65b37a38bd5be2cc209d006557adc84a23ffb1b2523f406803a4ab46139a33099516606481e2252a84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4Nz8zg3.exe

MD5 7f8984684e5794af1ce53e79a4fb6e96
SHA1 82770bc6350f387c62efc97aba122ae6e303d170
SHA256 afa4dad90d95ef9041f061631089710c658fb1f412baad6446c7475a833f5196
SHA512 0851786065d446dc0aa2602a59c152b97a98e784ba882b65b37a38bd5be2cc209d006557adc84a23ffb1b2523f406803a4ab46139a33099516606481e2252a84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

\??\pipe\LOCAL\crashpad_4608_QYIVELRPSVIGZPOW

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

\??\pipe\LOCAL\crashpad_2568_PUJJLDCIEAUTIQDM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_1608_CJXCZSZWZQJIBGVR

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4592_WBNYLCGMKVZMSGQH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_3096_GFEDAGFITEQRYPED

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_368_TOOFCFXCAPEUVMZE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e63d946074fa6c44519aec0b04259220
SHA1 19549f4c0d84334388364275ca05db811f5ee239
SHA256 a25c7e22add04b076f699b67c1a1f71dd5b79967015541980dd95fc66ea6ac4f
SHA512 cb4b636778939e8c22346a2ce955e361c9d546d4318ae7e550599ab09907a8930b3334222d51a8900a89e91791eef52ffdcbe3bd4fd998fc235b2c0f17626133

\??\pipe\LOCAL\crashpad_1704_WUEBQHNOIFCLWTBH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0f2e2a215d504ef4d8a64669f06a69eb
SHA1 7756848c6176a25be933c8f8aba0a0b9a69fabfb
SHA256 3f73a94e83a5cad3d3826decba9859cd3d322a05b737d2cd3188c2e9fa526cc4
SHA512 a0a1d45a2d8da4859cb23e24ec5df17ac6ac3a68da51e4b552794cf866fee810c03d1c391105f5dfce0c2c1e2b5efa59b44e290d9da145c03dbec6f9cab8ae76

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e63d946074fa6c44519aec0b04259220
SHA1 19549f4c0d84334388364275ca05db811f5ee239
SHA256 a25c7e22add04b076f699b67c1a1f71dd5b79967015541980dd95fc66ea6ac4f
SHA512 cb4b636778939e8c22346a2ce955e361c9d546d4318ae7e550599ab09907a8930b3334222d51a8900a89e91791eef52ffdcbe3bd4fd998fc235b2c0f17626133

\??\pipe\LOCAL\crashpad_4136_YNPUMRSLGXDEEIHF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6276613a51dae3b747451bc05e24edfa
SHA1 96ff591013fc8d378a9b37ea580d8ec6e98bbde5
SHA256 d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0
SHA512 dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8267f236b954f435939b08f88dddce48
SHA1 c8d87cb819e8150e7853616c413f944c120f0d23
SHA256 004067a5fd16c7cf18aafa29e1fed02cea76ead3da9f38436b3a29fe82fe3569
SHA512 2ab4f046425834035330ec882b494c65355c0491075aad4f249a812e4fc6bfdc2f20b0f55a8475f1f2fe362af99fe9d6b676e92d9322001899b2ebb20c105ce8

\??\pipe\LOCAL\crashpad_3936_UUVUJMFGKOPTXRLL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a32113ac45016b4edcf777cfc72d4bfc
SHA1 f8437b612e8ab39d734681da3a9293ede899bcfc
SHA256 cd7fa1d33ec5727d9448671a475946df5ca5ce1bce94c145c74fe99d43eca977
SHA512 c4f375741e5dc55c937c168a53da91542dfa220f8241689fe2d6fb0ab38cfa16d706f6fdde9b9d64fc16fafa1d1accb2b4bdda8d1db541d47fe302bf04db61cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\086324d4-1ee2-4a8a-9397-d625f5ea385b.tmp

MD5 a32113ac45016b4edcf777cfc72d4bfc
SHA1 f8437b612e8ab39d734681da3a9293ede899bcfc
SHA256 cd7fa1d33ec5727d9448671a475946df5ca5ce1bce94c145c74fe99d43eca977
SHA512 c4f375741e5dc55c937c168a53da91542dfa220f8241689fe2d6fb0ab38cfa16d706f6fdde9b9d64fc16fafa1d1accb2b4bdda8d1db541d47fe302bf04db61cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8267f236b954f435939b08f88dddce48
SHA1 c8d87cb819e8150e7853616c413f944c120f0d23
SHA256 004067a5fd16c7cf18aafa29e1fed02cea76ead3da9f38436b3a29fe82fe3569
SHA512 2ab4f046425834035330ec882b494c65355c0491075aad4f249a812e4fc6bfdc2f20b0f55a8475f1f2fe362af99fe9d6b676e92d9322001899b2ebb20c105ce8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 97103e5a5eee5c7c1770d1a643df1290
SHA1 917a891e7bf6c73026f9c3d7d6644276cd577a3d
SHA256 588fa839c961c0bf609b6b1fbe02cde4a6f3dd66b0a91de3019cedfa016ea898
SHA512 b1dcd346085c302e5b587b05d9bf45ed81da809a0ec7e9767ccd70d0c241d78b6f1fa1effc8ff5240f6e01792f01acd474f52415e29d47667ef190ffe3434353

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\14367a54-3d8a-49f0-a4a3-59cfefda95ef.tmp

MD5 0f2e2a215d504ef4d8a64669f06a69eb
SHA1 7756848c6176a25be933c8f8aba0a0b9a69fabfb
SHA256 3f73a94e83a5cad3d3826decba9859cd3d322a05b737d2cd3188c2e9fa526cc4
SHA512 a0a1d45a2d8da4859cb23e24ec5df17ac6ac3a68da51e4b552794cf866fee810c03d1c391105f5dfce0c2c1e2b5efa59b44e290d9da145c03dbec6f9cab8ae76

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 97103e5a5eee5c7c1770d1a643df1290
SHA1 917a891e7bf6c73026f9c3d7d6644276cd577a3d
SHA256 588fa839c961c0bf609b6b1fbe02cde4a6f3dd66b0a91de3019cedfa016ea898
SHA512 b1dcd346085c302e5b587b05d9bf45ed81da809a0ec7e9767ccd70d0c241d78b6f1fa1effc8ff5240f6e01792f01acd474f52415e29d47667ef190ffe3434353

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\4785e48c-d451-4c48-858a-16efeae6dc89.tmp

MD5 29c5124238fe21675b5344bcbdcd1af3
SHA1 0db3540ac5c004abe0c7d6d7a4d8015e1d8fe529
SHA256 bca01f5fa2474bda76fc6fe08b69d1e7ba0b9fa2fedc59a916edd03c83162b57
SHA512 b74b56a97adfbd271714467983bb9e0dec2a4e0533fa22e73c1a0c4a4524883d4aec663ce6a67a24cb7318eb75b71c57f7e856036e0fcfd4b2e47fdbc0ac5f02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 82daf4571943d10a178b519fdba61bc4
SHA1 2658aa553d14652bb6aff5e3bd755f72d10590f0
SHA256 d0015270194ec9250c1244e31fabf88f6f77b68a1343c47670d103c4b0abd152
SHA512 89015ee0dc853ea8ebc26ead2ba7f7b3a9a0242c3ba9d03bbbd76958fca451ac8fdb19dcafaadf40e26b82b31de3f188ce02559a66daff583a12b53a7f4abebe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\235b5d46-f407-4a07-a735-f5e09d4d14ae.tmp

MD5 df50e86c8b36161a923bac71c046f428
SHA1 62132c652058b8090b15e45dc5879aa12d59db69
SHA256 2f83d1be940f995f770843fd783025e64b41c1147ce23d68fec0866c51f2be08
SHA512 d2d79316a879d2fc67374721eee008d107bac96d4fc3611ce42ece815ecb9c2c43fe69ae10543fc7643b7305346b34c4775134a84b4fdbc07f5cdbefb4cb7460

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 82daf4571943d10a178b519fdba61bc4
SHA1 2658aa553d14652bb6aff5e3bd755f72d10590f0
SHA256 d0015270194ec9250c1244e31fabf88f6f77b68a1343c47670d103c4b0abd152
SHA512 89015ee0dc853ea8ebc26ead2ba7f7b3a9a0242c3ba9d03bbbd76958fca451ac8fdb19dcafaadf40e26b82b31de3f188ce02559a66daff583a12b53a7f4abebe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 df50e86c8b36161a923bac71c046f428
SHA1 62132c652058b8090b15e45dc5879aa12d59db69
SHA256 2f83d1be940f995f770843fd783025e64b41c1147ce23d68fec0866c51f2be08
SHA512 d2d79316a879d2fc67374721eee008d107bac96d4fc3611ce42ece815ecb9c2c43fe69ae10543fc7643b7305346b34c4775134a84b4fdbc07f5cdbefb4cb7460

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 29c5124238fe21675b5344bcbdcd1af3
SHA1 0db3540ac5c004abe0c7d6d7a4d8015e1d8fe529
SHA256 bca01f5fa2474bda76fc6fe08b69d1e7ba0b9fa2fedc59a916edd03c83162b57
SHA512 b74b56a97adfbd271714467983bb9e0dec2a4e0533fa22e73c1a0c4a4524883d4aec663ce6a67a24cb7318eb75b71c57f7e856036e0fcfd4b2e47fdbc0ac5f02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\306851f9-4c7a-45b0-9768-2b2b761d67f4.tmp

MD5 1528a0091860cdba5193022caa8aaccd
SHA1 3e5aede2ae8f052a50ba5c41bf5a394ac8d5e5d0
SHA256 d2e32c4014eaa077713bf9fffa22756fc25b30f51d62fb2b277a12c61f12c546
SHA512 6104369ca5db4b8c4f911ebcb6d7266606a5fc003edd5d8af609864af7cee756a1ca6d147cdf99766beb8e7febcb146d7603e9b8ddbbc0d544147f28a27c5831

\??\pipe\LOCAL\crashpad_3628_ICMSUTQXSSBQPLHI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1528a0091860cdba5193022caa8aaccd
SHA1 3e5aede2ae8f052a50ba5c41bf5a394ac8d5e5d0
SHA256 d2e32c4014eaa077713bf9fffa22756fc25b30f51d62fb2b277a12c61f12c546
SHA512 6104369ca5db4b8c4f911ebcb6d7266606a5fc003edd5d8af609864af7cee756a1ca6d147cdf99766beb8e7febcb146d7603e9b8ddbbc0d544147f28a27c5831

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 29c5124238fe21675b5344bcbdcd1af3
SHA1 0db3540ac5c004abe0c7d6d7a4d8015e1d8fe529
SHA256 bca01f5fa2474bda76fc6fe08b69d1e7ba0b9fa2fedc59a916edd03c83162b57
SHA512 b74b56a97adfbd271714467983bb9e0dec2a4e0533fa22e73c1a0c4a4524883d4aec663ce6a67a24cb7318eb75b71c57f7e856036e0fcfd4b2e47fdbc0ac5f02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 09396d0439e247ddbdb61e9dd7c3a43c
SHA1 b4771622392b286b2702ebe7535eb194c401e8d7
SHA256 40038b09b5d9589f57b43aed7af61c53356f224ff309fee69e9653fd543ecad0
SHA512 7577d226afc8cd740801838979d94d0b4e90d9dde8b069d8e96696d592e30db08d58a2bb299e69ea5ad6d84bd362dce8d456806ad2faccaef1449cd183352c8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 87cf4290e30adff3b2606fd8f842d212
SHA1 b9ad2874c2d9929915d3f61384a4795a2caaf70b
SHA256 462ab6d874ca45bf789c2b1d95f5d4ced4815e55c95d3a7e62ae18b3ff4fcd10
SHA512 9ed7777d3672c7dee2594028d81ddf6c15805d94f95f808d52b6e1110f52ccf78807bece86706f543148492ed0db8940ca4d6f33bbb7708daab6260dbdede089

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7a3fdedc3c8967578b1f6cb8e46dc55c
SHA1 2f401f73b0ac08b21133b5408012a91e8f833498
SHA256 95386b29ad87585e74523fcb421e2a1f4aef54907b0ab7ccc90ff3f0f39a2cb7
SHA512 a20a8298f2d8d8ed3a0325ef5e137b2a181d8506f7be4dc9068aa8bd68f11bc2df2bf888274b0195217cb5846f68e6e06fb7f75a7168eaca8dd8854b60f6448d

memory/9132-426-0x0000000000400000-0x0000000000433000-memory.dmp

memory/9132-430-0x0000000000400000-0x0000000000433000-memory.dmp

memory/9132-431-0x0000000000400000-0x0000000000433000-memory.dmp

memory/9132-434-0x0000000000400000-0x0000000000433000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 f1881400134252667af6731236741098
SHA1 6fbc4f34542d449afdb74c9cfd4a6d20e6cdc458
SHA256 d6fcec1880d69aaa0229f515403c1a5ac82787f442c37f1c0c96c82ec6c15b75
SHA512 18b9ac92c396a01b6662a4a8a21b995d456716b70144a136fced761fd0a84c99e8bd0afb9585625809b87332da75727b82a07b151560ea253a3b8c241b799450

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58ed49.TMP

MD5 a32774ee3ab15d5cbe242ecc01996141
SHA1 8dc1876b16c66d627e2796f680f01feb035f4ff6
SHA256 5653024230d5f4331cf0a3e20a464ecbf716852603c888105c87f892e1b6c260
SHA512 19e801bfabaebf3344c643f0bd5e75fdf671fdc1ac22c1c70b6bb74056ef25b5cc5a1af1f49530daa07e022bd2c4e632fe769868e3ff16f02e4b8c7c46b70755

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e4fb25221b03e757c715df201c914a87
SHA1 17113a1ed6d35d229ad5073944ec7598bf46bacc
SHA256 1e1698e61290c9b3e56ee4fe5ff141a2963be7fb1f6920e0660f3be5bd983aad
SHA512 7954bb239d7443df24b294dd2fcb1a37b8494a6a1d5f4d1a4c3a90ab1866611fedb0bd7bec4d3987210d7d47b7b7cdef3c09f9e61b27c9ba32873cd0c364abe9

memory/5928-557-0x0000000000400000-0x000000000043C000-memory.dmp

memory/5928-566-0x0000000074310000-0x0000000074AC0000-memory.dmp

memory/5928-568-0x00000000082E0000-0x0000000008884000-memory.dmp

memory/5928-571-0x0000000007DE0000-0x0000000007E72000-memory.dmp

memory/5928-575-0x0000000007FC0000-0x0000000007FD0000-memory.dmp

memory/5928-584-0x0000000007FE0000-0x0000000007FEA000-memory.dmp

memory/5928-595-0x0000000008EB0000-0x00000000094C8000-memory.dmp

memory/5928-596-0x0000000008890000-0x000000000899A000-memory.dmp

memory/5928-600-0x00000000080B0000-0x00000000080C2000-memory.dmp

memory/5928-602-0x0000000008110000-0x000000000814C000-memory.dmp

memory/5928-603-0x0000000008170000-0x00000000081BC000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a5917ce2-fc4e-4926-b665-b20fb54f309d.tmp

MD5 4a708773cc5e95a65adf7128948b5251
SHA1 46e36d4e9586ab1f62dc1b1d70c40e3ec9e7a13f
SHA256 0457cd15d98515269de5e4addeb092862ad7470c29fa305ad68df8dae14e60f4
SHA512 94cb2e765b213455e0a13c7694d65d932954121f1c4f43c8ee02acca25b56bf0c43129d632ee31cdbd9e90bff22220e3c039cc92afc185622d2ddef9f98e2cb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 fdbf5bcfbb02e2894a519454c232d32f
SHA1 5e225710e9560458ac032ab80e24d0f3cb81b87a
SHA256 d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c
SHA512 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 4e08109ee6888eeb2f5d6987513366bc
SHA1 86340f5fa46d1a73db2031d80699937878da635e
SHA256 bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339
SHA512 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ac05ed4fcb8477c211d81a17fc92603e
SHA1 2739b8600fbba893b995dc37d5138ffd06516382
SHA256 2b65127ec5c50829efedadbea7dccad8933ce892dc4fef6773c57c9d7d2572c9
SHA512 a8ae00b66e68d1a8d661179d38aa57c4a143fa73e2d375498081fe64213d365b03433ea74942056420193aeaf3737d166c96f3c960fbdb03075c10d09c260322

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 28913ed96d981351f97d03f570200b7d
SHA1 f80ccef23e9966750d38e726313cb4e44c1c76ee
SHA256 666944d6e188b315499234bba52ef6da4a022bb65d94b749652a750348c7a850
SHA512 3c862ec9980f0264470ee9ac045ca70e5654263c4e44f1f4b922105c6b91fef6bfc51a8a646f5c0968cf282f6b952b1c9eff75d1b37a8b1214b2d66d8cb81df4

memory/5928-750-0x0000000074310000-0x0000000074AC0000-memory.dmp

memory/5928-779-0x0000000007FC0000-0x0000000007FD0000-memory.dmp

memory/7628-804-0x0000000000400000-0x0000000000488000-memory.dmp

memory/7628-805-0x0000000000400000-0x0000000000488000-memory.dmp

memory/7628-806-0x0000000000400000-0x0000000000488000-memory.dmp

memory/7628-808-0x0000000000400000-0x0000000000488000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

MD5 740a924b01c31c08ad37fe04d22af7c5
SHA1 34feb0face110afc3a7673e36d27eee2d4edbbff
SHA256 f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0
SHA512 da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 961f7b1edd42e242a2378808956c8dbf
SHA1 c547e1b85c966b2596a7495b0bedfefc524d3cb9
SHA256 3aee3a9cea841cf2620c2095c9dea1b3545811e123a4c7edac86262cb50b9631
SHA512 bf338aaf69c8220a0d520a32cea1869cec6143a0c901374f7a1119faae13f8fd45e5000007fa15d3f9cdb71f3132aec0ee27dac1189b63eaadeef8bbbf2f0035

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

MD5 c5cf76dc40d764ef307f7d7d7cdd022e
SHA1 9dd0ca73bb55fb7451a4096354e6836c600e1806
SHA256 e16a97700753cfe906772ff29a17fcffc9157cbec986935b631e9acd0e4a0923
SHA512 d5bad09a456b2d75c896062373e33be2a300ce453351bda72b40d24c46cb87bd2d3d1d9690942c0f108b36ecfdcf13200654003ada5ac32757784c315f652e3c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe5984c6.TMP

MD5 472f47562144e6414fe7b9482fc2e9d9
SHA1 2cdec3b6b840a79100355c278e2e6cb65cac5feb
SHA256 d4e7722fe6e27826fad48b76e7e619cff1b6e408eaaa071a13f924f076ac67ce
SHA512 3294859b5265d30949f26ec801ef1547e3da2069955a52b87066a44c95cf2ea2d43698c6072f3bc99dc0dfe55a856e4ab4d896bad2cd09480fa7a7914a13da02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 24b7fdef2fe99d450b5e07b5d7ce4a7d
SHA1 9fd91f335eca88913a88515f2c858586cbf7b29b
SHA256 889fa5a2e195b81a368a074e3fc7e0fb5f0924c50b9f9c4435b864e8f709f4db
SHA512 66b9641e3b445a8e336ffd0a59c536f58ec1d2c1f97657a55056b99a16fb4c983e73721e1fe7d92c2187b8ced49639380a09dc1a87748f91ef40191c19fe4ef9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0060bc083711944785d21dc1a976de06
SHA1 2ac7322f2ffea57485db0d0854a4f5b7b316b6bb
SHA256 f524e480bcc1e3e181a56ebf120f425bab728421c4b41fed5cc9d5a1a6d7d50a
SHA512 dd6c2c89b2f8cc1c0a1f03160d5c34d6d1934c6f37a1166c5c42ecd2e7571f8ff880795cd2b934985a9605bfe575892dce3b07fca31b4b9277ebcf7f83dd8e1d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bd36e89d-dfd9-4394-997b-16866ca68884\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5e389f3089fa78ed24093e2659e495e6
SHA1 ce29b7afd973d3a8178d7e940df3d52dfa21125d
SHA256 b6bbb8c382fbca5bfbbb1f66c920a1a1e029f5185faf54346b40f8d091b4472f
SHA512 099752b3929ec1eb5275eae9a73246219e1ec63931a61fa08134bc0ade6dd5acf2a5229f1aa86a22c249541cce3300befedba6956221aaecc3a8c4d969a9e80d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5f18abdb958af9d31d1b5d84ac502675
SHA1 f1cd42b99c8915e01da5741db7e228bcbd19d4dc
SHA256 b662cef10c3db042c9c08d5bc12f086998905872e6592a590bc46c68a541b687
SHA512 4169e155a09593db9db8265099fb2d9627411618cba3f8fab78a5f7e26695897f53a2b82335d330db9317f3889347ec1b0e54e07d2b99351774fc2fc8b1e17b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 dbbeb2b2abf8596cd5ebdd821cf55453
SHA1 0aa7e085ef001f8486a2005b7ea4f4961d7ae566
SHA256 7375496236333fe690c2048be11e2c1649787edc4f0dfd94518daf9c26333215
SHA512 d0185a7e67672e9886892478a3a70495629b15947e8abe5d3ca615c2f13c16fac0ce6a30c736037667cb37bb8da9669781fce2a01b5b63fa9627769df7010644

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f383720a7789f5d52095f769c2d17cf2
SHA1 7c243d4c60a1003af47d27dd259d2d4e5feee3c6
SHA256 d9c0b1c2b311f9c0e5fcd0479d56ff8647514e8eb7ecfdf703f3a1ba3066c071
SHA512 c9d8de8ab3388e9c4b41838349628395db81b46d917116dab2f839eb2c626b4d4f7ec48d0ca8dd5381b783fb59786d738db2b2f387d9586a662193e5704e6a54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a7e6f06d07c1fb1539821c812ab53d64
SHA1 08cdbc23cce9421379256671d127255105d400c4
SHA256 cce03ed1a5a95d1869a1009cfd6f4a30893db1f54446aa0dfe32c17f6d182482
SHA512 91ed3cd6d387e7a38f28d4f831951710e77d6e1fa9b3d54531008fb6ceac1807d6b4ece94324ddf4eab7504f5cc81eb2ea8cf66c24628197167f4f96fe9479fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2308ced47a602de10d3db0445f6a28ae
SHA1 df008b3f7e7cc46755e7a516d95a38b69a2c4569
SHA256 dcb1db2e29ba497740c58a642863a48fc0d5b07bf913554b7ec2cef0dbca00e3
SHA512 f5c64db766ed2f1b6bf6f241a8b77d1dbaa6e2358320a427b8bd27c52bfc9915c364bf2f2439f139d046ab46530b6363be3d9b2772d1f2aa10b51641575dc94d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\6a4de5db-f0f1-48a2-88be-492d5ae21c59\index-dir\the-real-index

MD5 3fd91a063348b498b556cd03789f836e
SHA1 21ff9568d2095d17cf8bde43d2c31421f2016184
SHA256 5564311378e28d446492f80e9fe3debcaa80aed097f47b00870bf5c636a06fa1
SHA512 884ab7910aac238e3a0e9078cc838e372a1705dd12041fa563cbf21ef832897620b20bbfee0f498a928f6a7996e78acd3b2772c34ed3de982cf2dcdec7b09488

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\6a4de5db-f0f1-48a2-88be-492d5ae21c59\index-dir\the-real-index~RFe59d70d.TMP

MD5 a42f422216c03defd869b5486f6c3b3f
SHA1 c1767965683ab4b0d6ca42f41299b2cb778db557
SHA256 c210c2aeb72f21e6d4320c4313979624529da433b70e4b8ea9bf884314759588
SHA512 da90c7797c4d6634cf8f4f37a3c47711f8f0833e4db178a7f67e529fc0c74d6e54f8964acdb64da8d439116018ab3d3463cdf60c1ac7aa6a4647c9b059cc8976

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a2405e69953ebd6e7809f1fdbf694a12
SHA1 a0e1ce30effa29eb02aae10334a83dfcd7b1b83e
SHA256 0e6bda5e75d87bbc1fff59308610d93359b061308af53fcd729c631f801ed4c0
SHA512 1d876828892ff7a049fb474415e3fc7ed2c9d8e835091450bbaf8ec0b019535bb39f14a6abe40ee3656db74223f3060767ff88422692d8ab928d1ab3da85a6e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d1c8df075d3d796964159ac71f3bd214
SHA1 237126cfe3c7ad7567c5837877705fddd9118521
SHA256 22d636aacd349084aa49e4dfebbec347b40247bf8b9035bdcd254ff74b5cb613
SHA512 3abb0c8213d4e230c4eb9e3ab858a0784899ec7dd71558a667d9ee7e25216699a4a8b8c6a043236fe61449959a0243d519cf60b5869b872345422042a64feeaa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a01c6.TMP

MD5 bcb1c87f90081d55a99e5857576cce61
SHA1 637c2d935900c84eae635ecd41b449d8c2f5a969
SHA256 1f73c18081b8b1b9d1c0097d67925802d292e1dc1a6dad320b10104048c97852
SHA512 94e9d1b5eb617b7827e28c052709bbc1e89e65c8c2a24a675c24c079561d7dfa5eb813eb037c48b5fe74d693768875289d2f95b20458f8a9633d96d11a299368

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 092d703a4528f9ae6ce10a67a2ec3eb1
SHA1 a1c70299a916dc6e6faf8a4f661862989811730e
SHA256 86cfbb9a882f6d24e47ce705d6bce514584716d4642fb03eabb769160044183c
SHA512 f15c92def3a25699063d80a86899dc61b3a89712785575cb0b68a921e8f3d4049a0daac048030ac96d4373dcf6cf96a7eae53ee0eeca49e14194a146c5df68d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\fcdca5b0-1517-4927-8a00-4ae6eef3d4ff\index-dir\the-real-index~RFe5a18c9.TMP

MD5 b16723fa8fb377c9370d161be6619e27
SHA1 c50f8aae3ac8b6c3e5874dac0b75e4b12625f16b
SHA256 8d7e5622272960958c1ad9ce1e4676524dc63eb73f1e1667dddfe4f877d9c0e1
SHA512 542662b0feb2aaa4e4b2d569b237c4aae3766ea2e0c729dfdf86311aa4f4f95705a769dc3684d1d4def9d53b79d8a482b4f6bb87b744e26a6312c1b17c0b7e28

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\fcdca5b0-1517-4927-8a00-4ae6eef3d4ff\index-dir\the-real-index

MD5 4952691ebd7cc643724036fc69e638ba
SHA1 a3bbedc773e6a43546500972087888892a66531a
SHA256 cb220e9c5531edd5eda26302a657705c83436e3f5daf4fd6c2cc21b39a9de925
SHA512 90e862c694406b0accff5632a45c2bbba999ff4bf23a1c4d893bff7454c28cec97d3b49c65c420bd4003145f9f2e1f62b07b605f07d505e5f183d3bc3a339e07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 60a06489cd3d212d5947c123ebc00b58
SHA1 04732eadd8aaa70a4b1e654f99eea216b6771485
SHA256 5f31d26111abc6c0240dae5a84b36adb3447a0526bfbefaa8539d1f8d4903de5
SHA512 3f8c419a3edb59a0566a90d3ab8cfb52fa9dc085655b09544987b29f12fef8df0ef59c43e70adfe2dce4312955483c0fb791dc98b65e4161f48f87cec2c1ffe2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 49805e9e4fa0b32984a7e220250ee76e
SHA1 627777c7365364ddce9a525bc5eb3f054ced2bfc
SHA256 056356ae1d9112d06d7d54e75d4de7eed41c39ad01198b0c131ed0194e779d57
SHA512 201c9b32161f6a9b5802d3ed4bbd5edbfcaacda9c539fdc564848a8af2ef44d2cc5a90d8936f76a3500e18aa249d6f1c5e3d86f565941e78b1ff9f5f38301098

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cdbce181cf963a105d30b4e480ac7c13
SHA1 b2f3fe6ff4d4ae8a1e717d457dd365d65cfc2ff5
SHA256 5320747b1d8889afed8d794983d24685c7ba7750df3e1050e473decce3e40990
SHA512 83e6012f6ef9e73c091b09574d4efcb2d883c8813208d514fff15c463138015022e3335276cb1b424545fea091d93f080627b4dd18a6bef9c017396e162c87fa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\b48e7ead-f17e-4c4a-90b7-7f07845d38c0\index-dir\the-real-index~RFe5a54d8.TMP

MD5 e12f3e6cc38a6f91dcb67a6a35251801
SHA1 ed8f164e23b27d77d9c3f8e36a92e422760c504c
SHA256 8a97147fe6a4e4a6e6300a77443d9ecb3533dbd7ade2b3b24206305225387cae
SHA512 1ed355d37cfd39e6932ef83510d8cd40849dac869758f17ad168be34b6e03ce9d28fcacc6e3a3833911894f07bf3540a95d38c29b92e3babce644d5a441ff173

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\b48e7ead-f17e-4c4a-90b7-7f07845d38c0\index-dir\the-real-index

MD5 01900bca197f7cd6134121e37c2af5f1
SHA1 97b9540d86d62e2cba34093a9bc0e8dc21d2152f
SHA256 1c66d8da4e6974a0ef0f683a6e5b9e2cf3adea262496774d85df86fd4905995d
SHA512 72d72d471c33d6022b61f350235ad5ead73c9a6dce91126257e569c735ee124a95a52dae4aad969dd86a5bea1a0137abc29bb59b7b7b363d9c82f83754c6fa1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

MD5 bf69fb1a834f70740b1f8b51ac7a9afe
SHA1 f13bf5641a7d90b09f4b798100622f83969eac44
SHA256 d0f170d1c6d32d3e8709d47b52f33688f57f22dd25bc4d7d7aa42a985f846e2b
SHA512 32b47533cd779ae53d4200766c634a2e149da759a390fefc2502192e7171ef10d05bccf9077f75b034f758545bbb9243e96ce44d8ddb63ab3e04557a0c1ce8e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c4eeadc33fbf01654c67f320bbc9d541
SHA1 6bba92f1670948526cd0ef081ba91d85ad8a87d8
SHA256 42268d31c92fabedc4d1d5154b08cd59522108a48fd78c18839a593052da7a8c
SHA512 1467d8096015c5a8546115a1f0e2570e51530d7ee8082d262a708fc745878782fabcb5878ffb448ca27be76eff21bee5cc1e5410650157934c42864c0c0828c8