Analysis Overview
SHA256
b41936fae15a96825c68c8674862aedad245cf2495cbc6b1e01e66ae2cbd09c6
Threat Level: Known bad
The file b41936fae15a96825c68c8674862aedad245cf2495cbc6b1e01e66ae2cbd09c6 was found to be: Known bad.
Malicious Activity Summary
RedLine payload
Mystic
Detect Mystic stealer payload
RedLine
Executes dropped EXE
Adds Run key to start application
Suspicious use of SetThreadContext
AutoIT Executable
Detected potential entity reuse from brand paypal.
Enumerates physical storage devices
Program crash
Unsigned PE
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-11-11 05:23
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-11-11 05:23
Reported
2023-11-11 05:26
Platform
win10v2004-20231020-en
Max time kernel
161s
Max time network
182s
Command Line
Signatures
Detect Mystic stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Mystic
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\vg1JN04.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1Tv96Hq2.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2pC8422.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3yu63jV.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\b41936fae15a96825c68c8674862aedad245cf2495cbc6b1e01e66ae2cbd09c6.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\vg1JN04.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 6168 set thread context of 7912 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2pC8422.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 8100 set thread context of 8188 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3yu63jV.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\b41936fae15a96825c68c8674862aedad245cf2495cbc6b1e01e66ae2cbd09c6.exe
"C:\Users\Admin\AppData\Local\Temp\b41936fae15a96825c68c8674862aedad245cf2495cbc6b1e01e66ae2cbd09c6.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\vg1JN04.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\vg1JN04.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1Tv96Hq2.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1Tv96Hq2.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x174,0x178,0x17c,0x150,0x180,0x7ffa89c546f8,0x7ffa89c54708,0x7ffa89c54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa89c546f8,0x7ffa89c54708,0x7ffa89c54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa89c546f8,0x7ffa89c54708,0x7ffa89c54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa89c546f8,0x7ffa89c54708,0x7ffa89c54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffa89c546f8,0x7ffa89c54708,0x7ffa89c54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ffa89c546f8,0x7ffa89c54708,0x7ffa89c54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa89c546f8,0x7ffa89c54708,0x7ffa89c54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa89c546f8,0x7ffa89c54708,0x7ffa89c54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa89c546f8,0x7ffa89c54708,0x7ffa89c54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,5666344054495927936,8948776318204407268,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,5666344054495927936,8948776318204407268,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,14490183171199901200,9296277537736277653,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,14490183171199901200,9296277537736277653,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,1293334415319194895,11285567967199903657,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,1293334415319194895,11285567967199903657,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa89c546f8,0x7ffa89c54708,0x7ffa89c54718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,1211903238679398860,9222988959660024583,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,414936591408756141,11887817579738175208,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1484,7363810015359170843,17922186343488698534,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,3163452042829644908,14011905701422489657,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4624 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2pC8422.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2pC8422.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7768 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7768 /prefetch:8
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7836 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3yu63jV.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3yu63jV.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 7912 -ip 7912
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7912 -s 564
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4328 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4092 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1780,9527463963892963241,10715205832890207139,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8316 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.78.124.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.142.81.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 104.244.42.129:443 | twitter.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.42.244.104.in-addr.arpa | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 3.221.61.110:443 | www.epicgames.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 101.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.49.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.61.221.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 8.8.8.8:53 | static-assets-prod.unrealengine.com | udp |
| US | 44.214.245.214:443 | tracking.epicgames.com | tcp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.245.214.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.39.65.18.in-addr.arpa | udp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | talon-website-prod.ecosec.on.epicgames.com | udp |
| US | 8.8.8.8:53 | 59.128.231.4.in-addr.arpa | udp |
| US | 104.18.41.136:443 | talon-website-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 136.41.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | talon-service-prod.ecosec.on.epicgames.com | udp |
| US | 104.18.41.136:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 104.18.41.136:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.218.90:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 90.218.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.208.253.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| NL | 199.232.148.159:443 | abs.twimg.com | tcp |
| US | 104.244.42.2:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| US | 8.8.8.8:53 | t.co | udp |
| NL | 199.232.148.158:443 | video.twimg.com | tcp |
| US | 93.184.220.70:443 | pbs.twimg.com | tcp |
| US | 104.244.42.133:443 | t.co | tcp |
| NL | 199.232.148.159:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | 159.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| DE | 172.217.23.214:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 214.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 88.221.25.153:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 171.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.25.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 160.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.paypal.com | udp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| NL | 142.250.179.163:443 | www.recaptcha.net | tcp |
| US | 151.101.1.35:443 | t.paypal.com | tcp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.stats.paypal.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 64.4.245.84:443 | b.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | 84.245.4.64.in-addr.arpa | udp |
| US | 104.244.42.2:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | rr3---sn-5hne6nzd.googlevideo.com | udp |
| NL | 74.125.100.232:443 | rr3---sn-5hne6nzd.googlevideo.com | tcp |
| NL | 74.125.100.232:443 | rr3---sn-5hne6nzd.googlevideo.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| NL | 74.125.100.232:443 | rr3---sn-5hne6nzd.googlevideo.com | tcp |
| NL | 74.125.100.232:443 | rr3---sn-5hne6nzd.googlevideo.com | tcp |
| NL | 74.125.100.232:443 | rr3---sn-5hne6nzd.googlevideo.com | tcp |
| NL | 74.125.100.232:443 | rr3---sn-5hne6nzd.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 232.100.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | c6.paypal.com | udp |
| US | 151.101.1.35:443 | c6.paypal.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | dub.stats.paypal.com | udp |
| US | 64.4.245.84:443 | dub.stats.paypal.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | facebook.com | udp |
| US | 157.240.5.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| US | 157.240.5.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | 35.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| NL | 142.250.179.163:443 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 192.229.221.95:80 | tcp | |
| US | 93.184.221.240:80 | tcp | |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.202:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.250.179.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 202.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| NL | 142.251.36.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 6.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| NL | 216.58.214.14:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.214.58.216.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | 12.173.189.20.in-addr.arpa | udp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| RU | 5.42.92.51:19057 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\vg1JN04.exe
| MD5 | 2be87d1de6c992873b504593927afdf1 |
| SHA1 | a3da3813727799837278101dbb9c0894cc48eef8 |
| SHA256 | e011fb290a476c56db559855da36cb5507418def05b327f0c8becc79f78e37e0 |
| SHA512 | b9951d010d96092bc5451bb45e680d3ca82477f5fecec76709607af7f37262cfa1da112f1279777e4172198950b5b499f4dc4b8737edc4750aea56e6a7f141d3 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\vg1JN04.exe
| MD5 | 2be87d1de6c992873b504593927afdf1 |
| SHA1 | a3da3813727799837278101dbb9c0894cc48eef8 |
| SHA256 | e011fb290a476c56db559855da36cb5507418def05b327f0c8becc79f78e37e0 |
| SHA512 | b9951d010d96092bc5451bb45e680d3ca82477f5fecec76709607af7f37262cfa1da112f1279777e4172198950b5b499f4dc4b8737edc4750aea56e6a7f141d3 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1Tv96Hq2.exe
| MD5 | 3e6d22fd56dd6a702f39db76611fcdb0 |
| SHA1 | d988c79aaa6ab368c3d8934e5d8df5fbd6f8198e |
| SHA256 | 9090bcfa3b87caf2bf4af3d08b79d3189898cb13736a29dfa8dc56b3ec5993ed |
| SHA512 | acc2838009c705b49cbea17da332edc086a5a2fbb3d0a2c30ed0897100cdc3e6d361820790ea2aa82ad80ad437f0e098cfb803801cf57776c073ab11a15211e6 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1Tv96Hq2.exe
| MD5 | 3e6d22fd56dd6a702f39db76611fcdb0 |
| SHA1 | d988c79aaa6ab368c3d8934e5d8df5fbd6f8198e |
| SHA256 | 9090bcfa3b87caf2bf4af3d08b79d3189898cb13736a29dfa8dc56b3ec5993ed |
| SHA512 | acc2838009c705b49cbea17da332edc086a5a2fbb3d0a2c30ed0897100cdc3e6d361820790ea2aa82ad80ad437f0e098cfb803801cf57776c073ab11a15211e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6f9bc20747520b37b3f22c169195824e |
| SHA1 | de0472972d51b2d9419ff0d714706bef0c6f81d8 |
| SHA256 | a176ef484b676f39eaefe30f33df548ef0e4e3b34c4651ac3fb4351404d288b0 |
| SHA512 | 179e5be96746cfbcc9483de68527d96464f3ce6cb09dc4b5e546a93c5e1dad36ab842a4cdfa336169af4ca459bdc42a2cac72e577699a455ffb7efd9c1c80f11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6f9bc20747520b37b3f22c169195824e |
| SHA1 | de0472972d51b2d9419ff0d714706bef0c6f81d8 |
| SHA256 | a176ef484b676f39eaefe30f33df548ef0e4e3b34c4651ac3fb4351404d288b0 |
| SHA512 | 179e5be96746cfbcc9483de68527d96464f3ce6cb09dc4b5e546a93c5e1dad36ab842a4cdfa336169af4ca459bdc42a2cac72e577699a455ffb7efd9c1c80f11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
\??\pipe\LOCAL\crashpad_5028_XAZHIJJASLMWRWEP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
\??\pipe\LOCAL\crashpad_1676_IFUKEASUQVQTIKDR
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_4816_OOVMEMHQJZLZRALB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
\??\pipe\LOCAL\crashpad_4752_RWGJNSNKAVECJNKK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\513fc439-ede0-428c-92e0-d05b540daa6b.tmp
| MD5 | 93e322643b23df1553b85acd5af820e3 |
| SHA1 | d9339719907b6ae2eb46fdc005544513d80db540 |
| SHA256 | 9c5df28efa6dcc19b5c4f0496db4786ede57790d6583a9f8d64d651b8e4f65e3 |
| SHA512 | 3699756dc23cd5c3345d89cea89abf90e54e267eacce66b95a06aa6aa4676debc9d24edcd7289d6dc8ad137eaba598f094a4c27a4d48a4a07b5200820fe319f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 34581af335ed71bc808877f26631a38b |
| SHA1 | d25bb128f84b97e97282f9516ec6271feed0817a |
| SHA256 | 60ce875f3867303e0a101159d1adf159d97f6ed0092a25b61bb4babd9604b86f |
| SHA512 | 7327fcdc7c333ce040edcb3ceb10f2f2922101823897dafcb456ce76f1be23cb199063675806221678aeff49f640fb697094b809c6d01dc50cac859edf320f66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1af04eef21f49a661af97c7b686abdb1 |
| SHA1 | 647f4edb04ffc7ecd970597da1f1eb5aaf548487 |
| SHA256 | ebf1d20a55d4bc5dc8d4d3683bf7b9c13fecf2dd4c0fc7003abdd249bba94d3d |
| SHA512 | 7f9acf9c694ae232bb5ccc7474f30146094e66312ad539ca4c14db55c393025817dbdb7ef2daf02f3459efe2a941285cba644ba83a174ce101bf335c5cc60d24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 93e322643b23df1553b85acd5af820e3 |
| SHA1 | d9339719907b6ae2eb46fdc005544513d80db540 |
| SHA256 | 9c5df28efa6dcc19b5c4f0496db4786ede57790d6583a9f8d64d651b8e4f65e3 |
| SHA512 | 3699756dc23cd5c3345d89cea89abf90e54e267eacce66b95a06aa6aa4676debc9d24edcd7289d6dc8ad137eaba598f094a4c27a4d48a4a07b5200820fe319f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a2ec3565d72fcd996308364b2dc43925 |
| SHA1 | 47b466795160dbc136a1e9cd18daca61f6c81d43 |
| SHA256 | 31dca82d3aed6c853240338afac5dbbe05d4bd683e5169beede1c8a63bb90911 |
| SHA512 | 4cd492cf7cac324e0b20b2984a8ad90c38b07104fbc053538d9f5f52dd2cbbfe80309c70b77842eed9601b8497010ac3b85d768aebea3eaf9ddd56f09b65a773 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9fc3895877baa0099cefd37cfcc887f4 |
| SHA1 | 86fdf132743682e450987ff7cb94a97298de6416 |
| SHA256 | 9ae209d91c8c070f83710cf6f7eaeb41b4b8ba142d0779808c00313406ac83e7 |
| SHA512 | 484712828668d7474f07560100369dadb5b1b02f6cba72670df0113b64ea58927908ad96839dbd13d0059f180f2bdc58283b0328a10609e33f929db0dcab712d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\2cf7e421-10d2-4e48-830b-f31fd605aaa8.tmp
| MD5 | 34581af335ed71bc808877f26631a38b |
| SHA1 | d25bb128f84b97e97282f9516ec6271feed0817a |
| SHA256 | 60ce875f3867303e0a101159d1adf159d97f6ed0092a25b61bb4babd9604b86f |
| SHA512 | 7327fcdc7c333ce040edcb3ceb10f2f2922101823897dafcb456ce76f1be23cb199063675806221678aeff49f640fb697094b809c6d01dc50cac859edf320f66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9fc3895877baa0099cefd37cfcc887f4 |
| SHA1 | 86fdf132743682e450987ff7cb94a97298de6416 |
| SHA256 | 9ae209d91c8c070f83710cf6f7eaeb41b4b8ba142d0779808c00313406ac83e7 |
| SHA512 | 484712828668d7474f07560100369dadb5b1b02f6cba72670df0113b64ea58927908ad96839dbd13d0059f180f2bdc58283b0328a10609e33f929db0dcab712d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a2ec3565d72fcd996308364b2dc43925 |
| SHA1 | 47b466795160dbc136a1e9cd18daca61f6c81d43 |
| SHA256 | 31dca82d3aed6c853240338afac5dbbe05d4bd683e5169beede1c8a63bb90911 |
| SHA512 | 4cd492cf7cac324e0b20b2984a8ad90c38b07104fbc053538d9f5f52dd2cbbfe80309c70b77842eed9601b8497010ac3b85d768aebea3eaf9ddd56f09b65a773 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1af04eef21f49a661af97c7b686abdb1 |
| SHA1 | 647f4edb04ffc7ecd970597da1f1eb5aaf548487 |
| SHA256 | ebf1d20a55d4bc5dc8d4d3683bf7b9c13fecf2dd4c0fc7003abdd249bba94d3d |
| SHA512 | 7f9acf9c694ae232bb5ccc7474f30146094e66312ad539ca4c14db55c393025817dbdb7ef2daf02f3459efe2a941285cba644ba83a174ce101bf335c5cc60d24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 93e322643b23df1553b85acd5af820e3 |
| SHA1 | d9339719907b6ae2eb46fdc005544513d80db540 |
| SHA256 | 9c5df28efa6dcc19b5c4f0496db4786ede57790d6583a9f8d64d651b8e4f65e3 |
| SHA512 | 3699756dc23cd5c3345d89cea89abf90e54e267eacce66b95a06aa6aa4676debc9d24edcd7289d6dc8ad137eaba598f094a4c27a4d48a4a07b5200820fe319f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f84d61398e3f292f432e1080e4e65e48 |
| SHA1 | d8e04c9ca8a856e53d0ad48818ad8dcf582942bb |
| SHA256 | a276e77b92e92a433d40b1ad8b288bb3d776f87c66deb665517aafd13ba23c35 |
| SHA512 | a7a794ffa00bc77f7885b69ae5e3652a99ae37b43405368764efb0bfd47464b4c1be2ac0dafc19b37f2969df05434984a28a39c0528a2e7bb729614e135bcf9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e30f154c8ba2ba030a774844a2bf1095 |
| SHA1 | d7404c79fb7e9dae9438e5e7d4c6c5cb42131d7c |
| SHA256 | 6de3221b6894a2d6ef342416617a5d985847aee0bce4941f29148a3050e60b47 |
| SHA512 | f639e5f3667e25994996ed3d6dfa3475e7dc4b8a3601d04dc64ad394d1e0b4740379cc98661eb6283cc049c02e295232e325c09708347ee8a19439ba8461a783 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f84d61398e3f292f432e1080e4e65e48 |
| SHA1 | d8e04c9ca8a856e53d0ad48818ad8dcf582942bb |
| SHA256 | a276e77b92e92a433d40b1ad8b288bb3d776f87c66deb665517aafd13ba23c35 |
| SHA512 | a7a794ffa00bc77f7885b69ae5e3652a99ae37b43405368764efb0bfd47464b4c1be2ac0dafc19b37f2969df05434984a28a39c0528a2e7bb729614e135bcf9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e30f154c8ba2ba030a774844a2bf1095 |
| SHA1 | d7404c79fb7e9dae9438e5e7d4c6c5cb42131d7c |
| SHA256 | 6de3221b6894a2d6ef342416617a5d985847aee0bce4941f29148a3050e60b47 |
| SHA512 | f639e5f3667e25994996ed3d6dfa3475e7dc4b8a3601d04dc64ad394d1e0b4740379cc98661eb6283cc049c02e295232e325c09708347ee8a19439ba8461a783 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 34581af335ed71bc808877f26631a38b |
| SHA1 | d25bb128f84b97e97282f9516ec6271feed0817a |
| SHA256 | 60ce875f3867303e0a101159d1adf159d97f6ed0092a25b61bb4babd9604b86f |
| SHA512 | 7327fcdc7c333ce040edcb3ceb10f2f2922101823897dafcb456ce76f1be23cb199063675806221678aeff49f640fb697094b809c6d01dc50cac859edf320f66 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9fc3895877baa0099cefd37cfcc887f4 |
| SHA1 | 86fdf132743682e450987ff7cb94a97298de6416 |
| SHA256 | 9ae209d91c8c070f83710cf6f7eaeb41b4b8ba142d0779808c00313406ac83e7 |
| SHA512 | 484712828668d7474f07560100369dadb5b1b02f6cba72670df0113b64ea58927908ad96839dbd13d0059f180f2bdc58283b0328a10609e33f929db0dcab712d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a2ec3565d72fcd996308364b2dc43925 |
| SHA1 | 47b466795160dbc136a1e9cd18daca61f6c81d43 |
| SHA256 | 31dca82d3aed6c853240338afac5dbbe05d4bd683e5169beede1c8a63bb90911 |
| SHA512 | 4cd492cf7cac324e0b20b2984a8ad90c38b07104fbc053538d9f5f52dd2cbbfe80309c70b77842eed9601b8497010ac3b85d768aebea3eaf9ddd56f09b65a773 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 312bda1d637aa5da6074f1e938e1ab1d |
| SHA1 | 91dc089d8de77d5622be44cd716c65bd6fa2a6df |
| SHA256 | 5897c7eaa43e2ae42a0a80641d4bed76e75f5b44578d1bf311d2b422a5b75b71 |
| SHA512 | c3794632aa9c1ac0cb6bd98a05ee42b79d5948fd53b12a18f0191608569bc76f1c96c2e1ccd67e0614cfcbb522f789d94a194e5ae3436951de711eefa724b3d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1af04eef21f49a661af97c7b686abdb1 |
| SHA1 | 647f4edb04ffc7ecd970597da1f1eb5aaf548487 |
| SHA256 | ebf1d20a55d4bc5dc8d4d3683bf7b9c13fecf2dd4c0fc7003abdd249bba94d3d |
| SHA512 | 7f9acf9c694ae232bb5ccc7474f30146094e66312ad539ca4c14db55c393025817dbdb7ef2daf02f3459efe2a941285cba644ba83a174ce101bf335c5cc60d24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f84d61398e3f292f432e1080e4e65e48 |
| SHA1 | d8e04c9ca8a856e53d0ad48818ad8dcf582942bb |
| SHA256 | a276e77b92e92a433d40b1ad8b288bb3d776f87c66deb665517aafd13ba23c35 |
| SHA512 | a7a794ffa00bc77f7885b69ae5e3652a99ae37b43405368764efb0bfd47464b4c1be2ac0dafc19b37f2969df05434984a28a39c0528a2e7bb729614e135bcf9f |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2pC8422.exe
| MD5 | 889dc02b9911c773f47bddc35c07245f |
| SHA1 | 9a703c8dede29cd196ab67c9779038986bc4b725 |
| SHA256 | eb85e3aaebbcd6a42ca3b702ca665ac551fda2d39955989a76f942e275d6b850 |
| SHA512 | f67bbd9a445b69e74882b1059776906e30d0967f6ac56f6d80a0647726e50f0e44d1227923280c37eaab5c95694d1f561f4d88a45086242a2f622e01f4abe6c7 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2pC8422.exe
| MD5 | 889dc02b9911c773f47bddc35c07245f |
| SHA1 | 9a703c8dede29cd196ab67c9779038986bc4b725 |
| SHA256 | eb85e3aaebbcd6a42ca3b702ca665ac551fda2d39955989a76f942e275d6b850 |
| SHA512 | f67bbd9a445b69e74882b1059776906e30d0967f6ac56f6d80a0647726e50f0e44d1227923280c37eaab5c95694d1f561f4d88a45086242a2f622e01f4abe6c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e30f154c8ba2ba030a774844a2bf1095 |
| SHA1 | d7404c79fb7e9dae9438e5e7d4c6c5cb42131d7c |
| SHA256 | 6de3221b6894a2d6ef342416617a5d985847aee0bce4941f29148a3050e60b47 |
| SHA512 | f639e5f3667e25994996ed3d6dfa3475e7dc4b8a3601d04dc64ad394d1e0b4740379cc98661eb6283cc049c02e295232e325c09708347ee8a19439ba8461a783 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a6c0dfb5a9efef8f3598c214c51dd132 |
| SHA1 | 54179ab2b2c26cf1b6b673e8b0f0649649b95d03 |
| SHA256 | 519c53f3940e82afcef543b72ac847d383f8091d28802902663c4e4f33154787 |
| SHA512 | 218be1a71dddd79944772b99e261a576730d9d075b00ba7c9386616f082e7ed244951d4420d787c32ae0ccbadb2e9ed94ef5538ea0d4a9d41d183744f3e3e13f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9f80aaedda9b1dfec619397a84b3f025 |
| SHA1 | d0d7be94b72c63160a69be5beb84323ca00b6a82 |
| SHA256 | 0212aca19a92e713f79a247df5164d3b31e6063450121cfdae6936953d1fba93 |
| SHA512 | fe57b6c91982ec45eebd6e59722d260bb9ba238f6796e41073ee2a6a3546d9fff4c0082d2b2320546ddb9d36334a716a94fe7317dd6b955e75349368b7a62255 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | e05436aebb117e9919978ca32bbcefd9 |
| SHA1 | 97b2af055317952ce42308ea69b82301320eb962 |
| SHA256 | cc9bd0953e70356e31a957ad9a9b1926f5e2a9f6a297cdef303ac693a2a86b7f |
| SHA512 | 11328e9514ffaa3c1eab84fae06595d75c8503bd5601adfd806182d46065752885a871b738439b356d1bb2c1ac71fc81e9d46bd2d0daa1b2ba0f40543bf952b9 |
memory/7912-317-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7912-318-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7912-319-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7912-321-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d09173b30a52d4446c14878047f6d546 |
| SHA1 | a0e83c5ab38df93ade59510379d2cf933cd84d67 |
| SHA256 | 7cbbb3b73c310a530f1df5c7c1286e733b54823416a48831a42435bab38b7b47 |
| SHA512 | 5314716aceccfd6877a5e03803c1f74b9e30759a1404a2027a96b9bc6916ce2c0fd594dfa27777d65fed6074965b53971b09661dc685f4ad5cf9c8dbe93b7c66 |
memory/8188-368-0x0000000000400000-0x000000000043C000-memory.dmp
memory/8188-373-0x00000000742B0000-0x0000000074A60000-memory.dmp
memory/8188-381-0x0000000008070000-0x0000000008614000-memory.dmp
memory/8188-382-0x0000000007BA0000-0x0000000007C32000-memory.dmp
memory/8188-383-0x0000000007D50000-0x0000000007D60000-memory.dmp
memory/8188-386-0x0000000007B70000-0x0000000007B7A000-memory.dmp
memory/8188-391-0x0000000008C40000-0x0000000009258000-memory.dmp
memory/8188-394-0x0000000007F50000-0x000000000805A000-memory.dmp
memory/8188-397-0x0000000007DE0000-0x0000000007DF2000-memory.dmp
memory/8188-403-0x0000000007E40000-0x0000000007E7C000-memory.dmp
memory/8188-406-0x0000000007E80000-0x0000000007ECC000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 28b201575a00041f64df93691067df01 |
| SHA1 | 215441cc09862a0b9e71a637b2f2648cf36c8265 |
| SHA256 | dc08b0e2d687e912c75f808b63ef59be944fd58d30440ef13d3f57f95a0565c1 |
| SHA512 | d6398d80dc01379d8c4458b061d98b6dc54ffa6d84615005f564b3460d771b183878e06778456143b42de4578b8803ec6739298fd90f0371fe007d9d7c1ffb19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5884cb.TMP
| MD5 | 9a2b8672733bf5faedf3d08e89ea9ea6 |
| SHA1 | 6b14648f692eb62bc0826ebce33c178fd7bd4b6d |
| SHA256 | e204971798d718e86df6b78da63375bd8e688c3e857bfd572d6795354439ef5e |
| SHA512 | 681454c27ab67ab013cc8817ac04691e4126f723d89def7717bb33480725b233b80faca9bf50d6a113ac8ea1c41b625298fa04541dd9118aecb5108d5e508e4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 62463c7d7767657a8b476c41072caa0b |
| SHA1 | e7d1b01e0c6e317b2ce0a0138aee5472d3e28747 |
| SHA256 | a6e7c22ab01558fe5063d5e88d0fee045b5950d636fac8e957a73f2915ed717c |
| SHA512 | 5cb1251c8a4011f9bc42737336018fb6a04ee279872ca3d75e2f31dc1149a05a5fc58cc012d889a915543d4821c08d3621994d0fac175f386909fe776a4b55ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | fcd2e68b3ab73d0eff577c8bb978c9ac |
| SHA1 | e866482f26caf0c2f0814b5c9a322a8a00b66c35 |
| SHA256 | 98b9f012ad814d0757131c4e3322ed868ffd3bc6b19d3d17b5abd8e66961a08a |
| SHA512 | 6d00fe1aaa4ed2f7f4058549e8fe694732e107d57894fee7dde5c6542b558b8b26f739e2aad07942eaad1bafb2c65001cace5fc862c59fb79d79526cd9e168d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033
| MD5 | fdbf5bcfbb02e2894a519454c232d32f |
| SHA1 | 5e225710e9560458ac032ab80e24d0f3cb81b87a |
| SHA256 | d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c |
| SHA512 | 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | fbf0df98caf07e087acee28e2147bb5a |
| SHA1 | a7f0ff63deebe0bf6ff1affc6cef50af66a7ca9d |
| SHA256 | 3c9e5270966b7886ca939760d93e12858056adfdea2b7b676937ce65cb19f853 |
| SHA512 | 40e9565e9614a3d6789b1214e53f36f6454f8f78ab45c673d018194eadd69b3161d6d36712cd577afe48dda1a7f71ab37583dc804ad6b31a0864e12f8ff32fcb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 8ea868562a33fdb1389dc9ab1aca9e17 |
| SHA1 | 8d88ad3165d7b9a0c9980f6bf6e27b8d4b95e488 |
| SHA256 | 2d5f1828a760241890873724b0ddcdd65a6c4529c18a0617521ac818f4c3bde9 |
| SHA512 | eeb9461517b1656dac8b514e9967010abadc5af358c944f544b012a89cab0184069158f92f5bc04b173803932f554ca70ba9fb47fe02950a3536ec1c1d81d402 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 791fb1ad0904eb3579da2ead40a86ccf |
| SHA1 | 65bfb082db3ffcdb878c4d44303378b280d6d1f2 |
| SHA256 | 253504b03ea4af5e71833b7cbe916d6649dd88dc66c82902a6501f6caa9ec463 |
| SHA512 | 4447598190a9862784107e4ff6a27b22805be10e34b82bec3c8fc2a9bf1a5a5455306acdddb00935590c133477bfdcd35d70ed759a7558caeb27225d5d4a4b79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035
| MD5 | 4e08109ee6888eeb2f5d6987513366bc |
| SHA1 | 86340f5fa46d1a73db2031d80699937878da635e |
| SHA256 | bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339 |
| SHA512 | 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661 |
memory/8188-683-0x00000000742B0000-0x0000000074A60000-memory.dmp
memory/8188-744-0x0000000007D50000-0x0000000007D60000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b
| MD5 | 740a924b01c31c08ad37fe04d22af7c5 |
| SHA1 | 34feb0face110afc3a7673e36d27eee2d4edbbff |
| SHA256 | f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0 |
| SHA512 | da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d26421cf65d6146abbe69a9426e3d393 |
| SHA1 | 21745a3f7bdecde98c557037e6fb42bea3234243 |
| SHA256 | e7adfdb068d40ecbe1b85ef46b375de5e6be9b3560922bac09588540fdd824ba |
| SHA512 | 599c104d9f0ac274165a81d9ca36858812e6ace7bd8d19e79e7c18e605cc67fc955db4093bb7a3cc130c1f35b389a73e16c273bea40ac89bdb48e27809b196d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b75cca664188e2a733f149b287256b23 |
| SHA1 | 418a813a9cccfa8dc3bd1413b0b71b7a9c888d64 |
| SHA256 | e11f08f7116494132650b3a185ad95a5112ebf73974a40201ea80206292848e7 |
| SHA512 | 3df0e00c85e2ff02e9155366825ebb99fb6db8098e3a48c6321fc889ea3790d9e047a102d6e1c135dec3ec03dcbeaa74a6569371f8483c8892ca8b3104462e43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\106623e8-f86d-4990-8220-30c25f51cf7b\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 545655fe300e205783407b38da1d0999 |
| SHA1 | de417175e8cd0ffc10a7aeb076fd40b7b3f3a8ae |
| SHA256 | 6a7721491e3d34ab2500250e00a000dfd778d071d6f54a76c974d29e5bf71d63 |
| SHA512 | ef6f5de474130317fe905bb210643f6199cc6d8cd31ad69eef9bb4e3798653aefe8b02881f8cdb4ddb2bad39c4c0969f842559867027defb8b818c84c0fdd5bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe58b3ea.TMP
| MD5 | e9c6545fd546f03f63a352da94a15cda |
| SHA1 | e239655194d7340800611acec49f387bef4d0c10 |
| SHA256 | 1a409a511d5511261e49b66783eaa2f6f93c405d5b6051c3300447fb7e9b4fef |
| SHA512 | cab25e58d79a1e52afa41755a9e3167b0f2606049790d0eac65faf4d44592aca4f75042cc40ae820b8d3da7d91d717637e3d326e7c737228cb4698dd025c2578 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 16b557618ad301bed551f3bacf924a87 |
| SHA1 | 3c8c7df1c29f7db307bae09d7e6ff10b6d6a925b |
| SHA256 | 54e7cd27ec3d0ca819dd0685d9892a5e3d9116da7a71d4f1ab8f99e2b4428cf4 |
| SHA512 | 8833834f49bdd23b470ccc20c8ea150fcc40d20e13ddd0fb44e6ac3c97d9f74e74ccd233ba5cff60946481cc9af534daddb736de87a2306b3e845eb1753f41e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e971ce3feb9b2bb8eeb19a6bb4f85a0d |
| SHA1 | d0698c706d6104a9351618f849dd184698c2cb84 |
| SHA256 | d978acc251c6996c9d5946e21b691f0529d448c1c6dc87ded85ae2228ee4be7b |
| SHA512 | 46fdd336341114d066d81394535c79de74ec88d6f51613ca27194ee737ac7f9e21d84eb1ebb89db02766a6253eb484090d145380a1c3c253b75b251e78768da4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\82e097dd-a58d-4556-baa5-1158c07c38f9\index-dir\the-real-index
| MD5 | 5d5eba3e9dfe8c7916abc549830909ce |
| SHA1 | b5e2545bbe2555304b4fab51eb0d0a1d5f9b79c4 |
| SHA256 | f33112dcdbb0752d5ddf9d125fb5f9e867540717ce8b6dd5d85da4454a75185b |
| SHA512 | 19706f7d1304b158bd3f3bc47635fbe11e81139fea88fbdbd82f9bb63509dea548c24c91726f4273bd7d6b26e85064089f90dc5869a1c2799779db59ad51b5ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | e20dc3abfbd9c5592714593aa2953ffa |
| SHA1 | 608cf43e94da90cc13a783087dda0de7ebbe899e |
| SHA256 | 577a33b706b64ea07514ee3340f89a0d6edb260252c36509a36c9d1d0b4e65a2 |
| SHA512 | 6d3e2556f108a19e2afc40d7c63ddc9e7860f6b772eb687be908cce3ac6869a3d2b0bac59e33ed3e1ed6f8e6ce11cb2b13930b6b9e90879cf2db7cc573b3a0e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ce188a1-58c5-49e4-84d2-26c10f8d0029\index-dir\the-real-index~RFe592adf.TMP
| MD5 | ab960bf15bf27fb76fa0635ffff0bee7 |
| SHA1 | b3c00f4dcb58e97ff7ab0280c6b6548d5243ceb2 |
| SHA256 | 21a677226bf5a8ee290dd73b0158ed81c6c46d4fd798a6d479d4226a60c396e9 |
| SHA512 | 4434b748b8756fd570d1063cc9d0fe1090bd461db31303eae63427adf7f26fa5faaeca76599a982f1ddb254688e41a6de4469bb3ff28deb44b1801ebbeb79928 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 628983559933374b7893c85cf5a69013 |
| SHA1 | 3cefc30fa588caa70e29e839953a3d7707fe8edc |
| SHA256 | f01c614262151ac6cf39831119180404aaaf2bd049700b99bfb9b8d05df3075e |
| SHA512 | 02e00171ed35d2857203eecfbe2b2052cc9b08dda638398e1607683615d4146910da843b736a1e37d8f9e4a5a83ec5ae324f16b71bc14d7aec70c263b8dce001 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe591c19.TMP
| MD5 | c8eb4236c5b4d89596e3087f249cc93f |
| SHA1 | 655d073dbdc7849d5e330a4f6c07a73520ff410d |
| SHA256 | 5bc26d1482cf093425f33186ef32d2f3f7476d4f71bfc672aed3751d7a4ae909 |
| SHA512 | 52fae7f594b5349d52ef4b9a589f428f5febc761b9b345f6250c113f83c19f80b6d612a987468c5c705ff7c0c90a68fa67b45a7440b68082e73e3681cd8437ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | a98c098e998ec9d67115c7e45d0b4302 |
| SHA1 | 1e9680f803cc3a1eb8fdd9a535f2763211b81acc |
| SHA256 | c4a560ec4434064145c7ae0c068309da323c07a3e20357d7fdd08c2e8f42b0a1 |
| SHA512 | 4094eda9ac79d38a16e1878489ad293628ffc536c50aaf77ab01bb426fa903aeb566fa93fb543fe4668a67f72a1beb278ad0eeff46298a59731a1ca8b5d7be68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4ce188a1-58c5-49e4-84d2-26c10f8d0029\index-dir\the-real-index
| MD5 | f31c233bbc87a0cc8317f2d9dc8f17bc |
| SHA1 | 7371cd7a8f91cc1100ccd4c3637842bd5d913c39 |
| SHA256 | 3984a31f2cd96b4ecf43d22eb390afab560a9f7874941b756bab4fc122ecbb68 |
| SHA512 | ae6893baf393ef3bd491203cf54487aa7185e77486736018220dcc3181b88de25f0c6ead390336329c2375a6f8e16965c37349e836b52cba6a957a036f868f8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\82e097dd-a58d-4556-baa5-1158c07c38f9\index-dir\the-real-index
| MD5 | 9aab9588e91c7e5ea9e767b32aec315d |
| SHA1 | 5557b0c23e4dc19a674ceafb02e698e2423767ea |
| SHA256 | 23651a89af7a976193967a4c57bb8317e86931330089bb711fb3057c22a77275 |
| SHA512 | 3ee9ffd19789cdf23c512d90154c7dd730f510dee1daf7acbb412c95e04e9ea035be8e87acedce14f66b2fb6ae752ae2b93b443ffb117eebadd043a05e06f1ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dbd3e768f43627fbec594c4b568f7036 |
| SHA1 | e65102f4306f0fc4807b8d6ceaee299625d27549 |
| SHA256 | a9c6e0db922ec7eee9eb1d79e606d4a3c6cb180c57c7092c7b7fa3fb684a0532 |
| SHA512 | 92876218fa15e4ccb36351d6105b6e19a531d8d5a203a20ee4cf1513c1c3c82e6d8863744e2868f0ca954adb1af38b360baf5aa229b32ea8272f3c7079bdd466 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 9c0a905800247d1f1c361f4ae8da4691 |
| SHA1 | 1e29622ccfc43ea90075d9c5e01baeb7f5e67a8f |
| SHA256 | 875eda8f6e0afb42566a944eb2581107c2b691b37bd2128c585475a81bb945c6 |
| SHA512 | 4e4103bcc8747734537f4caa0d3d64943716a1e1d9ee37221f2277f3f85f6de11387c4ee3ee87266d436ca46d84b006cefbadba925a3fd64a67b9b01a723d3a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b9eeb0c7dc2ccb7173c23437f4ef80d9 |
| SHA1 | 20afb625f276b3832421cf062465f58338ed2826 |
| SHA256 | af54c5a64d49f7004036d36023bf7ce3882c8bf3d942c0d0ca2fc33b2475a200 |
| SHA512 | 2fbdc7f8f3f0ee34c3607c766c9443f83bf76bf29ff0daf1e3fc41382e540e07dae327434accce2e6bffedb9c8df387115be2cbec60a7eba1ce131cc1135ddcd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a940ed13eb1df44ad83e97cda7c42288 |
| SHA1 | 4bc36f01425c602cb385b0cd27ec6d655bae1f5e |
| SHA256 | 18658569bbdfee1c195f05888ed52ac2e723aa6f1c99d8c76ade183fa47a0e5b |
| SHA512 | 2927db5f3e683b5858106f4934576c174cde116b1cb466570da138417713e694dc8817b7420c6cb8a584771f398e6f4e8511e3d73e3d01e544d3070cc0526011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6f90fd02-72c9-4716-91a8-4222debc7dcf.tmp
| MD5 | 30f156a18d8e0b90ec319421b6480da4 |
| SHA1 | fa04a85ee3219ece90253f1808624e7a5c30e273 |
| SHA256 | 0c9a99af8f0a06d1cb508903185f976e1748f793a86ef6e1c67e861dbbc0b525 |
| SHA512 | 98fc8a4b340ae1108292d07c9fd4dbb7d14b020e477b76578e20b8325b2c348eb3220b78a50778686aa4a374ec86fea3463f3fc3faf635bdf1c3ff558597b2e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fb4a6ba75f479ca246b03417914cdbff |
| SHA1 | c8d072fd57ed5c10da72bdad881fab703ea1bbd2 |
| SHA256 | 02382fa6c8835c9022eaa3c060cdb08021d6a2fa3e965f790724afa0e767f727 |
| SHA512 | 1dda6fe8254a1811bd1a859703edfa663688da21b627fd1be0cb7419c894a1eff7e16f46ef3cb55ccc5552f0294899e0fec8cbad04ed8b6d51a5771103d45acb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b368e4a42ed88e065b607086e7ed0f09 |
| SHA1 | da27ea29d28a1347602bd0f9f5e98df3281b5b31 |
| SHA256 | 5b9fcc922d7023e9a9ec0e5864e3f3ad45e05280eaf8b926b7e756e7e91d8ec9 |
| SHA512 | 7b17398e201d5d55addc09ee15b24ece3244bd494ecfe4f2e34c231e630d4ba62e8a9ec7b6e69ddecc58377e178c5d1c3d908449eb129479b232d70bae57aeaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1ee4a11467a82f0622346dde81a394eb |
| SHA1 | 6783d577505c5f127dd8b9c9603cfce886738120 |
| SHA256 | 0860b5e39ce6c1969d13783d33cdfeb0214420448f2eba90c7e22c8012959cc4 |
| SHA512 | 9689e37dd1a83d6e4d2b32fee95192c38844bd9c253686459f47ef1def6a790d4117a8fa246e52a9f34450c9a7210094e03b6200297e547dce48c5c76568e5eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aada5c7bb8d5915a8b35f354a010a519 |
| SHA1 | 785230c359b51560f43074948796f0f9f81461cd |
| SHA256 | 25bf4b8242a77ce6609a04f1d13aecaddd755a4beaeca3346cf17348c33b7afc |
| SHA512 | a9a93d2aa3e1dacaadea66fbf5750bb4ba1ef6e9d7f75ac566d0f85874642d00043872d9f0d1c649c5269cf98c0e47a17335d65e41091c11f3a5be0b50f8d0b9 |