Malware Analysis Report

2025-01-02 05:16

Sample ID 231111-fnjnrsba5y
Target b15198c6b56812bf263a78afb0ed895c.exe
SHA256 e80e4142f4e69d518e1ab2184a0292ab959456b7310d391d702c81a335c5bfc3
Tags
mystic redline taiga paypal infostealer persistence phishing spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

e80e4142f4e69d518e1ab2184a0292ab959456b7310d391d702c81a335c5bfc3

Threat Level: Known bad

The file b15198c6b56812bf263a78afb0ed895c.exe was found to be: Known bad.

Malicious Activity Summary

mystic redline taiga paypal infostealer persistence phishing spyware stealer

RedLine payload

Detect Mystic stealer payload

RedLine

Mystic

Executes dropped EXE

Accesses cryptocurrency files/wallets, possible credential harvesting

Adds Run key to start application

AutoIT Executable

Detected potential entity reuse from brand paypal.

Suspicious use of SetThreadContext

Unsigned PE

Enumerates physical storage devices

Program crash

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2023-11-11 05:01

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-11-11 05:01

Reported

2023-11-11 05:04

Platform

win10v2004-20231020-en

Max time kernel

185s

Max time network

193s

Command Line

"C:\Users\Admin\AppData\Local\Temp\b15198c6b56812bf263a78afb0ed895c.exe"

Signatures

Detect Mystic stealer payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Mystic

stealer mystic

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

Accesses cryptocurrency files/wallets, possible credential harvesting

spyware

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\b15198c6b56812bf263a78afb0ed895c.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Rq1tF01.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup2 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP002.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe N/A

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Detected potential entity reuse from brand paypal.

phishing paypal

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4848 wrote to memory of 4516 N/A C:\Users\Admin\AppData\Local\Temp\b15198c6b56812bf263a78afb0ed895c.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Rq1tF01.exe
PID 4848 wrote to memory of 4516 N/A C:\Users\Admin\AppData\Local\Temp\b15198c6b56812bf263a78afb0ed895c.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Rq1tF01.exe
PID 4848 wrote to memory of 4516 N/A C:\Users\Admin\AppData\Local\Temp\b15198c6b56812bf263a78afb0ed895c.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Rq1tF01.exe
PID 4516 wrote to memory of 1364 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Rq1tF01.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe
PID 4516 wrote to memory of 1364 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Rq1tF01.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe
PID 4516 wrote to memory of 1364 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Rq1tF01.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe
PID 1364 wrote to memory of 4352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe
PID 1364 wrote to memory of 4352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe
PID 1364 wrote to memory of 4352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe
PID 4352 wrote to memory of 1904 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 1904 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 320 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 320 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1904 wrote to memory of 1596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1904 wrote to memory of 1596 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 320 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 320 wrote to memory of 1156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 1288 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 1288 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1288 wrote to memory of 3356 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1288 wrote to memory of 3356 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 1508 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 1508 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1508 wrote to memory of 5024 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1508 wrote to memory of 5024 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 3864 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 3864 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3864 wrote to memory of 2740 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3864 wrote to memory of 2740 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 3496 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 3496 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3496 wrote to memory of 4064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3496 wrote to memory of 4064 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 1060 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 1060 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1060 wrote to memory of 3400 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1060 wrote to memory of 3400 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 4176 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 4176 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 4132 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 4132 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 4664 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 4664 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4664 wrote to memory of 2116 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4664 wrote to memory of 2116 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 3916 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4352 wrote to memory of 3916 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3916 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1364 wrote to memory of 5200 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4QW3gE9.exe
PID 1364 wrote to memory of 5200 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4QW3gE9.exe
PID 1364 wrote to memory of 5200 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4QW3gE9.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4176 wrote to memory of 5912 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\b15198c6b56812bf263a78afb0ed895c.exe

"C:\Users\Admin\AppData\Local\Temp\b15198c6b56812bf263a78afb0ed895c.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Rq1tF01.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Rq1tF01.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x16c,0x170,0x174,0x148,0x178,0x7ffe363a46f8,0x7ffe363a4708,0x7ffe363a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffe363a46f8,0x7ffe363a4708,0x7ffe363a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffe363a46f8,0x7ffe363a4708,0x7ffe363a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffe363a46f8,0x7ffe363a4708,0x7ffe363a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffe363a46f8,0x7ffe363a4708,0x7ffe363a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffe363a46f8,0x7ffe363a4708,0x7ffe363a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffe363a46f8,0x7ffe363a4708,0x7ffe363a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffe363a46f8,0x7ffe363a4708,0x7ffe363a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ffe363a46f8,0x7ffe363a4708,0x7ffe363a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffe363a46f8,0x7ffe363a4708,0x7ffe363a4718

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4QW3gE9.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4QW3gE9.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1476,8636529354398832855,13827676855125939824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1476,8636529354398832855,13827676855125939824,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1504,17632437341587629473,14914513150662925336,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,239694573978976075,6261991263266862916,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2932 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1852,1386068487344840123,8973734523413134700,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1852,1386068487344840123,8973734523413134700,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,239694573978976075,6261991263266862916,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1504,17632437341587629473,14914513150662925336,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,5717491212617379095,10913432970632441974,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,5717491212617379095,10913432970632441974,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,14962240473624581126,1617019130471803969,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,14962240473624581126,1617019130471803969,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,14833790381584042752,802061745489155942,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,14833790381584042752,802061745489155942,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,15346351344481367946,13957185490689334773,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,15346351344481367946,13957185490689334773,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,16873699202156928105,7115019559197861030,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,16873699202156928105,7115019559197861030,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4320 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2540 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7460 /prefetch:1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 5836 -ip 5836

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5zG48OX.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5zG48OX.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7644 /prefetch:1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5836 -s 540

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6220 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6220 /prefetch:8

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8796 /prefetch:1

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6lq312.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6lq312.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1352 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6928 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,17833173654992506924,915812830838181728,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7620 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 22.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 254.105.26.67.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.200:443 g.bing.com tcp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 39.142.81.104.in-addr.arpa udp
US 8.8.8.8:53 59.128.231.4.in-addr.arpa udp
US 8.8.8.8:53 138.175.53.84.in-addr.arpa udp
US 8.8.8.8:53 158.240.127.40.in-addr.arpa udp
US 8.8.8.8:53 www.paypal.com udp
US 8.8.8.8:53 www.epicgames.com udp
US 151.101.1.21:443 www.paypal.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 21.1.101.151.in-addr.arpa udp
US 34.197.8.43:443 www.epicgames.com tcp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 store.steampowered.com udp
US 8.8.8.8:53 43.8.197.34.in-addr.arpa udp
NL 142.250.179.141:443 accounts.google.com tcp
US 8.8.8.8:53 steamcommunity.com udp
US 8.8.8.8:53 141.179.250.142.in-addr.arpa udp
NL 142.250.179.141:443 accounts.google.com tcp
US 104.244.42.129:443 twitter.com tcp
US 104.244.42.129:443 twitter.com tcp
NL 104.85.0.101:443 store.steampowered.com tcp
NL 104.85.0.101:443 store.steampowered.com tcp
NL 23.222.49.98:443 steamcommunity.com tcp
NL 23.222.49.98:443 steamcommunity.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 www.facebook.com udp
NL 157.240.247.35:443 www.facebook.com tcp
NL 142.250.179.141:443 accounts.google.com udp
US 8.8.8.8:53 101.0.85.104.in-addr.arpa udp
US 8.8.8.8:53 98.49.222.23.in-addr.arpa udp
US 8.8.8.8:53 129.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 142.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.247.240.157.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
DE 172.217.23.214:443 i.ytimg.com tcp
US 8.8.8.8:53 8.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 214.23.217.172.in-addr.arpa udp
US 8.8.8.8:53 195.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 126.22.238.8.in-addr.arpa udp
US 8.8.8.8:53 106.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 131.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 100.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 www.paypalobjects.com udp
US 192.229.221.25:443 www.paypalobjects.com tcp
US 192.229.221.25:443 www.paypalobjects.com tcp
US 192.229.221.25:443 www.paypalobjects.com tcp
US 8.8.8.8:53 25.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 static-assets-prod.unrealengine.com udp
US 8.8.8.8:53 tracking.epicgames.com udp
US 44.214.245.214:443 tracking.epicgames.com tcp
US 18.239.36.105:443 static-assets-prod.unrealengine.com tcp
US 18.239.36.105:443 static-assets-prod.unrealengine.com tcp
US 52.111.229.19:443 tcp
US 8.8.8.8:53 105.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 214.245.214.44.in-addr.arpa udp
US 8.8.8.8:53 abs.twimg.com udp
US 8.8.8.8:53 api.twitter.com udp
US 8.8.8.8:53 pbs.twimg.com udp
US 104.244.42.66:443 api.twitter.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 t.co udp
NL 199.232.148.159:443 pbs.twimg.com tcp
NL 199.232.148.158:443 video.twimg.com tcp
US 104.244.42.133:443 t.co tcp
US 8.8.8.8:53 66.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 141.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 159.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 static.ads-twitter.com udp
NL 199.232.148.157:443 static.ads-twitter.com tcp
US 8.8.8.8:53 community.akamai.steamstatic.com udp
NL 23.72.252.160:443 community.akamai.steamstatic.com tcp
NL 23.72.252.160:443 community.akamai.steamstatic.com tcp
NL 23.72.252.160:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 88.221.25.153:80 apps.identrust.com tcp
US 8.8.8.8:53 158.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 133.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 157.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 160.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 153.25.221.88.in-addr.arpa udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 10.5.240.157.in-addr.arpa udp
US 192.229.221.25:443 www.paypalobjects.com tcp
NL 142.251.36.14:443 play.google.com tcp
NL 142.251.36.14:443 play.google.com udp
US 8.8.8.8:53 store.akamai.steamstatic.com udp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 14.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 171.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 146.78.124.51.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 142.250.179.130:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 130.179.250.142.in-addr.arpa udp
US 104.244.42.66:443 api.twitter.com tcp
US 8.8.8.8:53 www.recaptcha.net udp
NL 142.250.179.163:443 www.recaptcha.net tcp
US 8.8.8.8:53 facebook.com udp
US 157.240.5.35:443 facebook.com tcp
US 8.8.8.8:53 c.paypal.com udp
US 192.55.233.1:443 tcp
US 8.8.8.8:53 numpersb.fun udp
US 8.8.8.8:53 killredls.pw udp
US 172.67.209.38:80 killredls.pw tcp
US 192.55.233.1:443 tcp
US 8.8.8.8:53 163.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.5.240.157.in-addr.arpa udp
US 172.67.209.38:80 killredls.pw tcp
US 8.8.8.8:53 fbcdn.net udp
US 157.240.5.35:443 fbcdn.net tcp
NL 142.250.179.163:443 www.recaptcha.net udp
US 8.8.8.8:53 fbsbx.com udp
US 172.67.209.38:80 killredls.pw tcp
US 8.8.8.8:53 38.209.67.172.in-addr.arpa udp
US 8.8.8.8:53 t.paypal.com udp
US 172.67.209.38:80 killredls.pw tcp
US 151.101.1.35:443 t.paypal.com tcp
US 151.101.1.35:443 t.paypal.com tcp
US 172.67.209.38:80 killredls.pw tcp
US 18.239.36.105:443 static-assets-prod.unrealengine.com tcp
US 172.67.209.38:80 killredls.pw tcp
NL 142.250.179.130:443 googleads.g.doubleclick.net udp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 8.8.8.8:53 35.1.101.151.in-addr.arpa udp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 b.stats.paypal.com udp
US 64.4.245.84:443 b.stats.paypal.com tcp
US 172.67.209.38:80 killredls.pw tcp
US 8.8.8.8:53 84.245.4.64.in-addr.arpa udp
US 8.8.8.8:53 dub.stats.paypal.com udp
US 64.4.245.84:443 dub.stats.paypal.com tcp
US 172.67.209.38:80 killredls.pw tcp
US 8.8.8.8:53 rr5---sn-aigl6nsd.googlevideo.com udp
GB 74.125.105.42:443 rr5---sn-aigl6nsd.googlevideo.com tcp
GB 74.125.105.42:443 rr5---sn-aigl6nsd.googlevideo.com tcp
GB 74.125.105.42:443 rr5---sn-aigl6nsd.googlevideo.com tcp
GB 74.125.105.42:443 rr5---sn-aigl6nsd.googlevideo.com tcp
GB 74.125.105.42:443 rr5---sn-aigl6nsd.googlevideo.com tcp
GB 74.125.105.42:443 rr5---sn-aigl6nsd.googlevideo.com tcp
US 172.67.209.38:80 killredls.pw tcp
US 8.8.8.8:53 42.105.125.74.in-addr.arpa udp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 8.8.8.8:53 c6.paypal.com udp
US 151.101.1.35:443 c6.paypal.com tcp
US 8.8.8.8:53 talon-website-prod.ecosec.on.epicgames.com udp
NL 23.72.252.160:443 community.akamai.steamstatic.com tcp
NL 23.72.252.160:443 community.akamai.steamstatic.com tcp
NL 23.72.252.160:443 community.akamai.steamstatic.com tcp
US 172.64.146.120:443 talon-website-prod.ecosec.on.epicgames.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 120.146.64.172.in-addr.arpa udp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 8.8.8.8:53 login.steampowered.com udp
NL 23.222.49.98:443 login.steampowered.com tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
NL 142.250.179.141:443 accounts.google.com udp
US 172.67.209.38:80 killredls.pw tcp
US 8.8.8.8:53 api.steampowered.com udp
US 172.67.209.38:80 killredls.pw tcp
NL 23.222.49.98:443 api.steampowered.com tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 8.8.8.8:53 talon-service-prod.ecosec.on.epicgames.com udp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 8.8.8.8:53 js.hcaptcha.com udp
US 104.19.219.90:443 js.hcaptcha.com tcp
US 8.8.8.8:53 90.219.19.104.in-addr.arpa udp
US 172.67.209.38:80 killredls.pw tcp
US 8.8.8.8:53 www.epicgames.com udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
US 172.67.209.38:80 killredls.pw tcp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 youtube.com udp
NL 216.58.214.14:443 youtube.com tcp
US 8.8.8.8:53 14.214.58.216.in-addr.arpa udp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
RU 5.42.92.51:19057 tcp

Files

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Rq1tF01.exe

MD5 930850a16e9a51a4eda252720bc2a51f
SHA1 99bde66331b7515954bea44e9109a53d77557cf5
SHA256 e82c3aacc5713abbd5e65434c8118011d3d9a41389ca8d261954120006e2b150
SHA512 8a14cf845084aaf046555cc5f30790d46ea58a3350d45d2c4c736cdfb0719cda5d5bfe27e154d59b8112af62618fa230dfbd7dd43676972e7474fe576c2790eb

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Rq1tF01.exe

MD5 930850a16e9a51a4eda252720bc2a51f
SHA1 99bde66331b7515954bea44e9109a53d77557cf5
SHA256 e82c3aacc5713abbd5e65434c8118011d3d9a41389ca8d261954120006e2b150
SHA512 8a14cf845084aaf046555cc5f30790d46ea58a3350d45d2c4c736cdfb0719cda5d5bfe27e154d59b8112af62618fa230dfbd7dd43676972e7474fe576c2790eb

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe

MD5 f5401bdfa48f356f2588b957e38c7a60
SHA1 ce96bc1f973ca3d0edfdb08d8a01e2a31efd2b74
SHA256 df260a670133ad0247b2b1fa0ba2aefbd39e58fd02ae8e6a7d75b10c500ff9e3
SHA512 404bc496d49a3366fe35bc270ace39d072ae87ec6906807d0f83cc601565a7c8f06fdb21163b6381af9df92f5df206d2b8fbf4b031e924b1ad6f31909b16cbf2

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\qS5ls00.exe

MD5 f5401bdfa48f356f2588b957e38c7a60
SHA1 ce96bc1f973ca3d0edfdb08d8a01e2a31efd2b74
SHA256 df260a670133ad0247b2b1fa0ba2aefbd39e58fd02ae8e6a7d75b10c500ff9e3
SHA512 404bc496d49a3366fe35bc270ace39d072ae87ec6906807d0f83cc601565a7c8f06fdb21163b6381af9df92f5df206d2b8fbf4b031e924b1ad6f31909b16cbf2

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe

MD5 990878202cbe6762304c169e78829390
SHA1 ca2ef976ec0e9e774f3fb7a69a171b12070ba2c8
SHA256 47fe839a41da59acc75d812a4303635f8c709e1dc106e6fe765a786159b8479a
SHA512 b207752d26419ccdebb371b0cdb6b9294a5a1cb7bec84df574a3e5cd591aa5378fdd368dc9b1e894dd2d771c41f6508825c3bd0e2cb3da4e64a6a99cccfdaccf

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3UA947pJ.exe

MD5 990878202cbe6762304c169e78829390
SHA1 ca2ef976ec0e9e774f3fb7a69a171b12070ba2c8
SHA256 47fe839a41da59acc75d812a4303635f8c709e1dc106e6fe765a786159b8479a
SHA512 b207752d26419ccdebb371b0cdb6b9294a5a1cb7bec84df574a3e5cd591aa5378fdd368dc9b1e894dd2d771c41f6508825c3bd0e2cb3da4e64a6a99cccfdaccf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4QW3gE9.exe

MD5 bb440607323e7ed78320c679f0cc5034
SHA1 aa4c380d9fa2afed1557cbeea98f384285f8daf6
SHA256 9187a5b43fb0b5490be6d4858206056a67f7cbe5899619711536a450fbdd31de
SHA512 aeca879fc997d5c772749acd3c0c0505ed78d4c3eb10baca497f225d437caed36ea8eeb391b2a868ca3f1df37d158f66f6427e98ae27ce2ef6cc3d6b76ac74e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4QW3gE9.exe

MD5 bb440607323e7ed78320c679f0cc5034
SHA1 aa4c380d9fa2afed1557cbeea98f384285f8daf6
SHA256 9187a5b43fb0b5490be6d4858206056a67f7cbe5899619711536a450fbdd31de
SHA512 aeca879fc997d5c772749acd3c0c0505ed78d4c3eb10baca497f225d437caed36ea8eeb391b2a868ca3f1df37d158f66f6427e98ae27ce2ef6cc3d6b76ac74e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

\??\pipe\LOCAL\crashpad_1060_PVKLSNOEIACCBHDP

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

\??\pipe\LOCAL\crashpad_1288_SDAUETHNCPKXZTXZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

\??\pipe\LOCAL\crashpad_1904_IEVEQYRZTRDLTBNU

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4176_HDFACECEUPZQLMVK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

\??\pipe\LOCAL\crashpad_320_YUZKREUGODDAVNHD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_3864_YGERPDXCBWZNSDNZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_1508_ZFRREILKEFJXMFFG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_3496_DLAVRPLECNEJQYQY

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 29c60dc446de838735a11cc4c9a88b93
SHA1 e377d93902d0d9eb3642873735bd586d65ece7fb
SHA256 93422da1b3d16a6399c70d36095a573e320f75860a0530b42290dcdb5254f75f
SHA512 da43441789067ce82fea4ae4c0720125790702db90f10a215fd3ccfb099ca51547c2cbca23b3a554a0c49fdf32e456e40dac4e9b77ef1d919e99ab7aea833356

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\299d17fc-edc4-457a-80c8-17c201e534b8.tmp

MD5 2ce04f951b7c0accfe84485f549341e5
SHA1 f010dd61e8e7b2cea9ce1c0ab9fa8fa78a29e95a
SHA256 9527f7647f8f30b5e5d780aa30304b4c261a6c41b29666068f9581c40804a8e5
SHA512 47f6522546d7739ebe6a7e48f3d35f84e17ca27d014e699be12354dfcc3dad5d6ddf66a7eb309f6c0ec473ee98b74ff259f16885d5725d56e0cfd7507da3a47b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\40b7b4e2-a12a-4afa-a1fe-c63e1645b2be.tmp

MD5 df6fc052d63420f8051771ef5a46444a
SHA1 dc1858a744764b54f8d91b396c092dfd9560c695
SHA256 521fbb1a8451dff9d46ac3345104d3839b4c036fe3de04d73998ccbca14b4729
SHA512 be2bdc2b11bfbf13d4c38918d8902afe045f66e2f9d93bd7ddb156c0aa29064a1654f94362c56739291452b17f06686882480f333c56e7cd653fa7a73ffd774a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d9ccd1e2e462eb3b82126aef443b7245
SHA1 5916809cc8479707b9c9fd66f518fed1017605f0
SHA256 e5c9c2e4cfc9bd2909f2937c35cabf8c22d64f9167dfa8d67d5f086cb4f3bdb2
SHA512 32949e93b15d8830e718cc201c9658c58e9762ca5dfc13a294696556f9967a90277ff81e876e3f4366269398527243e95cb45acd78403ea43dc80e9899d09b8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d9ccd1e2e462eb3b82126aef443b7245
SHA1 5916809cc8479707b9c9fd66f518fed1017605f0
SHA256 e5c9c2e4cfc9bd2909f2937c35cabf8c22d64f9167dfa8d67d5f086cb4f3bdb2
SHA512 32949e93b15d8830e718cc201c9658c58e9762ca5dfc13a294696556f9967a90277ff81e876e3f4366269398527243e95cb45acd78403ea43dc80e9899d09b8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\b3e96073-2e64-4a6e-b86b-65dd4be9e265.tmp

MD5 918a449a7770056cd6f6c7d5741340d1
SHA1 bf687af8c359fbb3af761ba469a91848eb279da7
SHA256 4a1680dd3e4698b726903c97ce62da075fea05e6221ce1c9886424036c16ac30
SHA512 f6e5089f76e21042cf989a7081bce94216b361151a6e243685b867b11f056a0e179ebcd9f60af4e511f974dae3652d6e4f6c7849e6ef14bd61b230bcd6acf461

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 29c60dc446de838735a11cc4c9a88b93
SHA1 e377d93902d0d9eb3642873735bd586d65ece7fb
SHA256 93422da1b3d16a6399c70d36095a573e320f75860a0530b42290dcdb5254f75f
SHA512 da43441789067ce82fea4ae4c0720125790702db90f10a215fd3ccfb099ca51547c2cbca23b3a554a0c49fdf32e456e40dac4e9b77ef1d919e99ab7aea833356

\??\pipe\LOCAL\crashpad_4664_FTKBABUCBUENXHYX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_3916_VCMWOJSSHWYNEJCQ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\02156ffa-d7cf-42f7-854e-49a7d5d1aa81.tmp

MD5 c2c89387ecb40c56a3ff59e050121348
SHA1 8ca906bdceeeba4488285d8bf7ea926f4b13ace7
SHA256 2642773f508acfd3f30126345eef101a63bbfc5760fb330076b6c120b9fdeef1
SHA512 375f919bf245c5c331c44033634fee29646b6db8757f2294617cd9b9f6fb036d0cd5e76ac3623421011cffb357dba09bf6565462cc3ccc66e0c2ac48f5bc6300

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 918a449a7770056cd6f6c7d5741340d1
SHA1 bf687af8c359fbb3af761ba469a91848eb279da7
SHA256 4a1680dd3e4698b726903c97ce62da075fea05e6221ce1c9886424036c16ac30
SHA512 f6e5089f76e21042cf989a7081bce94216b361151a6e243685b867b11f056a0e179ebcd9f60af4e511f974dae3652d6e4f6c7849e6ef14bd61b230bcd6acf461

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 df6fc052d63420f8051771ef5a46444a
SHA1 dc1858a744764b54f8d91b396c092dfd9560c695
SHA256 521fbb1a8451dff9d46ac3345104d3839b4c036fe3de04d73998ccbca14b4729
SHA512 be2bdc2b11bfbf13d4c38918d8902afe045f66e2f9d93bd7ddb156c0aa29064a1654f94362c56739291452b17f06686882480f333c56e7cd653fa7a73ffd774a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\559edefd-fba0-448e-a16d-007c7c934ba2.tmp

MD5 507b6ea24c4a93dd16ea1b2dbf395339
SHA1 41d65e1a474232165ec4a6aecf27fe84aaf1dbf5
SHA256 04f1c9e4c9d2dbf37de470b6a681f0e97c906b644560e0ad6b1abdbdd0c5fb4f
SHA512 c9cff3d3b7e13057c12e3a539c8dc9d6b03d15f2683b9861a1ef5b5ad76b335da043a7f12e9cc69d18d476a887f83e7e091d3acd6be2921b18ed4706c659d3de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\57a983c9-06ab-4ea4-ab86-b7bd2cf1c1e8.tmp

MD5 ffbb0ab1c17cba30b65275884d32660e
SHA1 e2291ebc83a12c9a9effd950e1dc41ce7b0fc0ff
SHA256 248559629d48ae038be9315dc6c4d28620ff4ff51a21e3868aa18c2d07871fb9
SHA512 8519c924cf8f3efd6b4d970ce0e7c653011f787bff437e13d8ffde4cef97a7b7fe7eb220c2c0aa5f07b20fb77be251acb0d56c6a54d6379d08b55e949a204f37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2ce04f951b7c0accfe84485f549341e5
SHA1 f010dd61e8e7b2cea9ce1c0ab9fa8fa78a29e95a
SHA256 9527f7647f8f30b5e5d780aa30304b4c261a6c41b29666068f9581c40804a8e5
SHA512 47f6522546d7739ebe6a7e48f3d35f84e17ca27d014e699be12354dfcc3dad5d6ddf66a7eb309f6c0ec473ee98b74ff259f16885d5725d56e0cfd7507da3a47b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ffbb0ab1c17cba30b65275884d32660e
SHA1 e2291ebc83a12c9a9effd950e1dc41ce7b0fc0ff
SHA256 248559629d48ae038be9315dc6c4d28620ff4ff51a21e3868aa18c2d07871fb9
SHA512 8519c924cf8f3efd6b4d970ce0e7c653011f787bff437e13d8ffde4cef97a7b7fe7eb220c2c0aa5f07b20fb77be251acb0d56c6a54d6379d08b55e949a204f37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c2c89387ecb40c56a3ff59e050121348
SHA1 8ca906bdceeeba4488285d8bf7ea926f4b13ace7
SHA256 2642773f508acfd3f30126345eef101a63bbfc5760fb330076b6c120b9fdeef1
SHA512 375f919bf245c5c331c44033634fee29646b6db8757f2294617cd9b9f6fb036d0cd5e76ac3623421011cffb357dba09bf6565462cc3ccc66e0c2ac48f5bc6300

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3a480aec729bf9c574567732e53ecfe1
SHA1 c054163ecfa196d0a94be1d9f085261da6c4c33c
SHA256 8a50311f62bf44c89ec917d869ae433e4d0ca1d32c4a1dee07b44983dd931d05
SHA512 7a88019be263556dd37e181f5652e74bc465b03bcff30a882f4aeb907db0a9ced3a24a238475e06daaed8a4d22d3c96a3157636bf32b36c9188bfbea6c11758d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 507b6ea24c4a93dd16ea1b2dbf395339
SHA1 41d65e1a474232165ec4a6aecf27fe84aaf1dbf5
SHA256 04f1c9e4c9d2dbf37de470b6a681f0e97c906b644560e0ad6b1abdbdd0c5fb4f
SHA512 c9cff3d3b7e13057c12e3a539c8dc9d6b03d15f2683b9861a1ef5b5ad76b335da043a7f12e9cc69d18d476a887f83e7e091d3acd6be2921b18ed4706c659d3de

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3a480aec729bf9c574567732e53ecfe1
SHA1 c054163ecfa196d0a94be1d9f085261da6c4c33c
SHA256 8a50311f62bf44c89ec917d869ae433e4d0ca1d32c4a1dee07b44983dd931d05
SHA512 7a88019be263556dd37e181f5652e74bc465b03bcff30a882f4aeb907db0a9ced3a24a238475e06daaed8a4d22d3c96a3157636bf32b36c9188bfbea6c11758d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2ce04f951b7c0accfe84485f549341e5
SHA1 f010dd61e8e7b2cea9ce1c0ab9fa8fa78a29e95a
SHA256 9527f7647f8f30b5e5d780aa30304b4c261a6c41b29666068f9581c40804a8e5
SHA512 47f6522546d7739ebe6a7e48f3d35f84e17ca27d014e699be12354dfcc3dad5d6ddf66a7eb309f6c0ec473ee98b74ff259f16885d5725d56e0cfd7507da3a47b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ffbb0ab1c17cba30b65275884d32660e
SHA1 e2291ebc83a12c9a9effd950e1dc41ce7b0fc0ff
SHA256 248559629d48ae038be9315dc6c4d28620ff4ff51a21e3868aa18c2d07871fb9
SHA512 8519c924cf8f3efd6b4d970ce0e7c653011f787bff437e13d8ffde4cef97a7b7fe7eb220c2c0aa5f07b20fb77be251acb0d56c6a54d6379d08b55e949a204f37

memory/5836-353-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5836-374-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5836-375-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5836-377-0x0000000000400000-0x0000000000433000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6cdd1ae3ef965fb7e23a9a4a9341e182
SHA1 a7214f926cf340d7c3f65890cc11f81e51fe0f07
SHA256 92736cdc780c01009722d4f678549228e6ac03c8eff74682e79f43a011cccb58
SHA512 e2f495927684ac68481929f30ac0f18dc7879ab7ca25e834e6c16dfea0b904185f745ee65b01b8d4d5e67160fde1adecc3d58725d85abfcdb966f32b91d0f184

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 00e5e434b325b53d99633a5d1ef9242a
SHA1 3a6710f50fda28c96bc75e2f73222ef257c60b4d
SHA256 d286575227721a3d3f592529fa93ba64d264e0788311bb663def7497968ce5f7
SHA512 ccbd1c8762c4436713832c6c19e8a421adeb87c05386ab0094dfd2e42bd48d3a47af5084271030cb6d236a438296c8b6e59feac3de693f78fbe0e285377f7959

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d10eb7279fcf601bfa5f89f3eb605a68
SHA1 b880b465c55b5b8a9aeeb27ec929b6c3121a23e1
SHA256 2b03d513c27c56e60c6f50381f72c40e3334ca55df5676b7f27576da3104d361
SHA512 9e6db077aa31adb4e1c51ac3becaf0283a2a70dad5b2faf1c7449bec70c6bf4bb11fa64541207b4edd3cb7ffd611aa72d6efcafc3db85156d3cd43cfc63fbb37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7c51e3dce5e8e33ecc9fffded2ba556f
SHA1 b13286986fe4f77d03a436ed2e4493623560e941
SHA256 4662920668187afa9e9083c4d564d0a807d7b6a6a7d4d10d845dc9f5fae694e1
SHA512 69f151b5014f1f437e8208c5a699a1d57047a775a7527be9389054b79780a2e966c4641fcc7fdd9dbd6e3212eb414256e96a5e2d40b7587286bbaf3b9d63a0ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 1c706d53e85fb5321a8396d197051531
SHA1 0d92aa8524fb1d47e7ee5d614e58a398c06141a4
SHA256 80c44553381f37e930f1c82a1dc2e77acd7b955ec0dc99d090d5bd6b32c3c932
SHA512 d43867392c553d4afffa45a1b87a74e819964011fb1226ee54e23a98fc63ca80e266730cec6796a2afa435b1ea28aed72c55eae1ae5d31ec778f53be3e2162fc

memory/5260-606-0x0000000000400000-0x000000000043C000-memory.dmp

memory/5260-616-0x0000000074950000-0x0000000075100000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

memory/5260-638-0x0000000007EC0000-0x0000000008464000-memory.dmp

memory/5260-639-0x00000000079F0000-0x0000000007A82000-memory.dmp

memory/5260-642-0x0000000007B80000-0x0000000007B90000-memory.dmp

memory/5260-643-0x0000000007BC0000-0x0000000007BCA000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

memory/8180-689-0x0000000000400000-0x0000000000488000-memory.dmp

memory/8180-690-0x0000000000400000-0x0000000000488000-memory.dmp

memory/8180-694-0x0000000000400000-0x0000000000488000-memory.dmp

memory/8180-692-0x0000000000400000-0x0000000000488000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 60f63c2eca2fe122935235eeee1b947e
SHA1 b9347e571f373280a9ef427b0e66b44690e92200
SHA256 44088a6a73f978ae8340443d03f9315f44770761a69efea40586be01cc51d78f
SHA512 fd4d2876381df8e741ccb99b670da73dc386f92e81d31b6924ca8c86bc79fc73dca21eb8bf0af27e0b4f883e836d50b40e631219ada609d993971dbcbc8793db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe591ee8.TMP

MD5 481c35c1bc24bf2f54274165d2f59418
SHA1 3501ec431875b5cc24c602b65b6fe6922898cb03
SHA256 4304b305d2a08bb4dd5d22fd999760fbbc1788fd245906af7681c4720d9ee7da
SHA512 ea0b4c121d38ac13367c2d931413594066c628d220f635f23a058c3e7245e025fa08001cb2ae8b6763f5fc61ef943cad78b134a6a1652335a03aac7abb35381e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

memory/5260-743-0x0000000008A90000-0x00000000090A8000-memory.dmp

memory/5260-744-0x0000000007D60000-0x0000000007E6A000-memory.dmp

memory/5260-745-0x0000000007C90000-0x0000000007CA2000-memory.dmp

memory/5260-746-0x0000000007CF0000-0x0000000007D2C000-memory.dmp

memory/5260-747-0x0000000007E70000-0x0000000007EBC000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c97ac89b598fd2918109c669db2513aa
SHA1 90dd792783d728540fe1d670b9f7b9fde076bfbe
SHA256 817baf5e4e22539faf0b00c39122879e4e222ef3f73b42d6058fa7688551f838
SHA512 60ed34b24b340443789be7509c8c162c4694320603533fee82431a93639e6e9df4d24745751c187f48732d61d56bd4746b5faa4a9e7f9e72a8b1da2db1c34666

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6c6a32baeddd6c7f11c91e6a92c72ae2
SHA1 28533a2d536a9d2058bbc786ee4dc3cfc0a9fee8
SHA256 cf0a03704a6b38a8b9458f4721b4827b706bb7a031cc4af2e0bb79f35e4142ef
SHA512 600db73898481bdaa62b83cf424e0ca2cc95b6b611aedcb2b701575f31ae722e4a6c70ebe3221acd0701dee1c8a43f145e352def70308efb8648e99966776096

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 f0d04b2a239807acb92b4a166d819f0d
SHA1 349df7faa5db19b9beacbbc069fcc360d1e70861
SHA256 0b9149b1549b8442111e135369a29398f442095ab121cc7b73ba050fcdbdaf20
SHA512 11adc8b8fdaf0278899894a79beee7ede2f1f80452f1e7a3179420b0d03501d8101e6dcbf4a5a6866c3a34d101f319bd4100c1874d467c0a2acdd16d2cbf4e7c

memory/5260-872-0x0000000074950000-0x0000000075100000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 740a924b01c31c08ad37fe04d22af7c5
SHA1 34feb0face110afc3a7673e36d27eee2d4edbbff
SHA256 f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0
SHA512 da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7b938ecece4b32956303d22ede60b6db
SHA1 d3bdcd96187f1554c61521fb1e1af23798024df1
SHA256 297ec05359b0b0a2ce09da95789281c22fb28c73d96824db000417a546afffe2
SHA512 7eeb91f123546ef6d8ed33d7ae6c1f2444cf8d7a6e6838d20cb15a07bbf7037ee7ba3b950d823d93e301cfe5f7f1cd9e18224d8810d2f92d190e9e0ae7a77256

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

MD5 da2ccd708097d9b9ed543e772312b390
SHA1 ce9f678b96f1b8c40a60b1f3a34b50aa83f46040
SHA256 3d1c88ae86940ad9a0b3a6a3425ec8b0c8e061cca9d27e3ba91686635e29fdba
SHA512 a2374b5cd5707371fcdf28ef2945d0727fb8a74669c586370f0437915475f05b17032f52f0e4e33bfd8feb6f6149ad27c35220cd0325cca2d37c03e7bd76c867

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe594126.TMP

MD5 bdd5c443af945bc20ad8a6210e9d3498
SHA1 8fc9657e1ccaff52004e782ae92f2512e6881d2a
SHA256 7a57ef5f20723580e1692b6a9655764bd09f04ea694c14a9741e53cc0fab7e66
SHA512 d46411f5bc01aa059c34313566fa2f4ad39ab66372db6204415d77ec625e612fe57b3d110008ae11a75209456dd598d9358cbf03b5fdfea06f0e7ba8d523dc1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\14e33b18-b5c7-441d-9200-336308a8f949\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

memory/5260-1033-0x0000000007B80000-0x0000000007B90000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 35edd44e51ed6420afcf93a607127824
SHA1 85403627e38ffd794a2b20cc47224a87bc2cc8eb
SHA256 848e934ba0752266c7e7b5a7f7cc406408773ead63f4e516dfb293fd0cf786d0
SHA512 924aa4baefcbbc54893bc842c05eee2c34e6690cb6cbafe9cd2d53fa1674161b389db118a66b1ffbe0d55751b7a9dee6cbe6c19045fcf2e2b200386a41c41943

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2753bc7409d5c32506841792a374aff2
SHA1 033856c813ea6da336d3b29986fa2d407f58f610
SHA256 8a5836d891fd3a11c3983f501e2df2f772c4ae42fc3800f0e21a30a55fed6e41
SHA512 89386e145f52da8eec12112823f2707111483446667e4f79ec561c1cfbfdc60f2e42cf9f4d95e9dd050327e4ecdb303c5bf4b48c2062ac5304330d6bb63178d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 43bfeb72a54940485d1d44c5abe45c5f
SHA1 51948cbaab24432b56b0ba460ef5bfc6a14293a6
SHA256 cb464247bf3a5e17405fc57282caf4e7ca010fb7cb3420fe7a2dc8583bc8f5b3
SHA512 9076c7eb0b0346e177da72e52a2ccce45a4c2233844ea43498df9f273ef6f6ade89a0122cf80cea662e354470d01dba8b8cfd054ed68f0be09e8a7ceeeda1ad2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 91c0e5d652f577bd8dfb2448bbceb40a
SHA1 b71ed5d75fa1f54df35753219dce138c119241eb
SHA256 b5c14433601f500ffd90a25af3210545313bdb79c978fb2654b777fa63f154d3
SHA512 2c3e0e4cc79259c76189567476d288133a5473e028063131f46d7635f39592ddd18b200b21a960059a4516e50f2dd31eac690eabfbf67ca1e52f71d95ded78b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59a84c.TMP

MD5 66fa92ec45ba1fdcd7795cab160eaaeb
SHA1 35bbbaab95ff2f30b086e02218ba698d7b6a072c
SHA256 0b58645329755a4df428ce282da564279d8edfa1091c6c7a728288307c90b0c0
SHA512 a87c74c94f2b989c2841f00a84b6e574899669b53f1cebf2eca8d534293a2c9faea32535aa037625cd96e5adc06927ae0b9b4739526b8a5e9a9eb86ad0eaffcc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\14e33b18-b5c7-441d-9200-336308a8f949\index-dir\the-real-index

MD5 7c587735aa81d8cca932176e99f45f4d
SHA1 29c0a6bf916fbb9556766f3dc5a8825f4391dbd5
SHA256 0f316df1adbb8790f6222bcbea001cf544c5242cbaee9dbb0cf75d02a84b413f
SHA512 0628f6485e7b04f5b100b4e40231e83f6b5147321cdad13539578a7dbfac7e8ead9ddda075d8224a848bdcc9b888417edb3e0e66999689104d9e9c632c0da48a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\14e33b18-b5c7-441d-9200-336308a8f949\index-dir\the-real-index~RFe59a84c.TMP

MD5 67553ec6ab713ea813d59e321a0df880
SHA1 36275fefded00bd850ab11ff7ba464c1e229ce4a
SHA256 e1b5dd6ebfe12e6e86a2fdf04e143d87b33e1bf8f44f13e2fd733216bb73a77f
SHA512 8230501a7a948df7efe17875f0fb42afefa66bd26592bba0ed63745aa383522f3572b79215bf4be3c43efe040130acda4fd94e57d4f589a743607d3a4d1a7480

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 11167f5572aa75c65f30903640456ded
SHA1 c6431daaf4ad07f71fe18777731eab0cca3b7aa9
SHA256 4ef2047f03365017dc9ddf10f05a9ddbf82ab341b78dc1799385ec98f053fe5d
SHA512 d05219d95ec87fb57d12bbe2126a81028c4fc7b35a1f6b1d6f884fee759e9d5b1756391539b33c68c968ba77e84b91ee3bc4b6158a1090d50a7e138de9bade60

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ca371b164c0a8e28df5c3b012c5d1b43
SHA1 9a8e5f2ae924417ea8ea8b000d61b32595203649
SHA256 81c3e3571dca5249856b17152dbbf8dfde388dc21f08210ace4ec8926e837ad0
SHA512 afb00d9268b2c078ced671eca5022dbcc1805fcc1503acd671606a66dbe144086f07bbd1f0254c8c982697ced2c114c322c0f15bff0508fdc3c6aa2e5f893307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6b5c5f20c7055c08dd503b4407fe3fa8
SHA1 5ebfab055013c1940484f32e902af9e8b9f204d7
SHA256 36f7b003a4222ab1adf67f6c1074038de5a1850b862117e851135f1f9326bfd3
SHA512 5192e17ceaf6b445ded986876dc83acdcb60eface53472a9a9dec89d326e668b63c85aa8d3e7b9605bfb41cbb9f90bf14edb60efa2abd7633c334806f9f70271

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 04870fd3a10b42b7acf30b9adb89223e
SHA1 1f8c02fc2a01cae732cdc2b5c9035c277932697b
SHA256 3a4986b264bca0a44e6a0a236ed77be29297c50dfe85ede3b5e90d3dcd1983bc
SHA512 f3ea7170adf7ab7d8f724f23c59b28aeee16fce509095d2f931080c61a63c29753d603405c891add230bef431fb02ba8abea53ebb4a8955fdf538bc47e3927ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\113694d7-936f-4958-999b-9d51fae1519c\index-dir\the-real-index~RFe5a2abb.TMP

MD5 e82b6275eed09c68a22868cd9a9bfce7
SHA1 08079776fee210e6bfcb4da3476fd55495de4ca2
SHA256 d1b5d312a7d36bd8427dc1bb635bbef27f1b065e249a084d3dbee467f2361503
SHA512 462b67419ee2aa61038ec601fe32fe07a7ce68d257f70e762a0d8b336a4b007b3caef922734baeead7bb879d10a732cb219a6d52d04330f79aa671453fd07bc2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\113694d7-936f-4958-999b-9d51fae1519c\index-dir\the-real-index

MD5 2d6824a08a0c7134549e0065eb0a5946
SHA1 9faf0df8a9cb5f2e471a90310c99c0d0054c6c32
SHA256 baacbcf977002a192c7151805ba0bdb77a779abb8281556e095699824c34378b
SHA512 6ad633be2afccb08a984ecb8bd1e4c65827f794691d75df5511d507550375e115a4b6faa5fd08ec8924e87fd5c538b183befa5686c8ae4d9cd697601d3e52d26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8d9b0e23f7e73f646e18d37d5913b70a
SHA1 7ef3238f858882ebe7cf9e27a6d322a3812ce0bc
SHA256 e86d3c0ccf1e874a12d4914541643041ef0ce8178e6008ef089f6a4efd01d041
SHA512 4fb3d1b640520fcca525a7b80cc44d3b6f74a0d5d6508098d2092f3e51f83c3c81d8a8c3a27cae04379767c5977ba6bf83e7ec2d06e8d76b18513bd1a58be67d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0c1971b273b6da7842b820550a00f400
SHA1 be1967980c5d251ada49c743019a49280298d451
SHA256 7b522039aac1ef16bbe4d83b0d1f41b1dc9392ff232603d64ed03cc2ab904686
SHA512 fca5689a566216dcae718cbf40b65bebf5fa904c58b6fe2ed510139bc957afc31d8dbe1ea232397f5bfde52bbb0e24667ca0b2cee7cb70a43a92362df1a525e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cc8d94871f52dddd094a7ac05a11d5ad
SHA1 bbd774b40beedd472065940f371155e19d2e6146
SHA256 0295ca1ac426b7e10b50993b86108d4052e13365fc69b83e51af8736b3ea9dca
SHA512 4702c838d7b522c09fec3005fc9a8c8a3538addd094f219553d72897622fee088ccca7d0c73ab36b2127dfed47e1b9bd4656f0ac3448762ac522ff72dd0776fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a5f142fcb2208fe892523808e52bbc82
SHA1 79d192109e512912e0ddd8115be816228b901fec
SHA256 53b481dd204beb36e529af64b39ab0fe3c62df0b9b5c6f6df0155ab1fb45d8b9
SHA512 b29d9ae62b99626facb9faaef141aa01dd25a282aed99e7d472a5850db1bd1916f33f9b96e0330bf52f4ba85925eb7ba28195cd8b8897d8db93cf02c208e4673