Analysis Overview
SHA256
5b54c0468357f58ed54776adce9ba78e301a4a45752ce77b07edb7411c276aa2
Threat Level: Known bad
The file 5b54c0468357f58ed54776adce9ba78e301a4a45752ce77b07edb7411c276aa2 was found to be: Known bad.
Malicious Activity Summary
Mystic
Detect Mystic stealer payload
RedLine
RedLine payload
Executes dropped EXE
Adds Run key to start application
AutoIT Executable
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
Program crash
Unsigned PE
Enumerates physical storage devices
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-11-11 05:02
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-11-11 05:02
Reported
2023-11-11 05:06
Platform
win10v2004-20231020-en
Max time kernel
180s
Max time network
184s
Command Line
Signatures
Detect Mystic stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Mystic
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\sv0fl66.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1xY66zl3.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2KW2218.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3pj18jX.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\5b54c0468357f58ed54776adce9ba78e301a4a45752ce77b07edb7411c276aa2.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\sv0fl66.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 4620 set thread context of 5264 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2KW2218.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 1740 set thread context of 5236 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3pj18jX.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\5b54c0468357f58ed54776adce9ba78e301a4a45752ce77b07edb7411c276aa2.exe
"C:\Users\Admin\AppData\Local\Temp\5b54c0468357f58ed54776adce9ba78e301a4a45752ce77b07edb7411c276aa2.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\sv0fl66.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\sv0fl66.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1xY66zl3.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1xY66zl3.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffcff9546f8,0x7ffcff954708,0x7ffcff954718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffcff9546f8,0x7ffcff954708,0x7ffcff954718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffcff9546f8,0x7ffcff954708,0x7ffcff954718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ffcff9546f8,0x7ffcff954708,0x7ffcff954718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffcff9546f8,0x7ffcff954708,0x7ffcff954718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffcff9546f8,0x7ffcff954708,0x7ffcff954718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x160,0x170,0x7ffcff9546f8,0x7ffcff954708,0x7ffcff954718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffcff9546f8,0x7ffcff954708,0x7ffcff954718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x108,0x16c,0x7ffcff9546f8,0x7ffcff954708,0x7ffcff954718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffcff9546f8,0x7ffcff954708,0x7ffcff954718
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2KW2218.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2KW2218.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,13543672565165526063,1884608261014124671,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2208,2962349362266794220,2380799901715870200,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,2962349362266794220,2380799901715870200,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,8820224234328036208,11168590051437523696,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,8820224234328036208,11168590051437523696,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,6027766690563213035,15733284951071437856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,6027766690563213035,15733284951071437856,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,13543672565165526063,1884608261014124671,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,16059057698454224547,16312646935363437827,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1908,15659324265795181131,10925420250393221121,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1908,15659324265795181131,10925420250393221121,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,16059057698454224547,16312646935363437827,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2052,11290518139219687435,16389982640173545607,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2052,11290518139219687435,16389982640173545607,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2064 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,7124504774288245117,10865718037985805770,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,4443219288201956545,17370441448887692575,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,4443219288201956545,17370441448887692575,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,7124504774288245117,10865718037985805770,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3116 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3pj18jX.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3pj18jX.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 5264 -ip 5264
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5264 -s 540
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5264 -s 540
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9168 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9796 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9796 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9840 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5776 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,15595810857731482302,9183358190374446119,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6904 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.208.253.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 146.78.124.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.142.81.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.175.53.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| US | 104.244.42.129:443 | twitter.com | tcp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 3.210.187.106:443 | www.epicgames.com | tcp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.49.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.42.244.104.in-addr.arpa | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 106.187.210.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 113.39.65.18.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 104.244.42.194:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 93.184.220.70:443 | pbs.twimg.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| NL | 199.232.148.158:443 | video.twimg.com | tcp |
| US | 104.244.42.5:443 | t.co | tcp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.42.244.104.in-addr.arpa | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| DE | 172.217.23.214:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 214.23.217.172.in-addr.arpa | udp |
| US | 52.111.229.43:443 | tcp | |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 88.221.25.153:80 | apps.identrust.com | tcp |
| NL | 88.221.25.153:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | facebook.com | udp |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 8.8.8.8:53 | static-assets-prod.unrealengine.com | udp |
| US | 8.8.8.8:53 | 160.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.25.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| US | 157.240.5.35:443 | facebook.com | tcp |
| US | 18.239.36.103:443 | static-assets-prod.unrealengine.com | tcp |
| US | 18.239.36.103:443 | static-assets-prod.unrealengine.com | tcp |
| US | 44.214.245.214:443 | tracking.epicgames.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| US | 157.240.5.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.245.214.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | c.paypal.com | udp |
| US | 8.8.8.8:53 | 59.128.231.4.in-addr.arpa | udp |
| US | 192.55.233.1:443 | tcp | |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| NL | 142.250.179.163:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | 196.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | b.stats.paypal.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 151.101.1.35:443 | t.paypal.com | tcp |
| NL | 216.58.214.2:443 | googleads.g.doubleclick.net | tcp |
| US | 64.4.245.84:443 | b.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | 35.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.245.4.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| US | 104.244.42.194:443 | api.twitter.com | tcp |
| US | 104.244.42.194:443 | api.twitter.com | tcp |
| US | 104.244.42.194:443 | api.twitter.com | tcp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | rr3---sn-q4fl6n6d.googlevideo.com | udp |
| US | 173.194.57.200:443 | rr3---sn-q4fl6n6d.googlevideo.com | tcp |
| US | 173.194.57.200:443 | rr3---sn-q4fl6n6d.googlevideo.com | tcp |
| US | 173.194.57.200:443 | rr3---sn-q4fl6n6d.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 200.57.194.173.in-addr.arpa | udp |
| US | 173.194.57.200:443 | rr3---sn-q4fl6n6d.googlevideo.com | tcp |
| US | 173.194.57.200:443 | rr3---sn-q4fl6n6d.googlevideo.com | tcp |
| US | 173.194.57.200:443 | rr3---sn-q4fl6n6d.googlevideo.com | tcp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| US | 18.239.36.103:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | c6.paypal.com | udp |
| US | 8.8.8.8:53 | dub.stats.paypal.com | udp |
| US | 64.4.245.84:443 | dub.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| NL | 142.250.179.163:443 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| US | 8.8.8.8:53 | 90.219.19.104.in-addr.arpa | udp |
| US | 172.64.146.120:443 | tcp | |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 172.64.146.120:443 | tcp | |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 104.19.219.90:443 | newassets.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | 252.15.104.51.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 172.64.146.120:443 | tcp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp | |
| US | 8.8.8.8:53 | udp |
Files
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\sv0fl66.exe
| MD5 | 041142db93fe3824943a10724020fc68 |
| SHA1 | fa3961dbdd983d7d20a141dd24d3fe237650af96 |
| SHA256 | 64d7a28852b35d313a7e73cc7c785795ca3e5cb36c2106fb562814c3963d60ca |
| SHA512 | 75744ba228fcb6fe00ed24e3d1803b6df9c16b65eaafcdfbce3430b2facdddad5f9955653173dcf2025637d18a90101d5ea2393a0217e75d5e45d7a6ab9ccdee |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\sv0fl66.exe
| MD5 | 041142db93fe3824943a10724020fc68 |
| SHA1 | fa3961dbdd983d7d20a141dd24d3fe237650af96 |
| SHA256 | 64d7a28852b35d313a7e73cc7c785795ca3e5cb36c2106fb562814c3963d60ca |
| SHA512 | 75744ba228fcb6fe00ed24e3d1803b6df9c16b65eaafcdfbce3430b2facdddad5f9955653173dcf2025637d18a90101d5ea2393a0217e75d5e45d7a6ab9ccdee |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1xY66zl3.exe
| MD5 | a59c1c432e355ef8e546d6eff6561e4a |
| SHA1 | f8cfb13348abf3e94927ac82fedf1a83bd9c2b0b |
| SHA256 | f543f63443e1860ee8de7f32fb74f7ea10def4b376131237efa85f44f5d9c223 |
| SHA512 | 66a47268f17d4f0a708fb65379567706956a2da54af2617de871a027b9c51c4c1d02853b2537432d3e36c4a1b5b9a375e67cf2a2cd25523b2c53a28f51c052f5 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1xY66zl3.exe
| MD5 | a59c1c432e355ef8e546d6eff6561e4a |
| SHA1 | f8cfb13348abf3e94927ac82fedf1a83bd9c2b0b |
| SHA256 | f543f63443e1860ee8de7f32fb74f7ea10def4b376131237efa85f44f5d9c223 |
| SHA512 | 66a47268f17d4f0a708fb65379567706956a2da54af2617de871a027b9c51c4c1d02853b2537432d3e36c4a1b5b9a375e67cf2a2cd25523b2c53a28f51c052f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 16e56f576d6ace85337e8c07ec00c0bf |
| SHA1 | 5c9579bb4975c93a69d1336eed5f05013dc35b9c |
| SHA256 | 7796a7ba79148fc3cb46e4bbca48094376371ca9dd66f0810f7797c5e24158f5 |
| SHA512 | 69e89f39fa6438a74a48985387cd2e3e003858b0855ee6cd03abf6967674503b98b90573c784b4cf785b9cca594d3c8762f92def24e2bf51374ef5a00921e5e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 16e56f576d6ace85337e8c07ec00c0bf |
| SHA1 | 5c9579bb4975c93a69d1336eed5f05013dc35b9c |
| SHA256 | 7796a7ba79148fc3cb46e4bbca48094376371ca9dd66f0810f7797c5e24158f5 |
| SHA512 | 69e89f39fa6438a74a48985387cd2e3e003858b0855ee6cd03abf6967674503b98b90573c784b4cf785b9cca594d3c8762f92def24e2bf51374ef5a00921e5e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 16e56f576d6ace85337e8c07ec00c0bf |
| SHA1 | 5c9579bb4975c93a69d1336eed5f05013dc35b9c |
| SHA256 | 7796a7ba79148fc3cb46e4bbca48094376371ca9dd66f0810f7797c5e24158f5 |
| SHA512 | 69e89f39fa6438a74a48985387cd2e3e003858b0855ee6cd03abf6967674503b98b90573c784b4cf785b9cca594d3c8762f92def24e2bf51374ef5a00921e5e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 16e56f576d6ace85337e8c07ec00c0bf |
| SHA1 | 5c9579bb4975c93a69d1336eed5f05013dc35b9c |
| SHA256 | 7796a7ba79148fc3cb46e4bbca48094376371ca9dd66f0810f7797c5e24158f5 |
| SHA512 | 69e89f39fa6438a74a48985387cd2e3e003858b0855ee6cd03abf6967674503b98b90573c784b4cf785b9cca594d3c8762f92def24e2bf51374ef5a00921e5e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 16e56f576d6ace85337e8c07ec00c0bf |
| SHA1 | 5c9579bb4975c93a69d1336eed5f05013dc35b9c |
| SHA256 | 7796a7ba79148fc3cb46e4bbca48094376371ca9dd66f0810f7797c5e24158f5 |
| SHA512 | 69e89f39fa6438a74a48985387cd2e3e003858b0855ee6cd03abf6967674503b98b90573c784b4cf785b9cca594d3c8762f92def24e2bf51374ef5a00921e5e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 16e56f576d6ace85337e8c07ec00c0bf |
| SHA1 | 5c9579bb4975c93a69d1336eed5f05013dc35b9c |
| SHA256 | 7796a7ba79148fc3cb46e4bbca48094376371ca9dd66f0810f7797c5e24158f5 |
| SHA512 | 69e89f39fa6438a74a48985387cd2e3e003858b0855ee6cd03abf6967674503b98b90573c784b4cf785b9cca594d3c8762f92def24e2bf51374ef5a00921e5e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 16e56f576d6ace85337e8c07ec00c0bf |
| SHA1 | 5c9579bb4975c93a69d1336eed5f05013dc35b9c |
| SHA256 | 7796a7ba79148fc3cb46e4bbca48094376371ca9dd66f0810f7797c5e24158f5 |
| SHA512 | 69e89f39fa6438a74a48985387cd2e3e003858b0855ee6cd03abf6967674503b98b90573c784b4cf785b9cca594d3c8762f92def24e2bf51374ef5a00921e5e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 16e56f576d6ace85337e8c07ec00c0bf |
| SHA1 | 5c9579bb4975c93a69d1336eed5f05013dc35b9c |
| SHA256 | 7796a7ba79148fc3cb46e4bbca48094376371ca9dd66f0810f7797c5e24158f5 |
| SHA512 | 69e89f39fa6438a74a48985387cd2e3e003858b0855ee6cd03abf6967674503b98b90573c784b4cf785b9cca594d3c8762f92def24e2bf51374ef5a00921e5e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 16e56f576d6ace85337e8c07ec00c0bf |
| SHA1 | 5c9579bb4975c93a69d1336eed5f05013dc35b9c |
| SHA256 | 7796a7ba79148fc3cb46e4bbca48094376371ca9dd66f0810f7797c5e24158f5 |
| SHA512 | 69e89f39fa6438a74a48985387cd2e3e003858b0855ee6cd03abf6967674503b98b90573c784b4cf785b9cca594d3c8762f92def24e2bf51374ef5a00921e5e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 16e56f576d6ace85337e8c07ec00c0bf |
| SHA1 | 5c9579bb4975c93a69d1336eed5f05013dc35b9c |
| SHA256 | 7796a7ba79148fc3cb46e4bbca48094376371ca9dd66f0810f7797c5e24158f5 |
| SHA512 | 69e89f39fa6438a74a48985387cd2e3e003858b0855ee6cd03abf6967674503b98b90573c784b4cf785b9cca594d3c8762f92def24e2bf51374ef5a00921e5e2 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2KW2218.exe
| MD5 | 3322929a4f9286c5062971cfa79bcd19 |
| SHA1 | d66b0c21f593119c60e4cd8f9ee1d72c3bc170ae |
| SHA256 | 72d6b4406c2783fdafaf4fee4f8568ed277219c53742f55264527b9c3adc809e |
| SHA512 | cbe33e987f1a51155ff138ef51720df9558743949a6adedbfe81ec49d3c994d509eff6bd18216d9cf13190104d72779c268f5b90532c9d976db9fa3dcf867bb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2KW2218.exe
| MD5 | 3322929a4f9286c5062971cfa79bcd19 |
| SHA1 | d66b0c21f593119c60e4cd8f9ee1d72c3bc170ae |
| SHA256 | 72d6b4406c2783fdafaf4fee4f8568ed277219c53742f55264527b9c3adc809e |
| SHA512 | cbe33e987f1a51155ff138ef51720df9558743949a6adedbfe81ec49d3c994d509eff6bd18216d9cf13190104d72779c268f5b90532c9d976db9fa3dcf867bb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
\??\pipe\LOCAL\crashpad_2516_REHIJNJPCEBINQVO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
\??\pipe\LOCAL\crashpad_940_AGIUPBPKTYOVQBNP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_4252_UZYEJFHBGLWPFYOZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_2996_SSPJNMYDNMFWNJIN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
\??\pipe\LOCAL\crashpad_4336_AOYZVVNQQNXSEKND
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_1668_TDBSVJGQSSPBBZTH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_1480_XDQNHFUEAVWJZEGP
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_3276_MXAVWAPGZXSIPUZY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_1820_OGOTRRREAEIQMHFL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 10c9988e4cb2834f669dfab68ff84842 |
| SHA1 | b2f9eecc4479c928c871a00964d48a28054c105c |
| SHA256 | f90a3d962db8870d210b23d382b4ed01e9a8e7f02d303e5b99e94fb4daab5e0d |
| SHA512 | 9b773b747e7b29739c526b847039dfe70664259baa1967967d5d1c1cba01062fc66f95edf5356dd4c67a7fecb967484ab5cb13aa2069d3d0a2bbeba44fdd89bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 54096c3d796db4a22a2ef4c5a8aeef73 |
| SHA1 | c20082d4de4e8ee96ae58a0d993d0882ccf8ba18 |
| SHA256 | 7e4bb1b78ba433d140b30ff6124df1fec1c3d268e5023257da343fed7f4fee5b |
| SHA512 | 3b38aa62a222b8e1b95f6e834d0a8c7510fa07ce4d7b656780365b639c3af02219fac0ea5eb443de3c9330a8e59f413225e2ca0866de4271b4de3b6768ea7685 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 54096c3d796db4a22a2ef4c5a8aeef73 |
| SHA1 | c20082d4de4e8ee96ae58a0d993d0882ccf8ba18 |
| SHA256 | 7e4bb1b78ba433d140b30ff6124df1fec1c3d268e5023257da343fed7f4fee5b |
| SHA512 | 3b38aa62a222b8e1b95f6e834d0a8c7510fa07ce4d7b656780365b639c3af02219fac0ea5eb443de3c9330a8e59f413225e2ca0866de4271b4de3b6768ea7685 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 27be6d1808df422128f21e9bcb026ae2 |
| SHA1 | d8a42ca9d141e4e8f67fa4ef2cbcd83c8ff37641 |
| SHA256 | 6c8a92555c4e5de9f4a2b29241a6916da3cffdfd2b53d6ed926a658362cca96d |
| SHA512 | 077e4f63830e8b0960007adcfd3e59e9c521e7230cfa0ba55acacb567d3032860963423061478c76e0b85c42229589164cda0cdddd855e73c3309678fad953c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\a037b167-0640-4edc-9bb3-63c4d79142ed.tmp
| MD5 | 2a6f723307dece95ad20511c28082b8d |
| SHA1 | 8a49dfe20a490a86786462d4a2abeca3e3f84702 |
| SHA256 | de338fdaa79eff7127b1a3a8bc90380206a1e806a59b9177a7282ef462de6fe6 |
| SHA512 | f305a0a1dee0c7f6d6ae876bf1d4e22947ecb0562d2f42db332f70f105ec17ef0e241f4b8c26019998a35bb47cc3c072b400cd1697df19b3df99b9dbe260ba9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 27be6d1808df422128f21e9bcb026ae2 |
| SHA1 | d8a42ca9d141e4e8f67fa4ef2cbcd83c8ff37641 |
| SHA256 | 6c8a92555c4e5de9f4a2b29241a6916da3cffdfd2b53d6ed926a658362cca96d |
| SHA512 | 077e4f63830e8b0960007adcfd3e59e9c521e7230cfa0ba55acacb567d3032860963423061478c76e0b85c42229589164cda0cdddd855e73c3309678fad953c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3e69500da1c5e74a79974106a57add9b |
| SHA1 | cdda14dfbeec1e3467d1bfc2a9969e774dfec5cd |
| SHA256 | 6158c1f6fae1551c83abf567db9e05c054e22ed33bd64d268fc4abc7ac0f0b8d |
| SHA512 | ff868c134764e4070e2ba05f341a33f21df620d5df7d40ec639a58656124302ffe41e0aacca8e7b3429de95a7f81b74815ed3e748af21e51fb5f0049cee4afb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2a6f723307dece95ad20511c28082b8d |
| SHA1 | 8a49dfe20a490a86786462d4a2abeca3e3f84702 |
| SHA256 | de338fdaa79eff7127b1a3a8bc90380206a1e806a59b9177a7282ef462de6fe6 |
| SHA512 | f305a0a1dee0c7f6d6ae876bf1d4e22947ecb0562d2f42db332f70f105ec17ef0e241f4b8c26019998a35bb47cc3c072b400cd1697df19b3df99b9dbe260ba9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3e69500da1c5e74a79974106a57add9b |
| SHA1 | cdda14dfbeec1e3467d1bfc2a9969e774dfec5cd |
| SHA256 | 6158c1f6fae1551c83abf567db9e05c054e22ed33bd64d268fc4abc7ac0f0b8d |
| SHA512 | ff868c134764e4070e2ba05f341a33f21df620d5df7d40ec639a58656124302ffe41e0aacca8e7b3429de95a7f81b74815ed3e748af21e51fb5f0049cee4afb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 10c9988e4cb2834f669dfab68ff84842 |
| SHA1 | b2f9eecc4479c928c871a00964d48a28054c105c |
| SHA256 | f90a3d962db8870d210b23d382b4ed01e9a8e7f02d303e5b99e94fb4daab5e0d |
| SHA512 | 9b773b747e7b29739c526b847039dfe70664259baa1967967d5d1c1cba01062fc66f95edf5356dd4c67a7fecb967484ab5cb13aa2069d3d0a2bbeba44fdd89bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 527215ca4d11004cd52e0338761b00c1 |
| SHA1 | 9596e8a7f378688d5b5811d5c804f2e1c32072cd |
| SHA256 | f30645bac84d447e4f96c062cc2274e2130f8c60253e49d6c2dafecdc48d3951 |
| SHA512 | c0691ea076dd40ffe2dc073d3576406029529099c8bcfdaed732a12d848767ae6c94d17a91fd5f428f59de5deaeee1db8425a1cee1e1873c3288e32d6265bb8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\5bcba4c4-e8bf-4516-ba77-7fed4f42af18.tmp
| MD5 | d5ab8fb5e582f59f1add5cd23b210fa1 |
| SHA1 | feef761e0f6b84bdba28d145ea52bb2fcddb375d |
| SHA256 | 5e67bc16bab58b3da858e9218c1be243864471eedb1d8bd35e4b0dcf07e9ae9b |
| SHA512 | 5cc15bf29eaa72f5c478886531fc90f0b25c1dc50bd7901253de0f8b2c2cfd06544dbcea0d898f47608245506b203115d6c29451ce488c1c14df640f1e97c7fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d8dddf6221c614a332cd3ecee010a9db |
| SHA1 | 7091c772af7a40be402bafe5fe97070965ce3fd1 |
| SHA256 | 999829e380bf4213f0a344870b73db9e786d29b5354b90807704ca1a286ea188 |
| SHA512 | 294c45b1792a1c3cd8bfa81806272c08f1c3158a1ac6b7cc510052dd25310521200619e77bb8255e17e37d68fba662cd49b7de72bc7b9fe74f8b01ac7202f059 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d8dddf6221c614a332cd3ecee010a9db |
| SHA1 | 7091c772af7a40be402bafe5fe97070965ce3fd1 |
| SHA256 | 999829e380bf4213f0a344870b73db9e786d29b5354b90807704ca1a286ea188 |
| SHA512 | 294c45b1792a1c3cd8bfa81806272c08f1c3158a1ac6b7cc510052dd25310521200619e77bb8255e17e37d68fba662cd49b7de72bc7b9fe74f8b01ac7202f059 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\9759ccc2-1aab-4b30-b428-0f3529af9c43.tmp
| MD5 | e96b8a3a617c7074164a793fb0851092 |
| SHA1 | de42ea1d39afc4ca91b34a85dc58937eaf5e5f61 |
| SHA256 | 2c114ee661b84bd14953c04363d4efd14a53ad15eec1aa60ea2fe2b572819da5 |
| SHA512 | 8820e3cfb7bd215efa2cb486c0ae3442d1aa5e4cbc7ec80bbed692e1beb0e25fd77fe8a0d0ee80c46929f19cd0a61957015281ee9dd436b4530f339404e4e9ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d5ab8fb5e582f59f1add5cd23b210fa1 |
| SHA1 | feef761e0f6b84bdba28d145ea52bb2fcddb375d |
| SHA256 | 5e67bc16bab58b3da858e9218c1be243864471eedb1d8bd35e4b0dcf07e9ae9b |
| SHA512 | 5cc15bf29eaa72f5c478886531fc90f0b25c1dc50bd7901253de0f8b2c2cfd06544dbcea0d898f47608245506b203115d6c29451ce488c1c14df640f1e97c7fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 527215ca4d11004cd52e0338761b00c1 |
| SHA1 | 9596e8a7f378688d5b5811d5c804f2e1c32072cd |
| SHA256 | f30645bac84d447e4f96c062cc2274e2130f8c60253e49d6c2dafecdc48d3951 |
| SHA512 | c0691ea076dd40ffe2dc073d3576406029529099c8bcfdaed732a12d848767ae6c94d17a91fd5f428f59de5deaeee1db8425a1cee1e1873c3288e32d6265bb8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 88bb7f0400eba5cebec0a7cc44cbdc7a |
| SHA1 | 9216caa6ed70231d4dfb00674514502a70c103a3 |
| SHA256 | 07a6ba7dd1e394ea111ed769b07dcd000bfe2c18ad95dda5e94ccb5eaa6663e4 |
| SHA512 | 2157121a66c58af0cea1cf59f1991d652d5aa96281174670f5993e7a0605f89001e85e7ac6570b4dc5a07b366c0bef4265f3aa29f2732aae575348e2cbf9d15e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b8e875176c7704083df8357739ae9253 |
| SHA1 | 1b67808b063769d95c0a3ce6d1974ef4ec8d41c5 |
| SHA256 | 10df8554ae973ecc0870a84720d7354b02ca231301ef8fb4a750e8a282c7b00b |
| SHA512 | cd4ff9daed8033bcf7705bb20b476d3945d22609048d6a17ce6311bb2747253c582059e913a64e024ccba11d7ed78b3e3bf1236996bfa588fb3980077ccfc6a9 |
memory/5264-392-0x0000000000400000-0x0000000000433000-memory.dmp
memory/5264-395-0x0000000000400000-0x0000000000433000-memory.dmp
memory/5264-394-0x0000000000400000-0x0000000000433000-memory.dmp
memory/5264-397-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f329d686d670ac8846e1cfe141d3ceda |
| SHA1 | 262ddfd6ff284b5832d232df9c32aac052d0ecda |
| SHA256 | 560983f5155117857276799e09cbe8bfd19c59d9141b264b56b35ab6c4a79958 |
| SHA512 | 2702d49efe9133dd1b855f3d83c39824949e50de6067f890c5cf5506f3a7dd048fb50f9bec13af950911865728b5bd7052d668e88ac9e42f1cc800337e6928cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | fd20981c7184673929dfcab50885629b |
| SHA1 | 14c2437aad662b119689008273844bac535f946c |
| SHA256 | 28b7a1e7b492fff3e5268a6cd480721f211ceb6f2f999f3698b3b8cbd304bb22 |
| SHA512 | b99520bbca4d2b39f8bedb59944ad97714a3c9b8a87393719f1cbc40ed63c5834979f49346d31072c4d354c612ab4db9bf7f16e7c15d6802c9ea507d8c46af75 |
memory/5236-417-0x0000000000400000-0x000000000043C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 664548c184a673c4e0d1adebb6183d1d |
| SHA1 | 109adcc82ccaa385e9729b08671b72dd74600f5a |
| SHA256 | b3d931716f2a811edfb0899a379e42af704c0e73f57a7800ae6377db969a0488 |
| SHA512 | 813637c75fe1726385e665b3036a42903cae985ffaa8b1e890fb48a09eda7df346db9a71e75754d3cf9994a70e3cf07ffd1912f66e21e5c93cfa4417cd694399 |
memory/5236-537-0x0000000073AF0000-0x00000000742A0000-memory.dmp
memory/5236-538-0x0000000007BE0000-0x0000000008184000-memory.dmp
memory/5236-543-0x0000000007710000-0x00000000077A2000-memory.dmp
memory/5236-573-0x0000000007960000-0x0000000007970000-memory.dmp
memory/5236-605-0x00000000078F0000-0x00000000078FA000-memory.dmp
memory/5236-638-0x00000000087B0000-0x0000000008DC8000-memory.dmp
memory/5236-662-0x0000000007AC0000-0x0000000007BCA000-memory.dmp
memory/5236-667-0x00000000079E0000-0x00000000079F2000-memory.dmp
memory/5236-669-0x0000000007A40000-0x0000000007A7C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
memory/5236-675-0x0000000008190000-0x00000000081DC000-memory.dmp
memory/5236-719-0x0000000073AF0000-0x00000000742A0000-memory.dmp
memory/5236-724-0x0000000007960000-0x0000000007970000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe597d16.TMP
| MD5 | 33b6aecbf075d59ce0f064da8c4ac893 |
| SHA1 | a77997324971c6392c514ccda5f2a2160b9efbbf |
| SHA256 | 69ef6d6ad3efc005c8941c42b649d38cea026578164aca60a7f4aadb2c77821b |
| SHA512 | 7ac57f1604cf7e11bd464533aa1fc12cef39a0b47d1395a2e2c1d3fb3c92044de0060559149140fdbcf16cc187409139bef6128eac1c13b47b0deb816bf28c78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2e731d47975a258d0b4aa2904b419739 |
| SHA1 | 03db3df29ec0d62feb33971b51fe1dd1d14f1ebd |
| SHA256 | cddc0020f99aed7bdc567934f9a95e8bd0c6363c8f1c4940e00e00228e23da25 |
| SHA512 | 52f2b0e024c1c12a78e9cb99b6fb0cb14692e360849e37c4328f0faca7cb54b07288dda44673c30037e7f4e7762c14456e0e1cd1299292cb962244990e558649 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b89571a9d2ce93c1cb272474c72ff03c |
| SHA1 | 74dd5d7b668289ec3ce67194de4cdc8333241d89 |
| SHA256 | 41a8f178b5ab7795f314499b3b145e1e4f11b1f72f66bcefd8f3c6905399ca00 |
| SHA512 | 0686f11437f1a3fb4d76f0c159b187acce8cc2c43243a65666ce709142e053e5badac9c2b158bcb606eb1fbb533dfab64db113f506506ad0690881315ed3affb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 12b682c6ae2d8eb7ba22ced6d596f758 |
| SHA1 | 818ef01c928917635d16732bfee04b882b217a8f |
| SHA256 | a85348fa5a311aaf9701b5c98f4b66b6b0c4571be3e3d71c92feb752545db0ef |
| SHA512 | a79fdf685108ff46e00d96cc0c4f2a9b8b13ef37d7544329a6724c651fbce8bb6157aee6f6bb45ea338af896905fb20b3925a4f24fbce86d33337c408f163402 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 094336ab209c5a2f3621983aa3277758 |
| SHA1 | 2c618ae1f032733a9a387f7643fab6be379c307b |
| SHA256 | 45fb9b5c6cf81e928b1cbe0c88b7bb47887cdb79c80714f41c91d43ff8fe0a69 |
| SHA512 | d27e414854db8d82fe2785923bcfacc1d2a73f917feadb64f0dcd0cd0a424d2d301ff396cba40a316c4938adb1086c24561dadc419c23c7ec3cb0ae41dbbc9f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c47eec14bd6d6e28888ecf43d2dd6fe4 |
| SHA1 | 1f67a8753ec0c0de08f228fb429349478d2ab3ff |
| SHA256 | cfa6e69eca58383273e46058b35009b2b0be19b918f6753f0c5188d8a41c9c85 |
| SHA512 | 7e1c92682462349acb7f5705392e916620a10ada8af46d368de1d0f97f4447b907640045da49ce3e4dd1ec4802b12c8e81209bf4bae7495bde3b7cf5b0433e1e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe597d16.TMP
| MD5 | a18386dc38ab48ea772726b505718032 |
| SHA1 | db3a3239da708ecabd2380fca4164473a1e77b2b |
| SHA256 | 2e6c9fb56536fb60150bdc5308e009a444d6e42e7478801fc0a4920f081fea84 |
| SHA512 | 1fbc9f69e42391cab8748cf7c52a7a145bcf759ac31b4977032d299c03a195feb9ea1d91dd9cc5b0a680f57ecb61183619181bf2983a073d77df785aeb717924 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9033ca590849d33db0b25cbdd60ca76b |
| SHA1 | be226c06a45918cb24a5e15aa84e4d3280235c24 |
| SHA256 | e47e31fef977f35e14d755429dfa442e5e64f265b0b44f3932f548ea009e5f0c |
| SHA512 | 8f97c2db36ed81b133daf82371911254e635c51570e55fa48c4d896953f7b028c3518f99d7819d8b70867523ddcb91b52871ec34b08558151bae8a01df675ee2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0340ec87e766eb41ba1a5b9982b736e3 |
| SHA1 | 3b7f236b7523eb5e81f9357dec1c1871ea5b6516 |
| SHA256 | 92494584752353bf273fe750253a35c2e10979c5fdba3dfce5f2a4c87dc214f5 |
| SHA512 | 663edd807bc2b43e586a77f490ee551762858e4ab0ef389eefed4c5f23cf61bc458f4624c19310e28822113dabc44b6e5f889ac700f4673d8966b9fb18ce7dd1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f96839a6844d514d93e1521f5922b772 |
| SHA1 | a19390b72268a9c7d1328ebc3f8e261795b6bcbb |
| SHA256 | a408bed38a3e899e0bfcf8570f0756c5d43c59b5ecf4b23eba68b59e22a6b2cc |
| SHA512 | 24ea86b68810cb2b06c6dbcf132f59d9009f611d84192e4319f3c318cebd3497bf93d51dc388578a50803f45e14f5b9d43ef2e4176d5d99abef9a85c0007dcca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 688f6451f16b57797236ffb956cd13c6 |
| SHA1 | 6c89631a37d5fa4b8d4d1c064b2c51c37fae36a1 |
| SHA256 | 906372be643cd2b332243d97f9436dcb66c1286b12826396df9243fef774bd8d |
| SHA512 | 03052a9cc2ab519adf3248973fbe5e17fa20d1d02f9f0fcc0e355ad16d3f9dfa7a92ebdc1b52daf6d555dd3e1249fd35b448245edb7fffa35a1453ceb4947adb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b2e446ee8df4e29d25e80b5ec242aa14 |
| SHA1 | 064a18563f376ada7a4a3fb101d37878139dfde8 |
| SHA256 | ac98f4ef01db18572e396982c2252d8fb21fd91cbc419810b4966564dfded8ce |
| SHA512 | 7b25989b9078fafbe19f824847391594cb88a6d59f03209f1d7615099078c990a898c0d2ee94b7b7882a8fa100f7275ab8268647fb48cc06b86d354460ca93ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9005718909bf757a338724b640faaa85 |
| SHA1 | 98819d109d4438070c96dbf1c72648c3632fd804 |
| SHA256 | aa37ab3cd4b782ec5eef3fe3ab914dfda509e5977c73bdaf761a90b06285188c |
| SHA512 | e63da7802bde0768a2cdf4b8871a509dc2e64c94aeac1ac4583b31fb071d35be8c34de07d8c7cf2e0015fbd4e592ebf2c2ee78a53fc7b4d027db2f6b18ed50d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\77e21e0e-c734-4d4b-8092-2824a2a424cd\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 3524d4a95c857ad0ce4e0c32acfd02cf |
| SHA1 | b2e01c6f39e878ead124a4bf82069f5177d81960 |
| SHA256 | 9828f3c3ab72df148ebf86750ca031fe43fc9632f9f89141db4bae32f4e9b5f6 |
| SHA512 | 39efdcf989a6585fd2d0cd8dcdc76a079ec152b759ad58e0b75d02773486e11b83c6b190467fa94fc4ef9880e7415f6969bcc1f4618e5b6a8676a9a4d0e4f0d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe598bea.TMP
| MD5 | c4bd48b8f3f6c4be918c9c1fe17c4e47 |
| SHA1 | ae2c6f704cada87af0b4d57c910769cb17f44bdb |
| SHA256 | 4c6043e6f830cc2341f8deb5b4be093d574ba6ae71e40ae465b7fa5038766759 |
| SHA512 | 50317b7e9a24c53d4bdb925a8470c9c7b81aaeb1124936b404634eeed37e105323218d43ffc0ea7dd3a6df37c609cd444fcca1f0e267d2bdb0760724b0eb8797 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a
| MD5 | 740a924b01c31c08ad37fe04d22af7c5 |
| SHA1 | 34feb0face110afc3a7673e36d27eee2d4edbbff |
| SHA256 | f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0 |
| SHA512 | da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c |