Malware Analysis Report

2025-01-02 05:29

Sample ID 231111-gyxh2sdd49
Target 5ba43e62edf10c7a671fe3b99bc0856a4c957b983669f2f2c61bcd6dbd0a871d
SHA256 5ba43e62edf10c7a671fe3b99bc0856a4c957b983669f2f2c61bcd6dbd0a871d
Tags
mystic redline taiga infostealer persistence stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

5ba43e62edf10c7a671fe3b99bc0856a4c957b983669f2f2c61bcd6dbd0a871d

Threat Level: Known bad

The file 5ba43e62edf10c7a671fe3b99bc0856a4c957b983669f2f2c61bcd6dbd0a871d was found to be: Known bad.

Malicious Activity Summary

mystic redline taiga infostealer persistence stealer

Mystic

RedLine payload

Detect Mystic stealer payload

RedLine

Executes dropped EXE

Adds Run key to start application

Suspicious use of SetThreadContext

AutoIT Executable

Unsigned PE

Program crash

Enumerates physical storage devices

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Enumerates system info in registry

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2023-11-11 06:13

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-11-11 06:13

Reported

2023-11-11 06:16

Platform

win10v2004-20231023-en

Max time kernel

163s

Max time network

173s

Command Line

"C:\Users\Admin\AppData\Local\Temp\5ba43e62edf10c7a671fe3b99bc0856a4c957b983669f2f2c61bcd6dbd0a871d.exe"

Signatures

Detect Mystic stealer payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Mystic

stealer mystic

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\5ba43e62edf10c7a671fe3b99bc0856a4c957b983669f2f2c61bcd6dbd0a871d.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe N/A

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1284 wrote to memory of 4896 N/A C:\Users\Admin\AppData\Local\Temp\5ba43e62edf10c7a671fe3b99bc0856a4c957b983669f2f2c61bcd6dbd0a871d.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe
PID 1284 wrote to memory of 4896 N/A C:\Users\Admin\AppData\Local\Temp\5ba43e62edf10c7a671fe3b99bc0856a4c957b983669f2f2c61bcd6dbd0a871d.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe
PID 1284 wrote to memory of 4896 N/A C:\Users\Admin\AppData\Local\Temp\5ba43e62edf10c7a671fe3b99bc0856a4c957b983669f2f2c61bcd6dbd0a871d.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe
PID 4896 wrote to memory of 5048 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe
PID 4896 wrote to memory of 5048 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe
PID 4896 wrote to memory of 5048 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe
PID 5048 wrote to memory of 4092 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 4092 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 532 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 532 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 3372 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 3372 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 640 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 640 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 1496 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 1496 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 3300 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 3300 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 1116 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 1116 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 1540 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 1540 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 2308 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 2308 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 3600 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 5048 wrote to memory of 3600 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 640 wrote to memory of 400 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 640 wrote to memory of 400 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3300 wrote to memory of 4752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3300 wrote to memory of 4752 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1496 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1496 wrote to memory of 4256 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1116 wrote to memory of 3464 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1116 wrote to memory of 3464 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3600 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3600 wrote to memory of 4972 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 532 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 532 wrote to memory of 3920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4092 wrote to memory of 4360 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4092 wrote to memory of 4360 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2308 wrote to memory of 4688 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2308 wrote to memory of 4688 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3372 wrote to memory of 4812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3372 wrote to memory of 4812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1540 wrote to memory of 1076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1540 wrote to memory of 1076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4896 wrote to memory of 1760 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe
PID 4896 wrote to memory of 1760 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe
PID 4896 wrote to memory of 1760 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe
PID 1760 wrote to memory of 5668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 1760 wrote to memory of 5668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 1760 wrote to memory of 5668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 1760 wrote to memory of 5668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 1760 wrote to memory of 5668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 1760 wrote to memory of 5668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 1760 wrote to memory of 5668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 1760 wrote to memory of 5668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 1760 wrote to memory of 5668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 1760 wrote to memory of 5668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 3372 wrote to memory of 4592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3372 wrote to memory of 4592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3372 wrote to memory of 4592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3372 wrote to memory of 4592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3372 wrote to memory of 4592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\5ba43e62edf10c7a671fe3b99bc0856a4c957b983669f2f2c61bcd6dbd0a871d.exe

"C:\Users\Admin\AppData\Local\Temp\5ba43e62edf10c7a671fe3b99bc0856a4c957b983669f2f2c61bcd6dbd0a871d.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x13c,0x170,0x7ffa995046f8,0x7ffa99504708,0x7ffa99504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x40,0x16c,0x7ffa995046f8,0x7ffa99504708,0x7ffa99504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x170,0x174,0x178,0x40,0x17c,0x7ffa995046f8,0x7ffa99504708,0x7ffa99504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x140,0x144,0x168,0x13c,0x16c,0x7ffa995046f8,0x7ffa99504708,0x7ffa99504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffa995046f8,0x7ffa99504708,0x7ffa99504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffa995046f8,0x7ffa99504708,0x7ffa99504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffa995046f8,0x7ffa99504708,0x7ffa99504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa995046f8,0x7ffa99504708,0x7ffa99504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x114,0x7ffa995046f8,0x7ffa99504708,0x7ffa99504718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x184,0x188,0x18c,0x160,0x190,0x7ffa995046f8,0x7ffa99504708,0x7ffa99504718

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1964,18362775051230616148,17486195946405883363,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1964,18362775051230616148,17486195946405883363,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3id81nM.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3id81nM.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,15260748757209977641,2541303107103593604,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,15260748757209977641,2541303107103593604,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 5668 -ip 5668

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,15522347468419132557,7531915234238235648,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,15522347468419132557,7531915234238235648,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,5409626414972763767,3077780791376006715,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,5409626414972763767,3077780791376006715,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,17441981813764179305,12009073149310216429,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,17441981813764179305,12009073149310216429,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,7482882971321577337,5643388429458045781,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,7482882971321577337,5643388429458045781,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,1975867959220078837,11868629780100874421,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,1975867959220078837,11868629780100874421,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,15945315132015711533,901802152446081528,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,15945315132015711533,901802152446081528,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,233549661596313231,2830158650764651953,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,233549661596313231,2830158650764651953,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4320 /prefetch:1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5668 -s 540

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7232 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,9267790712754025330,12848829914079871370,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5668 -s 540

Network

Country Destination Domain Proto
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 39.142.81.104.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 146.78.124.51.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 126.20.238.8.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 121.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 59.128.231.4.in-addr.arpa udp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 110.39.251.142.in-addr.arpa udp
US 104.244.42.193:443 twitter.com tcp
US 104.244.42.193:443 twitter.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.paypal.com udp
US 8.8.8.8:53 steamcommunity.com udp
US 8.8.8.8:53 store.steampowered.com udp
US 8.8.8.8:53 www.epicgames.com udp
NL 142.250.179.141:443 accounts.google.com tcp
NL 142.250.179.141:443 accounts.google.com tcp
N/A 224.0.0.251:5353 udp
US 151.101.1.21:443 www.paypal.com tcp
US 151.101.1.21:443 www.paypal.com tcp
NL 157.240.247.35:443 www.facebook.com tcp
NL 157.240.247.35:443 www.facebook.com tcp
NL 23.222.49.98:443 steamcommunity.com tcp
NL 23.222.49.98:443 steamcommunity.com tcp
NL 104.85.0.101:443 store.steampowered.com tcp
NL 104.85.0.101:443 store.steampowered.com tcp
US 3.227.115.152:443 www.epicgames.com tcp
US 3.227.115.152:443 www.epicgames.com tcp
NL 142.250.179.141:443 accounts.google.com udp
US 8.8.8.8:53 193.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 141.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 21.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 35.247.240.157.in-addr.arpa udp
US 8.8.8.8:53 98.49.222.23.in-addr.arpa udp
US 8.8.8.8:53 101.0.85.104.in-addr.arpa udp
US 8.8.8.8:53 152.115.227.3.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.250.179.182:443 i.ytimg.com tcp
US 8.8.8.8:53 pbs.twimg.com udp
US 8.8.8.8:53 api.twitter.com udp
US 8.8.8.8:53 abs.twimg.com udp
US 104.244.42.194:443 api.twitter.com tcp
US 8.8.8.8:53 video.twimg.com udp
US 68.232.34.217:443 video.twimg.com tcp
US 93.184.220.70:443 pbs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 t.co udp
US 104.244.42.69:443 t.co tcp
US 8.8.8.8:53 182.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 106.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 15.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 217.34.232.68.in-addr.arpa udp
US 8.8.8.8:53 194.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 70.220.184.93.in-addr.arpa udp
US 8.8.8.8:53 141.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 69.42.244.104.in-addr.arpa udp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 static.ads-twitter.com udp
NL 199.232.148.157:443 static.ads-twitter.com tcp
US 8.8.8.8:53 157.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 8.173.189.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe

MD5 eb5433ef9959174b3dea79b54aabab9d
SHA1 c2faecec7e303a2128a320ee83c0a6f2475bd96a
SHA256 d897ab320b5f864581566ddf1ba368e58516bc13ffb3f89dc07cd94d7dafa9b0
SHA512 81791289745b90bbddb1dff3164f81e17acba804639cb79b88f3b0001cbf989018b3b571269062ea0d8109b381aba87e8926b0be9b5fc7ed3b15439d8ff917b2

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\uO6MU86.exe

MD5 eb5433ef9959174b3dea79b54aabab9d
SHA1 c2faecec7e303a2128a320ee83c0a6f2475bd96a
SHA256 d897ab320b5f864581566ddf1ba368e58516bc13ffb3f89dc07cd94d7dafa9b0
SHA512 81791289745b90bbddb1dff3164f81e17acba804639cb79b88f3b0001cbf989018b3b571269062ea0d8109b381aba87e8926b0be9b5fc7ed3b15439d8ff917b2

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe

MD5 e6bbd336f9eb6c7d7aa2793ca5c0438e
SHA1 1709733ed5c07c04ef3f90809de08a18675f7fca
SHA256 29923b4272eb01cbff8f046780768f51fa1650301f71e2a6eb946d1029fb2cab
SHA512 89cb54993765450c2f4688d58100d1bd59ab1fd8ea9186df8334eb48fff3a5e519981364a5c2615b9c341fb73772444a491c9ad25cadf825e18e1dcde9a191bc

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1eT38ic0.exe

MD5 e6bbd336f9eb6c7d7aa2793ca5c0438e
SHA1 1709733ed5c07c04ef3f90809de08a18675f7fca
SHA256 29923b4272eb01cbff8f046780768f51fa1650301f71e2a6eb946d1029fb2cab
SHA512 89cb54993765450c2f4688d58100d1bd59ab1fd8ea9186df8334eb48fff3a5e519981364a5c2615b9c341fb73772444a491c9ad25cadf825e18e1dcde9a191bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe

MD5 3eb9e02f3e3fa3883800e656a71a9a6d
SHA1 abeaaddc5170dc776dc73f78a4ff53b8b340ec79
SHA256 a038120fd031181128bcd160dbcdf8e5d82480455c27dac32e1f33a11e7ef35a
SHA512 d0f2fc5cbe0bcadde17b537c930212f4175bef5f57265b52fa761ac7a5e091cd29034ea14600d355036cddccd63cbf092033e9957f877d71f4ec62bbf55befca

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2kv8531.exe

MD5 3eb9e02f3e3fa3883800e656a71a9a6d
SHA1 abeaaddc5170dc776dc73f78a4ff53b8b340ec79
SHA256 a038120fd031181128bcd160dbcdf8e5d82480455c27dac32e1f33a11e7ef35a
SHA512 d0f2fc5cbe0bcadde17b537c930212f4175bef5f57265b52fa761ac7a5e091cd29034ea14600d355036cddccd63cbf092033e9957f877d71f4ec62bbf55befca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

memory/5668-85-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5668-86-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5668-89-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5668-87-0x0000000000400000-0x0000000000433000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3id81nM.exe

MD5 fbc6d505bc02bc28d6fcd297f4b0cb46
SHA1 a41685f43afbe5e70bdebab0e11f33163ccab625
SHA256 0af97937dbbff4a2d6b2d22ace166ed480807b1d59f08f12e998bb2b1a17749e
SHA512 c2816d951a7021a0554782a5c053588daf08d5ba5825ea14c8e47306fb0ee2cbac93302e1dd04fb4cedf5f8ecc5c74d4c21f61c8070a114f3957d5e84c7474af

\??\pipe\LOCAL\crashpad_3372_LQGYHBDXKBSEBDUN

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_2308_FXDGFJSKBICSOHKP

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4092_XROUVVPDPMTMNNZL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_3600_DHNBWYZNVUMRODXI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_1116_FEFSWTWOPOUZTTSO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_640_SWAMXYIKRCXVXVMG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_1496_FEZVXCCQRQTYGABZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_3300_RJCDLWOOEHVLXKTN

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_1540_WQMWCDJUHHRBBUUC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3id81nM.exe

MD5 fbc6d505bc02bc28d6fcd297f4b0cb46
SHA1 a41685f43afbe5e70bdebab0e11f33163ccab625
SHA256 0af97937dbbff4a2d6b2d22ace166ed480807b1d59f08f12e998bb2b1a17749e
SHA512 c2816d951a7021a0554782a5c053588daf08d5ba5825ea14c8e47306fb0ee2cbac93302e1dd04fb4cedf5f8ecc5c74d4c21f61c8070a114f3957d5e84c7474af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\fcec7bd2-6b79-4a75-a032-e8f1bdfa4b5a.tmp

MD5 3c54ea43cc885ecb79fbfbf6fe2d2f48
SHA1 b10bba5a06dd25fdceaf2c90f95941358e98d4c2
SHA256 368b175a5d01c8255ab9e935d17d9f955c6795790fb4e7da1e9c78e1f3e9f6cd
SHA512 817381e74b7b6bce23bdb83fcbb5b9764ef3259d8c0434f01a0b6237c8b8f599bda225e3d3749b564bbb7a7a20a8ad846a7bebd8f2d20ac21306f4072fdf376d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4f25020783cb6f4c1cf8bc7de638cfb7
SHA1 848a582cbf736f360620fbba17f0418464d5260c
SHA256 863a2731bfba3dbca6f2006c1bca91d4a13247a8cf9bf0e7e047e79808dafa1e
SHA512 f07377fb9836cc9778ab4becc5f505573c5ea848c440946d99f422a36d1274a6e5697fe36f6826c82fdbc68c8e5f57033f3767d57a91badcdcfa96cf9b7e0255

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4f25020783cb6f4c1cf8bc7de638cfb7
SHA1 848a582cbf736f360620fbba17f0418464d5260c
SHA256 863a2731bfba3dbca6f2006c1bca91d4a13247a8cf9bf0e7e047e79808dafa1e
SHA512 f07377fb9836cc9778ab4becc5f505573c5ea848c440946d99f422a36d1274a6e5697fe36f6826c82fdbc68c8e5f57033f3767d57a91badcdcfa96cf9b7e0255

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3c54ea43cc885ecb79fbfbf6fe2d2f48
SHA1 b10bba5a06dd25fdceaf2c90f95941358e98d4c2
SHA256 368b175a5d01c8255ab9e935d17d9f955c6795790fb4e7da1e9c78e1f3e9f6cd
SHA512 817381e74b7b6bce23bdb83fcbb5b9764ef3259d8c0434f01a0b6237c8b8f599bda225e3d3749b564bbb7a7a20a8ad846a7bebd8f2d20ac21306f4072fdf376d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 938ed58a74a2347aff195ff89223cb98
SHA1 63feb154ce60424e842820ec2736cb14ab634c67
SHA256 04b97a47b6d0e64d0f35aea448c7b0e04a07a797f741332d2ddd768dff09e340
SHA512 ce3211283d0b0ea6a8569fdcbcf4a366fd2caa513b43926ee740d7f3dff604c8fbc3b94767788fe0170befb9d9800238b3b58b3be2ca91613583103bd1da1800

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\d89290ce-d0eb-456b-91ef-cbb1eba71fcd.tmp

MD5 f06ffd8109d1b056a95105abd8673cee
SHA1 532b4429e15332f0fe983af9d975026a6b0b67f6
SHA256 8c7be896f2c71f30c17b71974d9a99934259e52a39ecd56635a9a62c70fe00d7
SHA512 cca29170406ea23664876fac5c6bea393a22f6adb44506dfa40068c1d269e9399afc510f3792dd578ed6d8a823d46ea8b9af10023bdb60fab8c929120bf41934

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\e4075cdf-b487-4523-ab68-6389194c9181.tmp

MD5 e536436c2f8eb31d7b24d282bffd4d26
SHA1 b9b84b1e30be82cdfd7534f839fbc83f56fcdea3
SHA256 5d8a52a8be3e04f306619d2f5c5fe635bc664d763ac266037a9778ba8538cf94
SHA512 10760566a918756c659a98cd57f6eea33fdb88c8ae5571ea78fea9f2fcf0cd352c9fa15cfd8ea6a9157f9cab28455441acd6550451724285e60156d7219ee389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3c54ea43cc885ecb79fbfbf6fe2d2f48
SHA1 b10bba5a06dd25fdceaf2c90f95941358e98d4c2
SHA256 368b175a5d01c8255ab9e935d17d9f955c6795790fb4e7da1e9c78e1f3e9f6cd
SHA512 817381e74b7b6bce23bdb83fcbb5b9764ef3259d8c0434f01a0b6237c8b8f599bda225e3d3749b564bbb7a7a20a8ad846a7bebd8f2d20ac21306f4072fdf376d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\fd592693-7607-4c88-9930-ef9dfe5ae05f.tmp

MD5 52452a3754bb72eb1558d4c6e9b6acce
SHA1 a7360baeba56440e699b1289c13237133c731856
SHA256 5065f6f230eb689f2794e45b6c37485dcc519d267ba583a99984ddb2fac6114d
SHA512 edf2badf3481a807fd26f7977e14fa18fd636fe19c6274f3df33b9811adf3193d998049f7c4b5f501e796a09b267fa1742b26fd63262d2f16641b374393d6e49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 938ed58a74a2347aff195ff89223cb98
SHA1 63feb154ce60424e842820ec2736cb14ab634c67
SHA256 04b97a47b6d0e64d0f35aea448c7b0e04a07a797f741332d2ddd768dff09e340
SHA512 ce3211283d0b0ea6a8569fdcbcf4a366fd2caa513b43926ee740d7f3dff604c8fbc3b94767788fe0170befb9d9800238b3b58b3be2ca91613583103bd1da1800

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4f25020783cb6f4c1cf8bc7de638cfb7
SHA1 848a582cbf736f360620fbba17f0418464d5260c
SHA256 863a2731bfba3dbca6f2006c1bca91d4a13247a8cf9bf0e7e047e79808dafa1e
SHA512 f07377fb9836cc9778ab4becc5f505573c5ea848c440946d99f422a36d1274a6e5697fe36f6826c82fdbc68c8e5f57033f3767d57a91badcdcfa96cf9b7e0255

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fe36c9daea2eac59b4a3cb522a3ab724
SHA1 d967623d773891d2a34d724a8c90448c9eb29c6e
SHA256 6044dca0a56c6fc2fd12b1333ef7b905e73511680477dcb03cfaba10e2b5e079
SHA512 6b57eed79ecf9241a1f4d6e99ec62b6a371187a96efd9361f770adc62d251b9810878d6e7ad9168826198674afbf657307f85e8028bd3eface4224b4c75dd79e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fe36c9daea2eac59b4a3cb522a3ab724
SHA1 d967623d773891d2a34d724a8c90448c9eb29c6e
SHA256 6044dca0a56c6fc2fd12b1333ef7b905e73511680477dcb03cfaba10e2b5e079
SHA512 6b57eed79ecf9241a1f4d6e99ec62b6a371187a96efd9361f770adc62d251b9810878d6e7ad9168826198674afbf657307f85e8028bd3eface4224b4c75dd79e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9a91a77f30cdfd4be2c58eca6643c4ee
SHA1 6c5d2a42996d830db9ed50280cae3a7240edaf67
SHA256 8869f350dd985e2fe522dbb48ca38ec1376e560fc50de0f81a8c79046fe80e9b
SHA512 380f99067dfca912e4d684b42259c2ef7fb83f39437418de62e6748a8781ba0955c609bd94eb786a47bfca3db2155de4e2543a2534552378af435c1fe64262ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e536436c2f8eb31d7b24d282bffd4d26
SHA1 b9b84b1e30be82cdfd7534f839fbc83f56fcdea3
SHA256 5d8a52a8be3e04f306619d2f5c5fe635bc664d763ac266037a9778ba8538cf94
SHA512 10760566a918756c659a98cd57f6eea33fdb88c8ae5571ea78fea9f2fcf0cd352c9fa15cfd8ea6a9157f9cab28455441acd6550451724285e60156d7219ee389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9a91a77f30cdfd4be2c58eca6643c4ee
SHA1 6c5d2a42996d830db9ed50280cae3a7240edaf67
SHA256 8869f350dd985e2fe522dbb48ca38ec1376e560fc50de0f81a8c79046fe80e9b
SHA512 380f99067dfca912e4d684b42259c2ef7fb83f39437418de62e6748a8781ba0955c609bd94eb786a47bfca3db2155de4e2543a2534552378af435c1fe64262ac

memory/6448-285-0x0000000000400000-0x000000000043C000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 938ed58a74a2347aff195ff89223cb98
SHA1 63feb154ce60424e842820ec2736cb14ab634c67
SHA256 04b97a47b6d0e64d0f35aea448c7b0e04a07a797f741332d2ddd768dff09e340
SHA512 ce3211283d0b0ea6a8569fdcbcf4a366fd2caa513b43926ee740d7f3dff604c8fbc3b94767788fe0170befb9d9800238b3b58b3be2ca91613583103bd1da1800

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\f780fb67-7148-46fe-a215-690ccf881e42.tmp

MD5 263bff2cd6a4f4e19b7482fac0ffe8e8
SHA1 f63dc641063b220b3dc9aeccd189877fabb66a2d
SHA256 967cd71b792a129e18f2c9b970df458546e1e3163cb2bb798f142f0ce3466e0e
SHA512 32eb2dd1812d30970ea8ed317d765b3f1c5c75795a1e8c951aaec7a8b28e738f7aacde6b8bc3b0bc388824a529f57cde269103b965eb58642b985b4dc3fbc94e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 223207b610bc897693f50b95e9389a94
SHA1 aa3aa685b8d859f38e2fe7c832b050f20157fcf6
SHA256 2f327494f1aa4ebf1aa301b755b9164b8a5505ab9e2fa2fca9ebd94b0cc2249d
SHA512 2b1623c941d179b753ae22b5befd9938614a05fc8bd7045db46baf7bdfe2094cc33a89b90d5027064aa4795820f02bab25c7f53bf91aed1586bc4cb2f724c244

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4fc321b192411e165f017397d772b37f
SHA1 09059b95ad039c072e91787ef2b38fda70620904
SHA256 923683504b8b18288aabdc6d939aaadfea8170ec0eb91aee329c24bc61cc6e63
SHA512 a85e75946ec015d99f63e19f0e34b4ffbadfcf52af28d8d9b7043fd62aec957cd59d3530b51ddac70a36013940ea0519d53d2c142172c5a826ca8d81cf63cbb5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7520c3225a24acf017c2e121e5006540
SHA1 3818c8a2157b4469069387941f4109a785293858
SHA256 c276962194b21148c66b07b75c471c1dfd3f1e3766c93ee55fb687dc62820d3e
SHA512 9ec8eb71e4f1a90de7662184c83a2e7c14c978b25e483dd7d38ea0b76a3487dd4a6ea24ade64091d068b938b2ac8f3a24f7f605a8d7c318ff8352d7dcdce5ace

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2f5bd36df2a2275e2f17e9ee62403b73
SHA1 4a58578654b04222f1556c2da1313c05bbad9d2a
SHA256 5005e4ac81e95f3a2b4baadec68555fd28f3fab2f2d43ea8a3c808f6b80c283b
SHA512 ac18994579b49045cfe8382f8176975d43c466789755d4fccdb2b49e7e001e5169c8bbbbf79df7c1761034eaed9f5b84e6bf11f5b78c57981af42e1af94b4c0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 3a748249c8b0e04e77ad0d6723e564ff
SHA1 5c4cc0e5453c13ffc91f259ccb36acfb3d3fa729
SHA256 f98f5543c33c0b85b191bb85718ee7845982275130da1f09e904d220f1c6ceed
SHA512 53254db3efd9c075e4f24a915e0963563ce4df26d4771925199a605cd111ae5025a65f778b4d4ed8a9b3e83b558066cd314f37b84115d4d24c58207760174af2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 aecafb8ddf4e5f48b8079570a68bbd8d
SHA1 1218fb387ef93cb598ebe44897317f7526c2d258
SHA256 7c82c9cc535106e521598b6ef87121adaf7544d8fb62e81180235663169fd7fa
SHA512 bcf72c7227af3e6e68a633581738d8554418755afe5adaf44736ea8624cb1f5e26c3b883562eace59e897eba12c8be2a6bde41dfcd1e2be40a715b27ea8c6f6e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5a329a.TMP

MD5 2492732e001582d14f2bcb14331cec83
SHA1 3e92b18eecc9aee728a7a5d384c3cde11799d5d1
SHA256 bf872fe3de4430350777ff0d98ade5a48b6949c7d8a8af42f9359b4e6f46dc17
SHA512 46a172dd69d6d310e3fed9a8161e734c944073848480fabdddc7f6ae0741baacccdecfc0c5db6c50b0667e5163b549cdbe71dccd210c96807bef34db45eb7160

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0c8a1f61f5ebe3ecd2e76884d53255e9
SHA1 edad4f8b8968d1b35374ee1f873efe0271f66441
SHA256 6ed67558cf6dbd744cca1bec8f98656b1b45cb2dd053da42e9460aa3707ebc32
SHA512 827eee466869b862bf9358c2cd8f4a6bea9bdd3d7202836bd9460407b8d41ac2e6ae3c1dd0ec3a372051e17125c8bb3484721ec055612bf4261805ccb7b2d81f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3fb87d70236e00a180f96a0cab16d820
SHA1 6d5f50a4e20d9f898ad6ee5468dd845fba37c72f
SHA256 d0286cb3084313065378075ac5c4e37494284be26437ad5ce6707935f5e847dc
SHA512 6e107a9e281ff6b2297959716eef84626770315fd691199c101e16d8f1ea20ce6aae5a4116e9326c8bf496d7fb498dcc14c4ff2521b8693e1ce1405e719de3d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 99c9c59433e3c85e588ee0584804bb62
SHA1 fabbb4e09aafef5355b7a1437b5e1a5587439b99
SHA256 3cfe1335b02c70a14f97972fefd9dfd91c86a1f76b83ab10a23973a3527d0de7
SHA512 27b78435a96615c8f9dcad01ad29fef04fefdd0fcc27b87275cd7621514ba1ef2a22b42daacbb2c885a49d4ff1c06997bb46cb498281bbde816674ba1461ddc7