Malware Analysis Report

2025-01-02 05:06

Sample ID 231111-hcamtsdd65
Target c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26
SHA256 c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26
Tags
mystic redline taiga infostealer persistence stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26

Threat Level: Known bad

The file c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26 was found to be: Known bad.

Malicious Activity Summary

mystic redline taiga infostealer persistence stealer

Mystic

RedLine

RedLine payload

Detect Mystic stealer payload

Executes dropped EXE

Adds Run key to start application

AutoIT Executable

Suspicious use of SetThreadContext

Enumerates physical storage devices

Unsigned PE

Program crash

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2023-11-11 06:35

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-11-11 06:34

Reported

2023-11-11 06:38

Platform

win10v2004-20231023-en

Max time kernel

169s

Max time network

184s

Command Line

"C:\Users\Admin\AppData\Local\Temp\c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26.exe"

Signatures

Detect Mystic stealer payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Mystic

stealer mystic

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe N/A

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1260 wrote to memory of 1416 N/A C:\Users\Admin\AppData\Local\Temp\c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe
PID 1260 wrote to memory of 1416 N/A C:\Users\Admin\AppData\Local\Temp\c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe
PID 1260 wrote to memory of 1416 N/A C:\Users\Admin\AppData\Local\Temp\c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe
PID 1416 wrote to memory of 224 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe
PID 1416 wrote to memory of 224 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe
PID 1416 wrote to memory of 224 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe
PID 224 wrote to memory of 3104 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 3104 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 4392 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 4392 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 3444 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 3444 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 1284 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 1284 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 4700 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 4700 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 3876 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 3876 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 3988 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 3988 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 2572 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 4456 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 4456 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 4852 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 224 wrote to memory of 4852 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1416 wrote to memory of 4928 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe
PID 1416 wrote to memory of 4928 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe
PID 1416 wrote to memory of 4928 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe
PID 1284 wrote to memory of 3944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1284 wrote to memory of 3944 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4852 wrote to memory of 1116 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4852 wrote to memory of 1116 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3444 wrote to memory of 5036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3444 wrote to memory of 5036 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4700 wrote to memory of 1424 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 1964 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4392 wrote to memory of 1964 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3876 wrote to memory of 836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3876 wrote to memory of 836 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 3996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3988 wrote to memory of 3996 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3104 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3104 wrote to memory of 1756 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4456 wrote to memory of 2708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4456 wrote to memory of 2708 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2572 wrote to memory of 1488 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2572 wrote to memory of 1488 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4928 wrote to memory of 3512 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 3512 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 3512 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 5352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 5352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 5352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 5352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 5352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 5352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 5352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 5352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 5352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 4928 wrote to memory of 5352 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
PID 1260 wrote to memory of 5652 N/A C:\Users\Admin\AppData\Local\Temp\c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3AZ95Kk.exe
PID 1260 wrote to memory of 5652 N/A C:\Users\Admin\AppData\Local\Temp\c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3AZ95Kk.exe

Processes

C:\Users\Admin\AppData\Local\Temp\c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26.exe

"C:\Users\Admin\AppData\Local\Temp\c65aee50288bb61f1ab8007ecfd9c45866d916532a29f9a94659726d03441e26.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff800f146f8,0x7ff800f14708,0x7ff800f14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff800f146f8,0x7ff800f14708,0x7ff800f14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff800f146f8,0x7ff800f14708,0x7ff800f14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x174,0x178,0x17c,0x150,0x180,0x7ff800f146f8,0x7ff800f14708,0x7ff800f14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff800f146f8,0x7ff800f14708,0x7ff800f14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x10c,0x7ff800f146f8,0x7ff800f14708,0x7ff800f14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff800f146f8,0x7ff800f14708,0x7ff800f14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff800f146f8,0x7ff800f14708,0x7ff800f14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff800f146f8,0x7ff800f14708,0x7ff800f14718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ff800f146f8,0x7ff800f14708,0x7ff800f14718

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 5352 -ip 5352

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3AZ95Kk.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3AZ95Kk.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,11760248252233749724,10910724412186501989,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,15273618513135560905,3207366044404113630,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,11760248252233749724,10910724412186501989,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,15273618513135560905,3207366044404113630,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,7480989845367447695,15788028019079755107,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,7480989845367447695,15788028019079755107,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,11081813970089738851,15466487659858247999,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,11081813970089738851,15466487659858247999,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,4128430891267721338,2013528179994036821,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,5697007463503805864,10606809301005604054,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,14865940244435552393,10540629712286073868,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,18120213438796562541,7432109267596955962,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,4128430891267721338,2013528179994036821,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,18120213438796562541,7432109267596955962,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,14865940244435552393,10540629712286073868,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5352 -s 200

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,5697007463503805864,10606809301005604054,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,2988511019286957744,16154157450053600113,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,2988511019286957744,16154157450053600113,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,4917162999040034135,5523597712673818109,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

Network

Country Destination Domain Proto
US 8.8.8.8:53 9.228.82.20.in-addr.arpa udp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 39.142.81.104.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 121.175.53.84.in-addr.arpa udp
US 8.8.8.8:53 158.240.127.40.in-addr.arpa udp
US 8.8.8.8:53 126.211.247.8.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 146.78.124.51.in-addr.arpa udp
US 8.8.8.8:53 store.steampowered.com udp
US 8.8.8.8:53 www.epicgames.com udp
US 8.8.8.8:53 13.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 twitter.com udp
NL 104.85.0.101:443 store.steampowered.com tcp
NL 104.85.0.101:443 store.steampowered.com tcp
US 3.216.1.37:443 www.epicgames.com tcp
US 3.216.1.37:443 www.epicgames.com tcp
US 8.8.8.8:53 steamcommunity.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.paypal.com udp
US 104.244.42.65:443 twitter.com tcp
US 104.244.42.65:443 twitter.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 151.101.1.21:443 www.paypal.com tcp
US 151.101.1.21:443 www.paypal.com tcp
NL 142.250.179.141:443 accounts.google.com tcp
NL 142.250.179.141:443 accounts.google.com tcp
US 8.8.8.8:53 101.0.85.104.in-addr.arpa udp
NL 23.222.49.98:443 steamcommunity.com tcp
NL 23.222.49.98:443 steamcommunity.com tcp
NL 157.240.247.35:443 www.facebook.com tcp
NL 157.240.247.35:443 www.facebook.com tcp
NL 142.250.179.141:443 accounts.google.com udp
US 8.8.8.8:53 37.1.216.3.in-addr.arpa udp
US 8.8.8.8:53 65.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 21.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 141.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 98.49.222.23.in-addr.arpa udp
US 8.8.8.8:53 35.247.240.157.in-addr.arpa udp
US 8.8.8.8:53 174.179.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 83.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 abs.twimg.com udp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 pbs.twimg.com udp
US 8.8.8.8:53 api.twitter.com udp
US 8.8.8.8:53 video.twimg.com udp
US 104.244.42.2:443 api.twitter.com tcp
NL 199.232.148.158:443 video.twimg.com tcp
US 8.8.8.8:53 t.co udp
US 104.244.42.133:443 t.co tcp
US 192.229.233.50:443 pbs.twimg.com tcp
US 8.8.8.8:53 141.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 158.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 133.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 2.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 50.233.229.192.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.250.179.182:443 i.ytimg.com tcp
US 8.8.8.8:53 static.ads-twitter.com udp
NL 199.232.148.157:443 static.ads-twitter.com tcp
US 8.8.8.8:53 182.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 106.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 157.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 131.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 142.250.179.130:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 195.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 130.179.250.142.in-addr.arpa udp
US 104.244.42.2:443 api.twitter.com tcp
US 104.244.42.2:443 api.twitter.com tcp
US 8.8.8.8:53 tracking.epicgames.com udp
US 8.8.8.8:53 www.paypalobjects.com udp
US 8.8.8.8:53 static-assets-prod.unrealengine.com udp
US 8.8.8.8:53 store.akamai.steamstatic.com udp
US 192.229.221.25:443 www.paypalobjects.com tcp
US 192.229.221.25:443 www.paypalobjects.com tcp
US 8.8.8.8:53 community.akamai.steamstatic.com udp
US 192.229.221.25:443 www.paypalobjects.com tcp
US 44.214.245.214:443 tracking.epicgames.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
NL 23.72.252.160:443 community.akamai.steamstatic.com tcp
NL 23.72.252.160:443 community.akamai.steamstatic.com tcp
NL 23.72.252.160:443 community.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
US 18.239.36.105:443 static-assets-prod.unrealengine.com tcp
US 18.239.36.105:443 static-assets-prod.unrealengine.com tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 88.221.25.153:80 apps.identrust.com tcp
US 8.8.8.8:53 25.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 176.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 105.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 10.5.240.157.in-addr.arpa udp
US 8.8.8.8:53 214.245.214.44.in-addr.arpa udp
US 8.8.8.8:53 160.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 153.25.221.88.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe

MD5 1009dab1ea977b188e8b7703f39dbdee
SHA1 aacc62732fd9193135f9ab33ec39bbba477b4da3
SHA256 7a9203b572478c199142aa081ecde58b8c2fac1ea64bc829dba13f3eb051b61d
SHA512 5c1e2b99b412227683d0faa8e9d79443b1b5f2c6ece704bdecc7d26492243f867767fac6e42a878ef15bfbc52b12320e7ad342c137380e0de2c6adf4a98d96e7

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cP6DP39.exe

MD5 1009dab1ea977b188e8b7703f39dbdee
SHA1 aacc62732fd9193135f9ab33ec39bbba477b4da3
SHA256 7a9203b572478c199142aa081ecde58b8c2fac1ea64bc829dba13f3eb051b61d
SHA512 5c1e2b99b412227683d0faa8e9d79443b1b5f2c6ece704bdecc7d26492243f867767fac6e42a878ef15bfbc52b12320e7ad342c137380e0de2c6adf4a98d96e7

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe

MD5 79bce52392e3c752cde8d9e14b986537
SHA1 7c8ade75b60e79d168ac43849665e25780906f09
SHA256 3e92277007f567e2721be58419209c2484cf3424ad95d75285903ca5b4cf5f8a
SHA512 9a30009b270049f9b772237708bd18579c584d55bd1c4dbae622e4603381878caeeb057f45b47ffea018a4040d69da8e81fd54f8f0a93c57fba59bd17ea93c0f

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1IS32Zd6.exe

MD5 79bce52392e3c752cde8d9e14b986537
SHA1 7c8ade75b60e79d168ac43849665e25780906f09
SHA256 3e92277007f567e2721be58419209c2484cf3424ad95d75285903ca5b4cf5f8a
SHA512 9a30009b270049f9b772237708bd18579c584d55bd1c4dbae622e4603381878caeeb057f45b47ffea018a4040d69da8e81fd54f8f0a93c57fba59bd17ea93c0f

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe

MD5 72230e8c1117c3551f72a7c86c8e80a7
SHA1 a5ff67be6af7a5e5bbe05c0578b37ec1ae190841
SHA256 f3ba5a08df416f314a5603cdc4d48b44bfe4a7ae6ca786fc31332e8277b71232
SHA512 689b72447ba360cdf54abf4372a3ea4a93332af4c7467ff8869fda6f531ddf980c54cdfe3ce75dfcfa650cb253061a64f8ecb50141ad9d750129f7a99f9ae8ba

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2nF7193.exe

MD5 72230e8c1117c3551f72a7c86c8e80a7
SHA1 a5ff67be6af7a5e5bbe05c0578b37ec1ae190841
SHA256 f3ba5a08df416f314a5603cdc4d48b44bfe4a7ae6ca786fc31332e8277b71232
SHA512 689b72447ba360cdf54abf4372a3ea4a93332af4c7467ff8869fda6f531ddf980c54cdfe3ce75dfcfa650cb253061a64f8ecb50141ad9d750129f7a99f9ae8ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

memory/5352-86-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5352-87-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5352-88-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5352-90-0x0000000000400000-0x0000000000433000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3AZ95Kk.exe

MD5 fbc6d505bc02bc28d6fcd297f4b0cb46
SHA1 a41685f43afbe5e70bdebab0e11f33163ccab625
SHA256 0af97937dbbff4a2d6b2d22ace166ed480807b1d59f08f12e998bb2b1a17749e
SHA512 c2816d951a7021a0554782a5c053588daf08d5ba5825ea14c8e47306fb0ee2cbac93302e1dd04fb4cedf5f8ecc5c74d4c21f61c8070a114f3957d5e84c7474af

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3AZ95Kk.exe

MD5 fbc6d505bc02bc28d6fcd297f4b0cb46
SHA1 a41685f43afbe5e70bdebab0e11f33163ccab625
SHA256 0af97937dbbff4a2d6b2d22ace166ed480807b1d59f08f12e998bb2b1a17749e
SHA512 c2816d951a7021a0554782a5c053588daf08d5ba5825ea14c8e47306fb0ee2cbac93302e1dd04fb4cedf5f8ecc5c74d4c21f61c8070a114f3957d5e84c7474af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

\??\pipe\LOCAL\crashpad_4852_OROYLMMTIXKMKHWM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_3988_BJCTNPAERYVUJYEO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4392_HFLKNTYFBCPXRIVU

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4456_BHNKGZUEQSVHCRSZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_1284_KRNNMWLWHLCLVCAO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4700_KONSBJMDQRJGVFWN

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_3444_OTQGTBWTVNBFSZZS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_3104_CYSDQYBXPHLYCFIN

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_2572_NBHRXDLGBUBDZTQX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_3876_HEJPJFSFGVWINWLC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0056280a8f62110da05def4f474f73f5
SHA1 1ba22ba6471fd08f2f456ae2cbe4f19a74f1e5eb
SHA256 4aeeada7d790e4ad48c5bb39a137b8d85b14553d8c276271848fea8ff78dfd86
SHA512 9019066f782fa52167ae04635a6cb7e2dae1e3eb3d2fd3677fb132ddb39af7873a3d6db9fe4b7984a4f4f2cd0e51ecd0977c5bbc2010b9d04c7d4c497b338187

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f07ba18ff14580bdde9a4eb55d0cf0aa
SHA1 8759261b2ab607d5905004e821517ac9adffe505
SHA256 f64eb3c04d5450d9cb9c8471bd50cdca866c0e8d82accd54155edea67d44b0ca
SHA512 691ddfdaedf01143ed844823cb8af32ab7cbd709595a7726032456242a121b49fa1d8d954ea9ce625dde247f02f31354b1e07ed69e626375bc9f4be0bdbcb8e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 642d90f16dc51301d37a467faa442e1a
SHA1 db02f59d634fdb9036efb53ca90745a801a97322
SHA256 750c3374d681992a7bcc78f0a1fe60e4a322c04f397095977aeb75948cc7de72
SHA512 3ad67aef5b7dc41faddcb1b47172972b57c398ba9dc6efa183f3fbb046b3098b720a18579a744644b4a3dc6d3aeeabda534bc65b5945d75eac4837701f4c6fce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 642d90f16dc51301d37a467faa442e1a
SHA1 db02f59d634fdb9036efb53ca90745a801a97322
SHA256 750c3374d681992a7bcc78f0a1fe60e4a322c04f397095977aeb75948cc7de72
SHA512 3ad67aef5b7dc41faddcb1b47172972b57c398ba9dc6efa183f3fbb046b3098b720a18579a744644b4a3dc6d3aeeabda534bc65b5945d75eac4837701f4c6fce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0056280a8f62110da05def4f474f73f5
SHA1 1ba22ba6471fd08f2f456ae2cbe4f19a74f1e5eb
SHA256 4aeeada7d790e4ad48c5bb39a137b8d85b14553d8c276271848fea8ff78dfd86
SHA512 9019066f782fa52167ae04635a6cb7e2dae1e3eb3d2fd3677fb132ddb39af7873a3d6db9fe4b7984a4f4f2cd0e51ecd0977c5bbc2010b9d04c7d4c497b338187

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ebaf6f6dd561a7946acf135f1e2dc687
SHA1 b7d3f411025f9d6f1eb025bc2757515b37d55c44
SHA256 d127cc66b7951e86350fcc0dbad8dff99c5bc8dfcc31584337f069e73a76d48a
SHA512 d6a745bb8e2cf227ecf5b9c47d364b07f471766a48d745961ab6afa698f0beffccd26b0284cbf263ad1e67a00aed663e2a16d68f0c730d009940ac87f2aa448e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ebaf6f6dd561a7946acf135f1e2dc687
SHA1 b7d3f411025f9d6f1eb025bc2757515b37d55c44
SHA256 d127cc66b7951e86350fcc0dbad8dff99c5bc8dfcc31584337f069e73a76d48a
SHA512 d6a745bb8e2cf227ecf5b9c47d364b07f471766a48d745961ab6afa698f0beffccd26b0284cbf263ad1e67a00aed663e2a16d68f0c730d009940ac87f2aa448e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f07ba18ff14580bdde9a4eb55d0cf0aa
SHA1 8759261b2ab607d5905004e821517ac9adffe505
SHA256 f64eb3c04d5450d9cb9c8471bd50cdca866c0e8d82accd54155edea67d44b0ca
SHA512 691ddfdaedf01143ed844823cb8af32ab7cbd709595a7726032456242a121b49fa1d8d954ea9ce625dde247f02f31354b1e07ed69e626375bc9f4be0bdbcb8e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a7dd099c4cb2d0ee9514d607e742c3e1
SHA1 1353079fa19f5a253dc7eda11251638eb69e102d
SHA256 a697dba076d21b5b5b7eb97be6f6e92f348ad7b58aeffaa05d8cb6bf86cd7369
SHA512 9450d2c0a50a255f24f1a1f54428714a4519c68c62e71a994fb7ae13bfc5e4f66913695aa3f329dc46340ff32be4b408e96bfb662b4290455c4074ea7062eb80

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d123b658c105730187de0c662ad6014f
SHA1 bfe74efd6cef81b56c97ea9d8afe53b730f82b48
SHA256 11517e8c45590fa11284cbd0d920674110f802c54c8ea742ca7b921140ff703a
SHA512 9c93fae9658d1193e8ce000891cca45ca7b1c42ccb6bd239e716b09863a20c399cdfb3bdae1861e0efce180622908e1ab5c0a7df31dac666839ed988fb2aa7d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3f340da2afb3bfa5018ad6e431b934ca
SHA1 3c566cfcd2dd4b6a582754339d2947bd5605a69a
SHA256 7e03b6ea67e2ecde8e63898c9a895b5d639f9e5ccf63e0264f5e709fb4f20a61
SHA512 60940ef64c87e60db4022a051210862eb1b4423e951320d5058b24ac62573680e9a9cd82440f36c374f55f9cf64437ea8d178cfe24c08d80f40eea95d766363b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\c9507300-a734-4d8d-9d98-4968984e3b2a.tmp

MD5 314830ea3894064488aac05b21c32d5a
SHA1 1663e949977914ce73409f96e9f165834bec8776
SHA256 0ca66e12a70d52040c5d6fc24866426f1fe0675b8122130001b207fe78e3e083
SHA512 6ea5c2891944e467e2169825315a04ea40dde1f76d0bac58ea1a28b63e9cd0171d97ba9b590d197227520bccb3bc60d4635bdbaf23faed6b6c9a6404c51f762a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3f340da2afb3bfa5018ad6e431b934ca
SHA1 3c566cfcd2dd4b6a582754339d2947bd5605a69a
SHA256 7e03b6ea67e2ecde8e63898c9a895b5d639f9e5ccf63e0264f5e709fb4f20a61
SHA512 60940ef64c87e60db4022a051210862eb1b4423e951320d5058b24ac62573680e9a9cd82440f36c374f55f9cf64437ea8d178cfe24c08d80f40eea95d766363b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a7dd099c4cb2d0ee9514d607e742c3e1
SHA1 1353079fa19f5a253dc7eda11251638eb69e102d
SHA256 a697dba076d21b5b5b7eb97be6f6e92f348ad7b58aeffaa05d8cb6bf86cd7369
SHA512 9450d2c0a50a255f24f1a1f54428714a4519c68c62e71a994fb7ae13bfc5e4f66913695aa3f329dc46340ff32be4b408e96bfb662b4290455c4074ea7062eb80

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d123b658c105730187de0c662ad6014f
SHA1 bfe74efd6cef81b56c97ea9d8afe53b730f82b48
SHA256 11517e8c45590fa11284cbd0d920674110f802c54c8ea742ca7b921140ff703a
SHA512 9c93fae9658d1193e8ce000891cca45ca7b1c42ccb6bd239e716b09863a20c399cdfb3bdae1861e0efce180622908e1ab5c0a7df31dac666839ed988fb2aa7d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\2b186ecf-f8f8-46f2-ad9c-8f8f7dd8b509.tmp

MD5 6fba31b33cca6e0413219060700cdcbb
SHA1 e609172ac21c3f5b3e2330da9b70d9b3fbc3d15e
SHA256 688cb69e1254cb9b537800ca234d6746c7336aa6f1098af3d6bac9fc967721c8
SHA512 c9cc03465fcc22a85c0db3570004712f899d092e79f5eed9c5fd26cf24ec979b5dc7827147ca117085032de83cb28e0b390ea8fb6c10f6b3fdfe0b76b54345a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 04751a81c14cbe77100c844935806cc9
SHA1 2258046933e2497702d23fd0ef409bbc506228ac
SHA256 1e4c70350d49160bb0fd5479716f274de38b33745a9a7dd3e66b105225f2b460
SHA512 76fa29b0b7666dad3adb1d546211e975d74aac672b690ae990afd01c5a0899db9f6b0ac9401ed3d063b8ab776a6f225955dfed55407c1f8356fb96256586d431

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7a505e693da562cbfad22ff758f2e579
SHA1 5845d2682b46250a488b1891c05a160e31b3fa84
SHA256 4a835136a9bf56c4013e84104147e20289f8ec2cd2f067f6a3b10ee40401b0bb
SHA512 29ecc744906e932a50200e14d914f285858bec59b72cafb7baafc2f84e85ee483b2bdaac094839cd35499d983c6e62974230f4adde63aaaef00499e14b2a02fd

memory/7736-399-0x0000000000400000-0x000000000043C000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 51e6f0659dc5b1fb0f87e68a889bf2a5
SHA1 9274cef8dc56e8aab0f1696cdaa427a65018a106
SHA256 f48b83565d85ab098dec0fa83b926f46e9543806a202f7468757793c6205112a
SHA512 64bf3162b90295d93c7be1324b8b6ef6f305cf4339b58c5ebba0e365bc62436a97b8724a9c6abaa70a9b4703ea9f973a729dce866684440c2eb31448058a0ca5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fc4da184ce57f18a99f64bfb84651832
SHA1 34f2e000323625cf06d3beb1068ab311db5a3cbf
SHA256 efd98c9399165eec5b0cdb2d2b5f5b47071ac30f86b8fd782f6cf07796b152f6
SHA512 48b41be811dcb4b6bad9acb16c7a118f46744b989f3f4a0c4f61064add9aad5e7b48e546d01bb1b7d19f4356031d84a0f456d1de6091d1faec48f454915faaf8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 3a748249c8b0e04e77ad0d6723e564ff
SHA1 5c4cc0e5453c13ffc91f259ccb36acfb3d3fa729
SHA256 f98f5543c33c0b85b191bb85718ee7845982275130da1f09e904d220f1c6ceed
SHA512 53254db3efd9c075e4f24a915e0963563ce4df26d4771925199a605cd111ae5025a65f778b4d4ed8a9b3e83b558066cd314f37b84115d4d24c58207760174af2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5e0e2bf6532f61574420e47659940e00
SHA1 ef252720c9b9c0cb2c2b9ac3d900bd7adbd66291
SHA256 068c0aa6ea183606381314e77eb42d738dcd4f40b9a195db6046996e4a63af1e
SHA512 8767461e4da2f1c3dd351c7d69409c6e09461633af4f7aa95a0545afb94bc14593318953e0c141ef95c484430070ead7c1d248a3ceafa64f5caf822f05e243b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 e312d30a603bae99a0fa55a9e321e546
SHA1 63b850ffbfd06b15d678fa9bc729ab892a08afed
SHA256 bdeac732f022f6395ee87dba675e8c93a9126c715999c443268ec0ee0ab3a290
SHA512 6ca0bad3bfc23de5ed1517cc076f66c6ff14fdfd430a144250b76566be7d0128e64577ecc85b5d871656cafed614dd1173cdbe1dd8b39ab2b1653c4be4ad4892