Analysis Overview
SHA256
66d1c4d6339ac117a4649e059b85aceb9c1cbd02188419ac97d642b1748aeb0b
Threat Level: Known bad
The file 66d1c4d6339ac117a4649e059b85aceb9c1cbd02188419ac97d642b1748aeb0b was found to be: Known bad.
Malicious Activity Summary
RedLine payload
Detect Mystic stealer payload
Mystic
RedLine
Executes dropped EXE
Adds Run key to start application
Suspicious use of SetThreadContext
Detected potential entity reuse from brand paypal.
AutoIT Executable
Program crash
Enumerates physical storage devices
Unsigned PE
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-11-11 09:05
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-11-11 09:05
Reported
2023-11-11 09:07
Platform
win10v2004-20231020-en
Max time kernel
151s
Max time network
156s
Command Line
Signatures
Detect Mystic stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Mystic
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\MR7fM86.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1Ny08uJ9.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2bV0551.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3Yi94dA.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\MR7fM86.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\66d1c4d6339ac117a4649e059b85aceb9c1cbd02188419ac97d642b1748aeb0b.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 7148 set thread context of 7236 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2bV0551.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 7252 set thread context of 8032 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3Yi94dA.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\66d1c4d6339ac117a4649e059b85aceb9c1cbd02188419ac97d642b1748aeb0b.exe
"C:\Users\Admin\AppData\Local\Temp\66d1c4d6339ac117a4649e059b85aceb9c1cbd02188419ac97d642b1748aeb0b.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\MR7fM86.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\MR7fM86.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1Ny08uJ9.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1Ny08uJ9.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x7c,0x16c,0x7ffdfe2c46f8,0x7ffdfe2c4708,0x7ffdfe2c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffdfe2c46f8,0x7ffdfe2c4708,0x7ffdfe2c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdfe2c46f8,0x7ffdfe2c4708,0x7ffdfe2c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdfe2c46f8,0x7ffdfe2c4708,0x7ffdfe2c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffdfe2c46f8,0x7ffdfe2c4708,0x7ffdfe2c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdfe2c46f8,0x7ffdfe2c4708,0x7ffdfe2c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,2045167077063577780,17892878689976929966,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,2045167077063577780,17892878689976929966,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdfe2c46f8,0x7ffdfe2c4708,0x7ffdfe2c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,15229400005845709854,16294634921505785936,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,15229400005845709854,16294634921505785936,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1468,2792262226507513178,6540383422498846374,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1468,2792262226507513178,6540383422498846374,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,2486963151198595181,8810104382236330174,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdfe2c46f8,0x7ffdfe2c4708,0x7ffdfe2c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x13c,0x174,0x7ffdfe2c46f8,0x7ffdfe2c4708,0x7ffdfe2c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2192,4615527682614427425,18171775695978436036,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdfe2c46f8,0x7ffdfe2c4708,0x7ffdfe2c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2bV0551.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2bV0551.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7716 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7716 /prefetch:8
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3Yi94dA.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3Yi94dA.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 7236 -ip 7236
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7236 -s 540
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3240 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4568 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2044,14228743556621830031,4873104471294405378,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1356 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.128.231.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| US | 52.7.192.127:443 | www.epicgames.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 52.7.192.127:443 | www.epicgames.com | tcp |
| US | 104.244.42.1:443 | twitter.com | tcp |
| US | 104.244.42.1:443 | twitter.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 127.192.7.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.42.244.104.in-addr.arpa | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.49.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.142.81.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 104.244.42.2:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 192.229.233.50:443 | pbs.twimg.com | tcp |
| NL | 199.232.148.158:443 | video.twimg.com | tcp |
| US | 104.244.42.133:443 | t.co | tcp |
| US | 8.8.8.8:53 | 2.136.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.233.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.148.232.199.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 133.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.250.179.150:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 8.8.8.8:53 | static-assets-prod.unrealengine.com | udp |
| US | 8.8.8.8:53 | 150.179.250.142.in-addr.arpa | udp |
| US | 34.195.142.151:443 | tracking.epicgames.com | tcp |
| US | 18.239.36.103:443 | static-assets-prod.unrealengine.com | tcp |
| US | 18.239.36.103:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 88.221.25.153:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.142.195.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | 153.25.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| US | 157.240.5.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| US | 157.240.5.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | 35.5.240.157.in-addr.arpa | udp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | c.paypal.com | udp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | tcp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | 227.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| US | 8.8.8.8:53 | b.stats.paypal.com | udp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 151.101.1.35:443 | t.paypal.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| US | 64.4.245.84:443 | b.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.245.4.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 34.36.251.142.in-addr.arpa | udp |
| US | 104.244.42.2:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| US | 18.239.36.103:443 | static-assets-prod.unrealengine.com | tcp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | c6.paypal.com | udp |
| US | 8.8.8.8:53 | dub.stats.paypal.com | udp |
| US | 64.4.245.84:443 | dub.stats.paypal.com | tcp |
| US | 151.101.1.35:443 | c6.paypal.com | tcp |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| US | 8.8.8.8:53 | talon-website-prod.ecosec.on.epicgames.com | udp |
| US | 172.64.146.120:443 | talon-website-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | 120.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | talon-service-prod.ecosec.on.epicgames.com | udp |
| US | 172.64.146.120:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 172.64.146.120:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.219.90:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 90.219.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 57.169.31.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | 88.16.208.104.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\MR7fM86.exe
| MD5 | 89d12496574671d9abdcc672b42e6058 |
| SHA1 | 3422d108a1933cf38def7fcd86bd35a5a1e2cddc |
| SHA256 | af567097fb220400dc3788e13e1a6437d7692dd2c3ebe9e5be7a5775a236a12b |
| SHA512 | e96c61b1bcd1321eb13d4a453c973d3834083fa69d1d8096961727047bd49bab82664cbdbb25018e3d002867797d242f4b45160a0c12f378917d755ee0e405bf |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\MR7fM86.exe
| MD5 | 89d12496574671d9abdcc672b42e6058 |
| SHA1 | 3422d108a1933cf38def7fcd86bd35a5a1e2cddc |
| SHA256 | af567097fb220400dc3788e13e1a6437d7692dd2c3ebe9e5be7a5775a236a12b |
| SHA512 | e96c61b1bcd1321eb13d4a453c973d3834083fa69d1d8096961727047bd49bab82664cbdbb25018e3d002867797d242f4b45160a0c12f378917d755ee0e405bf |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1Ny08uJ9.exe
| MD5 | da5f7375ce2e51fec63b573da6ba2596 |
| SHA1 | eee8ff9fe93fda037b277f32b9796f8140adad37 |
| SHA256 | 53928f39a026e92a5d7b2e54f3a93d4bb85bd75b636c7e1bf69d5c7d70a22ae0 |
| SHA512 | efe65451ed105477ff8d2ad9b461e1f8d32f050a0f5a43d8eb6aae5703c8afded389b3601a9f2911ff1a427c8599b788ddde23ccb9665fea2b137350fd42e1d7 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1Ny08uJ9.exe
| MD5 | da5f7375ce2e51fec63b573da6ba2596 |
| SHA1 | eee8ff9fe93fda037b277f32b9796f8140adad37 |
| SHA256 | 53928f39a026e92a5d7b2e54f3a93d4bb85bd75b636c7e1bf69d5c7d70a22ae0 |
| SHA512 | efe65451ed105477ff8d2ad9b461e1f8d32f050a0f5a43d8eb6aae5703c8afded389b3601a9f2911ff1a427c8599b788ddde23ccb9665fea2b137350fd42e1d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6f9bc20747520b37b3f22c169195824e |
| SHA1 | de0472972d51b2d9419ff0d714706bef0c6f81d8 |
| SHA256 | a176ef484b676f39eaefe30f33df548ef0e4e3b34c4651ac3fb4351404d288b0 |
| SHA512 | 179e5be96746cfbcc9483de68527d96464f3ce6cb09dc4b5e546a93c5e1dad36ab842a4cdfa336169af4ca459bdc42a2cac72e577699a455ffb7efd9c1c80f11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6f9bc20747520b37b3f22c169195824e |
| SHA1 | de0472972d51b2d9419ff0d714706bef0c6f81d8 |
| SHA256 | a176ef484b676f39eaefe30f33df548ef0e4e3b34c4651ac3fb4351404d288b0 |
| SHA512 | 179e5be96746cfbcc9483de68527d96464f3ce6cb09dc4b5e546a93c5e1dad36ab842a4cdfa336169af4ca459bdc42a2cac72e577699a455ffb7efd9c1c80f11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6f9bc20747520b37b3f22c169195824e |
| SHA1 | de0472972d51b2d9419ff0d714706bef0c6f81d8 |
| SHA256 | a176ef484b676f39eaefe30f33df548ef0e4e3b34c4651ac3fb4351404d288b0 |
| SHA512 | 179e5be96746cfbcc9483de68527d96464f3ce6cb09dc4b5e546a93c5e1dad36ab842a4cdfa336169af4ca459bdc42a2cac72e577699a455ffb7efd9c1c80f11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
\??\pipe\LOCAL\crashpad_4456_AMEKYQIXIXAYBOSH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
\??\pipe\LOCAL\crashpad_4640_UZPDOSVIKDWLJTXU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
\??\pipe\LOCAL\crashpad_2068_PHBHLRUQDMGBQSHC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_1552_ULZEFQJTIWNTEYSI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 83d88377e072745e9e1d809eb54b3135 |
| SHA1 | 1044197c082b43347a5348cdf4cdf8dc8c96aea7 |
| SHA256 | 0af506e4895f3ba31b0606c8cfa1203c23ff6c5ca7328d823b39db27d254b57b |
| SHA512 | d1d07d8d1f849d627cad3ae84e1706f69a634829f23ae3097c7414be8b438a59f0c59a45f3f43507e3bb2e2cb9ae06f99da395745bb6d0ad5b7efcedbafd849a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9ae3c9d55a596c5bdac356d93f03a940 |
| SHA1 | 89cbd16e0c7834f97ce861ccf224375495a22d05 |
| SHA256 | 8b1a772b3e06d8c674c5f0aa319cff7db6672490a4b65582ec5dda2753b9103d |
| SHA512 | 955ccdd1bc9a89879adf31d3542c6dda806a238ed6cb8f00ae3166c4d6c7c92f31f39a8e7bb6b3a7064d349546a4ac36297f6106b02a14eec1d1bd9ecabdd0fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f6dd78562a5bf08af54d20d3c1588179 |
| SHA1 | fbad66e0d22f463f64fb26425a87296ef6f6497c |
| SHA256 | 1d4f15c4e84a7d17ab3990aa6aac39b7caa4116cc9707c2d8ff2cb9225a7c52d |
| SHA512 | fdc56d21fb5a0e8f16882e7d3609c5b867d0ef1055c61eb03341d8fc2c38d53982a80864dac2b286c2ab2936a6cc4fdae1c8cb512e386811662994bf493b323d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 181432eb6f5ba85c1c11f6f6aceea63b |
| SHA1 | 196b474dfbcf94bf63ed8965355046f17a2c0154 |
| SHA256 | bde94f2da17ce55d8747ccacf5054484393b057c77418aa4a044678211218c26 |
| SHA512 | d39001d88c828a17915e475da77ce5dec84cfa318c80782d60da8343ec25cee8c8eef1e0fad8e993147b497f18a873b31124febbcd6290bb90547e22bad0d93e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 771f0c9cd4e796e518e8c49b45f9072d |
| SHA1 | e3d9b0d0b9d172abb7f6424ab46ef21bcab412b2 |
| SHA256 | aa26f4b0fba3070354e0ce473567426f549acd6f104b50f5c24e35752f62aa2a |
| SHA512 | 329ec6f99528784776e832e21193d9459d5ed18f063d8de50f0177b68f0768621f55b3ec042527ce22ab138ab7fa7b1750ad4967db062b0bee3ff70f31872c8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f6dd78562a5bf08af54d20d3c1588179 |
| SHA1 | fbad66e0d22f463f64fb26425a87296ef6f6497c |
| SHA256 | 1d4f15c4e84a7d17ab3990aa6aac39b7caa4116cc9707c2d8ff2cb9225a7c52d |
| SHA512 | fdc56d21fb5a0e8f16882e7d3609c5b867d0ef1055c61eb03341d8fc2c38d53982a80864dac2b286c2ab2936a6cc4fdae1c8cb512e386811662994bf493b323d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 83d88377e072745e9e1d809eb54b3135 |
| SHA1 | 1044197c082b43347a5348cdf4cdf8dc8c96aea7 |
| SHA256 | 0af506e4895f3ba31b0606c8cfa1203c23ff6c5ca7328d823b39db27d254b57b |
| SHA512 | d1d07d8d1f849d627cad3ae84e1706f69a634829f23ae3097c7414be8b438a59f0c59a45f3f43507e3bb2e2cb9ae06f99da395745bb6d0ad5b7efcedbafd849a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9ae3c9d55a596c5bdac356d93f03a940 |
| SHA1 | 89cbd16e0c7834f97ce861ccf224375495a22d05 |
| SHA256 | 8b1a772b3e06d8c674c5f0aa319cff7db6672490a4b65582ec5dda2753b9103d |
| SHA512 | 955ccdd1bc9a89879adf31d3542c6dda806a238ed6cb8f00ae3166c4d6c7c92f31f39a8e7bb6b3a7064d349546a4ac36297f6106b02a14eec1d1bd9ecabdd0fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 83d88377e072745e9e1d809eb54b3135 |
| SHA1 | 1044197c082b43347a5348cdf4cdf8dc8c96aea7 |
| SHA256 | 0af506e4895f3ba31b0606c8cfa1203c23ff6c5ca7328d823b39db27d254b57b |
| SHA512 | d1d07d8d1f849d627cad3ae84e1706f69a634829f23ae3097c7414be8b438a59f0c59a45f3f43507e3bb2e2cb9ae06f99da395745bb6d0ad5b7efcedbafd849a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\cb1f4403-9168-4b58-8512-9a225359dd8a.tmp
| MD5 | ceceab060e3a19043fed65428f65c11f |
| SHA1 | ded451f4653833d5ebbc8b3151929586a25813d8 |
| SHA256 | a22197aa6baea49e30f629413b77ed9f079e0263595431e564022bf8d6d7fe12 |
| SHA512 | a1960aec3a6d2532de1ac9d42d02d817b4568c4709c9c5fb8033a5bd01ff7aa1ed66d0dce4ceb440916c439ebc3559b48381d96205856758855e10cf75d2fb85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f6dd78562a5bf08af54d20d3c1588179 |
| SHA1 | fbad66e0d22f463f64fb26425a87296ef6f6497c |
| SHA256 | 1d4f15c4e84a7d17ab3990aa6aac39b7caa4116cc9707c2d8ff2cb9225a7c52d |
| SHA512 | fdc56d21fb5a0e8f16882e7d3609c5b867d0ef1055c61eb03341d8fc2c38d53982a80864dac2b286c2ab2936a6cc4fdae1c8cb512e386811662994bf493b323d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 771f0c9cd4e796e518e8c49b45f9072d |
| SHA1 | e3d9b0d0b9d172abb7f6424ab46ef21bcab412b2 |
| SHA256 | aa26f4b0fba3070354e0ce473567426f549acd6f104b50f5c24e35752f62aa2a |
| SHA512 | 329ec6f99528784776e832e21193d9459d5ed18f063d8de50f0177b68f0768621f55b3ec042527ce22ab138ab7fa7b1750ad4967db062b0bee3ff70f31872c8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6dded92ec95cf9f22410bdeac841a00d |
| SHA1 | 83c32c23d53c59d654868f0b2a5c6be0a46249c2 |
| SHA256 | 1840d5c60c79874359414677662439087173c575d814c07ebe661ae1cebb639e |
| SHA512 | e13df653c0364be2b61619fe3d46799e10a565b41f33d3ce15e50397f8f9aa328e8c821212efe10cfe3b8283c1e8c7e9eb15f9674fc456837d6ee8c38bc8b0d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ceceab060e3a19043fed65428f65c11f |
| SHA1 | ded451f4653833d5ebbc8b3151929586a25813d8 |
| SHA256 | a22197aa6baea49e30f629413b77ed9f079e0263595431e564022bf8d6d7fe12 |
| SHA512 | a1960aec3a6d2532de1ac9d42d02d817b4568c4709c9c5fb8033a5bd01ff7aa1ed66d0dce4ceb440916c439ebc3559b48381d96205856758855e10cf75d2fb85 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2bV0551.exe
| MD5 | 282465cb811ac438486718a3742468a4 |
| SHA1 | a16f9f0c7dc09f503d1dab05c7c330ca262ee6ec |
| SHA256 | 7ebfde5acfde866ce50d249768530ed8633999e87bb4b9e6af7398c68abe98f1 |
| SHA512 | 15e4070de11588757ca7092319e47282349faf4601bdc53b8343c55cce7731f4ce60fb9474b8abb6507c69ddbbd185c21bbc573484edf5b45ae38cab7c72e93e |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2bV0551.exe
| MD5 | 282465cb811ac438486718a3742468a4 |
| SHA1 | a16f9f0c7dc09f503d1dab05c7c330ca262ee6ec |
| SHA256 | 7ebfde5acfde866ce50d249768530ed8633999e87bb4b9e6af7398c68abe98f1 |
| SHA512 | 15e4070de11588757ca7092319e47282349faf4601bdc53b8343c55cce7731f4ce60fb9474b8abb6507c69ddbbd185c21bbc573484edf5b45ae38cab7c72e93e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9ae3c9d55a596c5bdac356d93f03a940 |
| SHA1 | 89cbd16e0c7834f97ce861ccf224375495a22d05 |
| SHA256 | 8b1a772b3e06d8c674c5f0aa319cff7db6672490a4b65582ec5dda2753b9103d |
| SHA512 | 955ccdd1bc9a89879adf31d3542c6dda806a238ed6cb8f00ae3166c4d6c7c92f31f39a8e7bb6b3a7064d349546a4ac36297f6106b02a14eec1d1bd9ecabdd0fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 771f0c9cd4e796e518e8c49b45f9072d |
| SHA1 | e3d9b0d0b9d172abb7f6424ab46ef21bcab412b2 |
| SHA256 | aa26f4b0fba3070354e0ce473567426f549acd6f104b50f5c24e35752f62aa2a |
| SHA512 | 329ec6f99528784776e832e21193d9459d5ed18f063d8de50f0177b68f0768621f55b3ec042527ce22ab138ab7fa7b1750ad4967db062b0bee3ff70f31872c8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 368ceccbf9fd145770d83baae55e19d6 |
| SHA1 | 8b98f79c141cbcd5942e72cbbdf021f58b62f414 |
| SHA256 | 41ecc44e60e85ac9efce20e9ce56ac32b3884c878234728ceb195109a8f31471 |
| SHA512 | 7fefc64f513409459a75468a898aab039c8ef6020d9127c9b2d3ad8f8737e20f4dabe4365038bac6b34bc4f51fa40c85d143182d62d9705ad4df2f457a85d5c4 |
memory/7236-247-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3Yi94dA.exe
| MD5 | 28d072c3e03f39c936617dc6d94000f5 |
| SHA1 | f7a5324903fd8be099f1daf55948b12c841f37d9 |
| SHA256 | f409dfdbe841643ab470926ad4b87359418c56ec167867f11d660983e9c1d6d9 |
| SHA512 | a2cd83fff3950ec6ad6cb83a8e3d395b771ea3475aa6780b574548789601eac05201670f8b9b27ddcea12a915fca581adbf75a25e9a5eb795cb05482ffb0bf9a |
memory/7236-250-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7236-251-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7236-253-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3Yi94dA.exe
| MD5 | 28d072c3e03f39c936617dc6d94000f5 |
| SHA1 | f7a5324903fd8be099f1daf55948b12c841f37d9 |
| SHA256 | f409dfdbe841643ab470926ad4b87359418c56ec167867f11d660983e9c1d6d9 |
| SHA512 | a2cd83fff3950ec6ad6cb83a8e3d395b771ea3475aa6780b574548789601eac05201670f8b9b27ddcea12a915fca581adbf75a25e9a5eb795cb05482ffb0bf9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c28503ff490404c7052d028e5ff398c2 |
| SHA1 | c534648f88ab712b8dad06f397ca2b7afe2c8121 |
| SHA256 | 7acb12ff1eb374f61b0012a6416a10093e79770682600babc49087984e879cdd |
| SHA512 | 181500cc58aff492a0918525a2ea454452f53cdebb464d96f1a7047eb3258ebeacca3b173141bcba45be3d765eafcbc1c1f2d7f23ed3e1d69348e1f1159d48e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | e05436aebb117e9919978ca32bbcefd9 |
| SHA1 | 97b2af055317952ce42308ea69b82301320eb962 |
| SHA256 | cc9bd0953e70356e31a957ad9a9b1926f5e2a9f6a297cdef303ac693a2a86b7f |
| SHA512 | 11328e9514ffaa3c1eab84fae06595d75c8503bd5601adfd806182d46065752885a871b738439b356d1bb2c1ac71fc81e9d46bd2d0daa1b2ba0f40543bf952b9 |
memory/8032-295-0x0000000000400000-0x000000000043C000-memory.dmp
memory/8032-296-0x00000000746D0000-0x0000000074E80000-memory.dmp
memory/8032-304-0x0000000008050000-0x00000000085F4000-memory.dmp
memory/8032-311-0x0000000007B40000-0x0000000007BD2000-memory.dmp
memory/8032-319-0x0000000007D90000-0x0000000007DA0000-memory.dmp
memory/8032-321-0x0000000007D30000-0x0000000007D3A000-memory.dmp
\??\pipe\LOCAL\crashpad_3440_DASITZAIKVFPQZUY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/8032-396-0x0000000008C20000-0x0000000009238000-memory.dmp
memory/8032-397-0x0000000007EE0000-0x0000000007FEA000-memory.dmp
\??\pipe\LOCAL\crashpad_3384_FNBAIYYGFEYAIGWK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/8032-422-0x0000000007E10000-0x0000000007E22000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
| MD5 | fdbf5bcfbb02e2894a519454c232d32f |
| SHA1 | 5e225710e9560458ac032ab80e24d0f3cb81b87a |
| SHA256 | d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c |
| SHA512 | 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 7d75a9eb3b38b5dd04b8a7ce4f1b87cc |
| SHA1 | 68f598c84936c9720c5ffd6685294f5c94000dff |
| SHA256 | 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7 |
| SHA512 | cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f |
memory/8032-436-0x0000000007E70000-0x0000000007EAC000-memory.dmp
memory/8032-473-0x0000000007FF0000-0x000000000803C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2061225c877e716172cf146144cb49c1 |
| SHA1 | 18c7da5beaa973bf923cfb1e0fb0c493bf97abf3 |
| SHA256 | 92936ec9113e036acfbfd3e0ef3ce862daa2a306478d1da950baf9f02b412ce5 |
| SHA512 | 192686c65c8fd607b180968164adfa2d51855a72eeffb643be4f6c7138a2b38e17cda4653b662ed9c473dfcdbd03e68eb29a346b7415a06b9ea4686fd4ba747c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b7a32722a78e3227ba53905abe046072 |
| SHA1 | b9205d9d81fba31643a1912e739a7e3c1c612dab |
| SHA256 | 22c495bfbf58ea7ff515a1bd7e18b7fda6a2ecdd358cb2c24d5e03aa0da5c9af |
| SHA512 | f71ae94fac958fa206f76ae00e68f7c89f80d1988455e3eb6be53fcb5aaa7cb63bf61759f7d3051d14ee7d9d47e1814f9aa9cdf5d25f3ff90beb95e0fe0e3f35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5810a5.TMP
| MD5 | 92915a5c6d8cc9ffb22cc4d7dbdb96fe |
| SHA1 | 987a0a4f15ef042e670ad58d20b5b863a3e3033b |
| SHA256 | 6f16dcc02f071fcf201f296550ae2cfaef954d75f1f64fca7dbf84dd9d0d94fb |
| SHA512 | 1d1e256f987749dcab3530cc2376019944c76f1ec1719af6a47b54a2e53253d009a98fbfcc266781be0ed1bb006f270c519a7ce46d155cab0912e046db4501c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 3328896fe80700b18700a660cda4dcd6 |
| SHA1 | e4aae5d2af422e74fee590e34831907fa8d28965 |
| SHA256 | 2ab66e3d8fde455713ef178d5b439176c21ab778071e6792f228fda5873fae91 |
| SHA512 | c412a2f71b34e282f9c965d52d07bca6cf55d5b54f335314edb38f63d1577a77a14b6d97cc12f4fdbf1b65396cc6124309a232d77f09069e19333728b1b9188f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | dbebe2796f1ba9a746665938eef06b7b |
| SHA1 | 03f26e781e25857bc1696dc0c6a67a675634be62 |
| SHA256 | 5316e6ce3524801ea3a001901939264041194f59345627dd9ac7611d74952800 |
| SHA512 | 468bb77870237363cb6acab914b4176d8a62b897baedbe6572a70bb1b115eed2e7ed5bed05591bbc8027ed734f9244595c6bbc99785f82a3ad3ca7766ecdaff9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe582ad4.TMP
| MD5 | 46b5d5c8dde63dd89105562048b51fea |
| SHA1 | 16dc1a349301ec843bde792a981ead2f42624d63 |
| SHA256 | 6cda74500878926ebb6bf8229eeb85490ebd399684e78ef5aa14c63edc870c87 |
| SHA512 | c3bbd798f5e90dde83b82fcda42423de5375da2aacb632dc15c0b56fcb9b8cc33e035fab11b7579f40d0ea5dfab06f027d39785a76867d3970f7d3add9f7df7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041
| MD5 | 740a924b01c31c08ad37fe04d22af7c5 |
| SHA1 | 34feb0face110afc3a7673e36d27eee2d4edbbff |
| SHA256 | f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0 |
| SHA512 | da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 910d41a0f85062828bd4d4923cf38a29 |
| SHA1 | aff7cfce2abf9034d731b531e5d2199c1f4ab2c9 |
| SHA256 | d88d389cd1addba2c2ca4f682bd2e104c71f4fdc419b8a5c7d42b98b59edf1a6 |
| SHA512 | 010e09c4f390bbf43ccbe60379d4d5c2d45fbb8dd3ee3473fcad9e609987b1420d6164735ce97ea9b03069c238e9d26f5afe2535a7dc71da29d00244e5b025c0 |
memory/8032-866-0x00000000746D0000-0x0000000074E80000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6ddd96de-e25c-4f1c-b778-4df662be89da.tmp
| MD5 | f719d195c2d48a0b1e80baec595acaaf |
| SHA1 | 1e4c29e1186f781f54fa3eb35ec4b50b00cb7dc7 |
| SHA256 | 29929877269819b6a060ea79077cc7c14b285a274ded86747be12651f07f079a |
| SHA512 | 25ad15613928adcd5c537956bf9eae912961ee997be4b7ccdf5ba6cf0bee2383d34cfacb98233146a6aa22c080ab4e0e25d0f44493a3e19fa6f4f0afeea8d281 |
memory/8032-983-0x0000000007D90000-0x0000000007DA0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | d53f6a7f96440a6a9510926f4edcc758 |
| SHA1 | d8c49f92ff0d526fb4938ff90a128127f1a0671a |
| SHA256 | 82727d5150ad9fcb3728f308af20dfcbedd25d3fd1b34fa47f88c7ac30acc6c7 |
| SHA512 | 6843eadfe117a3771a8c3caf9496dd8c6c0335021c81aefa9ec1736bef95090195190334d01e2f80671010ba7094846fb427a1ec8c6759c1d4ea7558c450bf4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 050316d56800c19574dbfcc66af68f5e |
| SHA1 | 9c038ece79cde0a646cc0ad0f1f1fdc82a721dcc |
| SHA256 | d2e019698f8d82adf4925ed1b9f7586a4b4af991343f709fb468d65a13b1a815 |
| SHA512 | cb361090f2d5b4a1d97dc419fee366f50640c4b6ec9e93c0d91347d5985cf4ef5e909691bb3e2b4f24ea3a694c82daa2ad001796950a0db77671b0fa486fe405 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5878f4.TMP
| MD5 | 83b80d407314f282701b9e4e3e5563cb |
| SHA1 | c3006b78ac60dcd221158356a8e4e27595b88c11 |
| SHA256 | 1cd70bf12a85f5094bc9eaf41d2b52a6753f3dd6fc99f7dae43b51c613db2591 |
| SHA512 | 3a13ee5a4103646991e3cb8c6e888ba6c039cb9b712791c565a512123c82c9f23613b07d3829b0966fe249bfcf47c80127b64c71cce66054bfb13713bce93a9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 1471286a22558f07ead7e9340c8ed946 |
| SHA1 | 50bf6d5e5abbdd0e70b4cb84e6b9ce6acd470b6f |
| SHA256 | 711b019e6ae058f38a3c72413dafd64761504ea4825a54d1c39b65e306ddb277 |
| SHA512 | 76ec0748e88adbd379a1b09f195c92b7dc749428dea302d92fee9fb2a64541c3e470b95a12d110eb025acd01e784bc7c864f1c290ba2823adf3c2127db3c7398 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d448635d8bc0eb26a27f8fe683aef64e |
| SHA1 | 95c6c4179b18f813c574f3d2694f46a7f0b29ee3 |
| SHA256 | 2475dcfba0affbaf3f64ac939df60ccb47b67759c2a028e49a72e5b0c03c35a4 |
| SHA512 | 5e23ae889fa6fd76f4ab685d1afd08309b91ed452e033e83661ed446b46d930da8e5b4b70993f244c49c60f3b6789550dc0eb220078b5b996d897fdc62661cac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\13c049e6-4530-4f8b-8784-53fa0f5e93cb\index-dir\the-real-index
| MD5 | 7368863b70cefb611683b2c7efd4ef07 |
| SHA1 | 3590db2a655c2d8e16cb544da55023f98d99c79d |
| SHA256 | 6e3a2a020c7a948d8d82c3035d1fd07d64e536ab7d221622c7d3ebf8c9cce9bd |
| SHA512 | 1c377bb7d12a66cd3df6b2de0405866c4c02f2248b0f16e5deb624cae1e055d1330dfe567ccaf8fe713f95b232a2757c19e4a1f22b3b72599b07e359d550f515 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\13c049e6-4530-4f8b-8784-53fa0f5e93cb\index-dir\the-real-index~RFe587d59.TMP
| MD5 | cb3bff82e93c9e5acf2011e576671bf3 |
| SHA1 | fc08e249167e7b70544c162a549c9780cc6656fe |
| SHA256 | 511b45143caa9a5a616e80fff095272817d523d8333b556afcbccb1e2acf3f44 |
| SHA512 | 832673f86e0582338d19e62a4947389176d4b6606ecacda1cda191998e082a3b663546671ab7e545156073e5bb8dab7e92a23452dd4db9ddf6468b07b2f9957f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cbe463e570558e32193642b441c47575 |
| SHA1 | 6a28029738b64d120d55407a8efdaa0be3fe6e3b |
| SHA256 | a54fc65b47cd94f1f499f81c712dff92bfe5541486d028315d3e165033429431 |
| SHA512 | ff54004c3185fe1fb9e941c82f1fc6260e4880067d7b614d1afeaa528a6db6e066ab863d9967014f426386b9c7529e612a1f8b3efbf2649db606b19136061bdf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5ed4aa24f686d8ed5b98248129e8c130 |
| SHA1 | 5a9f405c4a64a79c5f7bdaaf9a0d2c44298b7a41 |
| SHA256 | 826808d458db95e91c62f07e307d0a56e689b73cb5bfa3821a38b8c0ea878f2b |
| SHA512 | 1c5db1842b758e0c5f87bdb34c35b568e2f01f0a46ce1553abe8fbf800d8d628402a98744533f46f374d6ae5f39cfe555638bb97fc6d26e8ffdb819c84bd45e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2899d48e8a50a897c95fbc3dc4a9ff9c |
| SHA1 | 95d409735db15fee7ca1cace07c63b9fdf67d8b2 |
| SHA256 | 67d14943f419bf714bb85456f1e62b2fca6cab7b5b9ad67ccacc0f9835e541b7 |
| SHA512 | b8d675a18f520e642603e7dd74e99d7871b0125e848d0d27a3888474e8daffd66e8be4d7cd6a38708a6f129bf8a738768bd004976bd04f1fb979eabbfb17798d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | da9d1e618170cc609531e7dccf8311b1 |
| SHA1 | 155a6fd9357a3319747dbb4848093a3130172fc8 |
| SHA256 | 99a2d60be14d759e962b2be8e87eb94ce9ee80441cf2b0658883ae707daba281 |
| SHA512 | 219ceeb4ff4136c0c920951ec52bf423324c98fcbd3f50c3114a4d6f4bc6e1c481ae596a14f4786d8f23fce78b15442eeaa46b9feeea323b7ded20bd163ed3ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\1be87ac9-b53e-4e3a-854e-ea574644406c\index-dir\the-real-index~RFe58e673.TMP
| MD5 | 35a7056723bb45bdc765cd12feadcbc1 |
| SHA1 | aa7f51641489cb60633fa329e2863a919c87e64c |
| SHA256 | 85fc3bcb1eb1358950be5cf5f0758517a082dade692bfaa637170a915617c180 |
| SHA512 | 1a563c4c7a3f9751682e4611a94f84e9235d472290305c895763dfb93fcb7518fc2cd2ee8fb543f96b8fc29dbbce645aed4cdf5bcde2af7b1d0437552ecb706c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\1be87ac9-b53e-4e3a-854e-ea574644406c\index-dir\the-real-index
| MD5 | e2fc0f4d77665912930675dcac761da4 |
| SHA1 | 9d25a57ea99efa0a8b9784768840f5e6d398553d |
| SHA256 | 2fa1dca5615495b5a1c9b2d4c56752a5b16f0f82d6f0fc2abaf6aefa940092fe |
| SHA512 | a127ccfa4c8536499f853068f9c64621d2023f49612a5b1d235a5c924f892454a6825b9031372b7022fc2bde53ea15b9d2ee8f9b76923d87189fe09810f5e79f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | ac6ccc75190242694bbd5700872a0709 |
| SHA1 | f03eea05be2923389b6bd832ec29fb9cf6cbd04f |
| SHA256 | 70f29f607f0304a1100ea6ed11a8353595cdce2867f12268f45e599e1b9fbe5a |
| SHA512 | e889961fe16323558012d27fa650cb825ca6787a1574c808ba9a9a6f5ce6869aeafa22b8f347bd07eec261f30a1bb327298374b035ecefb2d0f031551dac5192 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 815322810533d031a28976e96c327294 |
| SHA1 | 5d7a7fef1b5e1564eb3a4d904272d975a16a9055 |
| SHA256 | 7a84e56d05f4711ca4022fb4b268ed63903418c122a10e0a7a1dabb662430eff |
| SHA512 | 2941c0459beb1ebe09a5df1224db0c01fc5bffad2c15466c56b2edbb37d68ed1bd1335d53fa0dfb4b7404e6251b9581a3590ae422eedb07d3bd29605a2189f4f |