Analysis Overview
SHA256
270f4aed3071c67116d1ef4a6a23eace87c0c68a206b1e2ff46c94ae22089c0b
Threat Level: Known bad
The file 270f4aed3071c67116d1ef4a6a23eace87c0c68a206b1e2ff46c94ae22089c0b was found to be: Known bad.
Malicious Activity Summary
Mystic
RedLine payload
RedLine
Detect Mystic stealer payload
Executes dropped EXE
Adds Run key to start application
Suspicious use of SetThreadContext
AutoIT Executable
Detected potential entity reuse from brand paypal.
Unsigned PE
Program crash
Enumerates physical storage devices
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-11-11 09:14
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-11-11 09:14
Reported
2023-11-11 09:17
Platform
win10v2004-20231025-en
Max time kernel
150s
Max time network
154s
Command Line
Signatures
Detect Mystic stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Mystic
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\WV8uP65.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1tj80Pk8.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2Wn1344.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3zS79Hz.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\270f4aed3071c67116d1ef4a6a23eace87c0c68a206b1e2ff46c94ae22089c0b.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\WV8uP65.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 6764 set thread context of 3340 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2Wn1344.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 6228 set thread context of 7348 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3zS79Hz.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\270f4aed3071c67116d1ef4a6a23eace87c0c68a206b1e2ff46c94ae22089c0b.exe
"C:\Users\Admin\AppData\Local\Temp\270f4aed3071c67116d1ef4a6a23eace87c0c68a206b1e2ff46c94ae22089c0b.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\WV8uP65.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\WV8uP65.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1tj80Pk8.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1tj80Pk8.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa21f346f8,0x7ffa21f34708,0x7ffa21f34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffa21f346f8,0x7ffa21f34708,0x7ffa21f34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa21f346f8,0x7ffa21f34708,0x7ffa21f34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x180,0x184,0x188,0x15c,0x18c,0x7ffa21f346f8,0x7ffa21f34708,0x7ffa21f34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa21f346f8,0x7ffa21f34708,0x7ffa21f34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x140,0x174,0x7ffa21f346f8,0x7ffa21f34708,0x7ffa21f34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,6693955277590289391,17413485115927177687,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,6693955277590289391,17413485115927177687,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa21f346f8,0x7ffa21f34708,0x7ffa21f34718
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,12390866358331388401,12907529734595180802,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,6412194462128557881,16946194891034241249,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4116 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,1120496780622759747,14749241971701926960,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x16c,0x170,0x174,0x168,0x178,0x7ffa21f346f8,0x7ffa21f34708,0x7ffa21f34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffa21f346f8,0x7ffa21f34708,0x7ffa21f34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ffa21f346f8,0x7ffa21f34708,0x7ffa21f34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6356 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2Wn1344.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2Wn1344.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7936 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7936 /prefetch:8
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7616 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3zS79Hz.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3zS79Hz.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 3340 -ip 3340
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3340 -s 540
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4692 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7176 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,4166304425770225436,2225093272673613634,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1868 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 140.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.136.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | 39.142.81.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.49.222.23.in-addr.arpa | udp |
| US | 54.152.70.17:443 | www.epicgames.com | tcp |
| US | 54.152.70.17:443 | www.epicgames.com | tcp |
| US | 104.244.42.129:443 | twitter.com | tcp |
| US | 104.244.42.129:443 | twitter.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 8.8.8.8:53 | 129.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.70.152.54.in-addr.arpa | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 44.214.245.214:443 | tracking.epicgames.com | tcp |
| US | 8.8.8.8:53 | static-assets-prod.unrealengine.com | udp |
| US | 18.239.36.105:443 | static-assets-prod.unrealengine.com | tcp |
| US | 18.239.36.105:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | 214.245.214.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 93.184.220.70:443 | pbs.twimg.com | tcp |
| US | 104.244.42.66:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 192.229.220.133:443 | video.twimg.com | tcp |
| US | 104.244.42.5:443 | t.co | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | 70.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.220.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.250.179.150:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 88.221.25.169:80 | apps.identrust.com | tcp |
| NL | 88.221.25.169:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 160.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.25.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | facebook.com | udp |
| US | 157.240.5.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| US | 157.240.5.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | 35.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| US | 8.8.8.8:53 | c.paypal.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| US | 151.101.1.35:443 | t.paypal.com | tcp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | 35.1.101.151.in-addr.arpa | udp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 172.217.168.227:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | b.stats.paypal.com | udp |
| US | 64.4.245.84:443 | b.stats.paypal.com | tcp |
| NL | 172.217.168.227:443 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | 84.245.4.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| US | 18.239.36.105:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | dub.stats.paypal.com | udp |
| US | 64.4.245.84:443 | dub.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | talon-website-prod.ecosec.on.epicgames.com | udp |
| US | 172.64.146.120:443 | talon-website-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | c6.paypal.com | udp |
| US | 151.101.1.35:443 | c6.paypal.com | tcp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| US | 104.244.42.66:443 | api.twitter.com | tcp |
| US | 104.244.42.66:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | talon-service-prod.ecosec.on.epicgames.com | udp |
| US | 172.64.146.120:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 172.64.146.120:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 104.19.219.90:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.194:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.250.179.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 90.219.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.175.53.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | api2.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr5---sn-q4flrnss.googlevideo.com | udp |
| US | 173.194.57.106:443 | rr5---sn-q4flrnss.googlevideo.com | tcp |
| US | 173.194.57.106:443 | rr5---sn-q4flrnss.googlevideo.com | tcp |
| US | 173.194.57.106:443 | rr5---sn-q4flrnss.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 106.57.194.173.in-addr.arpa | udp |
| US | 173.194.57.106:443 | rr5---sn-q4flrnss.googlevideo.com | tcp |
| US | 173.194.57.106:443 | rr5---sn-q4flrnss.googlevideo.com | tcp |
| US | 173.194.57.106:443 | rr5---sn-q4flrnss.googlevideo.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| NL | 216.58.214.14:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 14.214.58.216.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| NL | 172.217.168.234:443 | jnn-pa.googleapis.com | tcp |
| NL | 172.217.168.234:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 234.168.217.172.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| NL | 142.251.36.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 6.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.173.189.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\WV8uP65.exe
| MD5 | 3b7106c4081de15564c5551af6e2e379 |
| SHA1 | 42d9434ddbd83d6de35cbc69c042c913bcfd4853 |
| SHA256 | 47ce165234eceffa07654684f22a0ace2566bf9f968b2db7951f7269a36ce71c |
| SHA512 | c5d5f6de850d342dd711cda368a7d87acafecaeabeeced81363785651b1a59fb6f2c463a1b80b6e29dafe6ff74e4f50582786430072ab40b789eb58d7a8edfc5 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\WV8uP65.exe
| MD5 | 3b7106c4081de15564c5551af6e2e379 |
| SHA1 | 42d9434ddbd83d6de35cbc69c042c913bcfd4853 |
| SHA256 | 47ce165234eceffa07654684f22a0ace2566bf9f968b2db7951f7269a36ce71c |
| SHA512 | c5d5f6de850d342dd711cda368a7d87acafecaeabeeced81363785651b1a59fb6f2c463a1b80b6e29dafe6ff74e4f50582786430072ab40b789eb58d7a8edfc5 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1tj80Pk8.exe
| MD5 | 04007f7d6f0048bf0190a30788313bda |
| SHA1 | a146946ea7527dc09b2f933e2db8815314a98b54 |
| SHA256 | 3f914030022af80f82d76dc20a84b7514d95498b27bbe7fc1e09c3075b0263b9 |
| SHA512 | 547be58ac17d0bef6aca7a0df9a07ee386ea5ad7579668ce9382bc039c9203c5055c82083149c7b1c906a1534e0a4fac9136af8e5d4ecb25c51736f54e0f9e08 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1tj80Pk8.exe
| MD5 | 04007f7d6f0048bf0190a30788313bda |
| SHA1 | a146946ea7527dc09b2f933e2db8815314a98b54 |
| SHA256 | 3f914030022af80f82d76dc20a84b7514d95498b27bbe7fc1e09c3075b0263b9 |
| SHA512 | 547be58ac17d0bef6aca7a0df9a07ee386ea5ad7579668ce9382bc039c9203c5055c82083149c7b1c906a1534e0a4fac9136af8e5d4ecb25c51736f54e0f9e08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
\??\pipe\LOCAL\crashpad_1744_GVEQRFXYBCQXZCWE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_4984_QOOMCXWFRLPVLJKC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 14a159171a44b845c70134e580dca454 |
| SHA1 | b2f26e95ca61d6e05894b3cb2f0fc2fa622c3493 |
| SHA256 | 47c8d868d94676586cb3a4468ea24c2c7a446b847ae5919c6b6102b4bd7a11f9 |
| SHA512 | bd92ef0d17056f3815228a310b8afae9d03d2f3a7cae5b6c5920b2e9f253fd4997651ccb1ea8d9e7592513a28c865189ae19e175a0812d6431b740c6fcd73a77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 836c1aa5c4e128af5ecd39e82eafe4f0 |
| SHA1 | 4746bad0eab83ae35b8286fc2070abfb50a3f7a9 |
| SHA256 | d240b7492a3f9c4bc22bd7df08196d601f73ec4a6336ac7ed7e2323d47de185b |
| SHA512 | 16de4b4d24d603e502fbe159d19d21b9713c4622414bcd96df64a05872da726054224136c456fe14841b2d8d4469d3ab041e71249f44604ed920482fdc98be6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 89c1f7ffc86caffb81a0311bf6853264 |
| SHA1 | a16171f93031025508d316b509588c1dd80b89df |
| SHA256 | adba4e0c69491e3534549be8e92c8d2fcd14ba3434586601ce9cbd99cf103228 |
| SHA512 | 2843103e8e66c13059db87052d19a1497a8a2460515c3435f733e5be50dc3e1a2f77cf78aea85e6ffadfe6ab2352a9d49e0ca3adecadecc268a0020bd2cd58c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 836c1aa5c4e128af5ecd39e82eafe4f0 |
| SHA1 | 4746bad0eab83ae35b8286fc2070abfb50a3f7a9 |
| SHA256 | d240b7492a3f9c4bc22bd7df08196d601f73ec4a6336ac7ed7e2323d47de185b |
| SHA512 | 16de4b4d24d603e502fbe159d19d21b9713c4622414bcd96df64a05872da726054224136c456fe14841b2d8d4469d3ab041e71249f44604ed920482fdc98be6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 14a159171a44b845c70134e580dca454 |
| SHA1 | b2f26e95ca61d6e05894b3cb2f0fc2fa622c3493 |
| SHA256 | 47c8d868d94676586cb3a4468ea24c2c7a446b847ae5919c6b6102b4bd7a11f9 |
| SHA512 | bd92ef0d17056f3815228a310b8afae9d03d2f3a7cae5b6c5920b2e9f253fd4997651ccb1ea8d9e7592513a28c865189ae19e175a0812d6431b740c6fcd73a77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 00830743f72162d7559bbaf5ad90cddb |
| SHA1 | ae0cb70c1cfbd545184a79c6ec9dc885068a25cc |
| SHA256 | 33a6e0033fa469ea45da8a03649948fb0bc07428b7ea98280e4bd5eefe54a737 |
| SHA512 | 48ae3e782176e88cd6f3b2a49ef8fc4ffacf861ba2d9724439dadd482b9a493034d43b45e7284790606226a71141096a242d0a8956a9b708c612736ffa1d1eb4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 89c1f7ffc86caffb81a0311bf6853264 |
| SHA1 | a16171f93031025508d316b509588c1dd80b89df |
| SHA256 | adba4e0c69491e3534549be8e92c8d2fcd14ba3434586601ce9cbd99cf103228 |
| SHA512 | 2843103e8e66c13059db87052d19a1497a8a2460515c3435f733e5be50dc3e1a2f77cf78aea85e6ffadfe6ab2352a9d49e0ca3adecadecc268a0020bd2cd58c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 00830743f72162d7559bbaf5ad90cddb |
| SHA1 | ae0cb70c1cfbd545184a79c6ec9dc885068a25cc |
| SHA256 | 33a6e0033fa469ea45da8a03649948fb0bc07428b7ea98280e4bd5eefe54a737 |
| SHA512 | 48ae3e782176e88cd6f3b2a49ef8fc4ffacf861ba2d9724439dadd482b9a493034d43b45e7284790606226a71141096a242d0a8956a9b708c612736ffa1d1eb4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 69be0eeb31474a668061c68405730f94 |
| SHA1 | 228e1c1e9b1ddf5edfeca6611765e04323b277ae |
| SHA256 | b8763216d2064b26e9dce492a99193f77cc8a84ff8f0f5cde70122eb8ddc1f92 |
| SHA512 | 47c7824668b579ba4112f028395be905bb355c9e6b32bf4e6dbdbfcfd2e750a68b24e5376099832f433d18c11fbd926d49c8d826492e4b9e877bc856172fab27 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 836c1aa5c4e128af5ecd39e82eafe4f0 |
| SHA1 | 4746bad0eab83ae35b8286fc2070abfb50a3f7a9 |
| SHA256 | d240b7492a3f9c4bc22bd7df08196d601f73ec4a6336ac7ed7e2323d47de185b |
| SHA512 | 16de4b4d24d603e502fbe159d19d21b9713c4622414bcd96df64a05872da726054224136c456fe14841b2d8d4469d3ab041e71249f44604ed920482fdc98be6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 14a159171a44b845c70134e580dca454 |
| SHA1 | b2f26e95ca61d6e05894b3cb2f0fc2fa622c3493 |
| SHA256 | 47c8d868d94676586cb3a4468ea24c2c7a446b847ae5919c6b6102b4bd7a11f9 |
| SHA512 | bd92ef0d17056f3815228a310b8afae9d03d2f3a7cae5b6c5920b2e9f253fd4997651ccb1ea8d9e7592513a28c865189ae19e175a0812d6431b740c6fcd73a77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2Wn1344.exe
| MD5 | 50260d77bf7622933e44255b8fa5edea |
| SHA1 | 43ef379ff5593c084cd874fbd16748e24edfc823 |
| SHA256 | 0c3be630f3a8fc81758e02f19a4df3dec4c4e964a9937708c0e938b492cfd3f9 |
| SHA512 | 152de6bebaf3e8229dd9de7aac1562d64ffcf26e290c77b9bc9ebb3569f8643c4d15b1194d1ba854e330ddb4fe7630b7bd0a13b9a9943c672080442210bdab38 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2Wn1344.exe
| MD5 | 50260d77bf7622933e44255b8fa5edea |
| SHA1 | 43ef379ff5593c084cd874fbd16748e24edfc823 |
| SHA256 | 0c3be630f3a8fc81758e02f19a4df3dec4c4e964a9937708c0e938b492cfd3f9 |
| SHA512 | 152de6bebaf3e8229dd9de7aac1562d64ffcf26e290c77b9bc9ebb3569f8643c4d15b1194d1ba854e330ddb4fe7630b7bd0a13b9a9943c672080442210bdab38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
memory/3340-213-0x0000000000400000-0x0000000000433000-memory.dmp
memory/3340-214-0x0000000000400000-0x0000000000433000-memory.dmp
memory/3340-221-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 00afd3dde3a8b7b9061599dba3dfa31e |
| SHA1 | d4e8edcaa749a0ed1420cca9c68f08e7d4056526 |
| SHA256 | c172d3fcf6e9c88f3ce2e13e1248db724461662294af16954bb72477c203d870 |
| SHA512 | d81c08d5904279386227ea1e360ec20451e7d1b6c374c598cff7cf234dfb116256982fe919b810c33a3481eae4156d35a2b9e5d2344b7c26165918940f7af064 |
memory/3340-223-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 89c1f7ffc86caffb81a0311bf6853264 |
| SHA1 | a16171f93031025508d316b509588c1dd80b89df |
| SHA256 | adba4e0c69491e3534549be8e92c8d2fcd14ba3434586601ce9cbd99cf103228 |
| SHA512 | 2843103e8e66c13059db87052d19a1497a8a2460515c3435f733e5be50dc3e1a2f77cf78aea85e6ffadfe6ab2352a9d49e0ca3adecadecc268a0020bd2cd58c0 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3zS79Hz.exe
| MD5 | ac206da2bd03de6399462b76c026e68c |
| SHA1 | 7f4cc4745f9ea11b5f0d446be6dcfc8c14f63c00 |
| SHA256 | cf99574da0f10068f93b65f740d3fc6440b33fb87d40163d0ab68a6d9bec6646 |
| SHA512 | 768cdea9b793d286f6aaac31c3508f577ed765bdc0e4a53303ba5b7a20cdf6fe3931dfac718a020eb83e4827ca447138cc3d65e692d1ffb83cd5892c5d541b9d |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3zS79Hz.exe
| MD5 | ac206da2bd03de6399462b76c026e68c |
| SHA1 | 7f4cc4745f9ea11b5f0d446be6dcfc8c14f63c00 |
| SHA256 | cf99574da0f10068f93b65f740d3fc6440b33fb87d40163d0ab68a6d9bec6646 |
| SHA512 | 768cdea9b793d286f6aaac31c3508f577ed765bdc0e4a53303ba5b7a20cdf6fe3931dfac718a020eb83e4827ca447138cc3d65e692d1ffb83cd5892c5d541b9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 466f39422ac6de6a35310830c090cdd3 |
| SHA1 | a543123a32626f5d06601d6c5e1738a06ef0f590 |
| SHA256 | fdb4226dacad61e881c89ccfa0daf434e894575c5b2227117e1720feb657b594 |
| SHA512 | b1f88f7e6686ee0444c94bc31f6b037c302fa140bdb59c438d2c23b0dafeec627b56832791868adc3d8e4fd2eb80b21e53830b39296fcd6fa47a907c7bc73eb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | e2565e589c9c038c551766400aefc665 |
| SHA1 | 77893bb0d295c2737e31a3f539572367c946ab27 |
| SHA256 | 172017da29bce2bfe0c8b4577a9b8e7a97a0585fd85697f51261f39b28877e80 |
| SHA512 | 5a33ce3d048f2443c5d1aee3922693decc19c4d172aff0b059b31af3b56aa5e413902f9a9634e5ee874b046ae63a0531985b0361467b62e977dcff7fc9913c4d |
memory/7348-276-0x0000000000400000-0x000000000043C000-memory.dmp
memory/7348-287-0x0000000074A50000-0x0000000075200000-memory.dmp
memory/7348-290-0x00000000079D0000-0x0000000007F74000-memory.dmp
memory/7348-302-0x00000000074C0000-0x0000000007552000-memory.dmp
memory/7348-311-0x00000000074B0000-0x00000000074C0000-memory.dmp
memory/7348-322-0x00000000074A0000-0x00000000074AA000-memory.dmp
memory/7348-343-0x00000000085A0000-0x0000000008BB8000-memory.dmp
memory/7348-373-0x00000000077F0000-0x00000000078FA000-memory.dmp
memory/7348-374-0x0000000007720000-0x0000000007732000-memory.dmp
memory/7348-375-0x0000000007780000-0x00000000077BC000-memory.dmp
memory/7348-376-0x0000000007900000-0x000000000794C000-memory.dmp
\??\pipe\LOCAL\crashpad_3004_MVQHXFMTMKIYUBAG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 7d75a9eb3b38b5dd04b8a7ce4f1b87cc |
| SHA1 | 68f598c84936c9720c5ffd6685294f5c94000dff |
| SHA256 | 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7 |
| SHA512 | cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f |
\??\pipe\LOCAL\crashpad_1408_ITSBQWITHRTJPUJW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | fdbf5bcfbb02e2894a519454c232d32f |
| SHA1 | 5e225710e9560458ac032ab80e24d0f3cb81b87a |
| SHA256 | d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c |
| SHA512 | 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 4e08109ee6888eeb2f5d6987513366bc |
| SHA1 | 86340f5fa46d1a73db2031d80699937878da635e |
| SHA256 | bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339 |
| SHA512 | 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661 |
\??\pipe\LOCAL\crashpad_2136_HRXLBTEWBUBGSHQE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d081cd3b26873766c57c4614a7933400 |
| SHA1 | 89d4bf1e19e49fa1051fe59e49e070e7024b135c |
| SHA256 | e335bc1223872ba8da701d5adcbbbd9a6d4ddae93a7856aaa0df722189f5eac9 |
| SHA512 | db6cc72b8c9542aab226a67984976b4a11d5f1fb852c6c9dcd4eca338179f83a54604019190fbdfddce840c6c8eb322574e9a7ee4de936ffcce3f197d7e7213d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d1f6.TMP
| MD5 | 8982f5621bb1de60a5fa8a13aa85278d |
| SHA1 | 326ce8f734fb9bf96ff816cd185dfe4ab9dce323 |
| SHA256 | 3777968ce5f668f1a77dec22b2ad4892f639eab830b7e7ecbc052fc60cd307d4 |
| SHA512 | 0d5086821ed340d303ba97d410c9081e15b8ae3935ba8bbf01f1e058c25db64d0966be81a06ccbe37e6792ad414a536f2c427aece88f50fcddf42b18cafe7901 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c
| MD5 | 740a924b01c31c08ad37fe04d22af7c5 |
| SHA1 | 34feb0face110afc3a7673e36d27eee2d4edbbff |
| SHA256 | f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0 |
| SHA512 | da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 1ad1e644d9f8fceb58bbbfcbc9857535 |
| SHA1 | f6db2c81e2ba5c83a38401a9b0473dc8d77167d9 |
| SHA256 | f7823563f85879e7bb3a2eadf3e06bc188d970779b039ad7eb5737ba06413ce9 |
| SHA512 | e1528a9e73214eec8159688ba6c0efa2caadc76c384d90ccb2ee079a399350b5b162914344fefd114eedc60d9d28f04654fbec395605ddc802acf18166423d03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe57e484.TMP
| MD5 | 8d78812121b28a7b2209715f160ee02a |
| SHA1 | adabe7aa84e481588227bbe8942c4f7b1248f9e1 |
| SHA256 | 3a5f4647e025c9746fd4077de4037f3f9a122c01f8caf51a401e66e0f656eb35 |
| SHA512 | ee63acbae6c53312076f1f6d04ca9de92493cac8034f8c8d34e2706fa8b910562b5f17076d699b73d579bc2e1b9663eaa847f8c831b475c3f18b06a54c572f2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 10178b85daa4a71f5878cc1201aebc16 |
| SHA1 | 09f9d8ac412b56e4e11ed5a06f46a52f1e67e997 |
| SHA256 | 7a37f459272c1e24d079d6d2baee332972b52fca6d1fa1299fb2605d55727151 |
| SHA512 | 42b02bc8cac5e51c228837f29ce5950ff29690ccc4d8452b15d1eeec843888dfc568a26adea18e5a7a4aca837da551671ce167f12a2e08b2102bbd79e79822bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a53b2158-b314-47d2-82ff-a892b61639d0\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | fb4bd8ffb58180f6184602bd89fcc8bd |
| SHA1 | 2219be6b4f9775d12c9b3512c541eb4da848898f |
| SHA256 | 42468eef9801f9786e6269e25adb4a37516be2e36837336b2a85e44b229509da |
| SHA512 | 0af5ef12052421ac65e0a2b3aeb736b83b667813de391caa02511b2246af82000effe3b4c9b126f80bf907e8eed5ce07d31802c770851062ed3ae744ef04ef5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | a1188d6af445cb74ec17aced9c0ff0bc |
| SHA1 | 196e6c6b83aa7f58f1dd0ca5c4da938ad01e8aab |
| SHA256 | 4d6d88c0a48b4efdc77b730b793f0a88d916926b70d4e1044078bf865ac952a3 |
| SHA512 | 59185c27a3440513f35aa80371fe3f618f0cd87c1c366abe16803b9cf21fa307ae08411c3fc5c187fca3de8924692848462a0b110d198607371ad74ee267efbd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 861bc60e02ea83dc5b8ab949eaa0976a |
| SHA1 | b65941794728d5a616d0faad62d9b741cf8d6c91 |
| SHA256 | c6b10a217a1ead30d86659aa6176cf641565d63cb30fd293cbf9552fb8de9ded |
| SHA512 | 2a047ae29478d32c83ce3efdf23cc1d719acdebf9eaa325773c7f634b4a534de2b4aeff5ff1a74fd61e14883341c022c80156593dd4f8f506fd8a361d9fc6279 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bcac3d11e784c1eb05b319f6fac06cec |
| SHA1 | cdc2ee84d64e972d598bab12837d79b1ae15e957 |
| SHA256 | 791c277d77fda006e43df781db8470e3ffc1f647228af09e396bc624192ab94c |
| SHA512 | 1b7b6951d105d56e32f1cc0590864d4fe90f0de98f24bb9744e032f9e511627f302ab6cc8dcfdde108da7321a8e949b3236975cdef08600a79a780d7c59dcb1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 428a635425ba637acb03aeb43660b116 |
| SHA1 | 44b1a0f2f8c6a2e512e764bb09a695dc1b07601e |
| SHA256 | 5a10cfcd49e4c6942766db5d32e64d81eb3b437f412f4d28466fff8ab7ebce6b |
| SHA512 | 4fd1926002447ad2e7bac1acc8f899efe6c7ebcf1ddae6a307d96cf5e854bdc438379dc6dcd59eb35bcb6ec735e67d9b40184126fba0b231cb056f8e0ca1d3bb |
memory/7348-1233-0x0000000074A50000-0x0000000075200000-memory.dmp
memory/7348-1282-0x00000000074B0000-0x00000000074C0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2bb35a7e7ffc51a0d87103f8e2371105 |
| SHA1 | d27ab445391b9c5b31c0a7b54da232178cfdea81 |
| SHA256 | 7de04acb38814c43b0bfd71ba227b2c3a3c101f852170c6721c4520b047be97f |
| SHA512 | 50e01f978f3c2d2e46376a3380bb7c7aa99ebbba51eb4afb4595d10a9143f4630d79045c494df1ce02204e31358036200db88f444d5ab40cfb0fe7f364fcb9ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\b0315b83-2a46-45be-bda1-cdf1e98dc0d4\index-dir\the-real-index
| MD5 | 7ece0f1fdd68c072bb344e266ab0dafd |
| SHA1 | b7881ef6b595cce6819e5d803fb965eed921cb09 |
| SHA256 | 7228bf45a284b93c83d62798f72f28833fb73c9112bf4f2388ccac8430d81eb6 |
| SHA512 | 085f867684234d3dea4c4853d25ba59de935c17ad7dfce9d836eb47fa60ff232369ff4964eff9e1ad95c18f35ef908b712493a4973b2bbec1deafe746753a831 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\b0315b83-2a46-45be-bda1-cdf1e98dc0d4\index-dir\the-real-index~RFe5834f6.TMP
| MD5 | 90ad62caa8103503c96852268e6c879f |
| SHA1 | 6683567102baab6a6f940fa39561da94904b5d6d |
| SHA256 | fab94d85c1cab3c1e6a565a23c8ae4bd8cb5c0905771568f7d73e0b0ea308753 |
| SHA512 | af3b81163a04e9bfc27acac88b54d3d3e0e6be681e6e17deec9925b85b198d497728ecc9e7f2a909095d6be94aafba51c43f3d20a73ba77a3f976ad9e05a6766 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b60d7d9e479558a322c3773c6ed88c44 |
| SHA1 | 60bfcb3612767dc1f46aeb4537c0787695ad2ec2 |
| SHA256 | 22ba190b5a84caf9dceaa7411aa1b394c8e98a2fd30cb2826ad382b8d3be26ee |
| SHA512 | 51e373565a9091f0d677e8ad44d10e736fb90387072939f3f325716dbbe4aed19a49a010a0cada4da0f923df37676df9c9a6d30d9abd7b97c9233b5ea52c517d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5637d43a2cc4cf937214709826694271 |
| SHA1 | a5615e69f92d008c007d9bafbf1d717eaa6cd7d0 |
| SHA256 | 7e5dc5ccc1876fd6afafd2ee66eec72d512e3dcb1125cb1a6f5119e24d4885b7 |
| SHA512 | c92562fdf471b7e33e9662b527e066d717cfe70d21fd06501d41272b8e403a1bb44282e7decc80551f55bf85595c50a826fccd098e4640e977ba6eec5fe32012 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | a2ef9cccea014febcfd4b2404c0b05cd |
| SHA1 | 9402ada1e7f2649da2c6da65266401fba0c21cd0 |
| SHA256 | 105ef3354adca04e0a6e452a3e92869525c37f4e1109a7852562bd17fc0c6b03 |
| SHA512 | e1545303de5bde24a4d1305582d24d577d4ca28c2478ef7f4099b99d984a333efd15f3c43bf2a02c13724c4d9ea766611d4f7be4dc0247d562dc0e03e3daa148 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58559d.TMP
| MD5 | 635b26d657035f91f43c545c251435b5 |
| SHA1 | 0a045e8c956dec11258aafe63f448c6e864d2fb5 |
| SHA256 | ca99711b068af0041dc5ae42fbf4baf375108c15127caf6f461cab48e46acd1c |
| SHA512 | dad56e49a2067f9db5b79761f65e0b69b03a2bd9850a0100bca687663614010d82718f9139229a92187e105bd336191c921ef44e24e4f3d884652d09db74563e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a0008b1a-58d6-4932-9770-7dcd76af90a0\index-dir\the-real-index
| MD5 | 01f8800cad103585bb0dc856c5976dbe |
| SHA1 | 85c733e1ccf1a77fd81bb0fd7afc5142ea639912 |
| SHA256 | a19aa4d0fe546eb8077acc378444b4ff9a5c7f54449b9764db01efedd1ad7946 |
| SHA512 | 0b835d290ee7a2a97a4450c6c55b39763a5630e4086c5980f8646c5bfef6e19197b3c05ab6ca6d4348c71a935b4886e4711bd21f1e148f1cb0f5bdd48ed51f14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a0008b1a-58d6-4932-9770-7dcd76af90a0\index-dir\the-real-index
| MD5 | 669244a46df5159bad00f254289849f5 |
| SHA1 | 2bfa5f4a2b4a7ad4d760843bce2a6f7a212ae50a |
| SHA256 | 5f92852183c6499e1c4291c236486a773f1b80c9be523f596af651c1af9d4af7 |
| SHA512 | ab85739df2a5c71a578e4836630163790bb44d78876de81a3059af1d1463a1a44d788d42267521a21cce7429511ac9a2b12498a3a1b628de2e36c712fb0e5b34 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | eee1627cafa7cd8fd79cf0b9ed144f3f |
| SHA1 | 40dc85a0b446276be58daefe8726888f1d4f60c7 |
| SHA256 | 3a9041b20aa2900a98f1c63635ecccaf326430be43656552cd4bd8ed21105679 |
| SHA512 | b6943c2a6addcad14db65189cfa041ede53797ddb81245f6b9dc7f4fcbdecc5ca201bb0715efd1d9ccadf102f9e42d4980ed1122cf9a2429350e741da3cd2694 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b43a5d1262f5e2dc6bbb30bdfdf3e7e8 |
| SHA1 | 8dd1f07b9a0a2270b4059e52edb8cc7b4d676d03 |
| SHA256 | 72f725ac44a4a363b392b669cf85ae6ca46e3c84678a8064ebb4a34be1897daf |
| SHA512 | 7ea2fba7d4a8d7f1b81c5d658bbb09815b8419c87eddb0d763cbd86aa6d35e42e1846ec0a13635203955981a14c191ca0d005b62fbe098b1b4d84bc9fcee976a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | af78575b41a2f04e60002514410a0c36 |
| SHA1 | e2b24313b544d8999ce8c5ff145a251a6c1d6a6e |
| SHA256 | a6e734b6e1e5ff617461de46e7ba68fc422aa7d6173b803aacbc2df21c0eb484 |
| SHA512 | f20f617e5a410af2f4bc147ad637465f4cfe38a74a3cc5bfeff343c8cb52cb58309a3e25c0eda8f419158244a66f78c15ce93103b701780410bc92eb5e4a99c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a11b82fc9d0508367ec22abb4bc434a3 |
| SHA1 | 75f198ce77251fdd2a6b388763150ec8ee7ecb1d |
| SHA256 | 13dbe97fcb630d9dc7b93de50eadfde36900f0c550d57defd403eeffb85e40ab |
| SHA512 | c4277a5c669ccf396948d427d12b8d9bc6113e243c6865b7d30d969a2ddb540509ea194822a3daab54e72c6938aba1ef8478bee4f01c2eab80d761a628a38bea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9c38fd079cc17d7511365b31ae0e452e |
| SHA1 | 313b9dab958a940cb180a945d179597262c082b1 |
| SHA256 | 0221bcf76bba20f3338e5f29ae8992499f4bdac3ad55693a37d2aff132a720f7 |
| SHA512 | 04d0ee8344a0ed285beb17efd5f6c4305d55e920f3bb071cd1280ab4d42967ba19b26bd9091ab193212057a05bfb3898df41cc150d612262ab1afc1115908c4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\47ee23f1-27b4-4141-a693-a12d292f27d1\index-dir\the-real-index~RFe58bab0.TMP
| MD5 | ef49592c4f0b00d92b811f1c23bb6277 |
| SHA1 | c8a2f5f927313aa4c277b6fac6e21ae634306aa4 |
| SHA256 | 275b71a053c33e9e7aa455f85084bdf72b3c01f4dcacc5b08f19dd5e55abed30 |
| SHA512 | 83cb8b0017e072f935ee7fc506cc3426ea818c207f04665c5d40d43ec4d863415d46dbc7c8aca66bbc874973f47288e0931c6075709ee833d1a8d86b1e3e76ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\47ee23f1-27b4-4141-a693-a12d292f27d1\index-dir\the-real-index
| MD5 | 7f1b9407600f49b8c3c1fa0550886a15 |
| SHA1 | b3deb1dcec166d076044a80e94cfb66bf4c059ca |
| SHA256 | ab900549574f95ead5f464b31de5e169bf03590d16c70eccede4b5e4c991c77e |
| SHA512 | aeb37090e274ddf77d41dabc2ac98fc703f2e31d75719ec3ad1a53ed6a53e5b3af2bba4667a8be5b22faca0ec392111698e02187f1dd82572bb8362fed8bda35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 97e613ea2340a9e957ab0ac1fc88fdba |
| SHA1 | a385e9d4ac15d0bdb5246e1926775ea575674c31 |
| SHA256 | c2242b7465d689050321d0ca29e87b2ad87a7e02e859eca2f66c3a09f05d7a94 |
| SHA512 | b0149f8fdef9e52071abecdcc5ac30d346eec4befea956bdc8efc1ea6080d97221e860568138f56f217e7dcb794e293a6817e13913f5eae24b2ee37d8757ea81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0e4f9b6b4b20dc1ea48bf9059a1d5073 |
| SHA1 | 4cef6444e0470e4b3b8c0c45ec941e48868bf2bd |
| SHA256 | 0d5dafdbc9f3089b2b832abeaade84a6795ff6e1eb8149f4db8c7352b1529d10 |
| SHA512 | 359b2c578c5bbe1d4165aa0c5e80df965065d35264b5ee5c230054a39e0c64389559db0bf474752a3d1c8a28022fb1bdd649771662d5b258d604978f4d01853a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 526f674b23f52a8e23cfd856405791f1 |
| SHA1 | 8357a670d0917e20ccd53a8ba9ff568fb192ac7b |
| SHA256 | ab0959e3e730ba20142bf011697b3d1ca66550e8319df845a501599c2e4af0a0 |
| SHA512 | 1a180abbd62349cfe917507d357b70d9284410c08bccbff779b4202045bfa387389987c52e2f25cd677a7034839ca2badff51f0164cc7debed3e8973031dcd16 |