Malware Analysis Report

2025-01-02 05:31

Sample ID 231111-lh8ctscg9s
Target 6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d
SHA256 6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d
Tags
mystic redline taiga infostealer persistence spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d

Threat Level: Known bad

The file 6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d was found to be: Known bad.

Malicious Activity Summary

mystic redline taiga infostealer persistence spyware stealer

RedLine

RedLine payload

Detect Mystic stealer payload

Mystic

Executes dropped EXE

Accesses cryptocurrency files/wallets, possible credential harvesting

Adds Run key to start application

AutoIT Executable

Suspicious use of SetThreadContext

Enumerates physical storage devices

Unsigned PE

Program crash

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2023-11-11 09:33

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-11-11 09:33

Reported

2023-11-11 09:35

Platform

win10v2004-20231025-en

Max time kernel

150s

Max time network

155s

Command Line

"C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe"

Signatures

Detect Mystic stealer payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Mystic

stealer mystic

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

Accesses cryptocurrency files/wallets, possible credential harvesting

spyware

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup2 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP002.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe N/A

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3936 wrote to memory of 1324 N/A C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe
PID 3936 wrote to memory of 1324 N/A C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe
PID 3936 wrote to memory of 1324 N/A C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe
PID 1324 wrote to memory of 2012 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe
PID 1324 wrote to memory of 2012 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe
PID 1324 wrote to memory of 2012 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe
PID 2012 wrote to memory of 4596 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe
PID 2012 wrote to memory of 4596 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe
PID 2012 wrote to memory of 4596 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe
PID 4596 wrote to memory of 3480 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 3480 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4668 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4668 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 3376 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 3376 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2084 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2084 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2120 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2120 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2084 wrote to memory of 4860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2084 wrote to memory of 4860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3376 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3376 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 964 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 964 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4140 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4140 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4140 wrote to memory of 4744 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4140 wrote to memory of 4744 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2984 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2984 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2984 wrote to memory of 2320 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2984 wrote to memory of 2320 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2220 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2220 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2220 wrote to memory of 3648 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2220 wrote to memory of 3648 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 3036 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 3036 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3036 wrote to memory of 1888 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3036 wrote to memory of 1888 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4380 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4380 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4380 wrote to memory of 3048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4380 wrote to memory of 3048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4420 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4420 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4420 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4420 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2012 wrote to memory of 5364 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe
PID 2012 wrote to memory of 5364 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe
PID 2012 wrote to memory of 5364 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe

"C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x174,0x178,0x17c,0x150,0x180,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,7273498006603968975,17787564551720784584,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,7273498006603968975,17787564551720784584,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2192 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,17079742460220655096,7450047832994963813,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,17079742460220655096,7450047832994963813,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,8088780823449175860,13696083775109397750,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,8088780823449175860,13696083775109397750,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,5654689255061645893,15948953953272420667,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,5654689255061645893,15948953953272420667,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,8334471941194472745,15764416343344795134,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,11938039292570177589,6423900514298189852,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3828 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,13779479701052938336,2494551079732374061,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13779479701052938336,2494551079732374061,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,1336552414765582067,239561776907890021,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,1336552414765582067,239561776907890021,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3856 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x518 0x424

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 5308 -ip 5308

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5oC64oY.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5oC64oY.exe

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5308 -s 540

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6bc640.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6bc640.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8992 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9812 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9812 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7844 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 158.240.127.40.in-addr.arpa udp
US 8.8.8.8:53 39.142.81.104.in-addr.arpa udp
US 8.8.8.8:53 steamcommunity.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.179.141:443 accounts.google.com tcp
NL 23.222.49.98:443 steamcommunity.com tcp
NL 157.240.247.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.epicgames.com udp
US 8.8.8.8:53 twitter.com udp
US 3.228.27.61:443 www.epicgames.com tcp
US 8.8.8.8:53 store.steampowered.com udp
US 104.244.42.129:443 twitter.com tcp
NL 104.85.0.101:443 store.steampowered.com tcp
US 8.8.8.8:53 www.paypal.com udp
US 8.8.8.8:53 98.49.222.23.in-addr.arpa udp
US 8.8.8.8:53 141.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.247.240.157.in-addr.arpa udp
US 8.8.8.8:53 61.27.228.3.in-addr.arpa udp
US 8.8.8.8:53 129.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 101.0.85.104.in-addr.arpa udp
US 151.101.1.21:443 www.paypal.com tcp
NL 142.250.179.141:443 accounts.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.250.179.150:443 i.ytimg.com tcp
US 8.8.8.8:53 21.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 14.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 83.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 150.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 106.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 131.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 172.217.168.194:443 googleads.g.doubleclick.net tcp
NL 172.217.168.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 194.168.217.172.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
NL 142.250.179.150:443 i.ytimg.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 i3.ytimg.com udp
US 142.251.31.132:443 yt3.ggpht.com tcp
US 142.251.31.132:443 yt3.ggpht.com tcp
US 142.251.31.132:443 yt3.ggpht.com tcp
GB 216.58.208.110:443 i3.ytimg.com tcp
US 142.251.31.132:443 yt3.ggpht.com tcp
US 142.251.31.132:443 yt3.ggpht.com tcp
US 142.251.31.132:443 yt3.ggpht.com tcp
US 8.8.8.8:53 110.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 132.31.251.142.in-addr.arpa udp
US 8.8.8.8:53 195.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.doubleclick.net udp
NL 142.251.36.6:443 static.doubleclick.net tcp
NL 142.251.39.106:443 jnn-pa.googleapis.com tcp
NL 142.251.39.106:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 6.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 106.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
NL 216.58.214.14:443 youtube.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 tracking.epicgames.com udp
US 44.214.245.214:443 tracking.epicgames.com tcp
US 8.8.8.8:53 static-assets-prod.unrealengine.com udp
US 8.8.8.8:53 10.5.240.157.in-addr.arpa udp
US 18.239.36.105:443 static-assets-prod.unrealengine.com tcp
US 18.239.36.105:443 static-assets-prod.unrealengine.com tcp
US 8.8.8.8:53 community.akamai.steamstatic.com udp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 88.221.25.169:80 apps.identrust.com tcp
US 8.8.8.8:53 105.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 214.245.214.44.in-addr.arpa udp
US 8.8.8.8:53 169.25.221.88.in-addr.arpa udp
US 8.8.8.8:53 169.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 store.akamai.steamstatic.com udp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 www.paypalobjects.com udp
US 151.101.2.133:443 www.paypalobjects.com tcp
US 151.101.2.133:443 www.paypalobjects.com tcp
US 151.101.2.133:443 www.paypalobjects.com tcp
US 8.8.8.8:53 176.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 133.2.101.151.in-addr.arpa udp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 abs.twimg.com udp
US 8.8.8.8:53 api.twitter.com udp
US 8.8.8.8:53 pbs.twimg.com udp
US 104.244.42.130:443 api.twitter.com tcp
US 8.8.8.8:53 video.twimg.com udp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 t.co udp
NL 199.232.148.159:443 pbs.twimg.com tcp
US 192.229.220.133:443 video.twimg.com tcp
US 104.244.42.5:443 t.co tcp
US 8.8.8.8:53 2.136.104.51.in-addr.arpa udp
US 8.8.8.8:53 130.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 141.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 159.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 133.220.229.192.in-addr.arpa udp
US 8.8.8.8:53 5.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 static.ads-twitter.com udp
NL 199.232.148.157:443 static.ads-twitter.com tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 157.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-5hne6nsd.googlevideo.com udp
NL 172.217.132.9:443 rr4---sn-5hne6nsd.googlevideo.com tcp
NL 172.217.132.9:443 rr4---sn-5hne6nsd.googlevideo.com tcp
NL 172.217.132.9:443 rr4---sn-5hne6nsd.googlevideo.com udp
US 8.8.8.8:53 9.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 151.101.2.133:443 www.paypalobjects.com tcp
US 8.8.8.8:53 162.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 numpersb.fun udp
US 8.8.8.8:53 killredls.pw udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 www.recaptcha.net udp
NL 172.217.168.227:443 www.recaptcha.net tcp
US 8.8.8.8:53 57.53.21.104.in-addr.arpa udp
US 8.8.8.8:53 227.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
NL 172.217.168.227:443 www.recaptcha.net udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 c.paypal.com udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 192.55.233.1:443 tcp
US 104.21.53.57:80 killredls.pw tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 facebook.com udp
US 192.55.233.1:443 tcp
US 157.240.5.35:443 facebook.com tcp
US 8.8.8.8:53 35.5.240.157.in-addr.arpa udp
US 8.8.8.8:53 fbcdn.net udp
US 157.240.5.35:443 fbcdn.net tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 fbsbx.com udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 t.paypal.com udp
US 151.101.1.35:443 t.paypal.com tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 35.1.101.151.in-addr.arpa udp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 login.steampowered.com udp
NL 23.222.49.98:443 login.steampowered.com tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 18.239.36.105:443 static-assets-prod.unrealengine.com tcp
RU 5.42.92.51:19057 tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 b.stats.paypal.com udp
US 64.4.245.84:443 b.stats.paypal.com tcp
US 8.8.8.8:53 84.245.4.64.in-addr.arpa udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 dub.stats.paypal.com udp
US 64.4.245.84:443 dub.stats.paypal.com tcp
US 8.8.8.8:53 api.steampowered.com udp
NL 23.222.49.98:443 api.steampowered.com tcp
US 8.8.8.8:53 c6.paypal.com udp
US 151.101.1.35:443 c6.paypal.com tcp
US 104.244.42.130:443 api.twitter.com tcp
US 8.8.8.8:53 talon-website-prod.ecosec.on.epicgames.com udp
US 172.64.146.120:443 talon-website-prod.ecosec.on.epicgames.com tcp
US 8.8.8.8:53 120.146.64.172.in-addr.arpa udp
US 8.8.8.8:53 sentry.io udp
US 35.186.247.156:443 sentry.io tcp
US 8.8.8.8:53 156.247.186.35.in-addr.arpa udp
US 8.8.8.8:53 talon-service-prod.ecosec.on.epicgames.com udp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 8.8.8.8:53 js.hcaptcha.com udp
US 104.19.219.90:443 js.hcaptcha.com tcp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 1.208.79.178.in-addr.arpa udp
US 8.8.8.8:53 90.219.19.104.in-addr.arpa udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 8.8.8.8:53 api2.hcaptcha.com udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
NL 142.250.179.150:443 i.ytimg.com udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 rr4---sn-5hnednss.googlevideo.com udp
NL 172.217.132.201:443 rr4---sn-5hnednss.googlevideo.com udp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 201.132.217.172.in-addr.arpa udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
NL 172.217.132.9:443 rr4---sn-5hne6nsd.googlevideo.com udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
RU 5.42.92.51:19057 tcp
NL 172.217.132.201:443 rr4---sn-5hnednss.googlevideo.com udp
RU 5.42.92.51:19057 tcp
NL 172.217.168.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 170.117.168.52.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe

MD5 55d2a9308864f0611aca12a3d1354c25
SHA1 bc25f6ad9f7712d442d997f9dac91ddeb427a98e
SHA256 7a01496a275a8b6d33995d409ce00bb7476766add5b1aaa2ed1cf9a9ad009a4b
SHA512 adedc18028fcf3453fcd1dc015e79b1c2bf04b108bf790500279645395909ea4c21d6595e27fb75c987b53f4db173f7d3e4998d4f9117853e7a0c7fa0e7c4122

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe

MD5 55d2a9308864f0611aca12a3d1354c25
SHA1 bc25f6ad9f7712d442d997f9dac91ddeb427a98e
SHA256 7a01496a275a8b6d33995d409ce00bb7476766add5b1aaa2ed1cf9a9ad009a4b
SHA512 adedc18028fcf3453fcd1dc015e79b1c2bf04b108bf790500279645395909ea4c21d6595e27fb75c987b53f4db173f7d3e4998d4f9117853e7a0c7fa0e7c4122

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe

MD5 67a112129d0a644eb217ba58df7cf489
SHA1 9cd1ebd967de8045e79b5e713ab1eada946d2737
SHA256 db702a4f8b4339ac654cde9a9fff42e896380c2736180102f42cfec416289e73
SHA512 dfb7d42aa863c082bdc6165510013577850611dc2bee6c54fa9429b52ac08d0eb1720c427c3479a869ca614fd0015df88594aa3b12e54133cd070592b9ce0a38

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe

MD5 67a112129d0a644eb217ba58df7cf489
SHA1 9cd1ebd967de8045e79b5e713ab1eada946d2737
SHA256 db702a4f8b4339ac654cde9a9fff42e896380c2736180102f42cfec416289e73
SHA512 dfb7d42aa863c082bdc6165510013577850611dc2bee6c54fa9429b52ac08d0eb1720c427c3479a869ca614fd0015df88594aa3b12e54133cd070592b9ce0a38

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe

MD5 efd947a48838c67de4e855669c32ef3d
SHA1 db123a00075bd8c2b6331324fa9f1e00081c566a
SHA256 b7310f576791eded8a25efdc8fa94211e367f42267257d9e37a3fb4659c52355
SHA512 c027cde8fbed5ff25f1eecd17cc581b5c2f4c4a7766e5398850727390dfd31cad456d73cc5edc8579123177aa9090de2c62021f210c17d530c6e66c96dffe988

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe

MD5 efd947a48838c67de4e855669c32ef3d
SHA1 db123a00075bd8c2b6331324fa9f1e00081c566a
SHA256 b7310f576791eded8a25efdc8fa94211e367f42267257d9e37a3fb4659c52355
SHA512 c027cde8fbed5ff25f1eecd17cc581b5c2f4c4a7766e5398850727390dfd31cad456d73cc5edc8579123177aa9090de2c62021f210c17d530c6e66c96dffe988

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe

MD5 bafb20ecf93fea2843b2b89228162a40
SHA1 a36cd09271f654d18e433d67accd0c1fa97f52c7
SHA256 3a742433c4562ee5778927fe76f5e05849550b59195c669506de21d33f2c7ea6
SHA512 39474cdad9df255d671f7f1dec93ae82cd21f79e37ce43351b4fcb5d727b40b0498f7713a314bc54375e13aed9730c8107cc04eedb25a5254ea3d44a4e0dffa7

\??\pipe\LOCAL\crashpad_3376_WMYOGWCWDLGXIXWK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_2984_ECIPUHBBCHZVQNMT

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_2084_KODEGLVDPLGFRGTO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3b7ff05607ba69fe9f2a7c3e4c7bfe77
SHA1 327980d16bd9112e3d01fc1e226f80b6615a815d
SHA256 1a880a988254988c6418651634ab7dcf995d77aa9f39a4ca63b6d70a70912de3
SHA512 4314ee393e6328f4a77a110a3cae98b4fcafa1ff1fabd9b9da7800367815711948e99bf297d5a219c62e63332f526774b29a378d9f5dc447eae29c77cdaa267a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8c31bd2150c1ae3595a21fad918ff524
SHA1 98293fdb4e39277b673897d62440c65b389467c9
SHA256 28a63d78a28c55b6e1c351f4ad0ac26db5f038d8839b1f9a3764d3e00e0b53db
SHA512 4aa4761f16d7d2c98739c0327386c59647f0a71c505fcb18898365ac921b7d874085dac2d93e1c0c144f23292744d917960c7c3876aa21583ea4850cb792c4ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 da967fdde3d8978f31d4120865ba224b
SHA1 b8b9367e3251a161a51207effd5974083661d151
SHA256 a5f8e3720dfd67ae55fbc32e13f1bf47047f35b2544396bf4c00d6dcad7ad4c2
SHA512 56666e21689d0fa15e2f16dea5010ba1c970987797bba1f19d23034202459c5e0105448c54cc5b047b8c662ba1e02a89bd0383cb7f7af7b81a9e17b45ad34231

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8c31bd2150c1ae3595a21fad918ff524
SHA1 98293fdb4e39277b673897d62440c65b389467c9
SHA256 28a63d78a28c55b6e1c351f4ad0ac26db5f038d8839b1f9a3764d3e00e0b53db
SHA512 4aa4761f16d7d2c98739c0327386c59647f0a71c505fcb18898365ac921b7d874085dac2d93e1c0c144f23292744d917960c7c3876aa21583ea4850cb792c4ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a8d1603a39bd64b447663841d1692be1
SHA1 6902d4309a5dbe0f82ee1a524819ed115eb0710a
SHA256 b1f95df8970612afce1ebff8183b6a59f72cf85aac90334445009b9b77944062
SHA512 6bb2ece563b3d949afb745ba2659401148e7848fab07747ed6541a4a80a6de4a58085982e70fa7745172e3ff62ea03a8fcf01eb6a25d41deb0f780c8e5b5ae72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a8d1603a39bd64b447663841d1692be1
SHA1 6902d4309a5dbe0f82ee1a524819ed115eb0710a
SHA256 b1f95df8970612afce1ebff8183b6a59f72cf85aac90334445009b9b77944062
SHA512 6bb2ece563b3d949afb745ba2659401148e7848fab07747ed6541a4a80a6de4a58085982e70fa7745172e3ff62ea03a8fcf01eb6a25d41deb0f780c8e5b5ae72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e29ff3a16666221cec85d0923511979b
SHA1 41cea2221fc828e8df957c5f4656ba070f92e4f5
SHA256 c208c5aab23060917a7e00bda35c787fecdd921f6083053be8e466c5c9104d76
SHA512 0c4b7b39a5a918927723ca279585a417171bdb785ad3ac24c4d1835eddf7ed6e84626e2cccd527948427e4a373ba3ed99ca31fdb6e887af4d0dc72a10a69cf45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a967cfa830babd7a4e1d435800247eaa
SHA1 ac332eff8a64913e26969dbc0667a578c3dbd7d6
SHA256 4ffe77c50db74496027c2fdd8345a0db586154c3e1f9b84d804db3176566b003
SHA512 9e4982d1cd09686a354557d3dc1854f82eb1e53aa7e6f162a9017499fe04d1970dfb277150de4c45cded92232022e5823c80aede02d36b7484ee4706614dd748

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6eccf77e341fcfc3be7731c34333894f
SHA1 101da18f4cd259109e843aeadd7682b1d81f3c10
SHA256 c2fcb2866a69062a8c3f1d12278d14f84a1c93c9b7bd523950ac8004d312a181
SHA512 5798775f050f5f68855d4b224ba283d00a107df7653f4ace16973bf0ce43346db80c8be8c4197045d72dc97323ea7f7796a7cfcc1af3883fd44c588022bdffc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 def18dd426420b3ffb1ce65a8ae8ecf5
SHA1 5a0e1664db43862bf580f3da017b1581145f9de1
SHA256 6d5d1afc1b08a30946335fe766e14d47af528f40d1a3161eb4eb3912c37f8f48
SHA512 e57aa3b513e01aca41f7838bf07741ee4c25f57cd0a77533c94e381cd10dd4ce7bfae69cc8cae99d9e382a359493eceb23fdbd913601f48aef6478fee51d59cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 def18dd426420b3ffb1ce65a8ae8ecf5
SHA1 5a0e1664db43862bf580f3da017b1581145f9de1
SHA256 6d5d1afc1b08a30946335fe766e14d47af528f40d1a3161eb4eb3912c37f8f48
SHA512 e57aa3b513e01aca41f7838bf07741ee4c25f57cd0a77533c94e381cd10dd4ce7bfae69cc8cae99d9e382a359493eceb23fdbd913601f48aef6478fee51d59cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e29ff3a16666221cec85d0923511979b
SHA1 41cea2221fc828e8df957c5f4656ba070f92e4f5
SHA256 c208c5aab23060917a7e00bda35c787fecdd921f6083053be8e466c5c9104d76
SHA512 0c4b7b39a5a918927723ca279585a417171bdb785ad3ac24c4d1835eddf7ed6e84626e2cccd527948427e4a373ba3ed99ca31fdb6e887af4d0dc72a10a69cf45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a967cfa830babd7a4e1d435800247eaa
SHA1 ac332eff8a64913e26969dbc0667a578c3dbd7d6
SHA256 4ffe77c50db74496027c2fdd8345a0db586154c3e1f9b84d804db3176566b003
SHA512 9e4982d1cd09686a354557d3dc1854f82eb1e53aa7e6f162a9017499fe04d1970dfb277150de4c45cded92232022e5823c80aede02d36b7484ee4706614dd748

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe

MD5 bafb20ecf93fea2843b2b89228162a40
SHA1 a36cd09271f654d18e433d67accd0c1fa97f52c7
SHA256 3a742433c4562ee5778927fe76f5e05849550b59195c669506de21d33f2c7ea6
SHA512 39474cdad9df255d671f7f1dec93ae82cd21f79e37ce43351b4fcb5d727b40b0498f7713a314bc54375e13aed9730c8107cc04eedb25a5254ea3d44a4e0dffa7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3b7ff05607ba69fe9f2a7c3e4c7bfe77
SHA1 327980d16bd9112e3d01fc1e226f80b6615a815d
SHA256 1a880a988254988c6418651634ab7dcf995d77aa9f39a4ca63b6d70a70912de3
SHA512 4314ee393e6328f4a77a110a3cae98b4fcafa1ff1fabd9b9da7800367815711948e99bf297d5a219c62e63332f526774b29a378d9f5dc447eae29c77cdaa267a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 da967fdde3d8978f31d4120865ba224b
SHA1 b8b9367e3251a161a51207effd5974083661d151
SHA256 a5f8e3720dfd67ae55fbc32e13f1bf47047f35b2544396bf4c00d6dcad7ad4c2
SHA512 56666e21689d0fa15e2f16dea5010ba1c970987797bba1f19d23034202459c5e0105448c54cc5b047b8c662ba1e02a89bd0383cb7f7af7b81a9e17b45ad34231

\??\pipe\LOCAL\crashpad_2220_HZBNFRWQEKDLBNUS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

\??\pipe\LOCAL\crashpad_3480_CZYRSTCRJESGPOSD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4140_FOQXJGCZZZAADTXA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4668_FAVWTKULJTWBMFDH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6eccf77e341fcfc3be7731c34333894f
SHA1 101da18f4cd259109e843aeadd7682b1d81f3c10
SHA256 c2fcb2866a69062a8c3f1d12278d14f84a1c93c9b7bd523950ac8004d312a181
SHA512 5798775f050f5f68855d4b224ba283d00a107df7653f4ace16973bf0ce43346db80c8be8c4197045d72dc97323ea7f7796a7cfcc1af3883fd44c588022bdffc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8c31bd2150c1ae3595a21fad918ff524
SHA1 98293fdb4e39277b673897d62440c65b389467c9
SHA256 28a63d78a28c55b6e1c351f4ad0ac26db5f038d8839b1f9a3764d3e00e0b53db
SHA512 4aa4761f16d7d2c98739c0327386c59647f0a71c505fcb18898365ac921b7d874085dac2d93e1c0c144f23292744d917960c7c3876aa21583ea4850cb792c4ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3b7ff05607ba69fe9f2a7c3e4c7bfe77
SHA1 327980d16bd9112e3d01fc1e226f80b6615a815d
SHA256 1a880a988254988c6418651634ab7dcf995d77aa9f39a4ca63b6d70a70912de3
SHA512 4314ee393e6328f4a77a110a3cae98b4fcafa1ff1fabd9b9da7800367815711948e99bf297d5a219c62e63332f526774b29a378d9f5dc447eae29c77cdaa267a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 da967fdde3d8978f31d4120865ba224b
SHA1 b8b9367e3251a161a51207effd5974083661d151
SHA256 a5f8e3720dfd67ae55fbc32e13f1bf47047f35b2544396bf4c00d6dcad7ad4c2
SHA512 56666e21689d0fa15e2f16dea5010ba1c970987797bba1f19d23034202459c5e0105448c54cc5b047b8c662ba1e02a89bd0383cb7f7af7b81a9e17b45ad34231

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a8d1603a39bd64b447663841d1692be1
SHA1 6902d4309a5dbe0f82ee1a524819ed115eb0710a
SHA256 b1f95df8970612afce1ebff8183b6a59f72cf85aac90334445009b9b77944062
SHA512 6bb2ece563b3d949afb745ba2659401148e7848fab07747ed6541a4a80a6de4a58085982e70fa7745172e3ff62ea03a8fcf01eb6a25d41deb0f780c8e5b5ae72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e29ff3a16666221cec85d0923511979b
SHA1 41cea2221fc828e8df957c5f4656ba070f92e4f5
SHA256 c208c5aab23060917a7e00bda35c787fecdd921f6083053be8e466c5c9104d76
SHA512 0c4b7b39a5a918927723ca279585a417171bdb785ad3ac24c4d1835eddf7ed6e84626e2cccd527948427e4a373ba3ed99ca31fdb6e887af4d0dc72a10a69cf45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 86918894457759c6d95fe4250dc1286b
SHA1 5ecb26778d6a9d9143004a12fcee10e200d3d6e8
SHA256 ef168a01ad7e12ec10eb0ddff624518558cc3c50430a31e8bf086f7cfc9fa8bc
SHA512 3c26a97de66f5ebde079edfb5c147500567c6d12781cf05fc1b9e89f0d25d35be5c182ad6a675eb36985e611cdba2012768225b98977af0a0f467451f8280de7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 cbe912d0155bcb18adcbb4ca670625f4
SHA1 defcd90a921b773c30d6b397daa58a6ce56fb0d2
SHA256 c83f4433e121e289ccdbc9921f02a3bb41d32e432a885e836fe28415005ce9fc
SHA512 c75e020734a2455215ca82455296e55f6d3e60487460ac6f000ea6bff7b61e7b013a8ed1c0d754cd06ab2f21caf9500af01550e82227ef398dea057638101da8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6aeb3440bc1d0f865cf73ae5fc41f17a
SHA1 70cb3baf070ed11e8e002839a6dd5c0181eb92a2
SHA256 bf3d551c3500d4fe68ccd44fd292a864b5dbc1e60aa74c90893196f22df95945
SHA512 45bfabf6709e584e6c1e5ed2aa6c18434d12a625007dc1376c85ed701708c97a583f19bd3ad36556f71e142054c7d1a602b7f2ee3a74a1b78ef8ff579528d33f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 53d5f586db50512323fc623a78870855
SHA1 17d460cd89f7b3a1f14a401aa4b65bf1db581d47
SHA256 046f02931f5f3e870bc496f9cbd55abf11008360ca81dff3e52e89f70c1a5522
SHA512 76e8488a581b291186f60977ac74304770d6fd9c60b73f79b9fcc09bfa8dd3eaff4af35fd5eb53e85512166de92a1ba1acc508311222a7f307304491f87f1ee7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ddbe9a5d61b6dc6bf133834d0a7677d4
SHA1 23c9645a5ef2ac44000ff88d36698f2ebf6afdbd
SHA256 ac81f76a82f265a83bbc11e7c99162adbb86f466b1b68cc744e860ac4e12749c
SHA512 93559cc19ed92f82c644406e82353335ce9f0bfaf934aed50d3efc651884e7b96afeb9d7cc8c1201bc9400bdb32ad5dca2f5f853eb170d2f7e37dfb791958d78

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4217570904b35e9ce1b338c688244bd0
SHA1 75cd8aa9a94a5e010b5f5a0e0a50672587d78e74
SHA256 d0775073ca009a9457f501de0b44f05a8df6e74e7fee02425d4a56ee72ecc30d
SHA512 91ba1cd6bd9349ef02a0c3e3f7d6e80d820b8d4b540f70bfbc14a6f7c4715cee09067a8a28e0b91bd0586e48339f107562c5f166e80093689f1ad79878577067

memory/5308-548-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5308-555-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5308-560-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5308-562-0x0000000000400000-0x0000000000433000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 e2565e589c9c038c551766400aefc665
SHA1 77893bb0d295c2737e31a3f539572367c946ab27
SHA256 172017da29bce2bfe0c8b4577a9b8e7a97a0585fd85697f51261f39b28877e80
SHA512 5a33ce3d048f2443c5d1aee3922693decc19c4d172aff0b059b31af3b56aa5e413902f9a9634e5ee874b046ae63a0531985b0361467b62e977dcff7fc9913c4d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 77a64cc49553534d7babda89e87124ca
SHA1 ad50265d2a61fc443f481ef08d37b920268a5108
SHA256 894df0ea0d7f8700e291ede9f91e6840261056084ca9eceadb1afec8dd6da8a2
SHA512 7d469cffe0e6b1be2f84ce82f63eb02bc4da2feaed9b73b633bad2c05f221171f44f971a4f6c553eef9e296110ffeb6fbfdd63e16be791ade037248707e0564f

memory/6200-666-0x0000000000400000-0x000000000043C000-memory.dmp

memory/6200-668-0x0000000073BF0000-0x00000000743A0000-memory.dmp

memory/6200-673-0x0000000007FB0000-0x0000000008554000-memory.dmp

memory/6200-674-0x0000000007AF0000-0x0000000007B82000-memory.dmp

memory/6200-679-0x0000000007D30000-0x0000000007D40000-memory.dmp

memory/6200-682-0x0000000007CF0000-0x0000000007CFA000-memory.dmp

memory/6200-691-0x0000000008B80000-0x0000000009198000-memory.dmp

memory/6200-692-0x0000000007EA0000-0x0000000007FAA000-memory.dmp

memory/6200-693-0x0000000007DD0000-0x0000000007DE2000-memory.dmp

memory/6200-696-0x0000000007E30000-0x0000000007E6C000-memory.dmp

memory/6200-699-0x0000000008560000-0x00000000085AC000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 da415a49187c2185025b7bbd2e88903b
SHA1 cc3b2ffdaa5b11759fb44bb1c661f81edcc27b20
SHA256 599616ce12cffd3f78d20d4cba1231901c183a24b7eb9a63f91c35781683fa1d
SHA512 1de599ecac5729c74e3fcd52e554570a9bb1b3cd7a07f0c94f2c04384feb3c294d64c8a728497a6372237ea00b66143a46f5840ebbd3fe6c5c710e8258960b19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57e37a.TMP

MD5 a3915b8f5cf54cfe457f566981d05a06
SHA1 1bc53413e8c7e4b9c703b71a851bb159a272b103
SHA256 314164b585c4814576cfc03dfd8eee02d5d6672fb953db3bb5bc913c95d476f0
SHA512 710f7a5b087ade5ebe4542c22abb87d246d0dc075df67dbcba9c436014e720c7d40c78f62f0ccf7bc1536dff177c80914721b19a6af659d77f163559b97284f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d90b63e319ccc5776e9a302a1ff7e7c4
SHA1 590bbc8ca656f8132ca2b221dee50d783b11f51c
SHA256 d37718521d8f7e21bc8b306f24b985829e867ab19ae5a3b114a6b51db45e3ebf
SHA512 b69f50c5a5872dbf9d877026b9ee664fab1ed9267090d3a6afec751d4f86edcf25f8feb9a2aa90d8689e3dfa94683ad9dfaea2b637ef51682824ab82e30c4d3c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e668.TMP

MD5 0fa7e4a4f80960b1c0a153da5d369055
SHA1 928cbe085f04fa374dd4dd763148cabc396a5409
SHA256 7d31c7fd2eedbe793388b8651d1c8cd8237d9f4903af127aba03623ebb12c418
SHA512 d02dedd9ca2e605751a3e1b84889adb50d557e130b8ee67adf3f105e97e78ee092b904d99a6ec1243abaf697d09c536ae344b4e3c643f1c8fc3f07caeaf061ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4eca6312-4cc4-473b-8afb-420501d7fae8\index-dir\the-real-index

MD5 2014426f6b3fee5ff2f418d802d03717
SHA1 c41c32dadf278f3a66fd3d8a0998e751aadf0205
SHA256 489d1ee77950a2e32c7b151b6f99c149877e243eb41e1187b225db1481bf8b68
SHA512 ef1d360c25016dc645e93739f783f8fc3d9a6fbbf1cd9e4b5bab5d2271c3cb07ea483a61cbde70cf944ec6a16d3a4f03615b45c7fddd0a98c6868fdc17b9b2e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4eca6312-4cc4-473b-8afb-420501d7fae8\index-dir\the-real-index~RFe57f2cc.TMP

MD5 14713fe2d877306ef78bb1935f8c80f3
SHA1 ba74febb7b6b8a48999e3e90e513ff4341f27445
SHA256 6e96c4266836e737011781ccbd1537e3281c5bc494ca599a4e8b2fe311c6b179
SHA512 378b9f3916e3c10077f45185c27ca91cf5bd1410797c98d329d7a9e510ceb32959aa202086809bc80f9460d636238329e5e6e80d034c9db1803b2c4925efbb3d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\82cc7966-1afb-4db5-9488-c6159e6136df\index-dir\the-real-index

MD5 d9547a4e3934b7fbddd4b65ec4a1cd20
SHA1 8ce9c054658420f8ed825b69bd739e67e37eb150
SHA256 c439a5830a4d1c5986a6e5c68c8d7fbee6dc3c75f0d2552d74b19831a8e45a58
SHA512 390182b8dca74ffd9e3ca0809d15ecf7a9c78319b47d96ae2dbf760e97358d06754f5fb4a697f636000ca9f34f5726bbf25ca6d572b2419f49833f829f9d7648

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\82cc7966-1afb-4db5-9488-c6159e6136df\index-dir\the-real-index~RFe57f898.TMP

MD5 be971d625d1d604aa56d58a43e4e3b7f
SHA1 a8067223fe220bb49d1ae498f8da41f15ffb8957
SHA256 499c918c97dd00d8b81b695a2da654289bd7f5cd7d55ab3aa4e7a05888456068
SHA512 487171dc2491ae9f8547b020a16985561e4c6895943b54aac55b280acab1bcba8555b24c999620bc13a71695611cb175e2aa6638d92e0dfb0d14efdff2ca960d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 1f61d262bd4f45e5e2d031b7f631e76d
SHA1 5686ff4567b6f7148746319d88fd841a3235b5ba
SHA256 6e01119d5bcf1f5a260eb1ccb607a128c529496f30542c1fe07a02dd8522bd32
SHA512 2efb1419f34506109ab512d46fce3cd687c79469c2c97dc34151b4ec839c6d1bc9d0f8f05a165d4c9e1308c4c746424bac44f27a1c2f3a6c9ad188790c420a4e

memory/7016-865-0x0000000000400000-0x0000000000488000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c88d4c71408e9ff0f6c4a9a117942f67
SHA1 b52b36922e72d76f7a63c240189b9e25e141999c
SHA256 374f5ab500f1786cf1683e9c8b2d03f959210bbdcc54d09e3638d9e361adbba7
SHA512 d823d445bfdf35f92729dc776b7b7fa6602fb52322784a87ced84db6d94b3dff76d77c5ad58e3783e8a18e53190c3b8c8069fd098d4298b2805fae73143efe87

memory/7016-875-0x0000000000400000-0x0000000000488000-memory.dmp

memory/7016-876-0x0000000000400000-0x0000000000488000-memory.dmp

memory/7016-878-0x0000000000400000-0x0000000000488000-memory.dmp

memory/6200-999-0x0000000073BF0000-0x00000000743A0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 fdbf5bcfbb02e2894a519454c232d32f
SHA1 5e225710e9560458ac032ab80e24d0f3cb81b87a
SHA256 d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c
SHA512 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

MD5 4e08109ee6888eeb2f5d6987513366bc
SHA1 86340f5fa46d1a73db2031d80699937878da635e
SHA256 bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339
SHA512 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

MD5 740a924b01c31c08ad37fe04d22af7c5
SHA1 34feb0face110afc3a7673e36d27eee2d4edbbff
SHA256 f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0
SHA512 da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c

memory/6200-1056-0x0000000007D30000-0x0000000007D40000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fda49e78113e47e4a55f174fe1cae2a2
SHA1 795181368fb35c0f724d814dbf6fbc614ded2623
SHA256 120f4d7d0205e78c858274ebaab21c6f09fb4ace3d6e4a5488fa34cbfdc6106d
SHA512 d052453427bc63bdba67fe259ae75f84b4a14e9eb9da84ec385faaebaf1bb0177471de90607b93bc3d1b5f10f675fce234d95a3bc146259eb7356b3b886896c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 afd40ebafc34e6b14b8bf8af2d780fe1
SHA1 ed5a7913892d6385ece600b5f25f6e7a0f1ff0b3
SHA256 49fe800c250f0d46448ac46b58c6d36a9b3e00fa0e55a3d50e3ae15729ef387f
SHA512 c5b5886ee5e97f0745f6e161f1642f2e5e710b81ed0e239b59213c91752b37dffb8958e575c1e8cf7102f9d245268fb6c4d6b2c4e363fcaf098c7987f6cc3d0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\9f8aef07-949a-4325-b760-06b94cf7e63b\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe5853f7.TMP

MD5 f106d452a8bafafb468a6c1c2f31186d
SHA1 33339cd0cbbb599d951cb93ac1b388e17118d826
SHA256 069826b5feeda1db2aac403d7b01810c88541452312a71761b04b933c50c9422
SHA512 d94536318e66d30b4ef2bd03bc6af18100342f1a8ea0e0791ee2d28d33836ee88cfeec3656ad80c610b68ed9245640d7379b66ef39061011a1ed777bb765d1bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

MD5 8a3e068ac18c8a8b4e2afeba8621077c
SHA1 7833836b5ced35cf86d67920b4da1b7ddae9d48d
SHA256 bb4c1399a87960903d3ec6d747b21b28867cb347b5c01d65ca403f98eb671934
SHA512 7cb01b4deee5ee9f93ca83996df30c9d0a79c8052af1b5ad89e2975d20da86173e36b73252072e852530d01592c48ffa5912df488eab9fa7f98758e4a294b4a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0c65681da88c98d1136300da16f0f79b
SHA1 78c5f97ece9bf3da2876a480b65150a174297ab6
SHA256 13d4fa1612b2dfd52ae4601d1fe859c2ae6864770b545eeddbec0db8e46bdba3
SHA512 a94f1d9f22688eae427ced6c17c710bb48fa188ea529d3a82e112ba276e9ac4dcaab81f896bf1317d6e49761d28540845ac7a4c5018622056c1b9236c6298ae6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4298dadaa2ccec3f13c9856ee6051747
SHA1 9476f912546219e0d9eac7c7666677707e9a929b
SHA256 5a9426417cb95dd5c7e1d257bb1b1a933951373ee9aaa637c309de37d35ca69c
SHA512 4349dfaee4d1f9db79d84ca3cc9628c898f618dc5263e944cb69c85fe9605d65e1d9cccde13770193d8f81ed5bef9257a809c46aae5f7f8d7ab4cc543e76f6b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e782611e11732d04d535acca04faa2b9
SHA1 9df05f15b57bcf1d3e2ea1da24ca184c4591c0b9
SHA256 ac0d7fdfbe7ee4a2937fdaf927e1947b50cf4e0d007d9444cfcd3a518e80956d
SHA512 cd7ff79a300e233512946fb8191d9602c6f5c75cbc588aea8c11fd51b016600f0f75bac47e8ee85c944c295826e3c3bb8f22d64db7f3dda15c59517dfa6ec314

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1e4df27a4a982e6d55ef85183353651b
SHA1 6c0dad4e2a36c10c69c5739636190411c59952a4
SHA256 1fd3768dc3851a3c0dfe187a580f680ab9692b2338d4ebf0aaa36263b4080d0b
SHA512 02e4e604414bef51bedb043c3580c77352b9f1b00d827b6b96edeb98bcd8a1fa638f76835584b0a8eded025bd8d1eea1b0826ecb245f7d6073a2fce21030857b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\3e1866c5-ee25-4f63-bb7f-2ca8383e9895\index-dir\the-real-index

MD5 8c133a978b08e8ba6c713011446f2a83
SHA1 aab5ad2e1892bb21a5969f4112f30c5d9023decb
SHA256 878cd9def959ce24b52a7ebc054a7ff5a3d6c7da0f2f4895a3c3614e69baba6b
SHA512 81ca7ba8cc9435e5affa3cca69cf22055a6f09d0506a9bdfc76c6e8d681f960cb1ee29e939908db12cf95072e64fd3ef81515e4a9a110d659db0861f49e29932

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\3e1866c5-ee25-4f63-bb7f-2ca8383e9895\index-dir\the-real-index~RFe58a478.TMP

MD5 d031a07ab466c87fe22702b2a127d355
SHA1 ae7c0d52cf9126ea4f58f226df5c77f2839e4a9e
SHA256 621925e59177c68040bf338055dcd3ba3750f60e12c2d893a1760f85c8d212b5
SHA512 d6e01a9ee6e37cd0fa4a93f33c8e2b3197006180a055c84c26265c5976b7d427c72e0ef44776fe9f45a699682434dea0e6996f902321a13e1836b6501b736042

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f1fc774bb1624689f34a7e80fcf0baca
SHA1 0f3b80edcaaa37733ad5e51e0736a308873aef02
SHA256 a320a933d25e15fdf42cffb46254c67565995f44358ccfc5282c90220acf0b7a
SHA512 9680f5e073a0681a49b08c53432df8dc93c0278fd43e5dbaf62be5f71578600061e11da118e385a1fa277cf550475b5452b770804f619790184b1ccf4b35961a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b966b78b821d511626904ba48b8160c1
SHA1 a806a8bfd9e01671f5483ad57aeb992c308f9390
SHA256 39f32a833f4b7ab1b0e25d670b5466cbaf97c2802a15968c09cf740049ccc23d
SHA512 d9d8321a70a3c4ab71fcad6ea758a75cd58def834377cd31c51a135f5a67ec990e2e3178c2cf1b255532be4a6355c77cfffd392dfed18b1180ed64591dea8ddb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 75e63d444fdb4702e5c9b325c177a6b2
SHA1 66bdfbbb3e1ccdac268a3827c8bf53d2088993e8
SHA256 d57857c4ee2ab42db54923ba6d941a9bc60697b9c579c80c48cc2fac7e5383d8
SHA512 dad95e3082e5a63d3b639fd89e18d51c04d603ee72896e02247fe80ff9b40ea0986253c34651f87d7fdc1423b9a9c7109f022800db803e16086160127dcf1a7f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\9f8aef07-949a-4325-b760-06b94cf7e63b\index-dir\the-real-index~RFe58f3b2.TMP

MD5 000c1af343f31d4cd8a8f0737a1b2795
SHA1 d74e01c9af9988547fdcb2ed2c57ee24ea1b8d86
SHA256 6850968a794fd90ca15e86c075f03a0b5b469522ca8fdc18ef3e50b09bdac367
SHA512 f576fddf5dd2e3778ef8fc1b406d2407ed4f66630865f8b9346274950b43578302219502616ae1c5b2b9649eefb04eb08e7cdb30bfb6a48e64ad0397c60d2654

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\9f8aef07-949a-4325-b760-06b94cf7e63b\index-dir\the-real-index

MD5 277bc092ff930007a93d696523d3d421
SHA1 ebdf617153a3597534990d62b2d4b1e397581f0c
SHA256 c6aae57b2b628c637a1f957ca2889c7fc96ef47cdc58a33c0cccd6ed324e6d37
SHA512 ebb1307eb81ba8b7a8e1bfbce02ed29bd83acb4703f77ab352e149a91748c2af84f3fbe87d2ce39664e9351bfd3934552b60c69d65f53fc8bb51a67f856fd4b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

MD5 1ce415cb9a9c05856374587c4993634b
SHA1 a36062d3eed6bedd630fdb66941d20fbfe81e218
SHA256 c14462c6a9ee4a81d742b86e66a7f02e3d389627b4e944a4ba24e63e0e5cba15
SHA512 5837759a28d6c25b13686ed1384f43b2958060dcd898f3e4155e28b824f3614322151b2ca3d6ac1aa2385aa41a81a88507e4cf5f340c10956f4ed7a8fd00c10f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 7e09402b40868821d7729d9a626ac522
SHA1 5345acd54bae43b54abd39d20339e83d92b079f3
SHA256 c9e1c52674f983710955e49e293587a07c14a6126f01154a521d3c9582554ff3
SHA512 ab19b53638e3dca916d110e84750ab54274c75ea9eec40a0392966fa3a1f321b14c760dcfb87aed1c15ae81f7ec51ce5413eaeb765d53d2175931efcb283423d