Malware Analysis Report

2024-12-08 01:05

Sample ID 231111-lh8ctscg9s
Target 6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d
SHA256 6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d
Tags
mystic redline taiga infostealer persistence spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d

Threat Level: Known bad

The file 6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d was found to be: Known bad.

Malicious Activity Summary

mystic redline taiga infostealer persistence spyware stealer

Detect Mystic stealer payload

Mystic

RedLine

RedLine payload

Executes dropped EXE

Adds Run key to start application

Accesses cryptocurrency files/wallets, possible credential harvesting

AutoIT Executable

Suspicious use of SetThreadContext

Enumerates physical storage devices

Unsigned PE

Program crash

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

Enumerates system info in registry

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2023-11-11 09:33

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-11-11 09:33

Reported

2023-11-11 09:35

Platform

win10v2004-20231025-en

Max time kernel

150s

Max time network

155s

Command Line

"C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe"

Signatures

Detect Mystic stealer payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Mystic

stealer mystic

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

Accesses cryptocurrency files/wallets, possible credential harvesting

spyware

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup2 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP002.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe N/A

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3936 wrote to memory of 1324 N/A C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe
PID 3936 wrote to memory of 1324 N/A C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe
PID 3936 wrote to memory of 1324 N/A C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe
PID 1324 wrote to memory of 2012 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe
PID 1324 wrote to memory of 2012 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe
PID 1324 wrote to memory of 2012 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe
PID 2012 wrote to memory of 4596 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe
PID 2012 wrote to memory of 4596 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe
PID 2012 wrote to memory of 4596 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe
PID 4596 wrote to memory of 3480 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 3480 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4668 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4668 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 3376 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 3376 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2084 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2084 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2120 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3480 wrote to memory of 2120 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2084 wrote to memory of 4860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2084 wrote to memory of 4860 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3376 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3376 wrote to memory of 4868 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 964 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 964 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4140 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4140 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4140 wrote to memory of 4744 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4140 wrote to memory of 4744 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2984 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2984 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2984 wrote to memory of 2320 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2984 wrote to memory of 2320 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2220 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 2220 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2220 wrote to memory of 3648 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2220 wrote to memory of 3648 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 3036 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 3036 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3036 wrote to memory of 1888 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3036 wrote to memory of 1888 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4380 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4380 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4380 wrote to memory of 3048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4380 wrote to memory of 3048 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4420 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4596 wrote to memory of 4420 N/A C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4420 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4420 wrote to memory of 2720 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2012 wrote to memory of 5364 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe
PID 2012 wrote to memory of 5364 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe
PID 2012 wrote to memory of 5364 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 5728 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe

"C:\Users\Admin\AppData\Local\Temp\6ac8d7d7b4934222cbf4280a0b04503784a06f7e5f20c92528863fb52df0ad3d.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x174,0x178,0x17c,0x150,0x180,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffbf4f246f8,0x7ffbf4f24708,0x7ffbf4f24718

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,7273498006603968975,17787564551720784584,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,7273498006603968975,17787564551720784584,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2192 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,17079742460220655096,7450047832994963813,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,17079742460220655096,7450047832994963813,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,8088780823449175860,13696083775109397750,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,8088780823449175860,13696083775109397750,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,5654689255061645893,15948953953272420667,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,5654689255061645893,15948953953272420667,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,8334471941194472745,15764416343344795134,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,11938039292570177589,6423900514298189852,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3828 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,13779479701052938336,2494551079732374061,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13779479701052938336,2494551079732374061,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,1336552414765582067,239561776907890021,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,1336552414765582067,239561776907890021,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3856 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x518 0x424

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 5308 -ip 5308

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5oC64oY.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5oC64oY.exe

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5308 -s 540

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6bc640.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6bc640.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8992 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9812 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9812 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,13379470655420910792,6598235643379317205,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7844 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 158.240.127.40.in-addr.arpa udp
US 8.8.8.8:53 39.142.81.104.in-addr.arpa udp
US 8.8.8.8:53 steamcommunity.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.facebook.com udp
NL 142.250.179.141:443 accounts.google.com tcp
NL 23.222.49.98:443 steamcommunity.com tcp
NL 157.240.247.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.epicgames.com udp
US 8.8.8.8:53 twitter.com udp
US 3.228.27.61:443 www.epicgames.com tcp
US 8.8.8.8:53 store.steampowered.com udp
US 104.244.42.129:443 twitter.com tcp
NL 104.85.0.101:443 store.steampowered.com tcp
US 8.8.8.8:53 www.paypal.com udp
US 8.8.8.8:53 98.49.222.23.in-addr.arpa udp
US 8.8.8.8:53 141.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.247.240.157.in-addr.arpa udp
US 8.8.8.8:53 61.27.228.3.in-addr.arpa udp
US 8.8.8.8:53 129.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 101.0.85.104.in-addr.arpa udp
US 151.101.1.21:443 www.paypal.com tcp
NL 142.250.179.141:443 accounts.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.250.179.150:443 i.ytimg.com tcp
US 8.8.8.8:53 21.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 14.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 83.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 150.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 106.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 131.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 172.217.168.194:443 googleads.g.doubleclick.net tcp
NL 172.217.168.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 194.168.217.172.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
NL 142.250.179.150:443 i.ytimg.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 i3.ytimg.com udp
US 142.251.31.132:443 yt3.ggpht.com tcp
US 142.251.31.132:443 yt3.ggpht.com tcp
US 142.251.31.132:443 yt3.ggpht.com tcp
GB 216.58.208.110:443 i3.ytimg.com tcp
US 142.251.31.132:443 yt3.ggpht.com tcp
US 142.251.31.132:443 yt3.ggpht.com tcp
US 142.251.31.132:443 yt3.ggpht.com tcp
US 8.8.8.8:53 110.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 132.31.251.142.in-addr.arpa udp
US 8.8.8.8:53 195.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.doubleclick.net udp
NL 142.251.36.6:443 static.doubleclick.net tcp
NL 142.251.39.106:443 jnn-pa.googleapis.com tcp
NL 142.251.39.106:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 6.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 106.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 youtube.com udp
NL 216.58.214.14:443 youtube.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 tracking.epicgames.com udp
US 44.214.245.214:443 tracking.epicgames.com tcp
US 8.8.8.8:53 static-assets-prod.unrealengine.com udp
US 8.8.8.8:53 10.5.240.157.in-addr.arpa udp
US 18.239.36.105:443 static-assets-prod.unrealengine.com tcp
US 18.239.36.105:443 static-assets-prod.unrealengine.com tcp
US 8.8.8.8:53 community.akamai.steamstatic.com udp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 88.221.25.169:80 apps.identrust.com tcp
US 8.8.8.8:53 105.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 214.245.214.44.in-addr.arpa udp
US 8.8.8.8:53 169.25.221.88.in-addr.arpa udp
US 8.8.8.8:53 169.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 store.akamai.steamstatic.com udp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 www.paypalobjects.com udp
US 151.101.2.133:443 www.paypalobjects.com tcp
US 151.101.2.133:443 www.paypalobjects.com tcp
US 151.101.2.133:443 www.paypalobjects.com tcp
US 8.8.8.8:53 176.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 133.2.101.151.in-addr.arpa udp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 abs.twimg.com udp
US 8.8.8.8:53 api.twitter.com udp
US 8.8.8.8:53 pbs.twimg.com udp
US 104.244.42.130:443 api.twitter.com tcp
US 8.8.8.8:53 video.twimg.com udp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 t.co udp
NL 199.232.148.159:443 pbs.twimg.com tcp
US 192.229.220.133:443 video.twimg.com tcp
US 104.244.42.5:443 t.co tcp
US 8.8.8.8:53 2.136.104.51.in-addr.arpa udp
US 8.8.8.8:53 130.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 141.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 159.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 133.220.229.192.in-addr.arpa udp
US 8.8.8.8:53 5.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 static.ads-twitter.com udp
NL 199.232.148.157:443 static.ads-twitter.com tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 157.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 rr4---sn-5hne6nsd.googlevideo.com udp
NL 172.217.132.9:443 rr4---sn-5hne6nsd.googlevideo.com tcp
NL 172.217.132.9:443 rr4---sn-5hne6nsd.googlevideo.com tcp
NL 172.217.132.9:443 rr4---sn-5hne6nsd.googlevideo.com udp
US 8.8.8.8:53 9.132.217.172.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 151.101.2.133:443 www.paypalobjects.com tcp
US 8.8.8.8:53 162.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 numpersb.fun udp
US 8.8.8.8:53 killredls.pw udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 www.recaptcha.net udp
NL 172.217.168.227:443 www.recaptcha.net tcp
US 8.8.8.8:53 57.53.21.104.in-addr.arpa udp
US 8.8.8.8:53 227.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
NL 172.217.168.227:443 www.recaptcha.net udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 c.paypal.com udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 192.55.233.1:443 tcp
US 104.21.53.57:80 killredls.pw tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 facebook.com udp
US 192.55.233.1:443 tcp
US 157.240.5.35:443 facebook.com tcp
US 8.8.8.8:53 35.5.240.157.in-addr.arpa udp
US 8.8.8.8:53 fbcdn.net udp
US 157.240.5.35:443 fbcdn.net tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 fbsbx.com udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 t.paypal.com udp
US 151.101.1.35:443 t.paypal.com tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 35.1.101.151.in-addr.arpa udp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 login.steampowered.com udp
NL 23.222.49.98:443 login.steampowered.com tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 18.239.36.105:443 static-assets-prod.unrealengine.com tcp
RU 5.42.92.51:19057 tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 b.stats.paypal.com udp
US 64.4.245.84:443 b.stats.paypal.com tcp
US 8.8.8.8:53 84.245.4.64.in-addr.arpa udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 dub.stats.paypal.com udp
US 64.4.245.84:443 dub.stats.paypal.com tcp
US 8.8.8.8:53 api.steampowered.com udp
NL 23.222.49.98:443 api.steampowered.com tcp
US 8.8.8.8:53 c6.paypal.com udp
US 151.101.1.35:443 c6.paypal.com tcp
US 104.244.42.130:443 api.twitter.com tcp
US 8.8.8.8:53 talon-website-prod.ecosec.on.epicgames.com udp
US 172.64.146.120:443 talon-website-prod.ecosec.on.epicgames.com tcp
US 8.8.8.8:53 120.146.64.172.in-addr.arpa udp
US 8.8.8.8:53 sentry.io udp
US 35.186.247.156:443 sentry.io tcp
US 8.8.8.8:53 156.247.186.35.in-addr.arpa udp
US 8.8.8.8:53 talon-service-prod.ecosec.on.epicgames.com udp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 8.8.8.8:53 js.hcaptcha.com udp
US 104.19.219.90:443 js.hcaptcha.com tcp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 1.208.79.178.in-addr.arpa udp
US 8.8.8.8:53 90.219.19.104.in-addr.arpa udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 8.8.8.8:53 api2.hcaptcha.com udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
NL 142.250.179.150:443 i.ytimg.com udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 rr4---sn-5hnednss.googlevideo.com udp
NL 172.217.132.201:443 rr4---sn-5hnednss.googlevideo.com udp
US 104.21.53.57:80 killredls.pw tcp
US 8.8.8.8:53 201.132.217.172.in-addr.arpa udp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
US 104.21.53.57:80 killredls.pw tcp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
NL 172.217.132.9:443 rr4---sn-5hne6nsd.googlevideo.com udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
RU 5.42.92.51:19057 tcp
NL 172.217.132.201:443 rr4---sn-5hnednss.googlevideo.com udp
RU 5.42.92.51:19057 tcp
NL 172.217.168.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 170.117.168.52.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe

MD5 55d2a9308864f0611aca12a3d1354c25
SHA1 bc25f6ad9f7712d442d997f9dac91ddeb427a98e
SHA256 7a01496a275a8b6d33995d409ce00bb7476766add5b1aaa2ed1cf9a9ad009a4b
SHA512 adedc18028fcf3453fcd1dc015e79b1c2bf04b108bf790500279645395909ea4c21d6595e27fb75c987b53f4db173f7d3e4998d4f9117853e7a0c7fa0e7c4122

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\PU7XC70.exe

MD5 55d2a9308864f0611aca12a3d1354c25
SHA1 bc25f6ad9f7712d442d997f9dac91ddeb427a98e
SHA256 7a01496a275a8b6d33995d409ce00bb7476766add5b1aaa2ed1cf9a9ad009a4b
SHA512 adedc18028fcf3453fcd1dc015e79b1c2bf04b108bf790500279645395909ea4c21d6595e27fb75c987b53f4db173f7d3e4998d4f9117853e7a0c7fa0e7c4122

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe

MD5 67a112129d0a644eb217ba58df7cf489
SHA1 9cd1ebd967de8045e79b5e713ab1eada946d2737
SHA256 db702a4f8b4339ac654cde9a9fff42e896380c2736180102f42cfec416289e73
SHA512 dfb7d42aa863c082bdc6165510013577850611dc2bee6c54fa9429b52ac08d0eb1720c427c3479a869ca614fd0015df88594aa3b12e54133cd070592b9ce0a38

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\sK5gz42.exe

MD5 67a112129d0a644eb217ba58df7cf489
SHA1 9cd1ebd967de8045e79b5e713ab1eada946d2737
SHA256 db702a4f8b4339ac654cde9a9fff42e896380c2736180102f42cfec416289e73
SHA512 dfb7d42aa863c082bdc6165510013577850611dc2bee6c54fa9429b52ac08d0eb1720c427c3479a869ca614fd0015df88594aa3b12e54133cd070592b9ce0a38

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe

MD5 efd947a48838c67de4e855669c32ef3d
SHA1 db123a00075bd8c2b6331324fa9f1e00081c566a
SHA256 b7310f576791eded8a25efdc8fa94211e367f42267257d9e37a3fb4659c52355
SHA512 c027cde8fbed5ff25f1eecd17cc581b5c2f4c4a7766e5398850727390dfd31cad456d73cc5edc8579123177aa9090de2c62021f210c17d530c6e66c96dffe988

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Xi192YA.exe

MD5 efd947a48838c67de4e855669c32ef3d
SHA1 db123a00075bd8c2b6331324fa9f1e00081c566a
SHA256 b7310f576791eded8a25efdc8fa94211e367f42267257d9e37a3fb4659c52355
SHA512 c027cde8fbed5ff25f1eecd17cc581b5c2f4c4a7766e5398850727390dfd31cad456d73cc5edc8579123177aa9090de2c62021f210c17d530c6e66c96dffe988

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a7f568a3d32bd441e85bc1511092fbe0
SHA1 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2
SHA256 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a
SHA512 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe

MD5 bafb20ecf93fea2843b2b89228162a40
SHA1 a36cd09271f654d18e433d67accd0c1fa97f52c7
SHA256 3a742433c4562ee5778927fe76f5e05849550b59195c669506de21d33f2c7ea6
SHA512 39474cdad9df255d671f7f1dec93ae82cd21f79e37ce43351b4fcb5d727b40b0498f7713a314bc54375e13aed9730c8107cc04eedb25a5254ea3d44a4e0dffa7

\??\pipe\LOCAL\crashpad_3376_WMYOGWCWDLGXIXWK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_2984_ECIPUHBBCHZVQNMT

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_2084_KODEGLVDPLGFRGTO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3b7ff05607ba69fe9f2a7c3e4c7bfe77
SHA1 327980d16bd9112e3d01fc1e226f80b6615a815d
SHA256 1a880a988254988c6418651634ab7dcf995d77aa9f39a4ca63b6d70a70912de3
SHA512 4314ee393e6328f4a77a110a3cae98b4fcafa1ff1fabd9b9da7800367815711948e99bf297d5a219c62e63332f526774b29a378d9f5dc447eae29c77cdaa267a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8c31bd2150c1ae3595a21fad918ff524
SHA1 98293fdb4e39277b673897d62440c65b389467c9
SHA256 28a63d78a28c55b6e1c351f4ad0ac26db5f038d8839b1f9a3764d3e00e0b53db
SHA512 4aa4761f16d7d2c98739c0327386c59647f0a71c505fcb18898365ac921b7d874085dac2d93e1c0c144f23292744d917960c7c3876aa21583ea4850cb792c4ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 da967fdde3d8978f31d4120865ba224b
SHA1 b8b9367e3251a161a51207effd5974083661d151
SHA256 a5f8e3720dfd67ae55fbc32e13f1bf47047f35b2544396bf4c00d6dcad7ad4c2
SHA512 56666e21689d0fa15e2f16dea5010ba1c970987797bba1f19d23034202459c5e0105448c54cc5b047b8c662ba1e02a89bd0383cb7f7af7b81a9e17b45ad34231

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8c31bd2150c1ae3595a21fad918ff524
SHA1 98293fdb4e39277b673897d62440c65b389467c9
SHA256 28a63d78a28c55b6e1c351f4ad0ac26db5f038d8839b1f9a3764d3e00e0b53db
SHA512 4aa4761f16d7d2c98739c0327386c59647f0a71c505fcb18898365ac921b7d874085dac2d93e1c0c144f23292744d917960c7c3876aa21583ea4850cb792c4ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a8d1603a39bd64b447663841d1692be1
SHA1 6902d4309a5dbe0f82ee1a524819ed115eb0710a
SHA256 b1f95df8970612afce1ebff8183b6a59f72cf85aac90334445009b9b77944062
SHA512 6bb2ece563b3d949afb745ba2659401148e7848fab07747ed6541a4a80a6de4a58085982e70fa7745172e3ff62ea03a8fcf01eb6a25d41deb0f780c8e5b5ae72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a8d1603a39bd64b447663841d1692be1
SHA1 6902d4309a5dbe0f82ee1a524819ed115eb0710a
SHA256 b1f95df8970612afce1ebff8183b6a59f72cf85aac90334445009b9b77944062
SHA512 6bb2ece563b3d949afb745ba2659401148e7848fab07747ed6541a4a80a6de4a58085982e70fa7745172e3ff62ea03a8fcf01eb6a25d41deb0f780c8e5b5ae72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e29ff3a16666221cec85d0923511979b
SHA1 41cea2221fc828e8df957c5f4656ba070f92e4f5
SHA256 c208c5aab23060917a7e00bda35c787fecdd921f6083053be8e466c5c9104d76
SHA512 0c4b7b39a5a918927723ca279585a417171bdb785ad3ac24c4d1835eddf7ed6e84626e2cccd527948427e4a373ba3ed99ca31fdb6e887af4d0dc72a10a69cf45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a967cfa830babd7a4e1d435800247eaa
SHA1 ac332eff8a64913e26969dbc0667a578c3dbd7d6
SHA256 4ffe77c50db74496027c2fdd8345a0db586154c3e1f9b84d804db3176566b003
SHA512 9e4982d1cd09686a354557d3dc1854f82eb1e53aa7e6f162a9017499fe04d1970dfb277150de4c45cded92232022e5823c80aede02d36b7484ee4706614dd748

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6eccf77e341fcfc3be7731c34333894f
SHA1 101da18f4cd259109e843aeadd7682b1d81f3c10
SHA256 c2fcb2866a69062a8c3f1d12278d14f84a1c93c9b7bd523950ac8004d312a181
SHA512 5798775f050f5f68855d4b224ba283d00a107df7653f4ace16973bf0ce43346db80c8be8c4197045d72dc97323ea7f7796a7cfcc1af3883fd44c588022bdffc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 def18dd426420b3ffb1ce65a8ae8ecf5
SHA1 5a0e1664db43862bf580f3da017b1581145f9de1
SHA256 6d5d1afc1b08a30946335fe766e14d47af528f40d1a3161eb4eb3912c37f8f48
SHA512 e57aa3b513e01aca41f7838bf07741ee4c25f57cd0a77533c94e381cd10dd4ce7bfae69cc8cae99d9e382a359493eceb23fdbd913601f48aef6478fee51d59cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 def18dd426420b3ffb1ce65a8ae8ecf5
SHA1 5a0e1664db43862bf580f3da017b1581145f9de1
SHA256 6d5d1afc1b08a30946335fe766e14d47af528f40d1a3161eb4eb3912c37f8f48
SHA512 e57aa3b513e01aca41f7838bf07741ee4c25f57cd0a77533c94e381cd10dd4ce7bfae69cc8cae99d9e382a359493eceb23fdbd913601f48aef6478fee51d59cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e29ff3a16666221cec85d0923511979b
SHA1 41cea2221fc828e8df957c5f4656ba070f92e4f5
SHA256 c208c5aab23060917a7e00bda35c787fecdd921f6083053be8e466c5c9104d76
SHA512 0c4b7b39a5a918927723ca279585a417171bdb785ad3ac24c4d1835eddf7ed6e84626e2cccd527948427e4a373ba3ed99ca31fdb6e887af4d0dc72a10a69cf45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a967cfa830babd7a4e1d435800247eaa
SHA1 ac332eff8a64913e26969dbc0667a578c3dbd7d6
SHA256 4ffe77c50db74496027c2fdd8345a0db586154c3e1f9b84d804db3176566b003
SHA512 9e4982d1cd09686a354557d3dc1854f82eb1e53aa7e6f162a9017499fe04d1970dfb277150de4c45cded92232022e5823c80aede02d36b7484ee4706614dd748

C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4dX4Om5.exe

MD5 bafb20ecf93fea2843b2b89228162a40
SHA1 a36cd09271f654d18e433d67accd0c1fa97f52c7
SHA256 3a742433c4562ee5778927fe76f5e05849550b59195c669506de21d33f2c7ea6
SHA512 39474cdad9df255d671f7f1dec93ae82cd21f79e37ce43351b4fcb5d727b40b0498f7713a314bc54375e13aed9730c8107cc04eedb25a5254ea3d44a4e0dffa7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3b7ff05607ba69fe9f2a7c3e4c7bfe77
SHA1 327980d16bd9112e3d01fc1e226f80b6615a815d
SHA256 1a880a988254988c6418651634ab7dcf995d77aa9f39a4ca63b6d70a70912de3
SHA512 4314ee393e6328f4a77a110a3cae98b4fcafa1ff1fabd9b9da7800367815711948e99bf297d5a219c62e63332f526774b29a378d9f5dc447eae29c77cdaa267a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 da967fdde3d8978f31d4120865ba224b
SHA1 b8b9367e3251a161a51207effd5974083661d151
SHA256 a5f8e3720dfd67ae55fbc32e13f1bf47047f35b2544396bf4c00d6dcad7ad4c2
SHA512 56666e21689d0fa15e2f16dea5010ba1c970987797bba1f19d23034202459c5e0105448c54cc5b047b8c662ba1e02a89bd0383cb7f7af7b81a9e17b45ad34231

\??\pipe\LOCAL\crashpad_2220_HZBNFRWQEKDLBNUS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

\??\pipe\LOCAL\crashpad_3480_CZYRSTCRJESGPOSD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4140_FOQXJGCZZZAADTXA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4668_FAVWTKULJTWBMFDH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6eccf77e341fcfc3be7731c34333894f
SHA1 101da18f4cd259109e843aeadd7682b1d81f3c10
SHA256 c2fcb2866a69062a8c3f1d12278d14f84a1c93c9b7bd523950ac8004d312a181
SHA512 5798775f050f5f68855d4b224ba283d00a107df7653f4ace16973bf0ce43346db80c8be8c4197045d72dc97323ea7f7796a7cfcc1af3883fd44c588022bdffc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 aed593b08b94f34dd8f68fd369652ac2
SHA1 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95
SHA256 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7
SHA512 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 8c31bd2150c1ae3595a21fad918ff524
SHA1 98293fdb4e39277b673897d62440c65b389467c9
SHA256 28a63d78a28c55b6e1c351f4ad0ac26db5f038d8839b1f9a3764d3e00e0b53db
SHA512 4aa4761f16d7d2c98739c0327386c59647f0a71c505fcb18898365ac921b7d874085dac2d93e1c0c144f23292744d917960c7c3876aa21583ea4850cb792c4ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3b7ff05607ba69fe9f2a7c3e4c7bfe77
SHA1 327980d16bd9112e3d01fc1e226f80b6615a815d
SHA256 1a880a988254988c6418651634ab7dcf995d77aa9f39a4ca63b6d70a70912de3
SHA512 4314ee393e6328f4a77a110a3cae98b4fcafa1ff1fabd9b9da7800367815711948e99bf297d5a219c62e63332f526774b29a378d9f5dc447eae29c77cdaa267a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 da967fdde3d8978f31d4120865ba224b
SHA1 b8b9367e3251a161a51207effd5974083661d151
SHA256 a5f8e3720dfd67ae55fbc32e13f1bf47047f35b2544396bf4c00d6dcad7ad4c2
SHA512 56666e21689d0fa15e2f16dea5010ba1c970987797bba1f19d23034202459c5e0105448c54cc5b047b8c662ba1e02a89bd0383cb7f7af7b81a9e17b45ad34231

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a8d1603a39bd64b447663841d1692be1
SHA1 6902d4309a5dbe0f82ee1a524819ed115eb0710a
SHA256 b1f95df8970612afce1ebff8183b6a59f72cf85aac90334445009b9b77944062
SHA512 6bb2ece563b3d949afb745ba2659401148e7848fab07747ed6541a4a80a6de4a58085982e70fa7745172e3ff62ea03a8fcf01eb6a25d41deb0f780c8e5b5ae72

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e29ff3a16666221cec85d0923511979b
SHA1 41cea2221fc828e8df957c5f4656ba070f92e4f5
SHA256 c208c5aab23060917a7e00bda35c787fecdd921f6083053be8e466c5c9104d76
SHA512 0c4b7b39a5a918927723ca279585a417171bdb785ad3ac24c4d1835eddf7ed6e84626e2cccd527948427e4a373ba3ed99ca31fdb6e887af4d0dc72a10a69cf45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 86918894457759c6d95fe4250dc1286b
SHA1 5ecb26778d6a9d9143004a12fcee10e200d3d6e8
SHA256 ef168a01ad7e12ec10eb0ddff624518558cc3c50430a31e8bf086f7cfc9fa8bc
SHA512 3c26a97de66f5ebde079edfb5c147500567c6d12781cf05fc1b9e89f0d25d35be5c182ad6a675eb36985e611cdba2012768225b98977af0a0f467451f8280de7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 cbe912d0155bcb18adcbb4ca670625f4
SHA1 defcd90a921b773c30d6b397daa58a6ce56fb0d2
SHA256 c83f4433e121e289ccdbc9921f02a3bb41d32e432a885e836fe28415005ce9fc
SHA512 c75e020734a2455215ca82455296e55f6d3e60487460ac6f000ea6bff7b61e7b013a8ed1c0d754cd06ab2f21caf9500af01550e82227ef398dea057638101da8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6aeb3440bc1d0f865cf73ae5fc41f17a
SHA1 70cb3baf070ed11e8e002839a6dd5c0181eb92a2
SHA256 bf3d551c3500d4fe68ccd44fd292a864b5dbc1e60aa74c90893196f22df95945
SHA512 45bfabf6709e584e6c1e5ed2aa6c18434d12a625007dc1376c85ed701708c97a583f19bd3ad36556f71e142054c7d1a602b7f2ee3a74a1b78ef8ff579528d33f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 53d5f586db50512323fc623a78870855
SHA1 17d460cd89f7b3a1f14a401aa4b65bf1db581d47
SHA256 046f02931f5f3e870bc496f9cbd55abf11008360ca81dff3e52e89f70c1a5522
SHA512 76e8488a581b291186f60977ac74304770d6fd9c60b73f79b9fcc09bfa8dd3eaff4af35fd5eb53e85512166de92a1ba1acc508311222a7f307304491f87f1ee7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ddbe9a5d61b6dc6bf133834d0a7677d4
SHA1 23c9645a5ef2ac44000ff88d36698f2ebf6afdbd
SHA256 ac81f76a82f265a83bbc11e7c99162adbb86f466b1b68cc744e860ac4e12749c
SHA512 93559cc19ed92f82c644406e82353335ce9f0bfaf934aed50d3efc651884e7b96afeb9d7cc8c1201bc9400bdb32ad5dca2f5f853eb170d2f7e37dfb791958d78

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4217570904b35e9ce1b338c688244bd0
SHA1 75cd8aa9a94a5e010b5f5a0e0a50672587d78e74
SHA256 d0775073ca009a9457f501de0b44f05a8df6e74e7fee02425d4a56ee72ecc30d
SHA512 91ba1cd6bd9349ef02a0c3e3f7d6e80d820b8d4b540f70bfbc14a6f7c4715cee09067a8a28e0b91bd0586e48339f107562c5f166e80093689f1ad79878577067

memory/5308-548-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5308-555-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5308-560-0x0000000000400000-0x0000000000433000-memory.dmp

memory/5308-562-0x0000000000400000-0x0000000000433000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 e2565e589c9c038c551766400aefc665
SHA1 77893bb0d295c2737e31a3f539572367c946ab27
SHA256 172017da29bce2bfe0c8b4577a9b8e7a97a0585fd85697f51261f39b28877e80
SHA512 5a33ce3d048f2443c5d1aee3922693decc19c4d172aff0b059b31af3b56aa5e413902f9a9634e5ee874b046ae63a0531985b0361467b62e977dcff7fc9913c4d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 77a64cc49553534d7babda89e87124ca
SHA1 ad50265d2a61fc443f481ef08d37b920268a5108
SHA256 894df0ea0d7f8700e291ede9f91e6840261056084ca9eceadb1afec8dd6da8a2
SHA512 7d469cffe0e6b1be2f84ce82f63eb02bc4da2feaed9b73b633bad2c05f221171f44f971a4f6c553eef9e296110ffeb6fbfdd63e16be791ade037248707e0564f

memory/6200-666-0x0000000000400000-0x000000000043C000-memory.dmp

memory/6200-668-0x0000000073BF0000-0x00000000743A0000-memory.dmp

memory/6200-673-0x0000000007FB0000-0x0000000008554000-memory.dmp

memory/6200-674-0x0000000007AF0000-0x0000000007B82000-memory.dmp

memory/6200-679-0x0000000007D30000-0x0000000007D40000-memory.dmp

memory/6200-682-0x0000000007CF0000-0x0000000007CFA000-memory.dmp

memory/6200-691-0x0000000008B80000-0x0000000009198000-memory.dmp

memory/6200-692-0x0000000007EA0000-0x0000000007FAA000-memory.dmp

memory/6200-693-0x0000000007DD0000-0x0000000007DE2000-memory.dmp

memory/6200-696-0x0000000007E30000-0x0000000007E6C000-memory.dmp

memory/6200-699-0x0000000008560000-0x00000000085AC000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 da415a49187c2185025b7bbd2e88903b
SHA1 cc3b2ffdaa5b11759fb44bb1c661f81edcc27b20
SHA256 599616ce12cffd3f78d20d4cba1231901c183a24b7eb9a63f91c35781683fa1d
SHA512 1de599ecac5729c74e3fcd52e554570a9bb1b3cd7a07f0c94f2c04384feb3c294d64c8a728497a6372237ea00b66143a46f5840ebbd3fe6c5c710e8258960b19

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57e37a.TMP

MD5 a3915b8f5cf54cfe457f566981d05a06
SHA1 1bc53413e8c7e4b9c703b71a851bb159a272b103
SHA256 314164b585c4814576cfc03dfd8eee02d5d6672fb953db3bb5bc913c95d476f0
SHA512 710f7a5b087ade5ebe4542c22abb87d246d0dc075df67dbcba9c436014e720c7d40c78f62f0ccf7bc1536dff177c80914721b19a6af659d77f163559b97284f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d90b63e319ccc5776e9a302a1ff7e7c4
SHA1 590bbc8ca656f8132ca2b221dee50d783b11f51c
SHA256 d37718521d8f7e21bc8b306f24b985829e867ab19ae5a3b114a6b51db45e3ebf
SHA512 b69f50c5a5872dbf9d877026b9ee664fab1ed9267090d3a6afec751d4f86edcf25f8feb9a2aa90d8689e3dfa94683ad9dfaea2b637ef51682824ab82e30c4d3c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e668.TMP

MD5 0fa7e4a4f80960b1c0a153da5d369055
SHA1 928cbe085f04fa374dd4dd763148cabc396a5409
SHA256 7d31c7fd2eedbe793388b8651d1c8cd8237d9f4903af127aba03623ebb12c418
SHA512 d02dedd9ca2e605751a3e1b84889adb50d557e130b8ee67adf3f105e97e78ee092b904d99a6ec1243abaf697d09c536ae344b4e3c643f1c8fc3f07caeaf061ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4eca6312-4cc4-473b-8afb-420501d7fae8\index-dir\the-real-index

MD5 2014426f6b3fee5ff2f418d802d03717
SHA1 c41c32dadf278f3a66fd3d8a0998e751aadf0205
SHA256 489d1ee77950a2e32c7b151b6f99c149877e243eb41e1187b225db1481bf8b68
SHA512 ef1d360c25016dc645e93739f783f8fc3d9a6fbbf1cd9e4b5bab5d2271c3cb07ea483a61cbde70cf944ec6a16d3a4f03615b45c7fddd0a98c6868fdc17b9b2e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\4eca6312-4cc4-473b-8afb-420501d7fae8\index-dir\the-real-index~RFe57f2cc.TMP

MD5 14713fe2d877306ef78bb1935f8c80f3
SHA1 ba74febb7b6b8a48999e3e90e513ff4341f27445
SHA256 6e96c4266836e737011781ccbd1537e3281c5bc494ca599a4e8b2fe311c6b179
SHA512 378b9f3916e3c10077f45185c27ca91cf5bd1410797c98d329d7a9e510ceb32959aa202086809bc80f9460d636238329e5e6e80d034c9db1803b2c4925efbb3d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\82cc7966-1afb-4db5-9488-c6159e6136df\index-dir\the-real-index

MD5 d9547a4e3934b7fbddd4b65ec4a1cd20
SHA1 8ce9c054658420f8ed825b69bd739e67e37eb150
SHA256 c439a5830a4d1c5986a6e5c68c8d7fbee6dc3c75f0d2552d74b19831a8e45a58
SHA512 390182b8dca74ffd9e3ca0809d15ecf7a9c78319b47d96ae2dbf760e97358d06754f5fb4a697f636000ca9f34f5726bbf25ca6d572b2419f49833f829f9d7648

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\82cc7966-1afb-4db5-9488-c6159e6136df\index-dir\the-real-index~RFe57f898.TMP

MD5 be971d625d1d604aa56d58a43e4e3b7f
SHA1 a8067223fe220bb49d1ae498f8da41f15ffb8957
SHA256 499c918c97dd00d8b81b695a2da654289bd7f5cd7d55ab3aa4e7a05888456068
SHA512 487171dc2491ae9f8547b020a16985561e4c6895943b54aac55b280acab1bcba8555b24c999620bc13a71695611cb175e2aa6638d92e0dfb0d14efdff2ca960d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 1f61d262bd4f45e5e2d031b7f631e76d
SHA1 5686ff4567b6f7148746319d88fd841a3235b5ba
SHA256 6e01119d5bcf1f5a260eb1ccb607a128c529496f30542c1fe07a02dd8522bd32
SHA512 2efb1419f34506109ab512d46fce3cd687c79469c2c97dc34151b4ec839c6d1bc9d0f8f05a165d4c9e1308c4c746424bac44f27a1c2f3a6c9ad188790c420a4e

memory/7016-865-0x0000000000400000-0x0000000000488000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c88d4c71408e9ff0f6c4a9a117942f67
SHA1 b52b36922e72d76f7a63c240189b9e25e141999c
SHA256 374f5ab500f1786cf1683e9c8b2d03f959210bbdcc54d09e3638d9e361adbba7
SHA512 d823d445bfdf35f92729dc776b7b7fa6602fb52322784a87ced84db6d94b3dff76d77c5ad58e3783e8a18e53190c3b8c8069fd098d4298b2805fae73143efe87

memory/7016-875-0x0000000000400000-0x0000000000488000-memory.dmp

memory/7016-876-0x0000000000400000-0x0000000000488000-memory.dmp

memory/7016-878-0x0000000000400000-0x0000000000488000-memory.dmp

memory/6200-999-0x0000000073BF0000-0x00000000743A0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 fdbf5bcfbb02e2894a519454c232d32f
SHA1 5e225710e9560458ac032ab80e24d0f3cb81b87a
SHA256 d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c
SHA512 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

MD5 4e08109ee6888eeb2f5d6987513366bc
SHA1 86340f5fa46d1a73db2031d80699937878da635e
SHA256 bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339
SHA512 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

MD5 740a924b01c31c08ad37fe04d22af7c5
SHA1 34feb0face110afc3a7673e36d27eee2d4edbbff
SHA256 f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0
SHA512 da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c

memory/6200-1056-0x0000000007D30000-0x0000000007D40000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fda49e78113e47e4a55f174fe1cae2a2
SHA1 795181368fb35c0f724d814dbf6fbc614ded2623
SHA256 120f4d7d0205e78c858274ebaab21c6f09fb4ace3d6e4a5488fa34cbfdc6106d
SHA512 d052453427bc63bdba67fe259ae75f84b4a14e9eb9da84ec385faaebaf1bb0177471de90607b93bc3d1b5f10f675fce234d95a3bc146259eb7356b3b886896c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 afd40ebafc34e6b14b8bf8af2d780fe1
SHA1 ed5a7913892d6385ece600b5f25f6e7a0f1ff0b3
SHA256 49fe800c250f0d46448ac46b58c6d36a9b3e00fa0e55a3d50e3ae15729ef387f
SHA512 c5b5886ee5e97f0745f6e161f1642f2e5e710b81ed0e239b59213c91752b37dffb8958e575c1e8cf7102f9d245268fb6c4d6b2c4e363fcaf098c7987f6cc3d0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\9f8aef07-949a-4325-b760-06b94cf7e63b\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe5853f7.TMP

MD5 f106d452a8bafafb468a6c1c2f31186d
SHA1 33339cd0cbbb599d951cb93ac1b388e17118d826
SHA256 069826b5feeda1db2aac403d7b01810c88541452312a71761b04b933c50c9422
SHA512 d94536318e66d30b4ef2bd03bc6af18100342f1a8ea0e0791ee2d28d33836ee88cfeec3656ad80c610b68ed9245640d7379b66ef39061011a1ed777bb765d1bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

MD5 8a3e068ac18c8a8b4e2afeba8621077c
SHA1 7833836b5ced35cf86d67920b4da1b7ddae9d48d
SHA256 bb4c1399a87960903d3ec6d747b21b28867cb347b5c01d65ca403f98eb671934
SHA512 7cb01b4deee5ee9f93ca83996df30c9d0a79c8052af1b5ad89e2975d20da86173e36b73252072e852530d01592c48ffa5912df488eab9fa7f98758e4a294b4a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0c65681da88c98d1136300da16f0f79b
SHA1 78c5f97ece9bf3da2876a480b65150a174297ab6
SHA256 13d4fa1612b2dfd52ae4601d1fe859c2ae6864770b545eeddbec0db8e46bdba3
SHA512 a94f1d9f22688eae427ced6c17c710bb48fa188ea529d3a82e112ba276e9ac4dcaab81f896bf1317d6e49761d28540845ac7a4c5018622056c1b9236c6298ae6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4298dadaa2ccec3f13c9856ee6051747
SHA1 9476f912546219e0d9eac7c7666677707e9a929b
SHA256 5a9426417cb95dd5c7e1d257bb1b1a933951373ee9aaa637c309de37d35ca69c
SHA512 4349dfaee4d1f9db79d84ca3cc9628c898f618dc5263e944cb69c85fe9605d65e1d9cccde13770193d8f81ed5bef9257a809c46aae5f7f8d7ab4cc543e76f6b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e782611e11732d04d535acca04faa2b9
SHA1 9df05f15b57bcf1d3e2ea1da24ca184c4591c0b9
SHA256 ac0d7fdfbe7ee4a2937fdaf927e1947b50cf4e0d007d9444cfcd3a518e80956d
SHA512 cd7ff79a300e233512946fb8191d9602c6f5c75cbc588aea8c11fd51b016600f0f75bac47e8ee85c944c295826e3c3bb8f22d64db7f3dda15c59517dfa6ec314

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1e4df27a4a982e6d55ef85183353651b
SHA1 6c0dad4e2a36c10c69c5739636190411c59952a4
SHA256 1fd3768dc3851a3c0dfe187a580f680ab9692b2338d4ebf0aaa36263b4080d0b
SHA512 02e4e604414bef51bedb043c3580c77352b9f1b00d827b6b96edeb98bcd8a1fa638f76835584b0a8eded025bd8d1eea1b0826ecb245f7d6073a2fce21030857b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\3e1866c5-ee25-4f63-bb7f-2ca8383e9895\index-dir\the-real-index

MD5 8c133a978b08e8ba6c713011446f2a83
SHA1 aab5ad2e1892bb21a5969f4112f30c5d9023decb
SHA256 878cd9def959ce24b52a7ebc054a7ff5a3d6c7da0f2f4895a3c3614e69baba6b
SHA512 81ca7ba8cc9435e5affa3cca69cf22055a6f09d0506a9bdfc76c6e8d681f960cb1ee29e939908db12cf95072e64fd3ef81515e4a9a110d659db0861f49e29932

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\3e1866c5-ee25-4f63-bb7f-2ca8383e9895\index-dir\the-real-index~RFe58a478.TMP

MD5 d031a07ab466c87fe22702b2a127d355
SHA1 ae7c0d52cf9126ea4f58f226df5c77f2839e4a9e
SHA256 621925e59177c68040bf338055dcd3ba3750f60e12c2d893a1760f85c8d212b5
SHA512 d6e01a9ee6e37cd0fa4a93f33c8e2b3197006180a055c84c26265c5976b7d427c72e0ef44776fe9f45a699682434dea0e6996f902321a13e1836b6501b736042

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f1fc774bb1624689f34a7e80fcf0baca
SHA1 0f3b80edcaaa37733ad5e51e0736a308873aef02
SHA256 a320a933d25e15fdf42cffb46254c67565995f44358ccfc5282c90220acf0b7a
SHA512 9680f5e073a0681a49b08c53432df8dc93c0278fd43e5dbaf62be5f71578600061e11da118e385a1fa277cf550475b5452b770804f619790184b1ccf4b35961a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b966b78b821d511626904ba48b8160c1
SHA1 a806a8bfd9e01671f5483ad57aeb992c308f9390
SHA256 39f32a833f4b7ab1b0e25d670b5466cbaf97c2802a15968c09cf740049ccc23d
SHA512 d9d8321a70a3c4ab71fcad6ea758a75cd58def834377cd31c51a135f5a67ec990e2e3178c2cf1b255532be4a6355c77cfffd392dfed18b1180ed64591dea8ddb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 75e63d444fdb4702e5c9b325c177a6b2
SHA1 66bdfbbb3e1ccdac268a3827c8bf53d2088993e8
SHA256 d57857c4ee2ab42db54923ba6d941a9bc60697b9c579c80c48cc2fac7e5383d8
SHA512 dad95e3082e5a63d3b639fd89e18d51c04d603ee72896e02247fe80ff9b40ea0986253c34651f87d7fdc1423b9a9c7109f022800db803e16086160127dcf1a7f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\9f8aef07-949a-4325-b760-06b94cf7e63b\index-dir\the-real-index~RFe58f3b2.TMP

MD5 000c1af343f31d4cd8a8f0737a1b2795
SHA1 d74e01c9af9988547fdcb2ed2c57ee24ea1b8d86
SHA256 6850968a794fd90ca15e86c075f03a0b5b469522ca8fdc18ef3e50b09bdac367
SHA512 f576fddf5dd2e3778ef8fc1b406d2407ed4f66630865f8b9346274950b43578302219502616ae1c5b2b9649eefb04eb08e7cdb30bfb6a48e64ad0397c60d2654

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\9f8aef07-949a-4325-b760-06b94cf7e63b\index-dir\the-real-index

MD5 277bc092ff930007a93d696523d3d421
SHA1 ebdf617153a3597534990d62b2d4b1e397581f0c
SHA256 c6aae57b2b628c637a1f957ca2889c7fc96ef47cdc58a33c0cccd6ed324e6d37
SHA512 ebb1307eb81ba8b7a8e1bfbce02ed29bd83acb4703f77ab352e149a91748c2af84f3fbe87d2ce39664e9351bfd3934552b60c69d65f53fc8bb51a67f856fd4b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

MD5 1ce415cb9a9c05856374587c4993634b
SHA1 a36062d3eed6bedd630fdb66941d20fbfe81e218
SHA256 c14462c6a9ee4a81d742b86e66a7f02e3d389627b4e944a4ba24e63e0e5cba15
SHA512 5837759a28d6c25b13686ed1384f43b2958060dcd898f3e4155e28b824f3614322151b2ca3d6ac1aa2385aa41a81a88507e4cf5f340c10956f4ed7a8fd00c10f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 7e09402b40868821d7729d9a626ac522
SHA1 5345acd54bae43b54abd39d20339e83d92b079f3
SHA256 c9e1c52674f983710955e49e293587a07c14a6126f01154a521d3c9582554ff3
SHA512 ab19b53638e3dca916d110e84750ab54274c75ea9eec40a0392966fa3a1f321b14c760dcfb87aed1c15ae81f7ec51ce5413eaeb765d53d2175931efcb283423d