Analysis Overview
SHA256
8f626b7c10b35d18a1d6a002a86aad43acb1eaa0841b840000ee92c077ed64eb
Threat Level: Known bad
The file 8f626b7c10b35d18a1d6a002a86aad43acb1eaa0841b840000ee92c077ed64eb was found to be: Known bad.
Malicious Activity Summary
Detect Mystic stealer payload
RedLine payload
RedLine
Mystic
Executes dropped EXE
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
Suspicious use of SetThreadContext
Detected potential entity reuse from brand paypal.
AutoIT Executable
Enumerates physical storage devices
Unsigned PE
Program crash
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-11-11 09:43
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-11-11 09:43
Reported
2023-11-11 09:45
Platform
win10v2004-20231020-en
Max time kernel
150s
Max time network
155s
Command Line
Signatures
Detect Mystic stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Mystic
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cu5tt39.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\HG4Eu01.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Ja745Sx.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4fV5jo8.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5oR26Ox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6NP923.exe | N/A |
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cu5tt39.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup2 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP002.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\HG4Eu01.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\8f626b7c10b35d18a1d6a002a86aad43acb1eaa0841b840000ee92c077ed64eb.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 6192 set thread context of 7300 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4fV5jo8.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 7232 set thread context of 7160 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5oR26Ox.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 1220 set thread context of 5736 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6NP923.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\8f626b7c10b35d18a1d6a002a86aad43acb1eaa0841b840000ee92c077ed64eb.exe
"C:\Users\Admin\AppData\Local\Temp\8f626b7c10b35d18a1d6a002a86aad43acb1eaa0841b840000ee92c077ed64eb.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cu5tt39.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cu5tt39.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\HG4Eu01.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\HG4Eu01.exe
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Ja745Sx.exe
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Ja745Sx.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9683d46f8,0x7ff9683d4708,0x7ff9683d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ff9683d46f8,0x7ff9683d4708,0x7ff9683d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x178,0x17c,0x180,0x154,0x184,0x7ff9683d46f8,0x7ff9683d4708,0x7ff9683d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9683d46f8,0x7ff9683d4708,0x7ff9683d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9683d46f8,0x7ff9683d4708,0x7ff9683d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9683d46f8,0x7ff9683d4708,0x7ff9683d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9683d46f8,0x7ff9683d4708,0x7ff9683d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9683d46f8,0x7ff9683d4708,0x7ff9683d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,4690109103379732501,1995206018297448382,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,12130910045106847988,17564226803397106299,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,12130910045106847988,17564226803397106299,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,12986723332519558456,2125378112106185851,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,12986723332519558456,2125378112106185851,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,4690109103379732501,1995206018297448382,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9683d46f8,0x7ff9683d4708,0x7ff9683d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1848,16933667368005986413,4847405447084241282,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,16933667368005986413,4847405447084241282,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ff9683d46f8,0x7ff9683d4708,0x7ff9683d4718
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4fV5jo8.exe
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4fV5jo8.exe
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,3039387902351014025,10783459898774891597,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,3039387902351014025,10783459898774891597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,4147980331425044837,15022192900285220545,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2180,2200626005614212729,14766033792451726534,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7020 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5oR26Ox.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5oR26Ox.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 7300 -ip 7300
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7300 -s 540
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7664 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7664 /prefetch:8
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6NP923.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6NP923.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1748 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4076 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,17394586540325223701,8179398672338171426,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4500 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.128.231.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.142.81.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 104.244.42.65:443 | twitter.com | tcp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 3.215.51.251:443 | www.epicgames.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 8.8.8.8:53 | 65.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.49.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.240.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.51.215.3.in-addr.arpa | udp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | 8.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 44.214.245.214:443 | tracking.epicgames.com | tcp |
| US | 8.8.8.8:53 | static-assets-prod.unrealengine.com | udp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | c.paypal.com | udp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| US | 151.101.1.35:443 | t.paypal.com | tcp |
| US | 8.8.8.8:53 | b.stats.paypal.com | udp |
| US | 64.4.245.84:443 | b.stats.paypal.com | tcp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | dub.stats.paypal.com | udp |
| US | 64.4.245.84:443 | dub.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | 214.245.214.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.245.4.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c6.paypal.com | udp |
| US | 8.8.8.8:53 | 227.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 88.221.25.153:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 176.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.25.221.88.in-addr.arpa | udp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.250.179.150:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 150.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| US | 157.240.5.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| US | 157.240.5.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | 35.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.14.97.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 104.244.42.130:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| NL | 199.232.148.159:443 | abs.twimg.com | tcp |
| NL | 199.232.148.159:443 | abs.twimg.com | tcp |
| US | 192.229.233.50:443 | pbs.twimg.com | tcp |
| NL | 199.232.148.158:443 | video.twimg.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| NL | 199.232.148.159:443 | abs.twimg.com | tcp |
| US | 104.244.42.5:443 | t.co | tcp |
| NL | 199.232.148.159:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | 130.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 159.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.233.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 160.252.72.23.in-addr.arpa | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | udp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | numpersb.fun | udp |
| US | 8.8.8.8:53 | killredls.pw | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 171.252.72.23.in-addr.arpa | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| US | 8.8.8.8:53 | 38.209.67.172.in-addr.arpa | udp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | talon-website-prod.ecosec.on.epicgames.com | udp |
| US | 172.64.146.120:443 | talon-website-prod.ecosec.on.epicgames.com | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 120.146.64.172.in-addr.arpa | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 104.244.42.130:443 | api.twitter.com | tcp |
| US | 104.244.42.130:443 | api.twitter.com | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | talon-service-prod.ecosec.on.epicgames.com | udp |
| US | 172.64.146.120:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 172.64.146.120:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.219.90:443 | js.hcaptcha.com | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 90.219.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.39.98:443 | googleads.g.doubleclick.net | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| NL | 142.251.39.98:443 | googleads.g.doubleclick.net | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 98.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | api2.hcaptcha.com | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| NL | 216.58.214.14:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 14.214.58.216.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| NL | 142.250.179.138:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.250.179.138:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 138.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| NL | 142.251.36.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 6.36.251.142.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | 90.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cu5tt39.exe
| MD5 | 83911e117a8f4532940ad05d3da52369 |
| SHA1 | ecc1f2fc205ec1fb31b411ab73612b655889d123 |
| SHA256 | 6243268c17bfcf29dfc73be1baf5d49299bdb66aa5779bf17869da15b80da6f0 |
| SHA512 | c963378a1eee27419d193754824bf95a297ee1154ef0fd715d03e069a03fb7daeacb1db1e58138aab5a7d057a33d2c37c9d835aa4fd64220bb1defd8cdd31f98 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\cu5tt39.exe
| MD5 | 83911e117a8f4532940ad05d3da52369 |
| SHA1 | ecc1f2fc205ec1fb31b411ab73612b655889d123 |
| SHA256 | 6243268c17bfcf29dfc73be1baf5d49299bdb66aa5779bf17869da15b80da6f0 |
| SHA512 | c963378a1eee27419d193754824bf95a297ee1154ef0fd715d03e069a03fb7daeacb1db1e58138aab5a7d057a33d2c37c9d835aa4fd64220bb1defd8cdd31f98 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\HG4Eu01.exe
| MD5 | 205b852f2b907b6e7095ffa566c3bddf |
| SHA1 | 9bc21fa588fb8ad7575ad09465b7ec4ec6d4c8a5 |
| SHA256 | dfb7af4b363dfe3e49953d099029417ed6c2bb7caaaaeacdbca9c824820f5445 |
| SHA512 | 1e343d7d4cc310930fba14492502b179484f1cb3ed74680cee44f43a739cac58c00dc0be7b50abaf14854bc3e11a69ed50eb3d921e0fbf34a543363ea6f4a3c8 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\HG4Eu01.exe
| MD5 | 205b852f2b907b6e7095ffa566c3bddf |
| SHA1 | 9bc21fa588fb8ad7575ad09465b7ec4ec6d4c8a5 |
| SHA256 | dfb7af4b363dfe3e49953d099029417ed6c2bb7caaaaeacdbca9c824820f5445 |
| SHA512 | 1e343d7d4cc310930fba14492502b179484f1cb3ed74680cee44f43a739cac58c00dc0be7b50abaf14854bc3e11a69ed50eb3d921e0fbf34a543363ea6f4a3c8 |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Ja745Sx.exe
| MD5 | fa07cabd28cf509834aca34434096196 |
| SHA1 | 3f56351dcb3ae570a76e6be6822f2218d0d29cf4 |
| SHA256 | 15234b48aa50ab7df8cde5e53267812cf45c85984fc450fe7e94e83a65f1b3d0 |
| SHA512 | e847cfb4ca92e42e315eeef0480e095066ce09a90ae02526dbf46a11e36032aea7ea7a891b9ec9a6defa2c3a8529889ece10366f7147be0904ca23d568d7f8d4 |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Ja745Sx.exe
| MD5 | fa07cabd28cf509834aca34434096196 |
| SHA1 | 3f56351dcb3ae570a76e6be6822f2218d0d29cf4 |
| SHA256 | 15234b48aa50ab7df8cde5e53267812cf45c85984fc450fe7e94e83a65f1b3d0 |
| SHA512 | e847cfb4ca92e42e315eeef0480e095066ce09a90ae02526dbf46a11e36032aea7ea7a891b9ec9a6defa2c3a8529889ece10366f7147be0904ca23d568d7f8d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
\??\pipe\LOCAL\crashpad_2360_VPFRFQERQRTCQYXI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
\??\pipe\LOCAL\crashpad_4480_BAFMNIPRTWAKPCEM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_2500_GBVRXRDWKCYXCCLY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_2768_TWBZMSEEZHVSSZTY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_3044_ODIUJJMPRSFZVOHW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4fV5jo8.exe
| MD5 | d8426db33bc5acd752c917b8bd9aeb87 |
| SHA1 | 0cc4f0b668b917b8bb57aeb4d32cbd6e6fdbf945 |
| SHA256 | 1629a6920bef637bad4b6c074ea89c25cacf7e1740ca4426cbfc495a691a0a24 |
| SHA512 | d83233ef5ec90b675deeede182983076020a064363592808f30819883804d8f50700f5efcfe85ce43888511753f29de50340329c246ffe747b3a1d12a9bcba10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 390793ab5712109cdee50f943fbab88a |
| SHA1 | 86ce19399dbeecf583851c10ec6f4afbf8dcaec4 |
| SHA256 | 853f80b4b770d0b973cb970738310d629bbfa6bc0a7b6b3e179b2f43a01add8d |
| SHA512 | 530bd0a34d8c127a70d23c2cb45cb365c54cf1dc22128dab7aaba731d93ada42a44912eb3c64121fea5232e3285f4c0f6f88c9b9e1a6d15711dd895f670aa91b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\7f92c513-d585-47f9-a304-84bf19478ba6.tmp
| MD5 | fad459462211627ab5e41695b2d8fcac |
| SHA1 | ffa03f9c8ff82a581256d8b5dbf6c26bbd7ecc56 |
| SHA256 | b75672b683ca56b6e669fb1398a2cf260008fb8632967b1e3d61651585e2ee00 |
| SHA512 | b6abd2b61dc85c66eca8e88b92915e1fb46dfe5b162a69718bcebdd99e48c2e0c4e52b987ab57e1ab2bf942bc9b01e47d2c1c57ddafda99e9f896cab4c5d4068 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 390793ab5712109cdee50f943fbab88a |
| SHA1 | 86ce19399dbeecf583851c10ec6f4afbf8dcaec4 |
| SHA256 | 853f80b4b770d0b973cb970738310d629bbfa6bc0a7b6b3e179b2f43a01add8d |
| SHA512 | 530bd0a34d8c127a70d23c2cb45cb365c54cf1dc22128dab7aaba731d93ada42a44912eb3c64121fea5232e3285f4c0f6f88c9b9e1a6d15711dd895f670aa91b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7853ea43d05754c714eb3fe7e348c64c |
| SHA1 | 9d32b3304723fd3ecbb6874fd181d8cd7b833d60 |
| SHA256 | 8be10d23af431c62d1c9902350c59766f01a7679012fdb8ad346d98d28665aa8 |
| SHA512 | cda32c13730e70d72d2e0173d2afa136c2cdf5ebc611d0968d14d693bb9e8a605d38ba9248234c1c360cca59d7daa7d2f27ff3d590d58eac1bc4914f30c3772b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7853ea43d05754c714eb3fe7e348c64c |
| SHA1 | 9d32b3304723fd3ecbb6874fd181d8cd7b833d60 |
| SHA256 | 8be10d23af431c62d1c9902350c59766f01a7679012fdb8ad346d98d28665aa8 |
| SHA512 | cda32c13730e70d72d2e0173d2afa136c2cdf5ebc611d0968d14d693bb9e8a605d38ba9248234c1c360cca59d7daa7d2f27ff3d590d58eac1bc4914f30c3772b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6e4393d2716d01a4f4c489cc15e95911 |
| SHA1 | ad4e731dd4b9dbba504dd81fde2795504424363e |
| SHA256 | 8024a3723927b77b31ade2713db49b1082873efd5b8099e767cd4ce47b57a007 |
| SHA512 | c8452cc2645923f2c2b9e84a989cb77c1ebbb30b192fc9d81dc3861bf0738ff149cb426cf7ddcce14674c421cf8391f035c05fc153b9b36937efd1032fd0d21e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fad459462211627ab5e41695b2d8fcac |
| SHA1 | ffa03f9c8ff82a581256d8b5dbf6c26bbd7ecc56 |
| SHA256 | b75672b683ca56b6e669fb1398a2cf260008fb8632967b1e3d61651585e2ee00 |
| SHA512 | b6abd2b61dc85c66eca8e88b92915e1fb46dfe5b162a69718bcebdd99e48c2e0c4e52b987ab57e1ab2bf942bc9b01e47d2c1c57ddafda99e9f896cab4c5d4068 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\d19d0c99-b751-41dc-ae02-2a4900f8517c.tmp
| MD5 | f899a845e2bd85890a35461efc285cce |
| SHA1 | a3a700fa4c1aae295b8e8700cbe45a4ca69cfcbb |
| SHA256 | 77234970e94fa673662343625a45d846b601b9b33667caa45fb2226b2b635e4f |
| SHA512 | e93b1a511e3444e63b0fbc06510f7a7cb6b2fb52cef7dca7e872ed9312e517b10a887fd2489e6a41f3d92e84189d4f60d7b511b0a8ebb806be7514ecaeb95fb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6e4393d2716d01a4f4c489cc15e95911 |
| SHA1 | ad4e731dd4b9dbba504dd81fde2795504424363e |
| SHA256 | 8024a3723927b77b31ade2713db49b1082873efd5b8099e767cd4ce47b57a007 |
| SHA512 | c8452cc2645923f2c2b9e84a989cb77c1ebbb30b192fc9d81dc3861bf0738ff149cb426cf7ddcce14674c421cf8391f035c05fc153b9b36937efd1032fd0d21e |
\??\pipe\LOCAL\crashpad_4268_CDAREYFBMGPQGSBM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 722a550413118e68717eab3c2229ebdc |
| SHA1 | dae9713bc2d4b5efbf0542206726a32dc5ef2102 |
| SHA256 | 71b05fc539ff413d761f5046607aa188a7695a2a14e4e9947d3ccff8f6e1b733 |
| SHA512 | 8f10a73301122201b350f98d7b5ba0e8b08e517517793fd8ebfef200d3daa1194f7169b59f9d5c238c36597ea5a97a3d10e9a8cf8d4c7b99f8dbbab88ab834ec |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4fV5jo8.exe
| MD5 | d8426db33bc5acd752c917b8bd9aeb87 |
| SHA1 | 0cc4f0b668b917b8bb57aeb4d32cbd6e6fdbf945 |
| SHA256 | 1629a6920bef637bad4b6c074ea89c25cacf7e1740ca4426cbfc495a691a0a24 |
| SHA512 | d83233ef5ec90b675deeede182983076020a064363592808f30819883804d8f50700f5efcfe85ce43888511753f29de50340329c246ffe747b3a1d12a9bcba10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f899a845e2bd85890a35461efc285cce |
| SHA1 | a3a700fa4c1aae295b8e8700cbe45a4ca69cfcbb |
| SHA256 | 77234970e94fa673662343625a45d846b601b9b33667caa45fb2226b2b635e4f |
| SHA512 | e93b1a511e3444e63b0fbc06510f7a7cb6b2fb52cef7dca7e872ed9312e517b10a887fd2489e6a41f3d92e84189d4f60d7b511b0a8ebb806be7514ecaeb95fb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 722a550413118e68717eab3c2229ebdc |
| SHA1 | dae9713bc2d4b5efbf0542206726a32dc5ef2102 |
| SHA256 | 71b05fc539ff413d761f5046607aa188a7695a2a14e4e9947d3ccff8f6e1b733 |
| SHA512 | 8f10a73301122201b350f98d7b5ba0e8b08e517517793fd8ebfef200d3daa1194f7169b59f9d5c238c36597ea5a97a3d10e9a8cf8d4c7b99f8dbbab88ab834ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d036a752d794db9b1f98a4612bc9595a |
| SHA1 | 2a1388a1e4415a5e58c39557004fc254e87b9e6d |
| SHA256 | b6a2141576d0b740db015b7af56cc8368c4c486d817f88267dec47f674e35141 |
| SHA512 | ed24f9bcecf3af1b3d676541807b5780d81c1b675ebe118901fc2c1c575a6bed40ea2c80703d5fd45b792697d6b69a9a35084e45793c35af9e00b91738d4b109 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fad459462211627ab5e41695b2d8fcac |
| SHA1 | ffa03f9c8ff82a581256d8b5dbf6c26bbd7ecc56 |
| SHA256 | b75672b683ca56b6e669fb1398a2cf260008fb8632967b1e3d61651585e2ee00 |
| SHA512 | b6abd2b61dc85c66eca8e88b92915e1fb46dfe5b162a69718bcebdd99e48c2e0c4e52b987ab57e1ab2bf942bc9b01e47d2c1c57ddafda99e9f896cab4c5d4068 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7853ea43d05754c714eb3fe7e348c64c |
| SHA1 | 9d32b3304723fd3ecbb6874fd181d8cd7b833d60 |
| SHA256 | 8be10d23af431c62d1c9902350c59766f01a7679012fdb8ad346d98d28665aa8 |
| SHA512 | cda32c13730e70d72d2e0173d2afa136c2cdf5ebc611d0968d14d693bb9e8a605d38ba9248234c1c360cca59d7daa7d2f27ff3d590d58eac1bc4914f30c3772b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d036a752d794db9b1f98a4612bc9595a |
| SHA1 | 2a1388a1e4415a5e58c39557004fc254e87b9e6d |
| SHA256 | b6a2141576d0b740db015b7af56cc8368c4c486d817f88267dec47f674e35141 |
| SHA512 | ed24f9bcecf3af1b3d676541807b5780d81c1b675ebe118901fc2c1c575a6bed40ea2c80703d5fd45b792697d6b69a9a35084e45793c35af9e00b91738d4b109 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 722a550413118e68717eab3c2229ebdc |
| SHA1 | dae9713bc2d4b5efbf0542206726a32dc5ef2102 |
| SHA256 | 71b05fc539ff413d761f5046607aa188a7695a2a14e4e9947d3ccff8f6e1b733 |
| SHA512 | 8f10a73301122201b350f98d7b5ba0e8b08e517517793fd8ebfef200d3daa1194f7169b59f9d5c238c36597ea5a97a3d10e9a8cf8d4c7b99f8dbbab88ab834ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 390793ab5712109cdee50f943fbab88a |
| SHA1 | 86ce19399dbeecf583851c10ec6f4afbf8dcaec4 |
| SHA256 | 853f80b4b770d0b973cb970738310d629bbfa6bc0a7b6b3e179b2f43a01add8d |
| SHA512 | 530bd0a34d8c127a70d23c2cb45cb365c54cf1dc22128dab7aaba731d93ada42a44912eb3c64121fea5232e3285f4c0f6f88c9b9e1a6d15711dd895f670aa91b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 22682c87fb7a29ce676c543d74a35037 |
| SHA1 | de767c615c722b34be0ebc599c4d28daa5738035 |
| SHA256 | d3c40ee4ffbba90d09c750819f61d0058215b5a9fcb367508a609484fd005f5a |
| SHA512 | 842be7524b72ec923980aec5d409ae8b91596230776707c5b24c918263d664555f79f087f633c9f945cae6595431b5f0c226e80b07fb1e6ee00c8478f4f1622b |
memory/7300-296-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7300-297-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7300-299-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7300-301-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3a7091841c247afd4b96ec80ba0749ce |
| SHA1 | b2b8871c8f12bc8742e65e73fcf6498396fb49bb |
| SHA256 | 0fd52d559195ce054a26406e211b26ba2f09353450be3ebb23be3a72e61bdba5 |
| SHA512 | 34b7c38b6f29a459e286f1f30c0d16120df2731b48c4ebc9e9aa2a87752d8c49d6708cfe3c236ba1f9bb9ee7bec19ada69181f0fd999d66c80408e99378c5de4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f0801aea17bc29f3f2f01a30fe0ad2fb |
| SHA1 | 2733fbee0a9c0c303f4c464dc5768a74340c7dfd |
| SHA256 | 7c2f3a29852e8299788813805b520890073e593bcb372f3b3516f32682885e81 |
| SHA512 | 836710359f3cf0709c26ba2231f214f483705f06aa31b3243e8991b7a89c281c428144ac1f6f2c2653ceb7c565296e886274ca1f5da48b6fd26bd3cb8b9a3888 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 1c706d53e85fb5321a8396d197051531 |
| SHA1 | 0d92aa8524fb1d47e7ee5d614e58a398c06141a4 |
| SHA256 | 80c44553381f37e930f1c82a1dc2e77acd7b955ec0dc99d090d5bd6b32c3c932 |
| SHA512 | d43867392c553d4afffa45a1b87a74e819964011fb1226ee54e23a98fc63ca80e266730cec6796a2afa435b1ea28aed72c55eae1ae5d31ec778f53be3e2162fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
memory/7160-380-0x0000000000400000-0x000000000043C000-memory.dmp
memory/7160-382-0x0000000074B00000-0x00000000752B0000-memory.dmp
memory/7160-383-0x00000000082A0000-0x0000000008844000-memory.dmp
memory/7160-384-0x0000000007D90000-0x0000000007E22000-memory.dmp
memory/7160-390-0x0000000005820000-0x0000000005830000-memory.dmp
memory/7160-395-0x0000000007F20000-0x0000000007F2A000-memory.dmp
memory/7160-400-0x0000000008E70000-0x0000000009488000-memory.dmp
memory/7160-401-0x00000000080E0000-0x00000000081EA000-memory.dmp
memory/7160-402-0x0000000008000000-0x0000000008012000-memory.dmp
memory/7160-403-0x0000000008060000-0x000000000809C000-memory.dmp
memory/7160-404-0x00000000081F0000-0x000000000823C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 90f73771730f61379e5361f0f4cfc818 |
| SHA1 | 4b22bd1ec2865a8d77a56995c6e11784c95d3830 |
| SHA256 | fc567eea196c0eb9d7d64872a22744a62a18eeae187f58b52bd5b1d8f80d4779 |
| SHA512 | 89e511d554314ab19eff4e1510714b81c22b09fa4cd27170e2e32ec5eafb557f3f9932109fe66696a428e3d76a20f679045dcf38df6a9c45636aa8dcfa2561b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582d35.TMP
| MD5 | feabcba3710812a9c66bf43af058fd97 |
| SHA1 | 98e8ebd3595e4dad724b5ac9cfcf45673bf79789 |
| SHA256 | 17777f7dcea6dd9d2074b74c1ed354075a4937e7965cb35188d393b4c39b5f5e |
| SHA512 | 7e3e1c5dd745b83ef84e8c54eb8e10077c175143def3cddc8dd987c5e40605f0b41fdd1478971107e2dbe75bd33c2f2ac006ca15b8c0784bbd9b20871596ccde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 562cfa1c300644864ba1e11617f82be2 |
| SHA1 | 9c14245a8731067aef7e19677edc6b9ebd609a46 |
| SHA256 | 5446f106089ce5c383b3b9e251ba6b162227e2771e6a04ac17656f93f171d2e6 |
| SHA512 | 3d7d94a6d3d195b6c078b0b1ffe6d5a5a86a4c226360a6d6852db81e12cebf2c46a7e1f3d4e37200b1b8bd7daab2b1a11eef889e766d5c89234696f0bcd11f95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 6a42944023566ec0c278574b5d752fc6 |
| SHA1 | 0ee11c34a0e0d537994a133a2e27b73756536e3c |
| SHA256 | f0ac3833cdb8606be1942cf8f98b4112b7bfd01e8a427720b84d91bdc00dde65 |
| SHA512 | 5ebdf0d7ec105800059c45ece883ce254f21c39f0e0a12d1992277fe11ef485de75d05827fbbabb4faf0af70b70776c02457873e415ade2df16b8ba726322935 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 7d75a9eb3b38b5dd04b8a7ce4f1b87cc |
| SHA1 | 68f598c84936c9720c5ffd6685294f5c94000dff |
| SHA256 | 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7 |
| SHA512 | cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | fdbf5bcfbb02e2894a519454c232d32f |
| SHA1 | 5e225710e9560458ac032ab80e24d0f3cb81b87a |
| SHA256 | d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c |
| SHA512 | 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916 |
memory/5736-596-0x0000000000400000-0x0000000000488000-memory.dmp
memory/5736-603-0x0000000000400000-0x0000000000488000-memory.dmp
memory/5736-604-0x0000000000400000-0x0000000000488000-memory.dmp
memory/5736-608-0x0000000000400000-0x0000000000488000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 4e08109ee6888eeb2f5d6987513366bc |
| SHA1 | 86340f5fa46d1a73db2031d80699937878da635e |
| SHA256 | bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339 |
| SHA512 | 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
| MD5 | 740a924b01c31c08ad37fe04d22af7c5 |
| SHA1 | 34feb0face110afc3a7673e36d27eee2d4edbbff |
| SHA256 | f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0 |
| SHA512 | da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 52963386ec05c3339a6dc44389f0975e |
| SHA1 | 9dd59bef70dd5e2fbcdc40e34ca3a5f3ab2f08c5 |
| SHA256 | cd1ace9bdaddfc70ded6a6195e595de6a8197d67e32f38a5e9669c2b203ac3c3 |
| SHA512 | 78371912e4f2806e18854f93f7f69406932c98428395a5e2f74af83bb17f2d915f8696748498fc59a812ca4b47e1fb98a9b91ceadb19ad322a23edc0544b5a6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 37e0896aeb6737624b75c47c7acacddb |
| SHA1 | 3d1f6faa92beb82841784a3115fb905756821549 |
| SHA256 | 89e66ef60b459a03ddcd79ad942692d2fce8e794fee59bff8866a8ce5e54befd |
| SHA512 | cbc4dca85899b242458a290035bf9bc43d6d2e8e035918f9ac4a018210edc72fb79a12d996744297b4d4e9562a401278d5f519f5f6a0d002a865d7828b576050 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe58702a.TMP
| MD5 | fa54b4b0459c90247ddea314c915fd45 |
| SHA1 | da88849d1f1f2c14ec270a474ccfe88f672cf4f8 |
| SHA256 | 3a3b082c8ff3e4901812803b5116c9dcee7b27accab501a2a33a78d717e993fc |
| SHA512 | 8874575a885f92d740f6826e90a83267440701b6c5f456e3ad0c6c9ae5a0e59e4866c0300e4862a1f39c86ae647e18f0fd2ef0e4e072ab4901ece15ad1cf78c8 |
memory/7160-938-0x0000000074B00000-0x00000000752B0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b21bde61f1c30e2e1b2e2f2c96883393 |
| SHA1 | 38d3c941b0e2b82c4acd52488c2593b7082cd094 |
| SHA256 | 1365ea8e857a16a6a676cde1cf534c5576de6d7d1c32123fe8c5c1ef43a9bf0e |
| SHA512 | 33fc6438963e79de721ae50fdc68433ecff9290e84afa31d8d08b18100bbe10bdc02dacb73db28e5a16d79f1ef26b40cd454da188c3f3e0220cd565385f6c43c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b93b46bd-8c13-4451-bf8e-11f0f49dc698\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | dbb4b395fcea9520ddfc82c8a24be8d6 |
| SHA1 | a3458e9347a1abef04533c3b17bbb37a2d89b274 |
| SHA256 | 87610175cd52290c3ce1ad5da0f8f403c4f0c8585f3418f093bc3be6ffabe2e2 |
| SHA512 | d507f76998a03023fc70736f2a5c3efafe1520a18dd0f70e9e058dfabfda1372b61e5e5751bc48c244c5c3bb8d20c80d6d2633e7f4082d3acd45a40b4f8fb299 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 994ebd4c5d92291f7cd281dbaaf6140a |
| SHA1 | 28b3e6acd4f345e5e2cb8598a237f820b0995459 |
| SHA256 | 88a2da54d9b64b77983bf2f90da48fb6d9c266b9168e9fe7f7df621632a9a62c |
| SHA512 | 1ef190e653c51ddfd64e6002fab66db99e18dc226011fec014363d227f89e2fa51ba3224c2ae1bf94911fe33dc99a1a6afbf2ed60f6e3ddb5c137aeab7d1a60d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 9ced014e7dd01c9cca7114594489e0a6 |
| SHA1 | 38572f1416ed37b9183f250b5f01bf871a46c8c5 |
| SHA256 | 162aa428877b529625d24eb14176f81c09b7818ddd6c7cdb76df24329ec200a4 |
| SHA512 | d73dcf7825610e0f88e6044a94c21df8fff7ed4fbef8886a127be8f55b161b18f0bdd31ba453a8c60aa1d1c2cf689f563c684be302b8d2a626a68820d4897317 |
memory/7160-1061-0x0000000005820000-0x0000000005830000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ed335ccc4126ec858275595a166cdabd |
| SHA1 | c7f9cffaea89189eddec31dcd36817c58393f469 |
| SHA256 | 4edcad504667bdb70070a9ab16ed49c56ce03d8f202e4b3abfc648c8e24400b7 |
| SHA512 | a42794e1610177b9bc62a0692a2c0eecf1044b0d3926d5fd630cc2cc5ae4c41681a21fb29398dfd8638b25b95b21cadbb02a1e7bdbb268cc0a9ac7f36c58f799 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 99d2ae05982eae1cb9b0593d280699e1 |
| SHA1 | 0f849fd8ffc10e8f9cc4b97a6ed94008ab75d98d |
| SHA256 | 10f87f21de6c823dc7f87679be99407dbae01127edbff3508ef6694f3ec982f8 |
| SHA512 | 5bc2c04cd317c1d6c203fe2a8a93f1fef49faa5c571a752bb2be0d263150fc5827f9c04199ce33fc520d8223b050871ae2b55cb080b2986fb54f8537fad8b054 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f2de8641f84f9c1176e8d9cf72919dd1 |
| SHA1 | f14ff5b4d7680be403509d3219243d1a37a4bc15 |
| SHA256 | 2f29d48f2282fff10ef40bdf0fc165f46e9a161fcfb9f0baf653eef7c08647d0 |
| SHA512 | 719451a48c5d3c7eca76e7aacdd6c353d4a059fec44dee430559b89d83a4bbad6617e8c2117d5244b018489e1884bc95cdc057ba2007948e18885f2485d8fe2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\fa755384-5372-4f5c-ac1b-4d9a28f70af4\index-dir\the-real-index
| MD5 | 906bc7965d0e327cd339b3ce81dab882 |
| SHA1 | e47683d379a64b59eed2c15c818fe05ff3f0cb7a |
| SHA256 | 03d8785a5beb3f94feb09cbe34596724d6bed796001aea53dcc3fcdcffc11f5f |
| SHA512 | 777517975c3ad349ec36d4e1f3bc859bf861275a739659da726160fdb76103356d67a21fa14b4cee6820c4b8754d4fc1ad29bb132388f843845233df610e3501 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\fa755384-5372-4f5c-ac1b-4d9a28f70af4\index-dir\the-real-index~RFe58c109.TMP
| MD5 | b90dbf37b52bef0ac124048baf09447c |
| SHA1 | 11851b211bc8dd7fe47616d2e263c9f6ae73e77d |
| SHA256 | d21862e0ce25b3a131e20b113271db5af3cd0c90a943167541e97acfdb861798 |
| SHA512 | 171c8c54399469731cfca2f7a0db50bbc86f61ff9430b7a563a15820604668faeeaf75285e1ce53b9c4f9362bc90771fa56c2bca4c6187c9b5b019c15ad5e9fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 683530d8bb9030f816b66c0c056aec2b |
| SHA1 | 3d4bceccf259ff474c15392884bcd3f9cf109f85 |
| SHA256 | a608145ed4b74f8a6cf65e0555d8b079d878c2c547014d74105ef1d9a570cc98 |
| SHA512 | c44ae8c141b3b221538cc554cb796e4541476d1fb34276fd4c31250b91f5fc5ad67290aa5250a9468c9ccb1fcebe6aa4ba416a865f2701f1d147886e0d22810a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1f00ed09be047ec9e31ca7fef083f365 |
| SHA1 | eec717b0a7d3d8c4d7400c988bd3294d73f2441f |
| SHA256 | 2995a65d2543de2503065c127e43cc210e81666c5a870cdca8f875aa17523ef0 |
| SHA512 | 0919eb81a61a3da9bba3de3aa737c61bdae70d639d754598a6a47828a8c5d61b2ef5e8ff58b9af10ed79d236bea4a349c9367ea695c3eec305c68f9b8be149d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 982c7425b6fad4c7eebe5f4b20b0d897 |
| SHA1 | aa2c4a814290b185d17e94e6c7ab442eb2738bea |
| SHA256 | fc9cb6789c103225208f6319e1c49c41c8112177bbb7759044f47da485c21b51 |
| SHA512 | 79f68841aa1759066a5f90a134f27481197668fe839c6081f35d1a2503c34e7cba0afe892341043c17edee4a139951ccbfc8a3c5155cab971ed05da1d9c0dd74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58d9e0.TMP
| MD5 | 7d4c7076347fed07ef4441784bfff8b1 |
| SHA1 | 0956ab4fffe107fd0188d9fb53b7e5b9d9056726 |
| SHA256 | 66ca8ba8f5c9d5e6e974c2f7997261ec25360f10d80f6f328bdff1ea5946dde7 |
| SHA512 | f69c8cca568b56a5612f5900313d2b65ae30be0d1f203dea84ba8d7a8231c4e23fb47bec29db0f44e8442beaa55e1d6878002bde946247222ede682610e0909a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 161499ec0c9179d1092ff1cc6488ce22 |
| SHA1 | 1b383e0aa2b601af3823f0ce0db1272252007eec |
| SHA256 | cf2f807d207e4c5b37e6c7ce6e8d2b08fc25a7df999f10299edeb00c271d3c58 |
| SHA512 | d58983d9b1a5f8d2805b790e03be303933b298d8f2cbad1cad9e0cecd97518d26623f5d8ef483939c98ad60f224f531c953ae92d1e74c227a64b25e95801e50f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a604c2e0-511b-4aa3-807a-63caa752f840\index-dir\the-real-index~RFe58e50c.TMP
| MD5 | e8220387d545b71af4ddf9e109cb913e |
| SHA1 | 2072998d5f43264a320680df3a01ed26c8e71f7e |
| SHA256 | 67d3e064ebf5e747b060021436ac4a08ec49e0479b9c208b54cc1a8191d19f15 |
| SHA512 | 75c903513c2af5ff4aca92753e59042f76c14f1e7d701474cd87d189a23c1b5f56bc2e960e94ef133d47a988299e474dd76eeb9c3c8fe9e630d3b8ef4969ee09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a604c2e0-511b-4aa3-807a-63caa752f840\index-dir\the-real-index
| MD5 | f59232dc40fb8a057aa9fcce16356c23 |
| SHA1 | 77d5f98186f05e8dd1e2aabed3525cb2abdf4507 |
| SHA256 | 29b0e116bd32379b9b636b71af151bbdfbcd404598b1e7bf9ca9a50f473ab52e |
| SHA512 | 568a722495c3f4fd80e9ad0b55d2cb9e943022b39bafa7c52d5e30053aaab75e5b9ada6702231f5b12e3b8c81dc16d5c5f46eaa3a011d9a47e8bfc24f00d3dfc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 5487f36b7019dc2096242098e13a220d |
| SHA1 | e920ea60e4bfd3e43bfa4368bb289351264bffd5 |
| SHA256 | ffb26dcef52806ceee08c117d193fe56a5c4f07a0be14e05987e4a0cff33d18b |
| SHA512 | 7a971ba6b833e8f51ecb7e985a0aecba8190e5f19568c3c7b536d6e8f1e30741fbbf1c9870a69e071d7fac60fe43c6b23799abe3cab67786e45b44ca30ebe1c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d7c51060f89a85b751e1fbde9eeb9fdd |
| SHA1 | b35c2bde2219cec065015dc9a59ad33f5ea721aa |
| SHA256 | 4faca606f8f3ed30233a771fd26383be17e7912b1541a8b49335b5927217015d |
| SHA512 | 531d1a360c1c48552c6dcdbbfbf967b4b1f5dc21b3a6af0e6664d87b870a7bd6942113f77f346cb465ff773167d871c985e0006d79c8540151060177ec3efac6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e7af8b6fee57fbc961a155488566d50f |
| SHA1 | 98a07178835e30a6ff8c23b8c728dfba82766c42 |
| SHA256 | debb27a3b98267b71ad130b683935eb27cea738e4ea51cfffc81d5aa2200fb9b |
| SHA512 | aa40c74b8c19962b2d262305f32e24e974d46663d3d003cce0bfec0ea9ab287e07d5156c666effde62761e82c9a29466ae6c403808e91845b4fc56a8b5994185 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\9c110f1f-9aa9-45f9-9249-30902e6921b3\index-dir\the-real-index~RFe592c85.TMP
| MD5 | 4d9476cf176925c23b32db4eb5e39efb |
| SHA1 | 7bf8e5d627eb76560b7c859276e0186366c2de6d |
| SHA256 | a02f674ec230da63d7091a7f5c8e80232ad313fb8794377148dc2804714fe524 |
| SHA512 | 1036d4512f0f1006bc408aeab8a2f356352a448917a408b1d2fefc56258adaa8848ded5448abc9da084f7a5fe0df76020c67bfd1a7f77159d99efb1b20d8bfcf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\9c110f1f-9aa9-45f9-9249-30902e6921b3\index-dir\the-real-index
| MD5 | 69dd402139a4ea589a040598d2de7c15 |
| SHA1 | 9ee9f191d1dfb26eb7981736bfec447e57e8ceda |
| SHA256 | 027b3b091e323e909fc39db4feee123803e3055d4c814e09e939f8a8e104fe93 |
| SHA512 | b84d3522b7432115af4125cc36403096cc761e925a9e7a9f55deefb8b77d097ad78e6ccd49b785c5563ce6d81f40fe90ecb0868e714e2eb4b9a9d8bb28e964a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 1e8143acda4f2793c588120d99205537 |
| SHA1 | 0e5e2dadd7b059532149c6aba8e3d633cc1a6b75 |
| SHA256 | eb9118c18a71693935630e0b314909b71fe7655b588c5de8234eaacb6d7a38d5 |
| SHA512 | de03b3d38152ba82ecee2a02afd86a682f92a62ef7fdb7fc9de12d424e2b835022048aa1bc1a5a0249f723e1f5a01dc9915ea51415c4072b038b324e4e1146c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d7a66731840ab1b279b6aea8ed2d3b03 |
| SHA1 | 4018ae33092d948c13dc31e10d91b4ae6ef4ccd0 |
| SHA256 | 9d8ff69735025b8396a14a75672f60ba36bb405a6dc41ff724cc07ba7b50dcb8 |
| SHA512 | 5a8736c4dde781d08e1087ac8f5b45a7ac88862b87efb2a135c285f94e0753aa563f2907315ac389690229e8618ceecea1f6938f4face35c47ff98c76558d273 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f0e90069113177398cdd34be1673460b |
| SHA1 | 7f445209a7cfada976018efe7fb280a8a14ed22f |
| SHA256 | 24449e27a919c3b8b8d8c3bee4da9bbcb23eaaec3665ac901d98eb684e20c90d |
| SHA512 | 841f5d8433198e7eac4668855c08290316eeda70dee41c4e690b7a954c4e389149e4e38986140ffc4777e751a61153ec2183dd80de82678e69afb26e5a8ae281 |