Malware Analysis Report

2025-01-02 05:02

Sample ID 231111-lsyw5sch4x
Target 123553d6a89bb8e12bf1f7d2bc48ddaa03e210cdebc244a030cbd863179f7ce0
SHA256 123553d6a89bb8e12bf1f7d2bc48ddaa03e210cdebc244a030cbd863179f7ce0
Tags
mystic redline taiga paypal infostealer persistence phishing stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

123553d6a89bb8e12bf1f7d2bc48ddaa03e210cdebc244a030cbd863179f7ce0

Threat Level: Known bad

The file 123553d6a89bb8e12bf1f7d2bc48ddaa03e210cdebc244a030cbd863179f7ce0 was found to be: Known bad.

Malicious Activity Summary

mystic redline taiga paypal infostealer persistence phishing stealer

Detect Mystic stealer payload

RedLine payload

Mystic

RedLine

Executes dropped EXE

Adds Run key to start application

AutoIT Executable

Detected potential entity reuse from brand paypal.

Suspicious use of SetThreadContext

Unsigned PE

Program crash

Enumerates physical storage devices

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2023-11-11 09:48

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-11-11 09:48

Reported

2023-11-11 09:51

Platform

win10v2004-20231023-en

Max time kernel

149s

Max time network

153s

Command Line

"C:\Users\Admin\AppData\Local\Temp\123553d6a89bb8e12bf1f7d2bc48ddaa03e210cdebc244a030cbd863179f7ce0.exe"

Signatures

Detect Mystic stealer payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Mystic

stealer mystic

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\123553d6a89bb8e12bf1f7d2bc48ddaa03e210cdebc244a030cbd863179f7ce0.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\pl7Pb35.exe N/A

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Detected potential entity reuse from brand paypal.

phishing paypal

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2080 wrote to memory of 4832 N/A C:\Users\Admin\AppData\Local\Temp\123553d6a89bb8e12bf1f7d2bc48ddaa03e210cdebc244a030cbd863179f7ce0.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\pl7Pb35.exe
PID 2080 wrote to memory of 4832 N/A C:\Users\Admin\AppData\Local\Temp\123553d6a89bb8e12bf1f7d2bc48ddaa03e210cdebc244a030cbd863179f7ce0.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\pl7Pb35.exe
PID 2080 wrote to memory of 4832 N/A C:\Users\Admin\AppData\Local\Temp\123553d6a89bb8e12bf1f7d2bc48ddaa03e210cdebc244a030cbd863179f7ce0.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\pl7Pb35.exe
PID 4832 wrote to memory of 4136 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\pl7Pb35.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe
PID 4832 wrote to memory of 4136 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\pl7Pb35.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe
PID 4832 wrote to memory of 4136 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\pl7Pb35.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe
PID 4136 wrote to memory of 1028 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 1028 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 4404 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 4404 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 1048 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 1048 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4404 wrote to memory of 888 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4404 wrote to memory of 888 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 3696 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1048 wrote to memory of 3696 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1028 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1028 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 4936 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 4936 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4936 wrote to memory of 4416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4936 wrote to memory of 4416 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 1772 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 1772 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1772 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1772 wrote to memory of 3040 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 2168 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 2168 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 4352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 4352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 4656 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 4656 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4656 wrote to memory of 1348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4656 wrote to memory of 1348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 3780 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 3780 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3780 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3780 wrote to memory of 3284 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 1504 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 1504 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1504 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1504 wrote to memory of 4552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 4436 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4136 wrote to memory of 4436 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4436 wrote to memory of 4232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4436 wrote to memory of 4232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 6176 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 6176 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1028 wrote to memory of 1336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1028 wrote to memory of 1336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 6176 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 6176 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1028 wrote to memory of 1336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 6176 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1028 wrote to memory of 1336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 6176 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 6176 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1028 wrote to memory of 1336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 6176 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1028 wrote to memory of 1336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 6176 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1028 wrote to memory of 1336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 6176 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2168 wrote to memory of 6176 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\123553d6a89bb8e12bf1f7d2bc48ddaa03e210cdebc244a030cbd863179f7ce0.exe

"C:\Users\Admin\AppData\Local\Temp\123553d6a89bb8e12bf1f7d2bc48ddaa03e210cdebc244a030cbd863179f7ce0.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\pl7Pb35.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\pl7Pb35.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdf77b46f8,0x7ffdf77b4708,0x7ffdf77b4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x80,0x84,0x88,0x78,0x8c,0x7ffdf77b46f8,0x7ffdf77b4708,0x7ffdf77b4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ffdf77b46f8,0x7ffdf77b4708,0x7ffdf77b4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdf77b46f8,0x7ffdf77b4708,0x7ffdf77b4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdf77b46f8,0x7ffdf77b4708,0x7ffdf77b4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdf77b46f8,0x7ffdf77b4708,0x7ffdf77b4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x80,0x16c,0x7ffdf77b46f8,0x7ffdf77b4708,0x7ffdf77b4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdf77b46f8,0x7ffdf77b4708,0x7ffdf77b4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdf77b46f8,0x7ffdf77b4708,0x7ffdf77b4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffdf77b46f8,0x7ffdf77b4708,0x7ffdf77b4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,13574708586862128099,6301555463533425217,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13574708586862128099,6301555463533425217,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,14298360681943881203,18311745633816147264,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,2535490895562472140,15674261963150732701,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,14298360681943881203,18311745633816147264,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2208 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,2535490895562472140,15674261963150732701,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1944,7961172840932094672,4862297714053642761,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1960 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,13223957781812983433,15851578625714609931,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,6483959150311889520,18388722202797487786,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,8217325595294062350,3955773719382433574,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,6483959150311889520,18388722202797487786,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,13223957781812983433,15851578625714609931,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,8217325595294062350,3955773719382433574,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2672 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,12443856149500518685,1432882770368559543,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1944,7961172840932094672,4862297714053642761,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2440 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,12443856149500518685,1432882770368559543,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,8288189159818794885,9779816316425188522,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,8288189159818794885,9779816316425188522,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\11HG4511.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\11HG4511.exe

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\12zc957.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\12zc957.exe

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 8284 -ip 8284

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 8284 -s 540

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6696 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6696 /prefetch:8

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4448 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,16628614743521580306,16412429186129010587,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8616 /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 64.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 121.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 39.142.81.104.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.200:443 g.bing.com tcp
US 8.8.8.8:53 146.78.124.51.in-addr.arpa udp
NL 142.250.179.141:443 accounts.google.com tcp
US 8.8.8.8:53 141.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 twitter.com udp
US 8.8.8.8:53 www.paypal.com udp
US 8.8.8.8:53 steamcommunity.com udp
US 104.244.42.193:443 twitter.com tcp
US 151.101.1.21:443 www.paypal.com tcp
US 8.8.8.8:53 www.facebook.com udp
NL 23.222.49.98:443 steamcommunity.com tcp
US 8.8.8.8:53 21.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 193.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 store.steampowered.com udp
NL 157.240.247.35:443 www.facebook.com tcp
US 8.8.8.8:53 www.epicgames.com udp
NL 104.85.0.101:443 store.steampowered.com tcp
US 18.205.121.43:443 www.epicgames.com tcp
US 8.8.8.8:53 98.49.222.23.in-addr.arpa udp
US 8.8.8.8:53 35.247.240.157.in-addr.arpa udp
US 8.8.8.8:53 101.0.85.104.in-addr.arpa udp
US 8.8.8.8:53 43.121.205.18.in-addr.arpa udp
US 8.8.8.8:53 14.36.251.142.in-addr.arpa udp
NL 142.250.179.141:443 accounts.google.com udp
US 8.8.8.8:53 8.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 195.179.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 131.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 100.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 abs.twimg.com udp
US 8.8.8.8:53 api.twitter.com udp
US 104.244.42.130:443 api.twitter.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 pbs.twimg.com udp
US 8.8.8.8:53 video.twimg.com udp
US 8.8.8.8:53 t.co udp
NL 199.232.148.159:443 pbs.twimg.com tcp
US 104.244.42.69:443 t.co tcp
US 68.232.34.217:443 video.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 17.14.97.104.in-addr.arpa udp
US 8.8.8.8:53 141.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 130.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 159.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 217.34.232.68.in-addr.arpa udp
US 8.8.8.8:53 69.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 158.240.127.40.in-addr.arpa udp
US 8.8.8.8:53 community.akamai.steamstatic.com udp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 88.221.25.153:80 apps.identrust.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 169.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 153.25.221.88.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
NL 142.250.179.150:443 i.ytimg.com tcp
US 8.8.8.8:53 150.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 106.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 tracking.epicgames.com udp
US 8.8.8.8:53 static-assets-prod.unrealengine.com udp
US 44.214.245.214:443 tracking.epicgames.com tcp
US 18.239.36.73:443 static-assets-prod.unrealengine.com tcp
US 18.239.36.73:443 static-assets-prod.unrealengine.com tcp
US 8.8.8.8:53 static.ads-twitter.com udp
NL 199.232.148.157:443 static.ads-twitter.com tcp
US 8.8.8.8:53 73.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 157.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 214.245.214.44.in-addr.arpa udp
US 8.8.8.8:53 store.akamai.steamstatic.com udp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 176.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 www.paypalobjects.com udp
US 192.229.221.25:443 www.paypalobjects.com tcp
US 192.229.221.25:443 www.paypalobjects.com tcp
US 8.8.8.8:53 25.221.229.192.in-addr.arpa udp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 10.5.240.157.in-addr.arpa udp
US 192.229.221.25:443 www.paypalobjects.com tcp
US 8.8.8.8:53 facebook.com udp
US 157.240.5.35:443 facebook.com tcp
US 8.8.8.8:53 35.5.240.157.in-addr.arpa udp
US 8.8.8.8:53 www.recaptcha.net udp
NL 142.250.179.163:443 www.recaptcha.net tcp
US 8.8.8.8:53 163.179.250.142.in-addr.arpa udp
NL 142.250.179.163:443 www.recaptcha.net udp
US 8.8.8.8:53 fbcdn.net udp
US 157.240.5.35:443 fbcdn.net tcp
US 8.8.8.8:53 fbsbx.com udp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 254.105.26.67.in-addr.arpa udp
US 8.8.8.8:53 c.paypal.com udp
US 192.55.233.1:443 tcp
US 8.8.8.8:53 t.paypal.com udp
US 151.101.1.35:443 t.paypal.com tcp
US 192.55.233.1:443 tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
NL 23.72.252.176:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 35.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 login.steampowered.com udp
NL 23.222.49.98:443 login.steampowered.com tcp
US 8.8.8.8:53 b.stats.paypal.com udp
US 64.4.245.84:443 b.stats.paypal.com tcp
US 18.239.36.73:443 static-assets-prod.unrealengine.com tcp
US 8.8.8.8:53 dub.stats.paypal.com udp
US 64.4.245.84:443 dub.stats.paypal.com tcp
US 8.8.8.8:53 84.245.4.64.in-addr.arpa udp
US 8.8.8.8:53 api.steampowered.com udp
NL 23.222.49.98:443 api.steampowered.com tcp
US 8.8.8.8:53 c6.paypal.com udp
US 151.101.1.35:443 c6.paypal.com tcp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 talon-website-prod.ecosec.on.epicgames.com udp
US 172.64.146.120:443 talon-website-prod.ecosec.on.epicgames.com tcp
US 8.8.8.8:53 120.146.64.172.in-addr.arpa udp
US 104.244.42.130:443 api.twitter.com tcp
US 8.8.8.8:53 sentry.io udp
US 35.186.247.156:443 sentry.io tcp
US 8.8.8.8:53 156.247.186.35.in-addr.arpa udp
US 8.8.8.8:53 talon-service-prod.ecosec.on.epicgames.com udp
US 104.18.41.136:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 104.18.41.136:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 8.8.8.8:53 js.hcaptcha.com udp
US 104.19.218.90:443 js.hcaptcha.com tcp
US 8.8.8.8:53 136.41.18.104.in-addr.arpa udp
US 8.8.8.8:53 90.218.19.104.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 172.217.168.226:443 googleads.g.doubleclick.net tcp
NL 172.217.168.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 226.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 youtube.com udp
NL 216.58.214.14:443 youtube.com tcp
US 8.8.8.8:53 14.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 www.epicgames.com udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 227.162.46.104.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\pl7Pb35.exe

MD5 66984c84b2f4861051220ffe3f5d8906
SHA1 107f22b5fbd0c757434992402c8417c925b8c23b
SHA256 47c22d6c0baf1acd417cda5df0e08ffae07b608d76003362d6486715c5c7d800
SHA512 27f2717f819333837553c8f36fc3bf7f66b2cbae010d2af601f8456b637a758eeb02a41c40626945aadd3243279500ca02f0bb7594a6ed3716e81220753a1057

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\pl7Pb35.exe

MD5 66984c84b2f4861051220ffe3f5d8906
SHA1 107f22b5fbd0c757434992402c8417c925b8c23b
SHA256 47c22d6c0baf1acd417cda5df0e08ffae07b608d76003362d6486715c5c7d800
SHA512 27f2717f819333837553c8f36fc3bf7f66b2cbae010d2af601f8456b637a758eeb02a41c40626945aadd3243279500ca02f0bb7594a6ed3716e81220753a1057

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe

MD5 a83abfcc2b11048a03269a64aa8130ae
SHA1 20811c724071836a917f87cad122bd5dc87d1b27
SHA256 fa7946d7ee589e2076385833fbd6465b4799b4c458e7a2d4851c5c5e086be9b9
SHA512 f4c76c838101cbfc2e621716c549e7879e9bccd2521e6e4bbdf7b29bf80397c0db0de8fc040a27de052a1fed6c1834f23e244684c2d3180b865c16396f068134

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\10ow79Zd.exe

MD5 a83abfcc2b11048a03269a64aa8130ae
SHA1 20811c724071836a917f87cad122bd5dc87d1b27
SHA256 fa7946d7ee589e2076385833fbd6465b4799b4c458e7a2d4851c5c5e086be9b9
SHA512 f4c76c838101cbfc2e621716c549e7879e9bccd2521e6e4bbdf7b29bf80397c0db0de8fc040a27de052a1fed6c1834f23e244684c2d3180b865c16396f068134

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a87c8dba0154bb9bef5be9c239bf17
SHA1 1c653df4130926b5a1dcab0b111066c006ac82ab
SHA256 5071c9de822e09f2182f66ab806551c02f87e20d160a4923ca1d9763194f2cb5
SHA512 bb4f876fc8a88e480d2d82062b003d2769b75a6cb1a960173bd6b34925a27b1189402677d9124b6445ded6edc3a07ff0e314b71150684e96bc6614185c2e2f49

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

\??\pipe\LOCAL\crashpad_4656_LQODPSVXPFRHFIKW

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_1048_WGKANNNSATXTBRZV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4436_LJWNBNHOISIPULPC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4936_HHWVODTKCKZLXUYS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_2168_WDODFAEWGVGFLSJL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_1028_GESFGHHECCBDVLUS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4404_TWFMTJQZHROPVAWO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_1772_TIOZSPHXLZNXRZVA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_3780_GUAZNWJJHTJLZSMN

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_1504_NRWRTQWUKOMHZZQC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f4787679d96bf7263d9a34ce31dea7e4
SHA1 ebbade52b0a07d888ae0221ad89081902e6e7f1b
SHA256 bfcadaffd49f5351acf68b8249b32270424bc2459125818492cd3224662a9a87
SHA512 de3f3d1cd602bddb664bd0d2aecb661204dd239b278b1f03d6b9dca6f3d03bd3041ac42f4382f5edf5b310b17ff9ecddff59f16729e8c095625040a364252307

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\936a846e-0bda-42f8-aaae-be1321c4d0bd.tmp

MD5 0af37a229d04fe8c31d8e40296e22655
SHA1 318942fbc82dbf025f6b62a5c757dca7bfd45609
SHA256 953bafeecb2c77437786c3efa696b1490ee99220735af6ea6686c00e48dca7ef
SHA512 4661cf4fe0425d8e5c3f0086c32d3089a02ef98c1e5b79e4e350d0defdb113dd059b9f85a4d9f09106b40fef2a98a1f23919dbd96aa66c1a7f4fcf37e3915e5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c3240fdbacbdda7c99a1a19185abdcdf
SHA1 c49840a8e4bd15aa1f3d4a852bbae807d888173f
SHA256 45d99c720f0bf20d1ff0e08667a4cb7da2b9b35d90ad81bc7d67272dc72f130b
SHA512 424b5c712b3d6f8a5fb61571ee104ab16e9fb0f940dee5735255d437a06b5574b8d1756d75d93ce8f32b99f869bca142e86edd7dad571ae909ee6bdc94c025af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\dc0bbaf5-6967-48e9-aa02-011cc2e00805.tmp

MD5 f58b46bec02d4f56fb99fd40297f72e0
SHA1 8b060b2039d5600ef682b27d9d8304536f3acb37
SHA256 2090d99772775ee5f14b08d67e1561d033cdefbfbe8096691a3426ac3a515bf3
SHA512 c6db4232dbc3f21826bfad15122d1820db9689576856c50ba58ff0a0f23e845f09c01c26fefcdefa7437008a3b1846045a62f8610ad2072ed100f7d5a2e1e217

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c3240fdbacbdda7c99a1a19185abdcdf
SHA1 c49840a8e4bd15aa1f3d4a852bbae807d888173f
SHA256 45d99c720f0bf20d1ff0e08667a4cb7da2b9b35d90ad81bc7d67272dc72f130b
SHA512 424b5c712b3d6f8a5fb61571ee104ab16e9fb0f940dee5735255d437a06b5574b8d1756d75d93ce8f32b99f869bca142e86edd7dad571ae909ee6bdc94c025af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\68b90a49-28e7-4c6b-9c63-c7678216e106.tmp

MD5 a10533497261aaa0b1c085d267d9d6dc
SHA1 519265f2b0a5bdc49cd7070fb8374bd173f0e05f
SHA256 47277622b6a824c00a2c07a9bb8d915adc2234d17a5a6a2c83e6b1c9e1e3f0c2
SHA512 59359f2dc9c3517aaaa85296c0e221b4ed79132d0239cddfbe367fa5ebd699da884b57d62eb131ebab96c212db02b51572838fd343bc612b42ea1c3f6fc8d524

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 185d6b72a909260fd491908c1c9fb964
SHA1 74c6d5e9e1644703f9d5d23f9334a6c0b0928df6
SHA256 456d38dca17aef32a54b72910990595f536533c9b8385abfa8fb51b1e9b2a75c
SHA512 d89d009775614cd0cc18f694306fa1825381a3689d6923b0186f94b07288160acdfdad4702fd5f6acc36950b21a23b875b3a2c42bcd1f2cd15bebab0ae21cd54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\fa04767e-9a2e-4eab-9d7e-8e4956d44f84.tmp

MD5 74b2d07e32d285836a1493ae37d429d3
SHA1 91fa10f1f6a9fda5383ffaf0ecbb5dda7650307e
SHA256 083c6efef2969f005090f87bfff8622eba6e0116866e199fed41ebc4740590b6
SHA512 8c65f483e84cdec5ef15ee7b78c4b5aff5558a210093ccf3b196747201e5e94f710812b79362034bcad022357f371ab53e3fa4bdf9074a5424f3c1c7cc77a601

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 185d6b72a909260fd491908c1c9fb964
SHA1 74c6d5e9e1644703f9d5d23f9334a6c0b0928df6
SHA256 456d38dca17aef32a54b72910990595f536533c9b8385abfa8fb51b1e9b2a75c
SHA512 d89d009775614cd0cc18f694306fa1825381a3689d6923b0186f94b07288160acdfdad4702fd5f6acc36950b21a23b875b3a2c42bcd1f2cd15bebab0ae21cd54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ddb4aa99-6ef0-45dc-a3cc-572814c6caa8.tmp

MD5 02b1ec300fe6765a612fdf82f603b971
SHA1 53568557d38c2e7dd56faf73ba9ac993988e6d40
SHA256 f94b75084ddeb4f7a88b8fd451c7753d6612c22a0e7cac98821b4534ec570df6
SHA512 c38dc0976d1a60ddcbe5b09436463aae30f9785304a180e69b6ae19e1a6eaf6e7d1bce1cc5ca95912bee8e3b8e432deb79e56f6629538c65455fe8f87cdf8369

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a1da09e200efbe7713911aa45d4a0048
SHA1 71f59c7478c8d3b04595d72c53568ac4362a793b
SHA256 1fd545596c0285de5ce1ee75e52d3e0610eda82c715a9e2b39e35f4f9c1f0314
SHA512 542d44c18319dc3bb34c5425f95e76f8bed8ae3f3212bdd14852e822b31990df944f272831d7618e0af203f3d0cf50555c2eb09266f277cb6fa5081ec4d806a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\9a1e7c34-4a89-4284-9e8a-14b178105f3c.tmp

MD5 afeb5c88651b03c70a54fe8c839563be
SHA1 6c8d122c6d8f173f4436e413b4cc798a2e235866
SHA256 b7e20714114009344041c680f9fc5df9fb4913ea4e1292cbdf514bba39b8283c
SHA512 9e8600d06ae60bf473c35f47d2b49981944e308402d8ca2c4b2e38659daea69aaf7051d202bc3164d12df789866993b1f03607805c2d7c63d70f2e5f02e81ae4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a10533497261aaa0b1c085d267d9d6dc
SHA1 519265f2b0a5bdc49cd7070fb8374bd173f0e05f
SHA256 47277622b6a824c00a2c07a9bb8d915adc2234d17a5a6a2c83e6b1c9e1e3f0c2
SHA512 59359f2dc9c3517aaaa85296c0e221b4ed79132d0239cddfbe367fa5ebd699da884b57d62eb131ebab96c212db02b51572838fd343bc612b42ea1c3f6fc8d524

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 74b2d07e32d285836a1493ae37d429d3
SHA1 91fa10f1f6a9fda5383ffaf0ecbb5dda7650307e
SHA256 083c6efef2969f005090f87bfff8622eba6e0116866e199fed41ebc4740590b6
SHA512 8c65f483e84cdec5ef15ee7b78c4b5aff5558a210093ccf3b196747201e5e94f710812b79362034bcad022357f371ab53e3fa4bdf9074a5424f3c1c7cc77a601

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f58b46bec02d4f56fb99fd40297f72e0
SHA1 8b060b2039d5600ef682b27d9d8304536f3acb37
SHA256 2090d99772775ee5f14b08d67e1561d033cdefbfbe8096691a3426ac3a515bf3
SHA512 c6db4232dbc3f21826bfad15122d1820db9689576856c50ba58ff0a0f23e845f09c01c26fefcdefa7437008a3b1846045a62f8610ad2072ed100f7d5a2e1e217

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 02b1ec300fe6765a612fdf82f603b971
SHA1 53568557d38c2e7dd56faf73ba9ac993988e6d40
SHA256 f94b75084ddeb4f7a88b8fd451c7753d6612c22a0e7cac98821b4534ec570df6
SHA512 c38dc0976d1a60ddcbe5b09436463aae30f9785304a180e69b6ae19e1a6eaf6e7d1bce1cc5ca95912bee8e3b8e432deb79e56f6629538c65455fe8f87cdf8369

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 afeb5c88651b03c70a54fe8c839563be
SHA1 6c8d122c6d8f173f4436e413b4cc798a2e235866
SHA256 b7e20714114009344041c680f9fc5df9fb4913ea4e1292cbdf514bba39b8283c
SHA512 9e8600d06ae60bf473c35f47d2b49981944e308402d8ca2c4b2e38659daea69aaf7051d202bc3164d12df789866993b1f03607805c2d7c63d70f2e5f02e81ae4

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\11HG4511.exe

MD5 d8426db33bc5acd752c917b8bd9aeb87
SHA1 0cc4f0b668b917b8bb57aeb4d32cbd6e6fdbf945
SHA256 1629a6920bef637bad4b6c074ea89c25cacf7e1740ca4426cbfc495a691a0a24
SHA512 d83233ef5ec90b675deeede182983076020a064363592808f30819883804d8f50700f5efcfe85ce43888511753f29de50340329c246ffe747b3a1d12a9bcba10

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0af37a229d04fe8c31d8e40296e22655
SHA1 318942fbc82dbf025f6b62a5c757dca7bfd45609
SHA256 953bafeecb2c77437786c3efa696b1490ee99220735af6ea6686c00e48dca7ef
SHA512 4661cf4fe0425d8e5c3f0086c32d3089a02ef98c1e5b79e4e350d0defdb113dd059b9f85a4d9f09106b40fef2a98a1f23919dbd96aa66c1a7f4fcf37e3915e5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\7170ca08-e82c-4b6d-936f-f1570c360ccd.tmp

MD5 a1da09e200efbe7713911aa45d4a0048
SHA1 71f59c7478c8d3b04595d72c53568ac4362a793b
SHA256 1fd545596c0285de5ce1ee75e52d3e0610eda82c715a9e2b39e35f4f9c1f0314
SHA512 542d44c18319dc3bb34c5425f95e76f8bed8ae3f3212bdd14852e822b31990df944f272831d7618e0af203f3d0cf50555c2eb09266f277cb6fa5081ec4d806a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a1da09e200efbe7713911aa45d4a0048
SHA1 71f59c7478c8d3b04595d72c53568ac4362a793b
SHA256 1fd545596c0285de5ce1ee75e52d3e0610eda82c715a9e2b39e35f4f9c1f0314
SHA512 542d44c18319dc3bb34c5425f95e76f8bed8ae3f3212bdd14852e822b31990df944f272831d7618e0af203f3d0cf50555c2eb09266f277cb6fa5081ec4d806a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a10533497261aaa0b1c085d267d9d6dc
SHA1 519265f2b0a5bdc49cd7070fb8374bd173f0e05f
SHA256 47277622b6a824c00a2c07a9bb8d915adc2234d17a5a6a2c83e6b1c9e1e3f0c2
SHA512 59359f2dc9c3517aaaa85296c0e221b4ed79132d0239cddfbe367fa5ebd699da884b57d62eb131ebab96c212db02b51572838fd343bc612b42ea1c3f6fc8d524

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 74b2d07e32d285836a1493ae37d429d3
SHA1 91fa10f1f6a9fda5383ffaf0ecbb5dda7650307e
SHA256 083c6efef2969f005090f87bfff8622eba6e0116866e199fed41ebc4740590b6
SHA512 8c65f483e84cdec5ef15ee7b78c4b5aff5558a210093ccf3b196747201e5e94f710812b79362034bcad022357f371ab53e3fa4bdf9074a5424f3c1c7cc77a601

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0af37a229d04fe8c31d8e40296e22655
SHA1 318942fbc82dbf025f6b62a5c757dca7bfd45609
SHA256 953bafeecb2c77437786c3efa696b1490ee99220735af6ea6686c00e48dca7ef
SHA512 4661cf4fe0425d8e5c3f0086c32d3089a02ef98c1e5b79e4e350d0defdb113dd059b9f85a4d9f09106b40fef2a98a1f23919dbd96aa66c1a7f4fcf37e3915e5e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 afeb5c88651b03c70a54fe8c839563be
SHA1 6c8d122c6d8f173f4436e413b4cc798a2e235866
SHA256 b7e20714114009344041c680f9fc5df9fb4913ea4e1292cbdf514bba39b8283c
SHA512 9e8600d06ae60bf473c35f47d2b49981944e308402d8ca2c4b2e38659daea69aaf7051d202bc3164d12df789866993b1f03607805c2d7c63d70f2e5f02e81ae4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e2a3a7c6b57f26495697d0fdd12c42b0
SHA1 05deaa9e40cefdbb2c413136b434303ca6ec133a
SHA256 cf7c455fb3a0f875ec89b4dcc2699033471345200b41e82abd7750d631f12464
SHA512 9df0c982d38e18ebb4eaac86673b966b7a38a783370a1964fdaa19d13b1675648fcc2066f5486490d5596efcbee9f98fcfe69ce27f3b31f9e1e5cbb8b6c1ebdb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 95641abbb10785840c81c65a3b9e68e3
SHA1 6589478885170e4f5b73b46f377312d334e2d966
SHA256 d76b34a27a3c48e08375ba7944c68ff82d40077681ea1211d9c208efda3e52d9
SHA512 6c161706a42e041dfb409578c6bbf5b9816c5bb7573d970293662c2bc4286bdf88808cc38a68bdfb5b404f7da69cc0b3f396fefad89c4b7ba389c636f7fdc29b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1d804d30e3587e3c798b2fb4aaf3ccda
SHA1 0e9cd7d23ecafac90823cedebe12f4b1dc67dbaf
SHA256 879c9ffdc85c7b9543ad9610caa905c673df2712d9ec4fefd07b2466a1e2a3e3
SHA512 13d6f14b98b00133866de95898520468a068749c9bd5cdf7ffe6a5ba55659bce46db4b1501f19336308a990867cd55d1d3cd11a3e42b7b24906fa663c7defbfa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 3a748249c8b0e04e77ad0d6723e564ff
SHA1 5c4cc0e5453c13ffc91f259ccb36acfb3d3fa729
SHA256 f98f5543c33c0b85b191bb85718ee7845982275130da1f09e904d220f1c6ceed
SHA512 53254db3efd9c075e4f24a915e0963563ce4df26d4771925199a605cd111ae5025a65f778b4d4ed8a9b3e83b558066cd314f37b84115d4d24c58207760174af2

memory/8284-406-0x0000000000400000-0x0000000000433000-memory.dmp

memory/8284-407-0x0000000000400000-0x0000000000433000-memory.dmp

memory/8284-408-0x0000000000400000-0x0000000000433000-memory.dmp

memory/8284-410-0x0000000000400000-0x0000000000433000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 47f1c5bf02cfd38936313e9af466efb8
SHA1 613229170c0608dfa99687377c69ab689a18f28d
SHA256 7f42b0ff3fafb83d9cc11c19a24d86477856c296af18d732af6d3d0bac7f4d26
SHA512 27d0203ded1c4c1aa7e9eaaa6ac5428312104262fd38c64185003716eafe66aa608ccf173ec4752ce2db9154f587f778f1ec0875b943d2680eb19d6451358c28

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b3614ccfccfb0b18bcfef85b251e3731
SHA1 0b5b9ba6c82c43e0c106a9ba8ab3fcc2ebe7317a
SHA256 02d34bc1f1a715226710954ab78d70fdc12d69c30e3b0211c1dc81b3e96aaf81
SHA512 7ac7424b6594ea4c8d6feb47b005bc40062fb78176e50b1b7183c32b6c783e5e43754e97521b4119008b3fdc5d337d00781b269425d2cc625449618ee02ab918

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

memory/6140-458-0x0000000000400000-0x000000000043C000-memory.dmp

memory/6140-460-0x00000000745F0000-0x0000000074DA0000-memory.dmp

memory/6140-469-0x0000000008380000-0x0000000008924000-memory.dmp

memory/6140-471-0x0000000007E70000-0x0000000007F02000-memory.dmp

memory/6140-476-0x0000000008010000-0x0000000008020000-memory.dmp

memory/6140-479-0x0000000007F20000-0x0000000007F2A000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58abcb.TMP

MD5 8a08201a35fcd1a9a5c3cb7cbbe61f63
SHA1 572041f59013e73901fff9b3c49c3d3474aa9354
SHA256 012645de99c45fe89cbe2e7f93a62c9528c0e8a6dcdd6507e9e4271276a2616b
SHA512 3221409a95aac49630edde44c439931685c7e6d2d8d6ab449db942079a2eafe58bc89cee6987c6d52c02dbb1cbb1d1b50a72afa439cc2459e8b0b6c5930bebc8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1c12c27e-b31c-459a-a650-b081aec780bc.tmp

MD5 b844a96f4a89fc886c5d24bd2b2a50de
SHA1 f7bae65045c659e9203830ca0ee269b08ca3b83f
SHA256 f698af01ab722eb279e4fab154fb1d21d63e420ef487de3cd38626f5c4c20dba
SHA512 bc8c9a4017572630d31dcb8a92334f4c4034e30fdbee8c0dafb0d5b63d50061867c95716d9ffcd3dda795d128725cea43450fe6f96695d41bcc454ec99128cc5

memory/6140-514-0x0000000008F50000-0x0000000009568000-memory.dmp

memory/6140-517-0x0000000008220000-0x000000000832A000-memory.dmp

memory/6140-520-0x0000000008110000-0x0000000008122000-memory.dmp

memory/6140-521-0x0000000008170000-0x00000000081AC000-memory.dmp

memory/6140-526-0x00000000081B0000-0x00000000081FC000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

MD5 6a42944023566ec0c278574b5d752fc6
SHA1 0ee11c34a0e0d537994a133a2e27b73756536e3c
SHA256 f0ac3833cdb8606be1942cf8f98b4112b7bfd01e8a427720b84d91bdc00dde65
SHA512 5ebdf0d7ec105800059c45ece883ce254f21c39f0e0a12d1992277fe11ef485de75d05827fbbabb4faf0af70b70776c02457873e415ade2df16b8ba726322935

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 fdbf5bcfbb02e2894a519454c232d32f
SHA1 5e225710e9560458ac032ab80e24d0f3cb81b87a
SHA256 d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c
SHA512 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 4e08109ee6888eeb2f5d6987513366bc
SHA1 86340f5fa46d1a73db2031d80699937878da635e
SHA256 bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339
SHA512 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bbf85488f054328557bf637f4e0bdef4
SHA1 4b0096d6eabf9e9b7f94c1486cf2eaaf85a4a82f
SHA256 809a8981a9922329acd7118c3b1e2fe4d42f96af6475005c6191caa1eca087e4
SHA512 fd0ab96052bd711d7b4c4e2bfd6ef701bd802abf1f12bf7c48ce3604bbada00622dff8aac001e61dac24445bc25d1bb9e3b3405841cc9aa938093ca852e3f4c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

MD5 740a924b01c31c08ad37fe04d22af7c5
SHA1 34feb0face110afc3a7673e36d27eee2d4edbbff
SHA256 f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0
SHA512 da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c

memory/6140-798-0x00000000745F0000-0x0000000074DA0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 016cc2256f9207f16a68982cc718cc78
SHA1 a3fb1e33891c39f54cd11c8ad99a6e2949dd7c62
SHA256 07761354620c4180848a9ebbef27e1104afaae02a03a6aee5cf812dcb68cd5f4
SHA512 d5379855b33ca351ed2d8c91465d8b4dcb057c208cf9dbaa8775c73b28394f7bae81195fd630111c87b2bebb51236c35875d32faf615bf7f01b13033009565e7

memory/6140-836-0x0000000008010000-0x0000000008020000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 92e1c8d7ce990f981d68054aa0d32d22
SHA1 3f001ef68448dd121e088a22900e25de3448eedb
SHA256 8e525b0e3abc0666d434522064103f64f2621a29f13bc7f89b0708589869079e
SHA512 a8ffc99ffc8ca79f217572ebab68c3423d177c49cffcdb755a5ada5f18b9d097707ab92dd27c13a054a17ff33fe63045dcf41659e9a2a57544636239b8a9ce62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1498c07ae346b749cee4716afabecab2
SHA1 7febe445aa58f8ce78730b481d62c24a127978fa
SHA256 939ca294bff448b39c9a04ca8a4cd5ac2c0398a8c9dd7b7fc266c0bc4eed2892
SHA512 e4fe86430143d757ac14d0db35cd1c4b2a5bb191b282fb216b29c30c9c9f1e5f4327a3b4f81d4795d41b16896aa817fd94d2aae9f8a28b3c14185c2ab0e144e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

MD5 5d0b4852266ff18c852b6a35d03ae20d
SHA1 8d33924730c1012190b3c4bcbb7fa082ef3365a6
SHA256 bcb85bb08362e1754abb609916e244d355584d6baf7ef7e8ac5db0fc960d01cc
SHA512 9376bea5a3146127bc9811512796aad3f147b02e1672806f4914a10e03575507106377414c7d4fc905aab658a2a9491e32443db3fb1e2208cc8a62627120ff02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe5929d5.TMP

MD5 64a0f1ca6dd0f16de75f8c75a649d041
SHA1 1c3a1248bf9b8e6de4195bc2fa54225003099ab9
SHA256 69d5d98d4a87c57d57b9e6631ca2aa851b95f442a93aec947c3053dcf999801d
SHA512 e0b27d05429980af012fd754e3dc1cc2d30a6888ada920b1e8eeb7102b1dec5c4a2961a41675729d2b051dea5e43abac45d9d727385e4ea5a25ece8a4ff58040

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e5ccf8fc-14bf-40cb-9c96-4d33c6a834ac\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 cb40fac87e8db9fd1b2d570ff64d1cb0
SHA1 57b537a77309ec86b670c3219923123dd7c94abe
SHA256 07c64c06fd17220cca0310c50dcd050663b633ad84b90278d5f730c36726754a
SHA512 8da3059c65b19cb2e998f8dc0189725b3a7ca5718b822b674f96f7d6bd6ee1867221687587238d4e9138e5df39fd962db5a7ccb24a28d82fd4c033221e322b7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a7373d723919ced6a3068a948253a6f0
SHA1 cce840b8f0de9adc59657a1f54199b236ddc9353
SHA256 068ed8ba3bfec0acf8e1eaa8a31a7715a4b889bdbe17f053edfff5601ffcf447
SHA512 d7d70e425006079991d9b00c9973ed7a1a726870c0b598823b6e61e2d81892eb25ce76bb5faf12675f5b2e014585abd9f046b9df6c19e4950da87a60e1208737

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d114730926e6f3e52c23efbbf17afbaf
SHA1 6d539be0e729d411f637648eb180c53e880b9a3d
SHA256 2a33b3d515f5d90a3a63425a689b3b2d773554d73f1ea08617ad9fdf4b5f8095
SHA512 092768fe4d1da35357f21f8948701c2cb85d69d00574cd9714d6b3a48e5c28862f4a4928506b9745338c69a68b8502201cff8cee191c2f48fcfce0ca3a455556

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 cb736b22c66eb1c07ed01eecb8295612
SHA1 4ff1f47d8be78d0426b7e08b109db7ac7e403973
SHA256 41040a066c79016422b5e090229fb1929d921954cbebc9470aef2dfbfdfc5dd9
SHA512 f759303c325301a66c550eb4e4886b2f2cf537487393cea332b4bed662d2f34d5148f7215c1d069628f29e2511fc024e214dd3e189c24bdd5ef8c4bcc97743e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 515e130a70ad9ee3c462276fe8587563
SHA1 2fff95b27652414831049c2a58e49182934d32a2
SHA256 854e63d24b952a43af9fec705416fbc77130d607869536bacbb6158f1fa2045a
SHA512 7a35ae1042882ab00351775084dcd8da2fdf4fbca317c1217adb6215ca8e5862cd677f1c0a3d9e68e66a2e083cefc7acff9a35f8b04e1eb6bdfb3a50387d948a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ca9786a9baf8b4eb256ae5c3fe1680b3
SHA1 690c6b499d2304bfdfbb6e459c870af60946ce1b
SHA256 4c36400b73690182436f6c820fc5270fe712309fe744978cdfdc4ece69cc01b5
SHA512 32f99e924d1f368f9020abd9c7b85d7b93bac1bde6f0c27ae1bdb42eec170f563495c13065483458e3b83fab27bdc458e452eb046a5cccb5bd89a0f104b07c9d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 abaca203b7ac388fce92085651f7e844
SHA1 2d00fd5c688564e4a70c758680f1f012f615c0de
SHA256 3e107f51a307197281d6753dea6f42d4b316c3af1109fc48254c408326cfed6a
SHA512 7132ae4b58a93d27fa044407142d2bd34a15b9d540c7f87927c77ca6149fb07687edb0dd4656dbaca26d57d962418ccea639b91e37db1eb76d2efef7e2d54dec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\503afdab-b6f8-4630-a05d-4e4c5c237897\index-dir\the-real-index

MD5 697031091511e36b020d8ce586964f44
SHA1 954553e34c363e2201f46d17859454006a9636e2
SHA256 44eb2a03b49f362a22dda74bdaec0c296011955dbfb5e7f00c170fd993b010db
SHA512 9dab7d3ec686a864e42018144aaff39b4aacb761c0632469c3d69a05d5a705cccdfdd1078e897210ae0909331eb5d0d3dc9e8fe78847ed7c014e42348c1073b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\503afdab-b6f8-4630-a05d-4e4c5c237897\index-dir\the-real-index~RFe597b7f.TMP

MD5 11c0da627a1f9d718d09bc12aa1e37ee
SHA1 e27038588ea88b853851d6a270006109fe3b06de
SHA256 154d36917478b02b9773b1408c5732a03cd54ccd22053e99e6a9d2eb667eff01
SHA512 f1ee055f52042c0a68986f92db1efa29252e86ab69df82448bdc12175ad755e9b6d4a6e05b87a80ddf3965bd6665a21b2f21c266e6721f2f8b1b86ca579e61f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 797f8cfd00be1f5f89957730a48c23dc
SHA1 3b24d17f08b9616f0f36e891452fb6fb7471c5d6
SHA256 fcbf3efe6adf68f163d8b0b4a84ffc4e9d4db48b0603aee3d4ef9213b8a47c53
SHA512 94690574d465d7c397c1b499409f00adaf487d9b986fc907aa1d718f1ea165d1f3ce19f1c6a7a829608c734401e65876ab9bad40d6deaa468459e07ff04f8499

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe599fd0.TMP

MD5 284240930ab7c5f0a0e5774b0d62a40e
SHA1 c90e51f32a67cad629431f7081ce79ae7bbd8194
SHA256 7180105e55b18d7fcf76cb550c661860f5d3dd709ca537f73b2853dc394c57d0
SHA512 84e9718d8e73261370f7ff7ea6c4ae941824a65c705b5122ed1db42a25838b456c57b905e7ccc66d06b09f9bb63b4f8e4e26e71a840891e0642cf562df4cd452

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d5766f55eaa29aef14b5694ce1abc74c
SHA1 36f58fd32572477a4f637ded871440089ea9461f
SHA256 b84c8ad0e91ac94b5f3d75020bad789fb19d3ceb0298989cddd6bea786f34093
SHA512 f39fcb3f8b0c9384650783c7099a0f23c9bb38402f1a6821b6b1e5baf811d429e9e4ed003a1b862e40d1ffef3d550ec2c9b3c817c0700a3c970b1b59aa577921

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c92cc9337d0af4ddcee95645f69f0c9a
SHA1 2779bedb6049d47bf5dae3784f9287ebac109d39
SHA256 f48ae4c060051dd92fa9c4176b4f02b68f9ab0fe9d1bed2c6acd5a938aa28a5a
SHA512 4eb32186ed3dc04dcab3c1b308a16e5ac5a373de38dfc5ae65a6d8e89280c16ea9b151eebed8c61eba21eb46ff59cafa9d1a255cc6ceaca7389e4e516ed3980a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\dd015dd8-d26a-4f2c-9a72-300621f29afe\index-dir\the-real-index~RFe59b2ac.TMP

MD5 deca6e7446c0a1f0a7f1800d14d9c246
SHA1 8e5e11d1458ec29770e1eede861d63c5e57c614e
SHA256 b192020191abfa1040c5f96f4c1faf670c808b809aaed25f4fcf3d74147cdadf
SHA512 742f4ec24bb397044d83eaf51fa725257fa53403179416d070cfb684845bb425511906549601b8a0ee227a651cbe7ebb9f1ededcd1b6a48145c54e2dab28533c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\dd015dd8-d26a-4f2c-9a72-300621f29afe\index-dir\the-real-index

MD5 7ecff4ec69a6f31ea393f2611990988e
SHA1 3688c482e8ac01a8e5fe6f676838a5f70d90f71c
SHA256 d15153962a1699d97eced12fbd2a19cd04f9518d6c1f9a5aa55a7f889138b0df
SHA512 d343832ea421730323a5ea72214c8f30cb604b317e0c3d5f04c6074207fa13332da84ad86a90a4f90e18488783d997a8174f971ab93524d76bff766378342bdc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a107f91ccaee982730a04072d47a728d
SHA1 1514b8257b7da8dccc187e5c4cce423bc5b47614
SHA256 a3dbd8b55f8f173b55044b3d4bd7392df805d276dfeaaaafee62c8892dee2f3c
SHA512 7c2485ecad7d4bfd2457be7467be24be60b2f28b137218c7fc1b919b875ccb5ca7810e785bc46abf15939afe73506d34e17beef5f16cbbad1d4952fe0cb185b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\f97d3640-9311-4761-8625-301db1405b34\index-dir\the-real-index~RFe59d2d7.TMP

MD5 96144b0d906c8f45c41be87a579427e4
SHA1 4d03c6f6ba9804fff34ce497259bc734c3f6dece
SHA256 35ee01d58ca626a1bf06141debccd194155e70604fe882542c77811ac18d87d5
SHA512 012e05c493569fe7c959d8bd41c32683c963e0ae66c51b4b3b723637ed694ada94049d5f1cbc8b67b4c8039c3a7b2d9638ff0863288806ee823863047b59431a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\f97d3640-9311-4761-8625-301db1405b34\index-dir\the-real-index

MD5 bf63c072d767e58529f74c4f0baf7d19
SHA1 255d396c24df44365e8bd86b96fd976b47a5fce6
SHA256 465bb88310cfad33be1153c4adb76ceca24a183570d0701ab146235ee144f517
SHA512 166acea9e94983fbf2ce9d790c9d14c0972c54b5b6358f3d8bf3e1eaad140027341a482d3b75c07711e7e4a9d0adf82a71f62393889e1fad47e2e1308a747170

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

MD5 5cdcb79524663ab607d01a79634c4078
SHA1 5166dbeb84be019453b32dd339990a4e8a4fbd21
SHA256 f3945f8fc9d57167e37f21c17e23efe0f6d55208b7edfe2776c992a8553e37b3
SHA512 66e929635a4eefce17e6d088cee88295cbb6ddb9ba6cbb9296c81da9390d50841a624fff4f5b04e99df142a37979dcfb5913310d2ee565d05270b9f478879c6c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f6d948f4c5bdcc7e76f8c87df388a639
SHA1 3c3bdf74e7af31f1679763247ecd55017a1e2963
SHA256 0f834bd19ecf088f0e9d4f03f459607afca83fd7d3675d038f97870427c4add8
SHA512 40e0373cea2010120865f66160245425493b90b372fd7ddb70866994851f7b73d6874355f7b6fe0e2536c568422f0495ff036e122b469008558620ebf950a7d7