Analysis Overview
SHA256
1201bf878caa54aca39c6973c193210786509f098f5b9da23a03258cc278f5e3
Threat Level: Known bad
The file NEAS.1201bf878caa54aca39c6973c193210786509f098f5b9da23a03258cc278f5e3.exe was found to be: Known bad.
Malicious Activity Summary
Detect Mystic stealer payload
Mystic
RedLine
RedLine payload
Executes dropped EXE
Adds Run key to start application
Suspicious use of SetThreadContext
Detected potential entity reuse from brand paypal.
AutoIT Executable
Unsigned PE
Enumerates physical storage devices
Program crash
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-11-11 10:56
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-11-11 10:56
Reported
2023-11-11 10:59
Platform
win10v2004-20231023-en
Max time kernel
150s
Max time network
157s
Command Line
Signatures
Detect Mystic stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Mystic
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Yh6Of03.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1qQ56PL1.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2ax6990.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3Uw84AE.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\NEAS.1201bf878caa54aca39c6973c193210786509f098f5b9da23a03258cc278f5e3.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Yh6Of03.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 6240 set thread context of 7436 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2ax6990.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 6340 set thread context of 7628 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3Uw84AE.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\NEAS.1201bf878caa54aca39c6973c193210786509f098f5b9da23a03258cc278f5e3.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.1201bf878caa54aca39c6973c193210786509f098f5b9da23a03258cc278f5e3.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Yh6Of03.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Yh6Of03.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1qQ56PL1.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1qQ56PL1.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x13c,0x174,0x7ffb7f5746f8,0x7ffb7f574708,0x7ffb7f574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x150,0x170,0x7ffb7f5746f8,0x7ffb7f574708,0x7ffb7f574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb7f5746f8,0x7ffb7f574708,0x7ffb7f574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffb7f5746f8,0x7ffb7f574708,0x7ffb7f574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb7f5746f8,0x7ffb7f574708,0x7ffb7f574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb7f5746f8,0x7ffb7f574708,0x7ffb7f574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb7f5746f8,0x7ffb7f574708,0x7ffb7f574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb7f5746f8,0x7ffb7f574708,0x7ffb7f574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb7f5746f8,0x7ffb7f574708,0x7ffb7f574718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1992,11366813893929969020,12061653662945277803,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,10663434020185742643,15565253626469748505,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,10663434020185742643,15565253626469748505,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,18243676537074702680,482426940315281056,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,3868178955432265462,2428008039522481525,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,3868178955432265462,2428008039522481525,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1952 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1992,11366813893929969020,12061653662945277803,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,18243676537074702680,482426940315281056,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2952 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,6665063359848499883,13726757612348510528,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x40,0x16c,0x7ffb7f5746f8,0x7ffb7f574708,0x7ffb7f574718
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2ax6990.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2ax6990.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,11346683683925772275,11666175362848063901,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,6665063359848499883,13726757612348510528,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4120 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1932,15792791429987453413,3221237970375707070,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1932,15792791429987453413,3221237970375707070,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1944 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4420 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6708 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3876 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3Uw84AE.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3Uw84AE.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 7436 -ip 7436
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7436 -s 540
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8324 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8324 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9204 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9080 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,17027675684003729026,1883229845413102743,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4908 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 2.136.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 44.208.156.246:443 | www.epicgames.com | tcp |
| US | 8.8.8.8:53 | 101.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.49.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 246.156.208.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 88.221.25.169:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 169.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.paypal.com | udp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | b.stats.paypal.com | udp |
| US | 64.4.245.84:443 | b.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| US | 151.101.1.35:443 | t.paypal.com | tcp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | dub.stats.paypal.com | udp |
| US | 64.4.245.84:443 | dub.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | 169.25.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.245.4.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c6.paypal.com | udp |
| US | 151.101.1.35:443 | c6.paypal.com | tcp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | 227.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.78.124.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.251.36.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 22.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 104.244.42.2:443 | api.twitter.com | tcp |
| US | 93.184.220.70:443 | pbs.twimg.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| US | 68.232.34.217:443 | video.twimg.com | tcp |
| US | 104.244.42.133:443 | t.co | tcp |
| US | 8.8.8.8:53 | 141.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.34.232.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 25.14.97.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 34.195.142.151:443 | tracking.epicgames.com | tcp |
| US | 8.8.8.8:53 | static-assets-prod.unrealengine.com | udp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | 151.142.195.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| US | 157.240.5.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | 35.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| US | 157.240.5.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | talon-website-prod.ecosec.on.epicgames.com | udp |
| US | 172.64.146.120:443 | talon-website-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | 120.146.64.172.in-addr.arpa | udp |
| US | 104.244.42.2:443 | api.twitter.com | tcp |
| US | 104.244.42.2:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | talon-service-prod.ecosec.on.epicgames.com | udp |
| US | 172.64.146.120:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 172.64.146.120:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.218.90:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | 90.218.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 2.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | api2.hcaptcha.com | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | youtube.com | udp |
| NL | 216.58.214.14:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 14.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | 15.173.189.20.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Yh6Of03.exe
| MD5 | 113546e2fa3eb0f05d783314efcd1a59 |
| SHA1 | abebabcfb23f2ed491a07041d15fcfef9a2efdb0 |
| SHA256 | c4c77b0698c85e299b4773a43391591756c07f209b0b91e4f15e299be2078f86 |
| SHA512 | de147ed2abd6baad0ed338c4e34b80c896138dbc64da51f880cb89db06976cfa85dbc226ff1ea45398d1a2e0049695ef42dbd9897a2e733f45430af9c47b0c41 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Yh6Of03.exe
| MD5 | 113546e2fa3eb0f05d783314efcd1a59 |
| SHA1 | abebabcfb23f2ed491a07041d15fcfef9a2efdb0 |
| SHA256 | c4c77b0698c85e299b4773a43391591756c07f209b0b91e4f15e299be2078f86 |
| SHA512 | de147ed2abd6baad0ed338c4e34b80c896138dbc64da51f880cb89db06976cfa85dbc226ff1ea45398d1a2e0049695ef42dbd9897a2e733f45430af9c47b0c41 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1qQ56PL1.exe
| MD5 | 867956ee6b504c4e6a7dde70640d7595 |
| SHA1 | f52841cf03e0ac9a0950f20e0b1e23b64b045aee |
| SHA256 | 749dab28d89d5cec8709cff0717aa6ef0db2ffffa1d2e621d98095cd19b53408 |
| SHA512 | cee8297eb8e156ba29aba88efd082d9956d58c3cb9db8e9607fd6e88b3fc55a87c2a6cd0ef47aadb94721d026e8321ba97c53788291bd300e103d02f02db2fd3 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1qQ56PL1.exe
| MD5 | 867956ee6b504c4e6a7dde70640d7595 |
| SHA1 | f52841cf03e0ac9a0950f20e0b1e23b64b045aee |
| SHA256 | 749dab28d89d5cec8709cff0717aa6ef0db2ffffa1d2e621d98095cd19b53408 |
| SHA512 | cee8297eb8e156ba29aba88efd082d9956d58c3cb9db8e9607fd6e88b3fc55a87c2a6cd0ef47aadb94721d026e8321ba97c53788291bd300e103d02f02db2fd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8992ae6e99b277eea6fb99c4f267fa3f |
| SHA1 | 3715825c48f594068638351242fac7fdd77c1eb7 |
| SHA256 | 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d |
| SHA512 | a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8992ae6e99b277eea6fb99c4f267fa3f |
| SHA1 | 3715825c48f594068638351242fac7fdd77c1eb7 |
| SHA256 | 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d |
| SHA512 | a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8992ae6e99b277eea6fb99c4f267fa3f |
| SHA1 | 3715825c48f594068638351242fac7fdd77c1eb7 |
| SHA256 | 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d |
| SHA512 | a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8992ae6e99b277eea6fb99c4f267fa3f |
| SHA1 | 3715825c48f594068638351242fac7fdd77c1eb7 |
| SHA256 | 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d |
| SHA512 | a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8992ae6e99b277eea6fb99c4f267fa3f |
| SHA1 | 3715825c48f594068638351242fac7fdd77c1eb7 |
| SHA256 | 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d |
| SHA512 | a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 8992ae6e99b277eea6fb99c4f267fa3f |
| SHA1 | 3715825c48f594068638351242fac7fdd77c1eb7 |
| SHA256 | 525038333c02dff407d589fa407b493b7962543e205c587feceefbc870a08e3d |
| SHA512 | a1f44fff4ea76358c7f2a909520527ec0bbc3ddcb722c5d1f874e03a0c4ac42dac386a49ccf72807ef2fa6ccc534490ad90de2f699b1e49f06f79157f251ab25 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
\??\pipe\LOCAL\crashpad_3836_FQLRUPIHLEMSMWKI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_1792_UUDXTLFEUFKEARQG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_4100_LLCAONYYVJNGKNOG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_4676_XHNKYNZZSRHAEQLT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
\??\pipe\LOCAL\crashpad_4644_TJPBIICIJGIZONNQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2883987284431e3ff357b275bee0d0a4 |
| SHA1 | dacf4152d63f4cb83e2e4cbd4f22ab4ca5f979cf |
| SHA256 | 7dfae3e4d55940a910d5de1c65ea3a13dc1b1ee1a55902dab9dd3ade28516b3f |
| SHA512 | 3c6a4f8a76704ea151b02b56814096c94bfb593ff36a3884646f9ff4b7c27d6ac46b7defac17c6e47d1c4cd7919c56e18f54e26d2fc0bc2e4be78bd60ac393a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a9a3dcc33673383d77e4ad0b6b29ee65 |
| SHA1 | e291a52ee8c0e9b147c289e97d963bd1919f9812 |
| SHA256 | 5440a431524a8842a273be685289ef34d7018c6b39a4dc62d8a264b6a0e413e0 |
| SHA512 | b596ee3fcebf302deb3cd9344feffcc8814396bd93663a1dac1e125ef15d336bbc8eca5a3cd1847329550f7f234b537531fd7e9e5cde5c23f58bae330dcf7b44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bfa29cbae2ffbd2be0fc8c1e8acf6b5e |
| SHA1 | 9e3bc2e722690590822a942117d47e45fb8b6240 |
| SHA256 | 135790944fe3ade864e419f41da1f56f16833869bb6a893fb1f4330f80c191a0 |
| SHA512 | 4229a5e5a5fd2c87ba8b077e2e7c8dc1782c1ae4c285dee85e7c2d22c8e23b08c6b60ec285364e82c5f985971e5e9d4dacbf88217c12f7ed050a0a255dcc37eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 14707790f74c940dcf5a46d59060cf2b |
| SHA1 | 15193093315da3544edcb4d570b92c159ee556fa |
| SHA256 | 6d16db54680b1e33496a7a5f6bbc224c7baef42ea83b56f81ada0b3e5fbf0ebb |
| SHA512 | 016ad175ca68116a2f857172b046fb90d26d83fd7518ef9a27460776d81c88b5386535d13509781cced7e883794a3bcf5b5e62eba1d9f5dacc9d87ee1d0407a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2883987284431e3ff357b275bee0d0a4 |
| SHA1 | dacf4152d63f4cb83e2e4cbd4f22ab4ca5f979cf |
| SHA256 | 7dfae3e4d55940a910d5de1c65ea3a13dc1b1ee1a55902dab9dd3ade28516b3f |
| SHA512 | 3c6a4f8a76704ea151b02b56814096c94bfb593ff36a3884646f9ff4b7c27d6ac46b7defac17c6e47d1c4cd7919c56e18f54e26d2fc0bc2e4be78bd60ac393a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\d0c39a2d-543f-4d4c-b2fd-7ca733ccf65f.tmp
| MD5 | af22d0433373fa41da8acc886b13f2e4 |
| SHA1 | bbd9b3138476a5f2ee5566c5139e9c58fb999ed3 |
| SHA256 | 64c437eb656c81572430aeace3567f9f14abccc8778038f755a416131e7678af |
| SHA512 | c288feb70e9c61b0ca5a6ca091ae5e0c6e432ffb24ed0cc51be5bc7c48e615d35dc7b101b517a80efde49c370af54f2ea37896e632a94951d008abdf89b419f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a9a3dcc33673383d77e4ad0b6b29ee65 |
| SHA1 | e291a52ee8c0e9b147c289e97d963bd1919f9812 |
| SHA256 | 5440a431524a8842a273be685289ef34d7018c6b39a4dc62d8a264b6a0e413e0 |
| SHA512 | b596ee3fcebf302deb3cd9344feffcc8814396bd93663a1dac1e125ef15d336bbc8eca5a3cd1847329550f7f234b537531fd7e9e5cde5c23f58bae330dcf7b44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2ax6990.exe
| MD5 | a242751b06478b4cf91870418814a30b |
| SHA1 | ea12da77a35240c060a16287c4e1603da2c7ccf1 |
| SHA256 | a31063ac6378a3f940a68c05a79fdbca937e3feb3e1668e6cee87f30f4f70495 |
| SHA512 | fbaaae37def4767ebbccff9087f2046a4e4d03dd27cfab1a98b65104643d864d8484f117310798081a075e183ca7707be79e678b087097e1fef1bf0e31f32036 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1c6cfc628d793e0d3ea8b1054f17788b |
| SHA1 | dae04ecfcac913cd5511e3f546e886444c312ed6 |
| SHA256 | a01120283711e1c01563445a638e0d0a7e8bf8d2f6eb19e5ae51e4b7025463a7 |
| SHA512 | 2d3f24c816359795664c4662e2d114a9389da6dd0807b65d9bd90bf8fd1918ab7a5afb17a908b0771589c5daff76bd7755c3e7b489a03f48dc68813ed0eade52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | af22d0433373fa41da8acc886b13f2e4 |
| SHA1 | bbd9b3138476a5f2ee5566c5139e9c58fb999ed3 |
| SHA256 | 64c437eb656c81572430aeace3567f9f14abccc8778038f755a416131e7678af |
| SHA512 | c288feb70e9c61b0ca5a6ca091ae5e0c6e432ffb24ed0cc51be5bc7c48e615d35dc7b101b517a80efde49c370af54f2ea37896e632a94951d008abdf89b419f6 |
\??\pipe\LOCAL\crashpad_4996_LZQYRYLUVTKMRDMZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 14707790f74c940dcf5a46d59060cf2b |
| SHA1 | 15193093315da3544edcb4d570b92c159ee556fa |
| SHA256 | 6d16db54680b1e33496a7a5f6bbc224c7baef42ea83b56f81ada0b3e5fbf0ebb |
| SHA512 | 016ad175ca68116a2f857172b046fb90d26d83fd7518ef9a27460776d81c88b5386535d13509781cced7e883794a3bcf5b5e62eba1d9f5dacc9d87ee1d0407a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bfa29cbae2ffbd2be0fc8c1e8acf6b5e |
| SHA1 | 9e3bc2e722690590822a942117d47e45fb8b6240 |
| SHA256 | 135790944fe3ade864e419f41da1f56f16833869bb6a893fb1f4330f80c191a0 |
| SHA512 | 4229a5e5a5fd2c87ba8b077e2e7c8dc1782c1ae4c285dee85e7c2d22c8e23b08c6b60ec285364e82c5f985971e5e9d4dacbf88217c12f7ed050a0a255dcc37eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 6276613a51dae3b747451bc05e24edfa |
| SHA1 | 96ff591013fc8d378a9b37ea580d8ec6e98bbde5 |
| SHA256 | d17c0519716f5fa61ccf7289220c5e8917a36fbb29e48a86bb1122c9e3fcafb0 |
| SHA512 | dc84cd5df4867849039ecea2c98b1aeb435399b9503b1384159b2d08fe180b9f3daadc98f55c6ab28faa1e66dea8abfa4e702232a7027d933b0eca91fcf6b5f3 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2ax6990.exe
| MD5 | a242751b06478b4cf91870418814a30b |
| SHA1 | ea12da77a35240c060a16287c4e1603da2c7ccf1 |
| SHA256 | a31063ac6378a3f940a68c05a79fdbca937e3feb3e1668e6cee87f30f4f70495 |
| SHA512 | fbaaae37def4767ebbccff9087f2046a4e4d03dd27cfab1a98b65104643d864d8484f117310798081a075e183ca7707be79e678b087097e1fef1bf0e31f32036 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 31ce30a87e532769997392e8c8a14813 |
| SHA1 | bf7fcd437dd9b2ea986216ecad581021eca5c8c7 |
| SHA256 | c345373fbffb99dc2e9e78ff94176fae6098a0ac0f3b26f52f29f55b10db92b5 |
| SHA512 | 7c85e3af4280ac40b77c3ba0466b39b5bc3ba481474a5a43203893dcc74721696bd38d627a7eaa8caa0c8af842a138c79af2563e0930a7c6c2cab5d3a3860257 |
\??\pipe\LOCAL\crashpad_4356_YLMUBTFLHYSEAAQC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1c6cfc628d793e0d3ea8b1054f17788b |
| SHA1 | dae04ecfcac913cd5511e3f546e886444c312ed6 |
| SHA256 | a01120283711e1c01563445a638e0d0a7e8bf8d2f6eb19e5ae51e4b7025463a7 |
| SHA512 | 2d3f24c816359795664c4662e2d114a9389da6dd0807b65d9bd90bf8fd1918ab7a5afb17a908b0771589c5daff76bd7755c3e7b489a03f48dc68813ed0eade52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 31ce30a87e532769997392e8c8a14813 |
| SHA1 | bf7fcd437dd9b2ea986216ecad581021eca5c8c7 |
| SHA256 | c345373fbffb99dc2e9e78ff94176fae6098a0ac0f3b26f52f29f55b10db92b5 |
| SHA512 | 7c85e3af4280ac40b77c3ba0466b39b5bc3ba481474a5a43203893dcc74721696bd38d627a7eaa8caa0c8af842a138c79af2563e0930a7c6c2cab5d3a3860257 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a9a3dcc33673383d77e4ad0b6b29ee65 |
| SHA1 | e291a52ee8c0e9b147c289e97d963bd1919f9812 |
| SHA256 | 5440a431524a8842a273be685289ef34d7018c6b39a4dc62d8a264b6a0e413e0 |
| SHA512 | b596ee3fcebf302deb3cd9344feffcc8814396bd93663a1dac1e125ef15d336bbc8eca5a3cd1847329550f7f234b537531fd7e9e5cde5c23f58bae330dcf7b44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | af22d0433373fa41da8acc886b13f2e4 |
| SHA1 | bbd9b3138476a5f2ee5566c5139e9c58fb999ed3 |
| SHA256 | 64c437eb656c81572430aeace3567f9f14abccc8778038f755a416131e7678af |
| SHA512 | c288feb70e9c61b0ca5a6ca091ae5e0c6e432ffb24ed0cc51be5bc7c48e615d35dc7b101b517a80efde49c370af54f2ea37896e632a94951d008abdf89b419f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 14707790f74c940dcf5a46d59060cf2b |
| SHA1 | 15193093315da3544edcb4d570b92c159ee556fa |
| SHA256 | 6d16db54680b1e33496a7a5f6bbc224c7baef42ea83b56f81ada0b3e5fbf0ebb |
| SHA512 | 016ad175ca68116a2f857172b046fb90d26d83fd7518ef9a27460776d81c88b5386535d13509781cced7e883794a3bcf5b5e62eba1d9f5dacc9d87ee1d0407a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2883987284431e3ff357b275bee0d0a4 |
| SHA1 | dacf4152d63f4cb83e2e4cbd4f22ab4ca5f979cf |
| SHA256 | 7dfae3e4d55940a910d5de1c65ea3a13dc1b1ee1a55902dab9dd3ade28516b3f |
| SHA512 | 3c6a4f8a76704ea151b02b56814096c94bfb593ff36a3884646f9ff4b7c27d6ac46b7defac17c6e47d1c4cd7919c56e18f54e26d2fc0bc2e4be78bd60ac393a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bfa29cbae2ffbd2be0fc8c1e8acf6b5e |
| SHA1 | 9e3bc2e722690590822a942117d47e45fb8b6240 |
| SHA256 | 135790944fe3ade864e419f41da1f56f16833869bb6a893fb1f4330f80c191a0 |
| SHA512 | 4229a5e5a5fd2c87ba8b077e2e7c8dc1782c1ae4c285dee85e7c2d22c8e23b08c6b60ec285364e82c5f985971e5e9d4dacbf88217c12f7ed050a0a255dcc37eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1c6cfc628d793e0d3ea8b1054f17788b |
| SHA1 | dae04ecfcac913cd5511e3f546e886444c312ed6 |
| SHA256 | a01120283711e1c01563445a638e0d0a7e8bf8d2f6eb19e5ae51e4b7025463a7 |
| SHA512 | 2d3f24c816359795664c4662e2d114a9389da6dd0807b65d9bd90bf8fd1918ab7a5afb17a908b0771589c5daff76bd7755c3e7b489a03f48dc68813ed0eade52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 36583f71225223d3ec1fc900f4d1ebdf |
| SHA1 | c0fa4ef8588b41d1b012ffdc1dec60073d3e3506 |
| SHA256 | 8628ce6bb3d0ab1499eee3dc5781fbd54a3890a6996d56f7d26c267c5771b33e |
| SHA512 | 1bbfbc02b8718eef3714145542c53f0677415dfbaf070cb43857a6cb9f528869e164b50abcc3fbe87039d284e404f20dcd22136dcd1831a4ad819acab09a0fdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fdf77f2b481b2e086f7709882d7eeb7b |
| SHA1 | 1f9c2cb9e06101cadd31b3c98e353276c95c3e63 |
| SHA256 | 55922e43b501ddd1cd9703d50d8a9caca85032d5fc9410d1a8054da8c70ea25b |
| SHA512 | aff31af2d05853a612e4f59aa7b25dcc1406e448ff1a5b7692e964b8186600119429bd81d03c8b46c2b04f3996c38b21e6ad80e0fd740b9865baf8940ff0603b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 933a975f5e8a7035ad15ebe9a7a93e27 |
| SHA1 | 66de3ad4777c89e171496e98b3b7a25977eb4707 |
| SHA256 | 2bb591fdfc01cd9f1659160b50f157e505e1814aaeeb84f9832e4910663087a0 |
| SHA512 | 40b53f219f2107aed18449a8ea5a5a40bd1132efaad1ae336e4dbb2894950137fcf3a209126f2ba84799c9ae088ee107363e5a87e57831c4cf09f64f13618357 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | f1881400134252667af6731236741098 |
| SHA1 | 6fbc4f34542d449afdb74c9cfd4a6d20e6cdc458 |
| SHA256 | d6fcec1880d69aaa0229f515403c1a5ac82787f442c37f1c0c96c82ec6c15b75 |
| SHA512 | 18b9ac92c396a01b6662a4a8a21b995d456716b70144a136fced761fd0a84c99e8bd0afb9585625809b87332da75727b82a07b151560ea253a3b8c241b799450 |
memory/7436-342-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7436-345-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7436-346-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7436-348-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 10e2f194782459f1088bbca58016a4f4 |
| SHA1 | 6b53f2720fda5d69d07682d5fcb526cd43f19e36 |
| SHA256 | c2bf31b0ce6c772ce573f383740b5116426dce82379c0c296a9f15cb4cb03416 |
| SHA512 | fbbd8a8f957feda58b2df6453c8b8c2c09c04ab1905161283fcc125dca43f62cffcca8d782e17130357265c0c782af04dd325a1978e7c4f06ef2f90c5ddce0c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe585c34.TMP
| MD5 | a6988e785dd0b59a509823c59a2498dd |
| SHA1 | a0284a82f9470e3e8e86db1bc01e133cbafb78f0 |
| SHA256 | 38a8b0ca1e3970078853944dc8391207b0be874dffed9873a06d1dc041876e45 |
| SHA512 | b68f3769fcf77ed5e12b47f0df070236949344461366beb38cbf7722665ea86257d7ee7dcff054fa086846e451a07f4ec771c88f0f26703529b28c0e845ec649 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
memory/7628-419-0x0000000000400000-0x000000000043C000-memory.dmp
memory/7628-420-0x0000000074B90000-0x0000000075340000-memory.dmp
memory/7628-421-0x00000000079E0000-0x0000000007F84000-memory.dmp
memory/7628-428-0x00000000074D0000-0x0000000007562000-memory.dmp
memory/7628-437-0x0000000007750000-0x0000000007760000-memory.dmp
memory/7628-440-0x00000000075A0000-0x00000000075AA000-memory.dmp
memory/7628-444-0x00000000085B0000-0x0000000008BC8000-memory.dmp
memory/7628-450-0x0000000007870000-0x000000000797A000-memory.dmp
memory/7628-451-0x0000000007780000-0x0000000007792000-memory.dmp
memory/7628-460-0x00000000077E0000-0x000000000781C000-memory.dmp
memory/7628-463-0x0000000007820000-0x000000000786C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | 740a924b01c31c08ad37fe04d22af7c5 |
| SHA1 | 34feb0face110afc3a7673e36d27eee2d4edbbff |
| SHA256 | f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0 |
| SHA512 | da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f280ae6513ca6c974fac6cc559c676f6 |
| SHA1 | d3e98c05bf2256471856119c0490d411535ed411 |
| SHA256 | f3778b7ae8d6bf52876c7324b81819fb957db63bcd78ff5e2dc542590ee46368 |
| SHA512 | 40563daea449161f8bca59de9f10d1ba2aa9b35867590191d43dd2116b7756aebf0e216d030873ffefe873558ebe6fb3d339b9a9f044198c2fd5f94b124fcfa2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
| MD5 | 7d75a9eb3b38b5dd04b8a7ce4f1b87cc |
| SHA1 | 68f598c84936c9720c5ffd6685294f5c94000dff |
| SHA256 | 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7 |
| SHA512 | cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031
| MD5 | fdbf5bcfbb02e2894a519454c232d32f |
| SHA1 | 5e225710e9560458ac032ab80e24d0f3cb81b87a |
| SHA256 | d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c |
| SHA512 | 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036
| MD5 | 4e08109ee6888eeb2f5d6987513366bc |
| SHA1 | 86340f5fa46d1a73db2031d80699937878da635e |
| SHA256 | bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339 |
| SHA512 | 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c4c29041a02f3f497fecf746de94c3c4 |
| SHA1 | aa1af93442107f38ddd30bbdadb39dc86146bd92 |
| SHA256 | 6195699867b31b7b98f879d1e8a286ec41c00f438f4bc741a850acdcf624ce21 |
| SHA512 | cc34ada37e3c5c570b4d9990bca214ffd346f9670dcfdfcd9a8615bb995c0b684ef74b98987b783b3e9fe7dd12d3b8422b28ced3d305600141f65fcf4ac7b32a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d35f4e0f2eff25b178fe1562ef6a82e6 |
| SHA1 | fa86af47f73bfebfd43e15bb04c338e94fa14217 |
| SHA256 | f2fdbb056cd2ef263d719ea1c6cf3bfeb784b7b4218dd99b32451a3cb40f2912 |
| SHA512 | 133335f0646a989e7ef1a2743bb1079fc9d86238d82ecf8e2d537907fe49d5c2b6e6595be763bae113de02c8c7855227764d3c2d78319d6235608ed8a6b197a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
memory/7628-814-0x0000000074B90000-0x0000000075340000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | a2d32095974b62a400d9772c54e103ec |
| SHA1 | acd26428816a73cc4004eb98c5d3386deb34017e |
| SHA256 | 4258f104fe2742ade5473195306394f24493e1d4a0709d3a7d384ee863a9f3ec |
| SHA512 | b03afbc08d9ce4189976635d2b79a8858602484c890f9e008ef2763a6b7aa537c91a88f7a7d81758aea46b1c1c92c7218d33db09b729d4459d3d585d5f0b2f7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe58c8f8.TMP
| MD5 | 05f6f0d8599b3222444cd8701c4c597d |
| SHA1 | b3413eb43c0b329c4dd738ea0a1dc8b49600b9e6 |
| SHA256 | 0da6944e555a4a6a33e499aeeabe0a1c7b225c23c8c28b771c159a69104ee7cd |
| SHA512 | fd00615ced85ea05c5ae6fe5a1ee1df217bed1d2b3958bf4b4d57ac201c6cf517d5306d6d17bf30f04b9c2180df57688df379b3491378a9baa300c48626cec01 |
memory/7628-928-0x0000000007750000-0x0000000007760000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 7ab91e54e87bef38e1536609fdf42829 |
| SHA1 | 526691f6d7b58030aaa72f5df6bc060cf6b1286f |
| SHA256 | b9d99ed0d67d5dbfb566b15f58b46affa71728da3b64657d7f49e6507d32b2f7 |
| SHA512 | 309e36372719e9eadb2f8d50784613f880831222c8cd176121212d6626cb758628e3f75f89bb40c584c36ec5ff46a5d330c01f8bc2beb50c4ea74daab30e4c69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 223bb664c86bfea994b5cf3ebcfe8813 |
| SHA1 | 129933132ec0a877e914186b77f6bfaf3bc0d04b |
| SHA256 | d07da586336cff276c8f31f1040734400610c54bb185c229b4b67e8e81f5ed86 |
| SHA512 | 55e6fbda9779c53ee4b0d0f3fdeca347c61f49602a566b3a0800771f57f1d50cb495f1c941ff0cb4675033d368e9f9ba0af5304072801b4c2112528f6c48adc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\210da1eb-8c85-4789-9704-a0baa62017c3\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 6cebf527d8ef4530a322c0e341d65934 |
| SHA1 | d16be8a1e5c5c57e2a0b2d3831c8ea4ff9080d12 |
| SHA256 | 8101fff81e7046b010d1116a6edd425989c63d565aa82892a8c2d38aecc09574 |
| SHA512 | 0e101ee15898c9ffa999bbfe22dfbb8b4eb656cf5daa1ea38e540b184e017146de99ae2aa46e41fbdd2a443e9647b4368af6e061668992b0fbc4d9bef99eae23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d21aaeb7f8ccd9db89a7fce773109f99 |
| SHA1 | e852f8849dd3a06474aedbc36247d9408aabe3b3 |
| SHA256 | 60ef33676ec2873a9210ff559c5cc97f44a2d4d273f627b3c2dcaaa32921a42c |
| SHA512 | b8927f7eb460a1f6f4fb7711cb0c686cc8517eb7d341fc13eb8023fd4a90174f5612e674ef8c2a0014de430fc3bee593ade70c95ed7438e4e0edbbdb40fb1b19 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ecbdb49657717f4c1a4651975502d1bc |
| SHA1 | afd3177fc353b66d898ab837b728c892760ddff6 |
| SHA256 | 8d00c1e9fb57b0c4e9741e3526c49856123c8483ef843589e1b7ed88d7f29e56 |
| SHA512 | fb45869def4350bb8ef27cc5a4f6425458e2dc020109180e354af0d0476f03e13af4e33f247c0b78ea79e83ac150250daf6476902f47ccace8258aaa811439d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | dc0d1ba6896bf1da8c9cacfb879843ce |
| SHA1 | 43579b56759ff31a79555850ce87182332d46263 |
| SHA256 | 592d25c0671aac8b7845186c6242d339f62d783a1fd06ebf9a8090970fc2c04f |
| SHA512 | 0c197b8f9a9256713029710c367bf73dd3316c89008e1ad1808ae1002ae9f26384eaa53b5e9d86335f671d65cc502c1f7bea65f207672fa3cef236452d96dec0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 23cf2ef45692db58be59e3faeb6c2c43 |
| SHA1 | f21cee7bbfda352a2875385031d34dfa2cfd9933 |
| SHA256 | 3469f36787d9700810780d969d57d1d86dab0847c2211755d181ad5c6690ef5c |
| SHA512 | 2019d637425d6a3ac4563f43c7a77398b4729a164d99060326f0ce0004ffdb4f5c6b07db67924fa9aba0dc7c9ffc1791ee24d359e41e77902a20a279e0d8aecf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\91ce7cb3-4214-4230-adaf-ba7bff2daaf9\index-dir\the-real-index
| MD5 | e2507e9c961a65d0ad83f5dff49f3092 |
| SHA1 | 7a763543a5485d65e8972a46376c7cf143fbed36 |
| SHA256 | 4e2fb089098a172a6d9c129fa46e7ceac76491db804d96e7ad194fe70a0d02c0 |
| SHA512 | 6fcd2cc9afe19eb3b1a78e36272fb0aa6a41d88db4c951bd1c39f392b19d0406c9e901a6a4efd1207b372a9fbe340d0202fbaae26e239a77a167e86ff06b1b5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\91ce7cb3-4214-4230-adaf-ba7bff2daaf9\index-dir\the-real-index~RFe591cc5.TMP
| MD5 | f0ccafa65aecd803df371569c487771b |
| SHA1 | ee8f0f6f5f32d353a1a0ef5d2c3838c677a7b996 |
| SHA256 | e649ee5cd0526daa8bbb4d851719b223e1d623f4491a07bb416e32fa45f22aa6 |
| SHA512 | a77856c775658fb7401b66dbe625b95781605e526780b3779af869b56462ce93e04941d881f025a162288ba813c6b24a94158cbab03d09a8bb99a3c9d407c467 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2495e2deb9687261afba6503780669e8 |
| SHA1 | 4f8522042b776b0bba105c111aed1c08354ea8f8 |
| SHA256 | 85c2cc42bc0979829cd735697d805692e93d6e364a48ad6994f38e858c50393b |
| SHA512 | 25aa5a3ddda8fee79ec2635639a0fe8886f4c9afe388a8e63206b5ccbc717c8d87be469125438412f6465e435776ba3ba1d1afcadf1aea47a59bb72f5a7dc6df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1367c7523b1048a573c4faa7a6c48f57 |
| SHA1 | 58999e06fe37e7c045249e4c9bf00ce4cbf33849 |
| SHA256 | 8526ee554608d8fd1daf9b21815f9df8f8523cf3e548921d99d55f325dfbc908 |
| SHA512 | 9de224329da7e8349fb113d56756b38d6a6e67c15da5b0cb49c9ea60dcc573a9db1ba1987b9ef5940ff95ccd635e754e186a18d9238138b38e20b2b7f311e3d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 76a90058552815945e027e0d98a21e21 |
| SHA1 | 1dfbc20213a1a9979deb187950a6b71ec7b65a12 |
| SHA256 | 49044184bbd20162a8640da99027340468cb4e5be9732368e809d0230ea9c03a |
| SHA512 | 59c91a6a2e784eb44a2937dd5f9ad94b8622c3df8a9ecdb43272ff64e4d7778c5049e7452de654f50f757b4e260045e95dab57f1800d499cc8e3744b5f90973e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe595078.TMP
| MD5 | d2a189f5a3ee52aa06268e2d745d028b |
| SHA1 | c3b5b67ed35c726f6ddd2a4dcd1e0b0fe4e6ce7d |
| SHA256 | cbb3e781aedc6732c9cede876c4d0595c5648235ed319aa16d2513fde42c3793 |
| SHA512 | 90f0a61cc920cf2b2e3aeb48806cda162d071e70bf0cbd65779f1dae53e111dbc17e1ef76a3305407e18c4dc00f2787e6b8c89c60fc20637cd6554c969175515 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 69fbcd7faaf3943c8de4d19035754d03 |
| SHA1 | 494272af024fb6e40314b0862bc80c69799c1d27 |
| SHA256 | 50d751f36112d9aaf79672f147550f74d407a7efb3e8bc43206dfc932be51e5d |
| SHA512 | c8608a36402cb8829156162fa85b16f3527977ddbb0938652810fe7359c5f297cb86481051912d7b0266b967bfb109d9af013dd0774935bd136de8911fddb012 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1cd8620669412d3ef8b728268bef6776 |
| SHA1 | ce3660891e1fef85da6d4e7ee61a931010b6276b |
| SHA256 | 2ce540d834835fc184d7eee43455edfee282ab12936deaf3d14500f68f13412a |
| SHA512 | 323362d2d0a845941805d61dce8c7650541d006feab79f80b136681ecc6c71ce064c4de2c450d4b57f77c9903ab1e09eda5586d1a953a558b552d9d4bab6e913 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7480458a-b150-4aae-9124-e561e22c9c8c\index-dir\the-real-index
| MD5 | dd8d444d5e3dacde1278c0a221b7d919 |
| SHA1 | 826637c68890e12e5f7e2ec111d27580735d3c12 |
| SHA256 | a5e21033ea51c53d848afcffc2c64f22c4304bb7e6ec5a00db36843d81d063c7 |
| SHA512 | a3e6d6f8787959c5d5ce1ee908d8ff7f638892fa9cb1913b467ca0c02ac357890f85e622a1f090e83751e7d8e6effb52eea960c6cd1ed8e04973118f443113c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\7480458a-b150-4aae-9124-e561e22c9c8c\index-dir\the-real-index~RFe596d37.TMP
| MD5 | 3f3b93b8a7e5b65e9d57e1b4d8261331 |
| SHA1 | a6fa80933d8143b4c537b19f8740699e9c0d8a16 |
| SHA256 | 4ae0624c75d4bd8e5ae05c19fc0cc213d02a0a6177cd97775bf8ed1f7e93077e |
| SHA512 | 51c8fdeb4fd761d62486bc770fbe68243cd331c45ab1d10309efb6d8d9058a8778a9d827e82b6138ec452c72f2bbc2d669c2ac5941693169170b1547aaf6f4e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 0902f24646d2cf6da183a63d09521d72 |
| SHA1 | 455bfd684933d72eca934fab64052e5bdc5951ae |
| SHA256 | b4d8280ff2a2cb02c337220d414b3921e9ea6139de94e9f7350acfcce7550843 |
| SHA512 | 2549eb9e4e1e9926c58503e34fb4da6be128697983c2c508803393940dcaabd836987d60759359589725c81143d2d6724846babb5e462991e488e4d5a8312b86 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\4813e30b-a9ae-48ab-956c-8ee1917e885c\index-dir\the-real-index
| MD5 | 016022ed4602a5cc2ff7cb6b88e972a1 |
| SHA1 | b9dc3c12b2d85205c6bd87ba48d4306e37275341 |
| SHA256 | 6b8675e18c169f03743d8768b8d3dcd1df34136fe1df43afd5a6c020b4ab2e75 |
| SHA512 | dac757024c2a534ff8e487fb0f89c9504da789e203245cb35cd4b15ed27ad195f3f6bad1b629835bb18f972e1c2bc58bc2dd1823f39ab2fb748456e720cb7027 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\4813e30b-a9ae-48ab-956c-8ee1917e885c\index-dir\the-real-index~RFe5992e0.TMP
| MD5 | 847011629f21a45bca87b8465603a0e7 |
| SHA1 | 85f9587ece349818f483210d0ac4a82e09748ea3 |
| SHA256 | 7e220fe5c4f953d5a94870666c5d40143510564878ba306899fa0a4992805628 |
| SHA512 | 075c350f3e1d81bdf81ca65404240d51032c366305cdd39ce9efe94760c202ba78b1c400cc8af1412643293df1e34b450227829d564e51b02a46d40d6b553dd7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 08d756416f4dad27acf89a0699b46c89 |
| SHA1 | 81bdd49cd680286ec9563bce8766c18f3a86f6be |
| SHA256 | eab47c6f6dd6f3dddfeb29b22053bf9e14140925ff207ae49daad577cb21073d |
| SHA512 | 5289953f01a3c07d76c8d9790a253ba55f9990450a4cb63b26c265e53b22ca3b7917ab3c0e2d36bcd22fa36d059a1214c44cca9f14cfc5a10c9e078556ea7fa5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3ce66510724060e5bb04977c374381c1 |
| SHA1 | dc5f2b458b422cc5fcc3030df11748ddcca31813 |
| SHA256 | 033a1f1f29d755a7229a11129824acd8800933ddc4e365fc52a8cf5c8e9d234a |
| SHA512 | e98ae83cc66f7868fe4c3ba70fe22a6ccab69bb820c04f66c2467c4f73ad4943286391818529cf99e830dc0fa636f8eb3dc5587ca61676a5846b2a2bcadfd9c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3e0587c44b868ede645f69c9966551fe |
| SHA1 | 16da8fb68c968544f3c35a1e1fc083e2cfd3cece |
| SHA256 | f9473ad1435dbc1c00ffe3ae9d31e873753a21393c993ad4f8e8ff3539a37c59 |
| SHA512 | 4bce496dafcc36c5eca29c44b2e5a56ba3c6b05a95bc30e2ea7eca19a0617a72c99992075ce237df313f9ba1ca1c4a77aa87190a2ed23ee089573d8e35c94a7e |