Analysis Overview
SHA256
6f5029869984f774932ee5eec105cec8daeeb1f5c6411a8089c8dcb0e9ab7747
Threat Level: Known bad
The file 6f5029869984f774932ee5eec105cec8daeeb1f5c6411a8089c8dcb0e9ab7747 was found to be: Known bad.
Malicious Activity Summary
Mystic
Detect Mystic stealer payload
RedLine payload
RedLine
Executes dropped EXE
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
AutoIT Executable
Suspicious use of SetThreadContext
Detected potential entity reuse from brand paypal.
Enumerates physical storage devices
Unsigned PE
Program crash
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-11-11 10:22
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-11-11 10:22
Reported
2023-11-11 10:25
Platform
win10v2004-20231020-en
Max time kernel
135s
Max time network
157s
Command Line
Signatures
Detect Mystic stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Mystic
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\SI1mP78.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\lv4BV41.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3LI851YN.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4FB3AO4.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5ep35OE.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6rW887.exe | N/A |
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\6f5029869984f774932ee5eec105cec8daeeb1f5c6411a8089c8dcb0e9ab7747.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\SI1mP78.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup2 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP002.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\lv4BV41.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 5436 set thread context of 7804 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4FB3AO4.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 6864 set thread context of 1824 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5ep35OE.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 5908 set thread context of 8524 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6rW887.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\6f5029869984f774932ee5eec105cec8daeeb1f5c6411a8089c8dcb0e9ab7747.exe
"C:\Users\Admin\AppData\Local\Temp\6f5029869984f774932ee5eec105cec8daeeb1f5c6411a8089c8dcb0e9ab7747.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\SI1mP78.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\SI1mP78.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\lv4BV41.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\lv4BV41.exe
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3LI851YN.exe
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3LI851YN.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x16c,0x170,0x174,0x148,0x178,0x7ffac52b46f8,0x7ffac52b4708,0x7ffac52b4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x178,0x17c,0x180,0x154,0x184,0x7ffac52b46f8,0x7ffac52b4708,0x7ffac52b4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffac52b46f8,0x7ffac52b4708,0x7ffac52b4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffac52b46f8,0x7ffac52b4708,0x7ffac52b4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffac52b46f8,0x7ffac52b4708,0x7ffac52b4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x16c,0x170,0x174,0x148,0x178,0x7ffac52b46f8,0x7ffac52b4708,0x7ffac52b4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffac52b46f8,0x7ffac52b4708,0x7ffac52b4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffac52b46f8,0x7ffac52b4708,0x7ffac52b4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffac52b46f8,0x7ffac52b4708,0x7ffac52b4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2580 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,9825505888670219495,15684199987457380685,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,9825505888670219495,15684199987457380685,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ffac52b46f8,0x7ffac52b4708,0x7ffac52b4718
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1796,17275533051176971698,960694192243487219,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1796,17275533051176971698,960694192243487219,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2084 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1968,7629678750511171295,11816150116484680554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,7629678750511171295,11816150116484680554,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,5749595084151847093,8734088607721055637,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,5749595084151847093,8734088607721055637,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4FB3AO4.exe
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4FB3AO4.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,15700031860129840572,11261544242419154123,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,15685361567187197281,16867050320522864646,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,1421174090696071586,2748660591752189757,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,3738378763843155397,16463158777962674722,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,3738378763843155397,16463158777962674722,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4556 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4724 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4ec 0x3d0
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 376 -p 7804 -ip 7804
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5ep35OE.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5ep35OE.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 7804 -s 540
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7156 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7992 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9092 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9092 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9132 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6rW887.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6rW887.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7212 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,15142015271788940204,6756149690844450917,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1364 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.194.73.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.178.238.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.1.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 52.3.21.238:443 | www.epicgames.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 193.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.49.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.21.3.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 113.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 34.36.251.142.in-addr.arpa | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.182:443 | i.ytimg.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | i3.ytimg.com | udp |
| GB | 216.58.208.110:443 | i3.ytimg.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| NL | 142.251.36.1:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | 1.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| NL | 142.251.39.106:443 | jnn-pa.googleapis.com | tcp |
| NL | 142.251.36.6:443 | static.doubleclick.net | tcp |
| NL | 142.251.39.106:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 106.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.136.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | youtube.com | udp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 216.58.214.14:443 | youtube.com | tcp |
| NL | 23.72.252.163:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 160.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 104.244.42.194:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| US | 192.229.233.50:443 | pbs.twimg.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 192.229.220.133:443 | video.twimg.com | tcp |
| US | 104.244.42.5:443 | t.co | tcp |
| US | 8.8.8.8:53 | 194.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.233.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.220.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| US | 157.240.5.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | 35.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| US | 157.240.5.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 44.214.245.214:443 | tracking.epicgames.com | tcp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.245.214.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr2---sn-5hne6n6e.googlevideo.com | udp |
| NL | 172.217.132.231:443 | rr2---sn-5hne6n6e.googlevideo.com | tcp |
| NL | 172.217.132.231:443 | rr2---sn-5hne6n6e.googlevideo.com | tcp |
| NL | 172.217.132.231:443 | rr2---sn-5hne6n6e.googlevideo.com | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.132.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static-assets-prod.unrealengine.com | udp |
| US | 18.239.36.105:443 | static-assets-prod.unrealengine.com | tcp |
| US | 18.239.36.105:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | 105.36.239.18.in-addr.arpa | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | c.paypal.com | udp |
| US | 8.8.8.8:53 | numpersb.fun | udp |
| US | 8.8.8.8:53 | killredls.pw | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 227.168.217.172.in-addr.arpa | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| US | 151.101.1.35:443 | t.paypal.com | tcp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | 38.209.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.101.151.in-addr.arpa | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | b.stats.paypal.com | udp |
| US | 64.4.245.84:443 | b.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | 84.245.4.64.in-addr.arpa | udp |
| NL | 23.72.252.171:443 | apps.identrust.com | tcp |
| NL | 23.72.252.171:443 | apps.identrust.com | tcp |
| NL | 23.72.252.171:443 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | dub.stats.paypal.com | udp |
| US | 64.4.245.84:443 | dub.stats.paypal.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | c6.paypal.com | udp |
| US | 151.101.1.35:443 | c6.paypal.com | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 18.239.36.105:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 104.244.42.194:443 | api.twitter.com | tcp |
| US | 104.244.42.194:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | talon-website-prod.ecosec.on.epicgames.com | udp |
| US | 104.18.41.136:443 | talon-website-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 136.41.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | talon-service-prod.ecosec.on.epicgames.com | udp |
| US | 172.64.146.120:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 172.64.146.120:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | 120.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.219.90:443 | js.hcaptcha.com | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.219.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| NL | 142.250.179.182:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | rr2---sn-5hne6nsk.googlevideo.com | udp |
| NL | 172.217.132.39:443 | rr2---sn-5hne6nsk.googlevideo.com | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 39.132.217.172.in-addr.arpa | udp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 172.67.209.38:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| NL | 172.217.132.231:443 | rr2---sn-5hne6n6e.googlevideo.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | 254.7.248.8.in-addr.arpa | udp |
| NL | 172.217.132.39:443 | rr2---sn-5hne6nsk.googlevideo.com | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | udp |
Files
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\SI1mP78.exe
| MD5 | c3cae981698ca72e7dc12eb19510d3e0 |
| SHA1 | df3435edee3e2c5af567efde58bc7f741059df53 |
| SHA256 | 2e8cfeb7beb991d986bebc7eb5f0d5605fbf6fed8bfbd6a8dc3be4b0982f2197 |
| SHA512 | e693f1ac184bdaa43815cafe9635165dbdeece8226c7025426671fab99ed863fc9f920d18aa0310f1f8becf9a8cb98e3aa4ad3247ba4f9c665bd37151fb13ecb |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\SI1mP78.exe
| MD5 | c3cae981698ca72e7dc12eb19510d3e0 |
| SHA1 | df3435edee3e2c5af567efde58bc7f741059df53 |
| SHA256 | 2e8cfeb7beb991d986bebc7eb5f0d5605fbf6fed8bfbd6a8dc3be4b0982f2197 |
| SHA512 | e693f1ac184bdaa43815cafe9635165dbdeece8226c7025426671fab99ed863fc9f920d18aa0310f1f8becf9a8cb98e3aa4ad3247ba4f9c665bd37151fb13ecb |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\lv4BV41.exe
| MD5 | 32dce182412855c8ec365681dfa0031f |
| SHA1 | a4e9646135d5e23d264a2494688efd7a4682063c |
| SHA256 | 0050a09abc512245e5a350322d315181709ec311b385fd47564845e75193df29 |
| SHA512 | a29fca2c9b9f77d5a27fc7554e35283fc59ccfb3d05ba64bfcd2b9cf7714404a866777b101de5ab8485956b0d4765971bd6c5cd4bf369bc805c82f6ef926c6f5 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\lv4BV41.exe
| MD5 | 32dce182412855c8ec365681dfa0031f |
| SHA1 | a4e9646135d5e23d264a2494688efd7a4682063c |
| SHA256 | 0050a09abc512245e5a350322d315181709ec311b385fd47564845e75193df29 |
| SHA512 | a29fca2c9b9f77d5a27fc7554e35283fc59ccfb3d05ba64bfcd2b9cf7714404a866777b101de5ab8485956b0d4765971bd6c5cd4bf369bc805c82f6ef926c6f5 |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3LI851YN.exe
| MD5 | 4278f00a606bbe96b657c0fe08832c67 |
| SHA1 | 799bd18af64bc730d9c28539e72c4006958316aa |
| SHA256 | d267adbd29d335e178dd8eec1855f2e3b8636711f56ed8fd957a7fba5fc2630a |
| SHA512 | ddfb5cc0ac744ca8e32578958edb9aecdb99325e0a91deedb1cde892f7ad12807c76a5acb2a2180af0c7382107520dadc118e8cdb6749db797420a43f69a9944 |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3LI851YN.exe
| MD5 | 4278f00a606bbe96b657c0fe08832c67 |
| SHA1 | 799bd18af64bc730d9c28539e72c4006958316aa |
| SHA256 | d267adbd29d335e178dd8eec1855f2e3b8636711f56ed8fd957a7fba5fc2630a |
| SHA512 | ddfb5cc0ac744ca8e32578958edb9aecdb99325e0a91deedb1cde892f7ad12807c76a5acb2a2180af0c7382107520dadc118e8cdb6749db797420a43f69a9944 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 777424efaa0b7dc4020fed63a05319cf |
| SHA1 | f4ff37d51b7dd7a46606762c1531644b8fbc99c7 |
| SHA256 | 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5 |
| SHA512 | 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
\??\pipe\LOCAL\crashpad_1568_SQZXXTVOBTLNVVMR
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
\??\pipe\LOCAL\crashpad_1672_NWNZNDZKGOGHNZSY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_4580_NFSXKHIDSYACMSZD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_464_KOGBQLHTPPYETHZK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_3492_AQXOGESPIBLVYSRO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b8751774cc1816231903bb38f463d118 |
| SHA1 | bab5a59302f8e291430ea47be285f271f2e37304 |
| SHA256 | f401ae3cfd1932517d6f81d7fd6f41612c70a72d59ae4018416ef945059de6da |
| SHA512 | 5ad067b81fc576bcf2c61545911ad5d94c04ada43c6e53b1c6db3cfe077fde8f9a1af7c64d00dded3526bd6625e91244a847c6ccc1300481a0cf72b6fd89da0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3692032fdb8a9c8916794693bb0edaab |
| SHA1 | 8c5fe9026ebcd90ec761e168e098064f4c87f77d |
| SHA256 | 7fb74bd1555deb02f93286348fdbcb0362b69b0fbdfac769d4fbf2eec5058716 |
| SHA512 | 51f7d73df6ceb0c3f7dd8ec2c7ff9272f3a527959d48dc7321f87afaad1ac200c06472fd29a8ff08e7bc44cda28bd6ccc79e8c450460059bcd1001230720146b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d144a2afb39cc4c57d23b4fba9c2c759 |
| SHA1 | 12c4f9c1377894b975b1c1ed6744b077d0cca941 |
| SHA256 | 69213fa371a1da7f2063ccaa209ed52de3eac38a396c1a091706fbc1870ba8a8 |
| SHA512 | 21a18907683555e1a912a63028bad145488aeaab242b7aba4b8bd2ecf7b4b89be4b7172c84b382ec15b89717d1773f0c139dae4b8a4f4e6cefb67a5550242620 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3692032fdb8a9c8916794693bb0edaab |
| SHA1 | 8c5fe9026ebcd90ec761e168e098064f4c87f77d |
| SHA256 | 7fb74bd1555deb02f93286348fdbcb0362b69b0fbdfac769d4fbf2eec5058716 |
| SHA512 | 51f7d73df6ceb0c3f7dd8ec2c7ff9272f3a527959d48dc7321f87afaad1ac200c06472fd29a8ff08e7bc44cda28bd6ccc79e8c450460059bcd1001230720146b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2a5352f369da1b760c6df7373797fcde |
| SHA1 | 9dd153f90a3ad7b7a79d7dda769000c9484f98a0 |
| SHA256 | f461a1025e5991d0cfe6c87cb4760073e12f27e08825e96547c6a1abd7c71ee1 |
| SHA512 | 5be02ad27e6844146ddbf11e6c4761842957a466ab7a084317b21dd3ae082550add00da054eda2e03a2dfa279ee0915d50de1c9a57e30b9f77c6497a694fd87e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9f732011c5cc08d9241dc896d618009e |
| SHA1 | b2878ff4dd912e35fd08d112b1ee6bb35099a25b |
| SHA256 | 9813783ab9f0aba6d611ee554cb87d4f801b09d6ec1fb90c626c1b746a20b420 |
| SHA512 | ff52f1ed97b6ab72f95ffc199585857289a5765f49e99182a83ba8dd6c1d3e3b207a65238b66b047535c5cab26ef16324ea9d893f233c6911e90b2a818a3ff98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4FB3AO4.exe
| MD5 | c2ebcf8610690c5bd9af9694d317d6d0 |
| SHA1 | f4f27f46421bba81242c2b88453cf91c60d92cb3 |
| SHA256 | d889d484a3840a7eb92f3147edc2b655e39d0f4b8aeb2faf418f86bdc986deb4 |
| SHA512 | 7aeebded40804c68889d19319a56edb710e976d7f2b48484693db321681d19f7f4c3356948810089390592ec4c88355940b2a2a46b3bd9d6be2c0243c7f2a6e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9f732011c5cc08d9241dc896d618009e |
| SHA1 | b2878ff4dd912e35fd08d112b1ee6bb35099a25b |
| SHA256 | 9813783ab9f0aba6d611ee554cb87d4f801b09d6ec1fb90c626c1b746a20b420 |
| SHA512 | ff52f1ed97b6ab72f95ffc199585857289a5765f49e99182a83ba8dd6c1d3e3b207a65238b66b047535c5cab26ef16324ea9d893f233c6911e90b2a818a3ff98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a42e136231228070ef5e9d86fcca7297 |
| SHA1 | acd6701bb34b7364429e839f5f53fa8108ed1678 |
| SHA256 | 7eee7a74ad577637c144634be0707608433a36700d5cbd392f08f224c9566f3d |
| SHA512 | b1d7fd1e327fe88a39eac9a11c9bce39de213c2805166fd709ee0f7c3af56732a038ec3b86a7be66beefd279be3332d823041547a77fc3ea00757d638c198f05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a42e136231228070ef5e9d86fcca7297 |
| SHA1 | acd6701bb34b7364429e839f5f53fa8108ed1678 |
| SHA256 | 7eee7a74ad577637c144634be0707608433a36700d5cbd392f08f224c9566f3d |
| SHA512 | b1d7fd1e327fe88a39eac9a11c9bce39de213c2805166fd709ee0f7c3af56732a038ec3b86a7be66beefd279be3332d823041547a77fc3ea00757d638c198f05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\518c627d-af29-4e80-8a7a-eafc2e13cfac.tmp
| MD5 | 2a5352f369da1b760c6df7373797fcde |
| SHA1 | 9dd153f90a3ad7b7a79d7dda769000c9484f98a0 |
| SHA256 | f461a1025e5991d0cfe6c87cb4760073e12f27e08825e96547c6a1abd7c71ee1 |
| SHA512 | 5be02ad27e6844146ddbf11e6c4761842957a466ab7a084317b21dd3ae082550add00da054eda2e03a2dfa279ee0915d50de1c9a57e30b9f77c6497a694fd87e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b8751774cc1816231903bb38f463d118 |
| SHA1 | bab5a59302f8e291430ea47be285f271f2e37304 |
| SHA256 | f401ae3cfd1932517d6f81d7fd6f41612c70a72d59ae4018416ef945059de6da |
| SHA512 | 5ad067b81fc576bcf2c61545911ad5d94c04ada43c6e53b1c6db3cfe077fde8f9a1af7c64d00dded3526bd6625e91244a847c6ccc1300481a0cf72b6fd89da0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\63c8aeb4-b0d6-4bf1-8dad-63fae666178c.tmp
| MD5 | b14bf818579c3e4b3318ec813a69fc5a |
| SHA1 | d3ab499d102059cac4f9febaad05e513d217e3ae |
| SHA256 | 452837ec9f5619792da755d695d46c7ed14e155e664514499c9e5787391766fd |
| SHA512 | e4a65522eb6d1e23ea48ec452f7e9c9bfa78c7f8875db4dc6168d8f8552913021c3171d4c5268d6ef2f26a8cce59727cb65c6cbda027d7c7599a445797c77049 |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4FB3AO4.exe
| MD5 | c2ebcf8610690c5bd9af9694d317d6d0 |
| SHA1 | f4f27f46421bba81242c2b88453cf91c60d92cb3 |
| SHA256 | d889d484a3840a7eb92f3147edc2b655e39d0f4b8aeb2faf418f86bdc986deb4 |
| SHA512 | 7aeebded40804c68889d19319a56edb710e976d7f2b48484693db321681d19f7f4c3356948810089390592ec4c88355940b2a2a46b3bd9d6be2c0243c7f2a6e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d144a2afb39cc4c57d23b4fba9c2c759 |
| SHA1 | 12c4f9c1377894b975b1c1ed6744b077d0cca941 |
| SHA256 | 69213fa371a1da7f2063ccaa209ed52de3eac38a396c1a091706fbc1870ba8a8 |
| SHA512 | 21a18907683555e1a912a63028bad145488aeaab242b7aba4b8bd2ecf7b4b89be4b7172c84b382ec15b89717d1773f0c139dae4b8a4f4e6cefb67a5550242620 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 483924abaaa7ce1345acd8547cfe77f4 |
| SHA1 | 4190d880b95d9506385087d6c2f5434f0e9f63e8 |
| SHA256 | 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684 |
| SHA512 | e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 68d283f33f872dee8377f5408ae0b3b5 |
| SHA1 | e6ba9556746db25b1816e27192f825a49139fe93 |
| SHA256 | 2abd06d9f0c78e7c48abe5a7f7e114a2bb6d24d8373c0f4b5b0a2c947ccd984f |
| SHA512 | fd5b0ec6d31b705d67ce30635170db9b9e6a8bd20c6402b6dd4890808e2a06988d9140e515fba383baf03178abab8ab4f586e09c8c1757c755d498d281ee8bd1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b14bf818579c3e4b3318ec813a69fc5a |
| SHA1 | d3ab499d102059cac4f9febaad05e513d217e3ae |
| SHA256 | 452837ec9f5619792da755d695d46c7ed14e155e664514499c9e5787391766fd |
| SHA512 | e4a65522eb6d1e23ea48ec452f7e9c9bfa78c7f8875db4dc6168d8f8552913021c3171d4c5268d6ef2f26a8cce59727cb65c6cbda027d7c7599a445797c77049 |
\??\pipe\LOCAL\crashpad_3956_IVLHGWWXIPFTUPGW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 68d283f33f872dee8377f5408ae0b3b5 |
| SHA1 | e6ba9556746db25b1816e27192f825a49139fe93 |
| SHA256 | 2abd06d9f0c78e7c48abe5a7f7e114a2bb6d24d8373c0f4b5b0a2c947ccd984f |
| SHA512 | fd5b0ec6d31b705d67ce30635170db9b9e6a8bd20c6402b6dd4890808e2a06988d9140e515fba383baf03178abab8ab4f586e09c8c1757c755d498d281ee8bd1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2a5352f369da1b760c6df7373797fcde |
| SHA1 | 9dd153f90a3ad7b7a79d7dda769000c9484f98a0 |
| SHA256 | f461a1025e5991d0cfe6c87cb4760073e12f27e08825e96547c6a1abd7c71ee1 |
| SHA512 | 5be02ad27e6844146ddbf11e6c4761842957a466ab7a084317b21dd3ae082550add00da054eda2e03a2dfa279ee0915d50de1c9a57e30b9f77c6497a694fd87e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a42e136231228070ef5e9d86fcca7297 |
| SHA1 | acd6701bb34b7364429e839f5f53fa8108ed1678 |
| SHA256 | 7eee7a74ad577637c144634be0707608433a36700d5cbd392f08f224c9566f3d |
| SHA512 | b1d7fd1e327fe88a39eac9a11c9bce39de213c2805166fd709ee0f7c3af56732a038ec3b86a7be66beefd279be3332d823041547a77fc3ea00757d638c198f05 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b8751774cc1816231903bb38f463d118 |
| SHA1 | bab5a59302f8e291430ea47be285f271f2e37304 |
| SHA256 | f401ae3cfd1932517d6f81d7fd6f41612c70a72d59ae4018416ef945059de6da |
| SHA512 | 5ad067b81fc576bcf2c61545911ad5d94c04ada43c6e53b1c6db3cfe077fde8f9a1af7c64d00dded3526bd6625e91244a847c6ccc1300481a0cf72b6fd89da0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | abdc106dae31b776db7dea38ed1f1197 |
| SHA1 | d878f2355a5317bc33820d395428d6be7dd1631f |
| SHA256 | 63d36efe0eeda7d651fed3045acbac35f97aa60bdaeabe5310371535be1ceec9 |
| SHA512 | 87cee7ed681ae781053a84adf33b105718f30672cdbca00be9942c45a032bd1d00cb937b8c4c3e1edef73d37d9ae302db6bcfd615ba01cc806b37e9b4e4cc6eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 7e1e073710ab8cf10b52e472b6ceee4c |
| SHA1 | 04eb7fd480e7c6af0338a4fcefaa32ae84ecec61 |
| SHA256 | 5321bdb4c5d7fac721134dc54a3a5d2b756d6bffc5a63e165627619e6be5a1e1 |
| SHA512 | 72bd5d6e36ca090568aaba71b663845f09225de5c2f834d9ebb3ce2e76709aaa62f7aa5b9bb86c0ed88f14e67875c6a0f41633ca6c9a7540e8051b99cc5c1d54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 1ecd1199376f5a2ff61ae3742251ab0e |
| SHA1 | 8ff7afde294c9a099bffaa094c8d84b24589315a |
| SHA256 | af63f5347a5e5bb1a89dd044debde6bf8f665d9af0331079038bcffe343fc548 |
| SHA512 | 16caa7c43570b00d8d2dedcd9dfe1a756347f2567a21e5f797764a56ca9dcdafb8eb04e7c56bbe6fb2630b65d9aec1a4d2282f54d6551653a68f226eb6e351f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 26dfa26fb82428ffebae5db8d766bf2c |
| SHA1 | e043cbbe559fd194f83bc547c9fa2574b1d5792c |
| SHA256 | 0804c382a0597b2f8874c545cd26d67868aa4ac50efe11a6b86a1cfb721e4aba |
| SHA512 | 5c1bab434089e94766a83ebd34a0184cc7bf7fc5fe911fc3b59c4e8091e2f67146b12afbec7135966972ff2e10a5c95fa585a3c732ffbfeca45f688c87b613a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | ae8103ba001ac88749ae82b73df3b7f1 |
| SHA1 | acfd7eb8f4c2812455c449f9541d1f74f5c9c3a5 |
| SHA256 | c10c9d030b2f004b43f723412fcfcb53eeb77bc85e23a1aa3364511a08829021 |
| SHA512 | ef573639a2c4381908e5ad7abb05ce4f13d9a6726f76f9d71404d0ed3c6aa5e47d94a8914f4b3c8e9046a6554bb7435f2be5c8fbe0e4c7115a84cda5f65e3874 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 388a560323cbed2d6ba1a75ab92f1a06 |
| SHA1 | 55d2ea30f7f4873fc7c67642ae1220383189abcd |
| SHA256 | 20b1a0730c53435fa5dd0dea5588865d2f7cdda8d5166cbc5186ca4def3e1b21 |
| SHA512 | bde6dc915832be7c8cb763dd0d6ed2f517f2391317c1b0d38c458341433378b317e7b3154b557819bc2ab4a2ff0b4016d617044ab66fffd1fc61168db3cf68af |
memory/7804-494-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7804-508-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7804-520-0x0000000000400000-0x0000000000433000-memory.dmp
memory/7804-534-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 38a63468aa4adc12769946e66b57a669 |
| SHA1 | d0e48809084a349d0c6af13eb83a0948b41c7e91 |
| SHA256 | 81adae4cbc49f30e6278e177a4e35821a4f84834227c76554565832c81169910 |
| SHA512 | d340094af089a3393aea220ba78e4efa6666558fc06d5197cde9d4243c04f1c102b215d6e291e0aba1af3aff11b487d83e784389b600749c97e34149544d2175 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 1c706d53e85fb5321a8396d197051531 |
| SHA1 | 0d92aa8524fb1d47e7ee5d614e58a398c06141a4 |
| SHA256 | 80c44553381f37e930f1c82a1dc2e77acd7b955ec0dc99d090d5bd6b32c3c932 |
| SHA512 | d43867392c553d4afffa45a1b87a74e819964011fb1226ee54e23a98fc63ca80e266730cec6796a2afa435b1ea28aed72c55eae1ae5d31ec778f53be3e2162fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
memory/1824-724-0x0000000000400000-0x000000000043C000-memory.dmp
memory/1824-726-0x0000000074530000-0x0000000074CE0000-memory.dmp
memory/1824-727-0x0000000007F40000-0x00000000084E4000-memory.dmp
memory/1824-728-0x0000000007A30000-0x0000000007AC2000-memory.dmp
memory/1824-734-0x0000000007CA0000-0x0000000007CB0000-memory.dmp
memory/1824-741-0x0000000007A00000-0x0000000007A0A000-memory.dmp
memory/1824-750-0x0000000008B10000-0x0000000009128000-memory.dmp
memory/1824-751-0x0000000007DC0000-0x0000000007ECA000-memory.dmp
memory/1824-752-0x0000000007C60000-0x0000000007C72000-memory.dmp
memory/1824-753-0x0000000007CF0000-0x0000000007D2C000-memory.dmp
memory/1824-758-0x0000000007D30000-0x0000000007D7C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 642ff7b042b45159f7290b375badab07 |
| SHA1 | 560e5c7d6c86bd2e9c7ea07df86247044c3a6a87 |
| SHA256 | 4b679905e2281a5033f8c2bf13ae3b6df7e6c7c0f01553c62725d4b10817aa81 |
| SHA512 | 919d47c930cb9e82f1517bcb3c69da1bc562daba3ff96d8d6022866469d80e25e4668362f7725ec6242e95862a6d6905fbcefbd30dcc2852dfa93809c8bf49b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe582a47.TMP
| MD5 | 2d69d56c4a73ab2a65a8f79de2ef7695 |
| SHA1 | 38974af1f3ba775a3b3d004e2af7409e4f6e9313 |
| SHA256 | 4a3d709054e63a3084d2ff7f5d8fcc95461a3e684608a1008096738e0d6c3da2 |
| SHA512 | 76e983afa6b2fcc15910b0ea4f44a68bdf222f16eef7dd9a79e1885810a417892e9af061d95de0039638e00ee0c3cfd12b42929a019dd6f48c4211fc2b6f5207 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | b61bfa8133e707ab3ba2da9cab782731 |
| SHA1 | aa8ffebb33279f0838ea37984bc7e9a14779326d |
| SHA256 | b8716fe9b722aa7785144a2ee31f00af1f2800d128f5764d8f70b82403123f41 |
| SHA512 | cc3b094ecfb04ca3746155b20689002bd3067bb51775f673bc6548504783d6934871bfba00282ecc702bd964add1b45e59dcfb16fa3675d3cd028046aeae32c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e523c6ea-a195-4e5a-9aaf-659b291498cc\index-dir\the-real-index~RFe583b20.TMP
| MD5 | dd62643000bf23072abac3f8c398cdfb |
| SHA1 | 43132caf1a29d2ac65b00e85b615641b534f0415 |
| SHA256 | f18e9733de20a895dda776f5af003161a9311718992f0f6d7a1d375292b3b52c |
| SHA512 | f69e8c09a07a6ed915bb4b74d7f60e3df61bc43b3a85e6e5ff2235c61c5c909857829c4d00617f01f522ad747f5bb3b1cf941ba5b8801af77a22b9a5a3c25484 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e523c6ea-a195-4e5a-9aaf-659b291498cc\index-dir\the-real-index
| MD5 | af76aa6a86f25937bc471c2ed3343c61 |
| SHA1 | 07915ce6519dcb785337472b06f85b8b89eceab2 |
| SHA256 | eaaf2443e08490d20baa327b7315d2844490618fd71f18281ab14e11d4b3dd82 |
| SHA512 | 928c81688e004319ab71dd5c5e6ec4ba2b642223dd393458bf84ce311d59981b5f33e509f221362009fc40ab3e8bda065c262e07d4612f7714ca5cf084639e71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d7bf75d8a2c716504ce5c3e2ea52f49f |
| SHA1 | 37fe4e8aea4e05e35d34e2de8963405b14cf1cec |
| SHA256 | 5a6db1a8d5a4293830e06cc50d4540d76aa26df96d2c0b2a825cb89f7ba1507e |
| SHA512 | be510d912049e6cef4458dcc943f11ce0bcd45c6be2ff51df01110f3323d8f3edd18f67cca9870807c5abd3116401d2aeff60506ccde6d9c6dd4d6dd62d573ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe583da0.TMP
| MD5 | 64691a697a3b7613638557321b24d1b9 |
| SHA1 | 4ec38ff1951690d2f6ff48ebd67c6258a4d6d4ec |
| SHA256 | 1e752f532abb9361cba2c71bfa403d66608951eb53e6f9d2d9b1de232b521816 |
| SHA512 | 960cb3c1ef9ac2dbc47fd8e163f4df1cdc1861a8919877d3a287d21b45a0b44b8a7b92369c92c97c48989f2dddec2619de678d842ce1869769df35261c775e21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ccb6cb46-54d5-404b-902a-94763b2db2a7\index-dir\the-real-index~RFe584159.TMP
| MD5 | cc956fd3024491c25dd221e5142fd255 |
| SHA1 | 512e65d9c0d1618a7098ac3b3519da3ed6ba7897 |
| SHA256 | fb459a1f1da2462d6a8865b850e7a47b4cf3576d45d2c44acd1328f6e0e9d770 |
| SHA512 | 95a80366f88cbd4a8a872b2d832fe9c205c1659f38715175a249f1ad7066b72c619f81da21e00f68298c8d572f1af4197decb2c17a31317674577c607075e15a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ccb6cb46-54d5-404b-902a-94763b2db2a7\index-dir\the-real-index
| MD5 | 78dc4dc050af15e20effa5801e754ba0 |
| SHA1 | 785f8264f9e1e3785cb2db68beb27023b598398f |
| SHA256 | fa1088524754812aa363a2384baac06d86c053926a7a9737a3ab2543759729a6 |
| SHA512 | 4f686573bb7fab8db92835f4e554c8267d803ad927c88db9a5b48719f77d48c73701814a6f29039f890e7433f27e096acd25bb1c96e9a9f9349c63770cfc74eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 3c530380eefdf9a91427d22b68f1e38a |
| SHA1 | 4e04c637e322a6cad9f970b7c3b08ab2fa8ee701 |
| SHA256 | ab0accaae1986d1906c0700fdb7fda8ca8346027157b645df962a945cee7fc21 |
| SHA512 | 1a09d6fd3a3c35153ffc9ebf66a810fdc4bf4f44af18880d4bb950f0dd640d16c3b33b6b2e21d60aa06a097ecaa8e98595da54dc83baee2325eea95848b6b876 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2960c92abc8e6544d4598443f80037e8 |
| SHA1 | ce7cf78d964c1ce3486e8cf21c2d526cd725963e |
| SHA256 | 174eba0bc51dc66495aebde3db9204633302a770752a691415b278c6774d64e8 |
| SHA512 | 947f52397bab980d62f0b623564c9a1697a8beace8c402a71ea48bc06f4875bb2723c0498435bd72b41a8d1dcdad73a83e3666eae7b86daf9c7f55fc1d5e0620 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | 7d75a9eb3b38b5dd04b8a7ce4f1b87cc |
| SHA1 | 68f598c84936c9720c5ffd6685294f5c94000dff |
| SHA256 | 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7 |
| SHA512 | cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
| MD5 | fdbf5bcfbb02e2894a519454c232d32f |
| SHA1 | 5e225710e9560458ac032ab80e24d0f3cb81b87a |
| SHA256 | d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c |
| SHA512 | 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916 |
memory/8524-960-0x0000000000400000-0x0000000000488000-memory.dmp
memory/8524-962-0x0000000000400000-0x0000000000488000-memory.dmp
memory/8524-963-0x0000000000400000-0x0000000000488000-memory.dmp
memory/8524-966-0x0000000000400000-0x0000000000488000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
| MD5 | 4e08109ee6888eeb2f5d6987513366bc |
| SHA1 | 86340f5fa46d1a73db2031d80699937878da635e |
| SHA256 | bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339 |
| SHA512 | 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 84b450461b76662f7903f30d69630a62 |
| SHA1 | a87e6f55325d3f8a3e6181268fabd1f80549cd6b |
| SHA256 | b2e77592d92565780386e60e83b72bf05c3d02eb83d3d1f4f1c41b4c1ecc619b |
| SHA512 | a79393ffc977c2ad2f369116d35102a2483982a7b0a9551533d93ccda4f6058312407a1e3bb23ee10df06c6258f2a955dfcebc95f5dbf66caef56d8dea475059 |
memory/1824-1116-0x0000000074530000-0x0000000074CE0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f
| MD5 | 740a924b01c31c08ad37fe04d22af7c5 |
| SHA1 | 34feb0face110afc3a7673e36d27eee2d4edbbff |
| SHA256 | f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0 |
| SHA512 | da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c |
memory/1824-1136-0x0000000007CA0000-0x0000000007CB0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | aaaa1689fdea80b3e328dd22654752e6 |
| SHA1 | 6d0f8ce12578d5a75d50aecb57f58baaeb592b42 |
| SHA256 | 4104a67eb66101e1a8ca62e362680412a7a2cb0695bed9830ca575965cfbd753 |
| SHA512 | 3463197a0e48c0f69520ae00395ca7ed9f7f034f724724f9ba4f5010d97d305db0ad62d959d3af00da4fc415f27f05ef582a1df467f4a9a89863e91ec530b492 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\cf79b7bf-08fe-4e02-940e-1c5b3c4ff245\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 3aafd8ed464d48ca5cf7794541360623 |
| SHA1 | a3dcfdbb2193717df6fe41e893840e014ab50ace |
| SHA256 | 3177584574ea33c14c77fa883cfb859685f55c0d3bdd2c64a6aec2f99f2b51a2 |
| SHA512 | 2475763933722168cd857b51abe40caccb0f6e34423dc5474f4eb16d36e082bfbd11806d7858c72981b440418ea166d3355e3016d57c897a67986559e37cd0b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe588f5a.TMP
| MD5 | 7414d0581ee9f77914f8051281001198 |
| SHA1 | 1564ca3839741eee069e57af35d763847f377008 |
| SHA256 | 647ab9d022fa7a1341f9794ce82cabc37c22123f7cd840d63a63552c4f9a0bb2 |
| SHA512 | 6159e2dd6128378807e629318f59720e6e20e01caf0ea27a22dd7da08b99f4c35819e0cdb542cee09de8025c5a2887deae39947f8d9f9745e4be0fd661fd63fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3916b35edf8429fd456289e6178746ad |
| SHA1 | 96c8da0376cbafe06f9e3139433fac533d45db03 |
| SHA256 | 850ed5b201a6396d2f2b30b4b72acd1bc8e5874b132b259f186c552a45eb1cd4 |
| SHA512 | 4d63bb39bc4f368910bb741848d2137214a0e5194c5e89270f74fd40f3c7d04197cd8bc87612cad73bdabcc1abf09e4968cbe58cc6e68d0894414f0af4bd465e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 04046649ef4acb78fe7e7a26a1fb123a |
| SHA1 | 23c20f152f27873543ed1ede76d8c04ceec0e5cd |
| SHA256 | a0c413512becc494f26ad721df06a63ac0748d58975536ddc816bfa2bdc8154c |
| SHA512 | dc421311f5ad8e3a2af6c5d77fe8837d259294eed08d2174cc573a71febede91ef771689dc1ec54dcc7029ba6d260a091ca85791bd9456f8136feec13856d0a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | f52fd20e28dee464251e1c8261acc8e0 |
| SHA1 | c8cdc82af0140f1288f81f987648a8b811babef7 |
| SHA256 | d9627c88825ad77befdf6af38a6368c7e0c21413fde64b8f5f030c46eb0b241a |
| SHA512 | 2d2bd084c6a99b859b5f63d7f93aa4bf77a477a1546de9d8e0a3889c4b2757ac5186b9efe110ab6705279cd6848741900cc4d90f234b772688ac03b17f9c64ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\d73932ef-f8f4-402b-8845-34b1f0c27404\index-dir\the-real-index
| MD5 | eb90d346b459e9676f72364604c4a72c |
| SHA1 | 82b2872a32d15acaaa2122d764ccb8b90ac1cf35 |
| SHA256 | dc7e82a64e557ecf68e065e0fa32466aab975963a4019331adaa21aba686d554 |
| SHA512 | eb319d90278492d83a801f96c26fa75e97f7c9feb4bbea11655a162deb42c3b06e33ad1c42c10d4e541aa193690c0a1e6dcf0f2310773001aaaca5d815c37d2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\d73932ef-f8f4-402b-8845-34b1f0c27404\index-dir\the-real-index~RFe58e70f.TMP
| MD5 | 1f3d9702a863af454aa99560970885eb |
| SHA1 | 3ebc9b18d9a70c3c2ef666c1b1fbdd8b5f4a9704 |
| SHA256 | 40a764bac254b7e391f56db161ceb33e123cf2b24a4550d903c146b662c7c6d0 |
| SHA512 | 2fb1111fa02bdfaf5d5e19225a5c9fad61817e060ac854e103133ba117709e7f1ab504280fc748778249033cffa822445d5e189a0e6db83764cbc6679c13c746 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c84500f7712bb1c8047f1b62d7610770 |
| SHA1 | cebdeaed08d361713f024ddce3fb2a018b8dd4b7 |
| SHA256 | a7614e6951ff124c506e328a6a78a41abc5509a26bd73bf15baebeba4aeec874 |
| SHA512 | d3e48397c48d06690b50060547d3871863fb31f4224b253eb13e2f3b18a97f8b63d507c7f1418100f6487e54319c05ed181b620908d225940e3ad3473e79c5db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 017199b8fd6fe9ecb655c2606fc5b9dc |
| SHA1 | 4a52cba501b4b845e46e235d3dcaa1d92a31de7f |
| SHA256 | c627a375b07fcbb3e3d3db0eca06d9089cff5e89f27d8474c394404c0ba470a3 |
| SHA512 | c136b9b4c1e4a14f7afe5913de793c722e07bde77625d1f8c915379860454d59d7b1ffc7ef8599d2beb19feaa5f2642768c700f19238394c7bc0773a5932a08a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 24518831ed2b4fb35b557744a40f6016 |
| SHA1 | f07dc35e94b1f6ac9f70bc9124add2023efa93f8 |
| SHA256 | 84fd977f8a2550f9dc9ce9b7f9d8a712efebe2dd1bd76a6dc617b415aae0cbd9 |
| SHA512 | 85bf485457cae0007fad4593e2ba073966cf89ec435856a13180fa82ad64d8c22437a307dfe5a42e49783c3226bad1892a298ca2cfb0824aa6103814b54a4921 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | acc9679e9a272a91ccfbb0b66159ec97 |
| SHA1 | 2b7454cd8b916c1c2f61c2c758e82826698775ed |
| SHA256 | b7132c5ac2787646c6e1e84f69e29ad7bda2c41e8e5571f9d4ca3471202f8e25 |
| SHA512 | 6b3ec8d1a5691e4a57525888cfc27a412b7a4c9340e35d2efdddc11c6aa711b10ec0d3b1bc7232d289f6ea4425821aabe394ca09f8300f33c95e2a32533180a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\cf79b7bf-08fe-4e02-940e-1c5b3c4ff245\index-dir\the-real-index~RFe595f1e.TMP
| MD5 | ed9c9279326bd4a0370d0342c13b5ec8 |
| SHA1 | 01fa1c25b2df44a57f986e9b556dd16486d2512d |
| SHA256 | c6c2a38367ff5f411fee26f3dd3881137ac31e8b20246f547e8810f82f9e73ec |
| SHA512 | d72c2e6159d5478e0aee8c4712f4f13f448895d1ca6e11f4cc489da61edfafad04caa20f77f02e25eb929d12b078fd56c9f378a9162380b3a5248af5feccb299 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\cf79b7bf-08fe-4e02-940e-1c5b3c4ff245\index-dir\the-real-index
| MD5 | 910af7eabd3ca9cec90197070b1c8c52 |
| SHA1 | ed210d53d8f906a76f9727ae3f390dfd63186345 |
| SHA256 | 1e352ba075c7b16640f3491d224d21d09fb5f7a2216aea33f7052f8ea8dbbe6a |
| SHA512 | 046e068304eee60bf10b6a335159a302d5db7fb990fde99a7850a9d6a41e4d1b7a95029c99892e9164dc05a7e364621cc90630fd591d9b64ab22bd1d78fdc285 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 6492557229f3d6f18a126007e6011e9c |
| SHA1 | 55bf3a43b478850d6de45d424ae5e55d423986a1 |
| SHA256 | a2af5637d1afc795379982c17bbef010e253b06f424802ee96598d796e584820 |
| SHA512 | 157da4a7011ca319d3e02f7a6b07cb8dc09fd8ad424141d24ebd78ba82388588d190117647f69d5550f4b4a7d89e3a31f517117cb06d99144b0dc381424aae95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 2366f4bbfafb4cb1cac21c15c1b5e74f |
| SHA1 | ccbb5850df07d4297d7e097c4b691833b26c1672 |
| SHA256 | 0d1e71b13012f0618437c67f46ed3419f89164c34065fd037bb762fb147f0794 |
| SHA512 | 814173fa0b41cb221978a831e0163925db7f9de1036105d31899d0552ef0e0e3959fd8b85ed8d2183bbd539404c6a8a816d7bd8003db4d70d1450f8185da95ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 709bd9bdc8a7a5ab766ea83283e0b03f |
| SHA1 | 615dbaeb2a92c3aea4ea663f2136f6db545add87 |
| SHA256 | ca9d103bb4cbc8094fd03ec590f21f5fa1cb500a4e88b0c0cf4df2961f5b5a90 |
| SHA512 | 5d007bc13a28f1d52758cb493bf43662bf36d91ada505ae4b790fb7201b292c64b2fa7ea503859663bebef00f11eed359053b1358cb9c4bbdf2211de94e15fbf |