Analysis Overview
SHA256
e073d13582d3087a8c983ff36b39ceb0e9ed136bbef1177a54c227fa242ef0fd
Threat Level: Known bad
The file NEAS.e073d13582d3087a8c983ff36b39ceb0e9ed136bbef1177a54c227fa242ef0fd.exe was found to be: Known bad.
Malicious Activity Summary
Detect Mystic stealer payload
Mystic
RedLine payload
RedLine
Executes dropped EXE
Adds Run key to start application
Detected potential entity reuse from brand paypal.
AutoIT Executable
Suspicious use of SetThreadContext
Program crash
Unsigned PE
Enumerates physical storage devices
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-11-11 10:33
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-11-11 10:33
Reported
2023-11-11 10:36
Platform
win10v2004-20231023-en
Max time kernel
179s
Max time network
199s
Command Line
Signatures
Detect Mystic stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Mystic
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\yF6Qa39.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1NC90mT7.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2wg2319.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3PM41Mj.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\NEAS.e073d13582d3087a8c983ff36b39ceb0e9ed136bbef1177a54c227fa242ef0fd.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\yF6Qa39.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 5036 set thread context of 5164 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2wg2319.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 5332 set thread context of 2580 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3PM41Mj.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\NEAS.e073d13582d3087a8c983ff36b39ceb0e9ed136bbef1177a54c227fa242ef0fd.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.e073d13582d3087a8c983ff36b39ceb0e9ed136bbef1177a54c227fa242ef0fd.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\yF6Qa39.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\yF6Qa39.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1NC90mT7.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1NC90mT7.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fffaf5946f8,0x7fffaf594708,0x7fffaf594718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fffaf5946f8,0x7fffaf594708,0x7fffaf594718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x16c,0x170,0x174,0x148,0x178,0x7fffaf5946f8,0x7fffaf594708,0x7fffaf594718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7fffaf5946f8,0x7fffaf594708,0x7fffaf594718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fffaf5946f8,0x7fffaf594708,0x7fffaf594718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fffaf5946f8,0x7fffaf594708,0x7fffaf594718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fffaf5946f8,0x7fffaf594708,0x7fffaf594718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fffaf5946f8,0x7fffaf594708,0x7fffaf594718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1932,7421043821842122583,15673374230778399018,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2928 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1468,2603811918439076716,1420930388122816401,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1468,2603811918439076716,1420930388122816401,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1932,7421043821842122583,15673374230778399018,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1984 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fffaf5946f8,0x7fffaf594708,0x7fffaf594718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,12406962206285035423,5515029870883354001,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,12406962206285035423,5515029870883354001,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,15947018502611170114,7768980703982231518,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,15947018502611170114,7768980703982231518,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,849682769903671787,11799346992942837222,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x140,0x16c,0x7fffaf5946f8,0x7fffaf594708,0x7fffaf594718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,14924406495323439535,13683565586156338122,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,14924406495323439535,13683565586156338122,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2372 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,18108500898114498557,14312405317780543320,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1988 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2wg2319.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2wg2319.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6908 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6208 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6208 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7736 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 5164 -ip 5164
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5164 -s 540
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3PM41Mj.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\3PM41Mj.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5164 -s 540
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7804 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,4171102148382426187,1037293821753630143,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8436 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.136.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.208.79.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.1.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | 176.240.123.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.128.231.4.in-addr.arpa | udp |
| US | 104.244.42.65:443 | twitter.com | tcp |
| US | 104.244.42.65:443 | twitter.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.42.244.104.in-addr.arpa | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| US | 23.21.113.241:443 | www.epicgames.com | tcp |
| US | 23.21.113.241:443 | www.epicgames.com | tcp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 8.8.8.8:53 | 101.0.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.49.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.113.21.23.in-addr.arpa | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 113.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 172.217.168.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 104.244.42.66:443 | api.twitter.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 93.184.220.70:443 | pbs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 104.244.42.69:443 | t.co | tcp |
| US | 68.232.34.217:443 | video.twimg.com | tcp |
| US | 8.8.8.8:53 | 160.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.72.252.171:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.34.232.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| NL | 157.240.201.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| US | 157.240.5.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | 35.201.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static-assets-prod.unrealengine.com | udp |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| US | 44.214.245.214:443 | tracking.epicgames.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | 22.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.245.214.44.in-addr.arpa | udp |
| US | 192.55.233.1:443 | tcp | |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | c.paypal.com | udp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| US | 151.101.1.35:443 | t.paypal.com | tcp |
| US | 8.8.8.8:53 | 227.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.1.101.151.in-addr.arpa | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | udp |
| US | 104.244.42.66:443 | api.twitter.com | tcp |
| US | 104.244.42.66:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | 85.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 8.8.8.8:53 | b.stats.paypal.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | tcp |
| US | 64.4.245.84:443 | b.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | 2.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.245.4.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | 158.240.127.40.in-addr.arpa | udp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.169:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | dub.stats.paypal.com | udp |
| US | 64.4.245.84:443 | dub.stats.paypal.com | tcp |
| US | 8.8.8.8:53 | 169.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c6.paypal.com | udp |
| US | 151.101.1.35:443 | c6.paypal.com | tcp |
| US | 18.239.36.22:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | rr5---sn-q4flrn7r.googlevideo.com | udp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.171:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 106.165.85.209.in-addr.arpa | udp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| US | 8.8.8.8:53 | talon-website-prod.ecosec.on.epicgames.com | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 172.64.146.120:443 | talon-website-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | 120.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | talon-service-prod.ecosec.on.epicgames.com | udp |
| US | 104.18.41.136:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | 136.41.18.104.in-addr.arpa | udp |
| US | 104.18.41.136:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.218.90:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | 90.218.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
Files
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\yF6Qa39.exe
| MD5 | 9628ea8a361ee0f8ba955ec457832f93 |
| SHA1 | 989a7d507bdeaa1876bc827e524ec9af98c61a13 |
| SHA256 | b1eda07c5b92062f8cc2f54bb0573f217bcdd0ad4b761c4573a01ddbd96392ad |
| SHA512 | 88a2932714dddc51d36905e3d33ddf14bbadf1c2968225dd608658a4dcc36e9d5f4040fd600f3a805b5b789d2b5b5f0654284d77213d68c887e53c4569d77c64 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\yF6Qa39.exe
| MD5 | 9628ea8a361ee0f8ba955ec457832f93 |
| SHA1 | 989a7d507bdeaa1876bc827e524ec9af98c61a13 |
| SHA256 | b1eda07c5b92062f8cc2f54bb0573f217bcdd0ad4b761c4573a01ddbd96392ad |
| SHA512 | 88a2932714dddc51d36905e3d33ddf14bbadf1c2968225dd608658a4dcc36e9d5f4040fd600f3a805b5b789d2b5b5f0654284d77213d68c887e53c4569d77c64 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1NC90mT7.exe
| MD5 | 1e8bee3d1a2a3eedef8e5caae368d0c9 |
| SHA1 | 39fb5620fc8a707ed58a74cfe2331c80446ff657 |
| SHA256 | 14c71698d2c65ef6d4fe36fa48b3408919b57ee2e8dbf4fa116c6bf84c277840 |
| SHA512 | c242e9d138fb0fdc21b2f2382315cbad6b97e9f4a97eba576899ab6ce20c8256cd3a8d545be9dc3920ba13d88a58831ca3d86dcb7c0a7245c224e0dbba930256 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1NC90mT7.exe
| MD5 | 1e8bee3d1a2a3eedef8e5caae368d0c9 |
| SHA1 | 39fb5620fc8a707ed58a74cfe2331c80446ff657 |
| SHA256 | 14c71698d2c65ef6d4fe36fa48b3408919b57ee2e8dbf4fa116c6bf84c277840 |
| SHA512 | c242e9d138fb0fdc21b2f2382315cbad6b97e9f4a97eba576899ab6ce20c8256cd3a8d545be9dc3920ba13d88a58831ca3d86dcb7c0a7245c224e0dbba930256 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | df4fb359f7b2fa8af30bf98045c57c44 |
| SHA1 | 6d507359e1fd5be8f7c01fd4b291f81cf9561378 |
| SHA256 | 5ff7efcd90db74ff5a6fa467ba741889306ce510b95db8ebd3d5d292dfe587cc |
| SHA512 | 92195f5fe36acb84ce5aeedf8654c2ec1d71ebde1e04a5dbce11df2831c3e085c0cd7132ed2c4bddcc3fd1e546c06021dbe5b7364e86054e6cbd6806e7be0463 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | df4fb359f7b2fa8af30bf98045c57c44 |
| SHA1 | 6d507359e1fd5be8f7c01fd4b291f81cf9561378 |
| SHA256 | 5ff7efcd90db74ff5a6fa467ba741889306ce510b95db8ebd3d5d292dfe587cc |
| SHA512 | 92195f5fe36acb84ce5aeedf8654c2ec1d71ebde1e04a5dbce11df2831c3e085c0cd7132ed2c4bddcc3fd1e546c06021dbe5b7364e86054e6cbd6806e7be0463 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | df4fb359f7b2fa8af30bf98045c57c44 |
| SHA1 | 6d507359e1fd5be8f7c01fd4b291f81cf9561378 |
| SHA256 | 5ff7efcd90db74ff5a6fa467ba741889306ce510b95db8ebd3d5d292dfe587cc |
| SHA512 | 92195f5fe36acb84ce5aeedf8654c2ec1d71ebde1e04a5dbce11df2831c3e085c0cd7132ed2c4bddcc3fd1e546c06021dbe5b7364e86054e6cbd6806e7be0463 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | df4fb359f7b2fa8af30bf98045c57c44 |
| SHA1 | 6d507359e1fd5be8f7c01fd4b291f81cf9561378 |
| SHA256 | 5ff7efcd90db74ff5a6fa467ba741889306ce510b95db8ebd3d5d292dfe587cc |
| SHA512 | 92195f5fe36acb84ce5aeedf8654c2ec1d71ebde1e04a5dbce11df2831c3e085c0cd7132ed2c4bddcc3fd1e546c06021dbe5b7364e86054e6cbd6806e7be0463 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | df4fb359f7b2fa8af30bf98045c57c44 |
| SHA1 | 6d507359e1fd5be8f7c01fd4b291f81cf9561378 |
| SHA256 | 5ff7efcd90db74ff5a6fa467ba741889306ce510b95db8ebd3d5d292dfe587cc |
| SHA512 | 92195f5fe36acb84ce5aeedf8654c2ec1d71ebde1e04a5dbce11df2831c3e085c0cd7132ed2c4bddcc3fd1e546c06021dbe5b7364e86054e6cbd6806e7be0463 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | df4fb359f7b2fa8af30bf98045c57c44 |
| SHA1 | 6d507359e1fd5be8f7c01fd4b291f81cf9561378 |
| SHA256 | 5ff7efcd90db74ff5a6fa467ba741889306ce510b95db8ebd3d5d292dfe587cc |
| SHA512 | 92195f5fe36acb84ce5aeedf8654c2ec1d71ebde1e04a5dbce11df2831c3e085c0cd7132ed2c4bddcc3fd1e546c06021dbe5b7364e86054e6cbd6806e7be0463 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
\??\pipe\LOCAL\crashpad_532_KZPVHOBYNSHMJKQQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
\??\pipe\LOCAL\crashpad_4872_WCFPWQCORSCVIEPG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_1924_UQXRGWFHYISGFEWA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
\??\pipe\LOCAL\crashpad_760_CMGUIUBSQCVEHZEA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
\??\pipe\LOCAL\crashpad_3456_FIZEMNYQXLHHOFTX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 749fc613848dfebb209a7ff75f4f11ed |
| SHA1 | 068a184978a86b237b7d722cd67f38179c5be4d0 |
| SHA256 | 01061378a284a9d1108e9521b251d5f652a1183f1600ba723a185bb06ccfee46 |
| SHA512 | 85bdadc38ed06ce51a1a1049d92a330ff066f5a64f9ebcb79713a4b5a06eadc4941aca0edffbee57bf4d935a892d360d8959a57f9a33c7a1541d0d78fa78546b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 749fc613848dfebb209a7ff75f4f11ed |
| SHA1 | 068a184978a86b237b7d722cd67f38179c5be4d0 |
| SHA256 | 01061378a284a9d1108e9521b251d5f652a1183f1600ba723a185bb06ccfee46 |
| SHA512 | 85bdadc38ed06ce51a1a1049d92a330ff066f5a64f9ebcb79713a4b5a06eadc4941aca0edffbee57bf4d935a892d360d8959a57f9a33c7a1541d0d78fa78546b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1b90c21689c0111d1f2b899b647587cf |
| SHA1 | 626f9220cdb5fc49556836940b675d7d00c501fc |
| SHA256 | 10777d9a09502e38af3c6a3c24e18b7e35f65131f693fde628a50cf5270c91bb |
| SHA512 | 9d20b50b6e69c31d8d5e7c922ec42a556b42b47b34fb80e713f45a1a425f0bb9c42f509f53a983f4a984befcf01cf591913ae38fd74ea4b200090acbd1e50f7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 29f210b03c9b1b27060428c60df65526 |
| SHA1 | 837dfaea59243af4bc840118f5e1de84dc2c1026 |
| SHA256 | e06abb6166342a49dd6aef29cb370ba5675b81490c19cce65e46f72af9f40c4c |
| SHA512 | 20f40638956a4d14dc7e96f1574c96c7825955f7694cb2ae6bc6622752d9853ab3888e92582aa317449d133e94ca3661343e44376a4bbeb25a09f7ca2f3c6c50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d2ec8f885c57b27e505d49551b3e1044 |
| SHA1 | a4aca4ea96758789053b29a37595a643ea76930d |
| SHA256 | e4f75bbce744cbd6a8a8a883850ea7b6195b752d39d7d093e2640444120e6fea |
| SHA512 | 35238208da6f19dba661f354ede24777a8b129a632faa53cafb4a978efcd26e6a4973de0ffe4b146367319341e5303e8a5a145f8fc0931b1b391c4b6bb108d23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d2ec8f885c57b27e505d49551b3e1044 |
| SHA1 | a4aca4ea96758789053b29a37595a643ea76930d |
| SHA256 | e4f75bbce744cbd6a8a8a883850ea7b6195b752d39d7d093e2640444120e6fea |
| SHA512 | 35238208da6f19dba661f354ede24777a8b129a632faa53cafb4a978efcd26e6a4973de0ffe4b146367319341e5303e8a5a145f8fc0931b1b391c4b6bb108d23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1b90c21689c0111d1f2b899b647587cf |
| SHA1 | 626f9220cdb5fc49556836940b675d7d00c501fc |
| SHA256 | 10777d9a09502e38af3c6a3c24e18b7e35f65131f693fde628a50cf5270c91bb |
| SHA512 | 9d20b50b6e69c31d8d5e7c922ec42a556b42b47b34fb80e713f45a1a425f0bb9c42f509f53a983f4a984befcf01cf591913ae38fd74ea4b200090acbd1e50f7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 650cdae692aa8d134eb959a53e178c2f |
| SHA1 | c0ea1d098c09869f589caf650faaa2a38c7a3006 |
| SHA256 | 1d2eb062c62b770d73780c7d34e85e4b74e55ab43ac4bd0e1ce3288166d2ac8c |
| SHA512 | 15b6f6e5f4c468415d141399fbf5ab945cff2145e5b8acc086c21da95cdeead0b22855e86f7cfea855b4742a8e935ae86acd1a01a7614eddd08e79fff25fada3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 650cdae692aa8d134eb959a53e178c2f |
| SHA1 | c0ea1d098c09869f589caf650faaa2a38c7a3006 |
| SHA256 | 1d2eb062c62b770d73780c7d34e85e4b74e55ab43ac4bd0e1ce3288166d2ac8c |
| SHA512 | 15b6f6e5f4c468415d141399fbf5ab945cff2145e5b8acc086c21da95cdeead0b22855e86f7cfea855b4742a8e935ae86acd1a01a7614eddd08e79fff25fada3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\11c7ec31-9f03-4ac1-b5f9-9984c14591c0.tmp
| MD5 | 7fd9acce2dbd6b618ccbb4bfb8fa33c9 |
| SHA1 | 1ee575e38d0bbf0b82c3dff9753e76cd0ca36e0d |
| SHA256 | 62ef20af2ab712d50f0cf0e33378e49993ea868073c24d0c700789699eb98101 |
| SHA512 | 5a9fb136976dbcaa0beb9ae21db28b190379e3ff863674824e12df0283d5977c27a5549c71b30602aae9348d51f62863ef1ac12f88a9ae1ca7d8149043461116 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 29f210b03c9b1b27060428c60df65526 |
| SHA1 | 837dfaea59243af4bc840118f5e1de84dc2c1026 |
| SHA256 | e06abb6166342a49dd6aef29cb370ba5675b81490c19cce65e46f72af9f40c4c |
| SHA512 | 20f40638956a4d14dc7e96f1574c96c7825955f7694cb2ae6bc6622752d9853ab3888e92582aa317449d133e94ca3661343e44376a4bbeb25a09f7ca2f3c6c50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7fd9acce2dbd6b618ccbb4bfb8fa33c9 |
| SHA1 | 1ee575e38d0bbf0b82c3dff9753e76cd0ca36e0d |
| SHA256 | 62ef20af2ab712d50f0cf0e33378e49993ea868073c24d0c700789699eb98101 |
| SHA512 | 5a9fb136976dbcaa0beb9ae21db28b190379e3ff863674824e12df0283d5977c27a5549c71b30602aae9348d51f62863ef1ac12f88a9ae1ca7d8149043461116 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 84df16093540d8d88a327b849dd35f8c |
| SHA1 | c6207d32a8e44863142213697984de5e238ce644 |
| SHA256 | 220f89151a0f978b8bbe338b937af90417ae8c17b72a53f2acea7be2ac171a8c |
| SHA512 | 3077ccda8f86f47c41978d6cbb1dcad344e36f236251c8fd8c58d1c48a59106aecfdbe306357b7ebcfe3300bec8ea10ee0e59434c799e8c40e40e6c3c1bd4098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 29f210b03c9b1b27060428c60df65526 |
| SHA1 | 837dfaea59243af4bc840118f5e1de84dc2c1026 |
| SHA256 | e06abb6166342a49dd6aef29cb370ba5675b81490c19cce65e46f72af9f40c4c |
| SHA512 | 20f40638956a4d14dc7e96f1574c96c7825955f7694cb2ae6bc6622752d9853ab3888e92582aa317449d133e94ca3661343e44376a4bbeb25a09f7ca2f3c6c50 |
\??\pipe\LOCAL\crashpad_1076_SIOGTHBBFKCHFTVY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 749fc613848dfebb209a7ff75f4f11ed |
| SHA1 | 068a184978a86b237b7d722cd67f38179c5be4d0 |
| SHA256 | 01061378a284a9d1108e9521b251d5f652a1183f1600ba723a185bb06ccfee46 |
| SHA512 | 85bdadc38ed06ce51a1a1049d92a330ff066f5a64f9ebcb79713a4b5a06eadc4941aca0edffbee57bf4d935a892d360d8959a57f9a33c7a1541d0d78fa78546b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 650cdae692aa8d134eb959a53e178c2f |
| SHA1 | c0ea1d098c09869f589caf650faaa2a38c7a3006 |
| SHA256 | 1d2eb062c62b770d73780c7d34e85e4b74e55ab43ac4bd0e1ce3288166d2ac8c |
| SHA512 | 15b6f6e5f4c468415d141399fbf5ab945cff2145e5b8acc086c21da95cdeead0b22855e86f7cfea855b4742a8e935ae86acd1a01a7614eddd08e79fff25fada3 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2wg2319.exe
| MD5 | 5982cf7eb0d84f4c543f4b622ea8bf15 |
| SHA1 | acf9c2857e9b9c49a3cef3d44e19f530f9e221cf |
| SHA256 | c331a3c08198604a35a60ead908757d49866f88ef2f32658bf024584261b144f |
| SHA512 | 90f8f0911a01ac04b20dd849d908d222d202301d599f5960c60f6021c726b2ddc0e65badbce302d7a667ee3e35ee0e0b6f65119c742fc04224388d65edb60d96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
\??\pipe\LOCAL\crashpad_1228_QUDIRNWZTOGJCQIH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0cc8bbfa69d7090395b8566ff6ef6986 |
| SHA1 | b79a406f702d968973acee39b88638b1f6f958bd |
| SHA256 | acd1cbfe4844b5c7214770c6d41e0636ce98f4da6c7de16e3257906aec24753b |
| SHA512 | 6883ed40e400528709969b7f780411082083950493beb19aa4f28530a1b615406898f47d5541f668fc0d83941f03af5e2a0027e7afc928f163c0f7fb2d89f025 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\634926b9-10b9-42d5-9102-eb8a14d07f5d.tmp
| MD5 | 7ae2f1f1820a5c85f2bad365d37297c7 |
| SHA1 | d63d1429c15b32399686493f30050e0e237c2f47 |
| SHA256 | 77d49adddd47dfd617277d8dd0a2388752f0cb08cac5f3b1f7e25548d1721e80 |
| SHA512 | 0d738beb072720be69a4c570005fe7bb5fb080d8b496d937c2d7c48db3a92ea740ad30d0d70cb71a904d05a78c4eee6f266433c2c5150590ad99494ef7c27522 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2de21236a4d701c553b04a7ca49f8792 |
| SHA1 | 838ef4841c398828c8f10d87a61dd3c061661998 |
| SHA256 | cbc032d9a1b6a1a8ba041a7463b04f8a3e22ab9f5f2428f84a9c68f8657d1a20 |
| SHA512 | b4c9175ac10b2aa38f422e864d9b5ecfa85da5ae734576dec50a3cab04345617ea27d0e1289a3c558f52e295edf5e399aae9071933cb25c894eb1516bd1374da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2de21236a4d701c553b04a7ca49f8792 |
| SHA1 | 838ef4841c398828c8f10d87a61dd3c061661998 |
| SHA256 | cbc032d9a1b6a1a8ba041a7463b04f8a3e22ab9f5f2428f84a9c68f8657d1a20 |
| SHA512 | b4c9175ac10b2aa38f422e864d9b5ecfa85da5ae734576dec50a3cab04345617ea27d0e1289a3c558f52e295edf5e399aae9071933cb25c894eb1516bd1374da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1d5167c821fe7eb2260fc317971f1da0 |
| SHA1 | c6919a178781e98f6c67a060d1c2726dedea4803 |
| SHA256 | 05d3706c9734d58ca818a99a7e60394c01519d50b939b7c1fedcd33ad4532d7c |
| SHA512 | b3c60776e36527764cb7367ae12f62cd4d4e4dfd19843445a3acb5345eb789dce66194c3c03ea2041bdf798fa1f0b369c21b1362a6bb498b0875ccd006c9d6a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
memory/5164-488-0x0000000000400000-0x0000000000433000-memory.dmp
memory/5164-499-0x0000000000400000-0x0000000000433000-memory.dmp
memory/5164-500-0x0000000000400000-0x0000000000433000-memory.dmp
memory/5164-502-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7311dce118ca1f06c0b90256850cc476 |
| SHA1 | 96e3ceca09deee207eef21ec7bed7948ec90d03a |
| SHA256 | 7c938d1a3c28eeb2a9e9bc573949739b080d10edde63fa4bac542acec366d356 |
| SHA512 | 7d5896922e999ffe89a789ba71cbe41bf736843cf8959683c3de908a9ec7bcdb627bcbdc4412f9aba0f9346c5e85904075fb5989897ee827e804254a54c6ee76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 918ecd7940dcab6b9f4b8bdd4d3772b2 |
| SHA1 | 7c0c6962a6cd37d91c2ebf3ad542b3876dc466e4 |
| SHA256 | 3123072fba0ea8e8f960dd213659a0c96ce2b58683593b8ea84efac772b25175 |
| SHA512 | c96044501a0a6a65140bc7710a81d29dac35fc6a6fd18fbb4fa5d584e9dc79a059e51cbe063ca496d72558e459ffa6c2913f3893f0a3c0f8002bbca1d1b98ea2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 64979a84d6e06cbacf239a03f4c9216f |
| SHA1 | 69f916f4d50540c999307e775d8ae25f2d03b547 |
| SHA256 | ebc9c2c3bc3c9d238d90d1ba1916e4d2116acc667254217fd6a3de410b6bd01b |
| SHA512 | b83109a3dae738d20e1257eeace5e175bc03e6b0f14638d58ba7a52ff31b8d56921356f43a4affa89591f83d799ec9fee37584b14183a805ac0d39077cc4a81e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59a80e.TMP
| MD5 | e42f0da746bb9cd1d9835c926a386d50 |
| SHA1 | cbbfbac5b8018bcc7a3b2d6bc9dada26a00b40fb |
| SHA256 | cd2b45a78156f17922c67090c23fa24b81cc9e29acad8263f7b1331a12e692e6 |
| SHA512 | 41bb24f8f36142f24ab4fbdf8dcf171a5cf8c7f0add0e81a9c82e703d50548895007656d774922994a7095e800d834af9ccf08e71993ce4724e761e3eb0e4ecb |
memory/2580-691-0x0000000000400000-0x000000000043C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 7d75a9eb3b38b5dd04b8a7ce4f1b87cc |
| SHA1 | 68f598c84936c9720c5ffd6685294f5c94000dff |
| SHA256 | 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7 |
| SHA512 | cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 36ccfd59eea614f49c340a0a33b8408d |
| SHA1 | 7a5ca3d094c2d055bda6ebfd09db6badae5cec52 |
| SHA256 | 5e893240d29ac9509371d3ab6f56da7e414a36fb82d8ebb317e95de0a099d370 |
| SHA512 | 6a924b3811a4a44a330a68b7267723abaec1cee88496763e34d59e3563b86ac34fcd7fa49c645f21d23c164593bdb3450f6246ff713a5b9e9969adf5de81fca8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032
| MD5 | fdbf5bcfbb02e2894a519454c232d32f |
| SHA1 | 5e225710e9560458ac032ab80e24d0f3cb81b87a |
| SHA256 | d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c |
| SHA512 | 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037
| MD5 | 4e08109ee6888eeb2f5d6987513366bc |
| SHA1 | 86340f5fa46d1a73db2031d80699937878da635e |
| SHA256 | bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339 |
| SHA512 | 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031
| MD5 | 740a924b01c31c08ad37fe04d22af7c5 |
| SHA1 | 34feb0face110afc3a7673e36d27eee2d4edbbff |
| SHA256 | f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0 |
| SHA512 | da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c |
memory/2580-783-0x00000000738C0000-0x0000000074070000-memory.dmp
memory/2580-784-0x0000000007900000-0x0000000007EA4000-memory.dmp
memory/2580-785-0x00000000073F0000-0x0000000007482000-memory.dmp
memory/2580-786-0x0000000007560000-0x0000000007570000-memory.dmp
memory/2580-787-0x00000000074B0000-0x00000000074BA000-memory.dmp
memory/2580-789-0x00000000084D0000-0x0000000008AE8000-memory.dmp
memory/2580-796-0x0000000007770000-0x000000000787A000-memory.dmp
memory/2580-801-0x0000000007680000-0x0000000007692000-memory.dmp
memory/2580-803-0x00000000076E0000-0x000000000771C000-memory.dmp
memory/2580-804-0x0000000007720000-0x000000000776C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 96befc41bf67a445c5150508de546e26 |
| SHA1 | aa3b1386ceb1430b0c797aa88b0e08287059adeb |
| SHA256 | 02b50acc14dda00708668c319c8eac82abab5144160cf8809e84e5d06ed7c539 |
| SHA512 | 45cff707ac9afca77a482b01c4a739bd724c4fb41b1be938c31ce65ebe336f67f355b2dbcd801e3a314250d56a52ddca82ef4d44a19a85e403077fa5cec1c54e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ffacc344494d02eae95583eb60510d7c |
| SHA1 | 8e2eb59ba55bd08b6f4aa265a9d2dd7de14765e7 |
| SHA256 | d27ff00b191a70e68d2e0ca53991b31d255061726df653d015f7a449816fc78d |
| SHA512 | e3d83082881f1f87fbbcb7fefae194a753fe77ffeee9c61e19605a7b9889f642e38949e8c11300149796da1c94e2e68b0d0e3250e6e8a303b55470f08cd9f5ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 3a0df202dfcbb7ead4612425303c551e |
| SHA1 | b4fac269f51a7593bfc94b3fc53be89c6d4691c0 |
| SHA256 | 2002a196c0405a270fff703d6b1059a658bd0eca5523b57e9655fc0148938c1f |
| SHA512 | f2cdd918ae39c6c410c0c45be8b09ca2ac26b8ca219804e7dbac260d7562aac1bc6dfe76ba32c2d7b2ae9a9ac5ccd1e8bbb1223bc613e39f64ff51059a7f739b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | aec46cd13bb9d4941141c09363007d5f |
| SHA1 | 60eece3e29266fec68a156da37576a3d8a18d740 |
| SHA256 | cfba9315955dd96f18ffc20735f685ab800982efe5b309b8a617612c0839cdfb |
| SHA512 | c47716883843f8ceef3fb8474a3f28232193bbcdd6add0272f040c5b0465cda836b8bddf53ebe3b248a758f6d76cc71189ded1e3ef56dc282bf01db2817ab722 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 8396bf614225463f869af87b2c962f5e |
| SHA1 | af8caffd9afa8d2c3c71f5715396da8cfb19aa75 |
| SHA256 | f38a51139c50f3bc8221c398e7006614cef4e5fa0053ba1824a21e22f67691b2 |
| SHA512 | 5a599f5881062655185b21f995463515dbc472d746d81df838092e8a9add250195529e05f2397c46cde0060904da3215a794c60125bae63e553eaf4f283d919c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\5c817778-3a9c-491d-9b8d-b3a97f0fbe13\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 320d3678dbdab4e3c549fb373c8fc998 |
| SHA1 | bbe1542fd5fcaa6ea45706cca6fa030c84a00ade |
| SHA256 | 46868261d71bec395844c92478dad28dbb580b3e7675da5ddeb3c068b84f8067 |
| SHA512 | 3ab362b5a4782b50585cfec7575710cf0f42d679891f856639ffd8276c421d250a71c3ee9c95c1c8d1b79fc2751a2db162f95e8b9d2a0041c9b777b434754294 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe59ddf2.TMP
| MD5 | 388eb27569406075ceee5519950132d7 |
| SHA1 | 22118e47639ddb2f58db6267af3b118987352bd6 |
| SHA256 | 48a4c1396bba5578f189c181e2344094b8563b71ba8ab9317a05782900832b18 |
| SHA512 | b7b9eb56964f44d82800a2fecb8ccd6f740f33b776a907332c0da6d5746b3fc25f46b21d629c02762535c09ff3c11a513925af572c77cdd7ef404b3e3cdde427 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | bf0b522735d6d45cc678613dba2d0c75 |
| SHA1 | d93d8f9b5ffcae6c070e7d1d05976b1fd9063a4f |
| SHA256 | 3005787e5d93c87273dcff7d23f31de7fc34d4f266e375e14cbbdf36dc9382cd |
| SHA512 | 6d9b088f0dd1ec220d87bede6a432ca2ade23760bc035cdf441e34bde07cb6e6a723ce3a2f95893e509a5296cb4d00aa365bed927a74cba6243ffe2b7d7037f6 |
memory/2580-1051-0x00000000738C0000-0x0000000074070000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fed4144119831d1883f55eb88b127309 |
| SHA1 | dde08938e57bec11af04ca7b86c1d60ddbc86921 |
| SHA256 | c3e9189aaf5fca65ce5ecf56c207ab770f7f0211c2bf1a1b17a66df0a2757910 |
| SHA512 | a05f34a74bb7bbeb9352109c0f48e70eed33a26aed7582e4cb56cf2bcc2a95e9d927ae50c493b5a427d0457aa1f691fc20078ce39322e17f9738087600e5601d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 84d1ba3b8459b33b86bed012ceb2468e |
| SHA1 | 646458c32c6177c76107d28ff448b5fe71db937a |
| SHA256 | 35c48b0530c32dd2814d253c6ab151caa39b4166a9ee4a24ae06a80f68c529d2 |
| SHA512 | aed49dc872e7a6eab3dff5b19c5b7b02698e19109deea9001af0524eb9cff1d001768c36f5dfdaaa707569ee407c734668f56c500d620d6d1a982f51389a980c |
memory/2580-1088-0x0000000007560000-0x0000000007570000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\5c817778-3a9c-491d-9b8d-b3a97f0fbe13\index-dir\the-real-index
| MD5 | 985e77af78a2ff6ecb7dc89dabd2e430 |
| SHA1 | 8151e44e22b93fc48a1ef6cff274b91bb2cdc62f |
| SHA256 | 75b7f72ba836d241e99317dfee4a414005e60676715d6ef88d90919b7971387e |
| SHA512 | 07a7b20f9e94f01777c87ec8e418da1f5b6118a77b2aae1de3b05867aeb1449ca35ded59550e62d8425919f4f14bb6fb24772108ee33624123373a07c627035a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 43f53fbed85d936d978511bd4901868f |
| SHA1 | 91eb8ca632fa7fce381a0738e78a5d5d44684932 |
| SHA256 | 672e489db8bae1a6f3d9a3c860140b77c55616c166542d4443f9a73cefcda13b |
| SHA512 | 688e6ce1437992570d3765896d435f219ef65aa4500099ae42f93ef350429519a6d1f02638e3df8bbbd18a6c3f45b4719d8a5ade47343509417d9ab2c802c0cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 935cd320275f33fc4488b304f38f3290 |
| SHA1 | 9101a841d0aacde82d8cfceffe4760ba3a6e2286 |
| SHA256 | c18ea71aac0de18fa7cf343e947cc445c4b529a01784f4d079649a61e9600f84 |
| SHA512 | acbf7813f9f25942bce7cd9daaf68001fc91ae7f08720eb5a3169c7709501cd4564dfa6d23e06ac07ee8f8c4979b064b2e47f21746ca047625e2550fbc0bf959 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a45b5.TMP
| MD5 | 8b6e9d409516e9e5af405249ffd871a9 |
| SHA1 | 57102bafedceaa27626c4a324a8d21d58650849b |
| SHA256 | a006149c7a53a4a787f495adedb24b7e3e396e97d515ce3c13916b7790211aa4 |
| SHA512 | 1ac70bece28e7f7291b49d8a7997d72a5e6cc36c0067ab4bc9b3cd4cde47921d53528bca47f7fe264298656748ab10172e4b53b254ecc4518f3c6496ee350575 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\5c817778-3a9c-491d-9b8d-b3a97f0fbe13\index-dir\the-real-index~RFe5a45b5.TMP
| MD5 | 9fd84d7a74dcc2258a0c6be3742e36a5 |
| SHA1 | 66cb074761be1aeb978903e6e2a566413b0ed31d |
| SHA256 | 7b88587b23c16a75fadfb809aa343805ea400d4b22722db958bcea5fe4620435 |
| SHA512 | 16d8af77dd0665abb4954c9c11811e4ab7840c66da795ba748ea222864c0b2c7e7957172c992368ba4a997e4060daaac3d9c4f672fabd71e6ea965e6679fcae9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 49e219e73c6348d915812dff6d6ca25d |
| SHA1 | ed5e0e2c247cafcc9b71b01b2f13fcbe2dacec01 |
| SHA256 | 4cffeca4adbb099c99c572d3c07499192e79e8db9e183095d4cb82a50b0bf53c |
| SHA512 | bd2a81b2fbb7dad13b68b3e28ae37dc03f541d8c7c1e7df52f0c347f7730f2bf1395aa422551222325fc3c3b73347cdf075d821e6395124a0009481a3ebc39b1 |