Analysis Overview
SHA256
bfe031c2c1494621564ade351ecd68c76632c6b42bae7e12e6225cb4df5440c3
Threat Level: Known bad
The file NEAS.bfe031c2c1494621564ade351ecd68c76632c6b42bae7e12e6225cb4df5440c3.exe was found to be: Known bad.
Malicious Activity Summary
Detect Mystic stealer payload
RedLine
RedLine payload
Mystic
Executes dropped EXE
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
AutoIT Executable
Unsigned PE
Program crash
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-11-11 10:37
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-11-11 10:37
Reported
2023-11-11 10:40
Platform
win10v2004-20231025-en
Max time kernel
158s
Max time network
166s
Command Line
Signatures
Detect Mystic stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Mystic
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\av3gP05.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\KC4Ym62.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Hb438hu.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4or8gT5.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5se38PQ.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6FC202.exe | N/A |
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\av3gP05.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup2 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP002.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\KC4Ym62.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\NEAS.bfe031c2c1494621564ade351ecd68c76632c6b42bae7e12e6225cb4df5440c3.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Detected potential entity reuse from brand paypal.
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 1632 set thread context of 4248 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4or8gT5.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 8272 set thread context of 9152 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5se38PQ.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
| PID 8348 set thread context of 7344 | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6FC202.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\NEAS.bfe031c2c1494621564ade351ecd68c76632c6b42bae7e12e6225cb4df5440c3.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.bfe031c2c1494621564ade351ecd68c76632c6b42bae7e12e6225cb4df5440c3.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\av3gP05.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\av3gP05.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\KC4Ym62.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\KC4Ym62.exe
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Hb438hu.exe
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Hb438hu.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7ffe32fa46f8,0x7ffe32fa4708,0x7ffe32fa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffe32fa46f8,0x7ffe32fa4708,0x7ffe32fa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffe32fa46f8,0x7ffe32fa4708,0x7ffe32fa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x16c,0x170,0x174,0x148,0x178,0x7ffe32fa46f8,0x7ffe32fa4708,0x7ffe32fa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x170,0x174,0x178,0x14c,0x17c,0x7ffe32fa46f8,0x7ffe32fa4708,0x7ffe32fa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffe32fa46f8,0x7ffe32fa4708,0x7ffe32fa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffe32fa46f8,0x7ffe32fa4708,0x7ffe32fa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffe32fa46f8,0x7ffe32fa4708,0x7ffe32fa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffe32fa46f8,0x7ffe32fa4708,0x7ffe32fa4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffe32fa46f8,0x7ffe32fa4708,0x7ffe32fa4718
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4or8gT5.exe
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4or8gT5.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,4088341024502945943,11211011455782292133,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,5879377027420246724,7202914165290970202,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,4088341024502945943,11211011455782292133,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,5879377027420246724,7202914165290970202,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,4673144365577207138,11234703761617684310,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2096 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,7898976520797847380,11351166093413647874,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,7898976520797847380,11351166093413647874,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2088 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,2638329044206486378,17935961861919243808,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,2638329044206486378,17935961861919243808,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,18114306734292235997,7666077934402890314,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,18114306734292235997,7666077934402890314,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,11311501235067302959,6822951843219128711,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,11311501235067302959,6822951843219128711,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,4673144365577207138,11234703761617684310,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,12319636662188684566,16803241917609717780,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,12319636662188684566,16803241917609717780,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,116446163116132429,2717242891843038669,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,116446163116132429,2717242891843038669,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3944 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 4248 -ip 4248
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5se38PQ.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\5se38PQ.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4248 -s 540
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7892 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7892 /prefetch:8
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6FC202.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\6FC202.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7196 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7644 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2204,15107323563785036855,10806752662430043882,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4184 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.78.124.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.1.85.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| NL | 104.85.0.101:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 8.8.8.8:53 | 78.240.123.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.0.85.104.in-addr.arpa | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 3.224.228.139:443 | www.epicgames.com | tcp |
| US | 3.224.228.139:443 | www.epicgames.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.228.224.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| NL | 157.240.247.35:443 | www.facebook.com | tcp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 104.244.42.66:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| US | 93.184.220.70:443 | pbs.twimg.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| US | 8.8.8.8:53 | 98.49.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.247.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.39.65.18.in-addr.arpa | udp |
| NL | 199.232.148.158:443 | video.twimg.com | tcp |
| US | 104.244.42.197:443 | t.co | tcp |
| NL | 199.232.148.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| US | 104.244.42.67:443 | analytics.twitter.com | tcp |
| US | 8.8.8.8:53 | 66.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.148.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.148.232.199.in-addr.arpa | udp |
| US | 104.244.42.66:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | appleid.cdn-apple.com | udp |
| DE | 184.24.163.73:443 | appleid.cdn-apple.com | tcp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.163.24.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.194.73.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.208.79.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| NL | 23.72.252.163:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 160.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | static-assets-prod.unrealengine.com | udp |
| US | 18.239.36.73:443 | static-assets-prod.unrealengine.com | tcp |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 18.239.36.73:443 | static-assets-prod.unrealengine.com | tcp |
| US | 44.214.245.214:443 | tracking.epicgames.com | tcp |
| US | 8.8.8.8:53 | 73.36.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.245.214.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| US | 157.240.5.10:443 | static.xx.fbcdn.net | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.5.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | numpersb.fun | udp |
| US | 8.8.8.8:53 | killredls.pw | udp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 57.53.21.104.in-addr.arpa | udp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 18.239.36.73:443 | static-assets-prod.unrealengine.com | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | 227.168.217.172.in-addr.arpa | udp |
| US | 192.55.233.1:443 | tcp | |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | c.paypal.com | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| US | 151.101.1.35:443 | t.paypal.com | tcp |
| US | 157.240.5.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | 35.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.5.240.157.in-addr.arpa | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| US | 157.240.5.35:443 | fbcdn.net | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | talon-website-prod.ecosec.on.epicgames.com | udp |
| US | 8.8.8.8:53 | b.stats.paypal.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 172.64.146.120:443 | talon-website-prod.ecosec.on.epicgames.com | tcp |
| NL | 142.250.179.194:443 | googleads.g.doubleclick.net | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | 120.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.179.250.142.in-addr.arpa | udp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 104.21.53.57:80 | killredls.pw | tcp |
| US | 8.8.8.8:53 | rr5---sn-q4flrn7r.googlevideo.com | udp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| NL | 23.72.252.160:443 | community.akamai.steamstatic.com | tcp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| NL | 23.72.252.176:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | c6.paypal.com | udp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| US | 209.85.165.106:443 | rr5---sn-q4flrn7r.googlevideo.com | tcp |
| US | 8.8.8.8:53 | 106.165.85.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | talon-service-prod.ecosec.on.epicgames.com | udp |
| US | 104.18.41.136:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 104.18.41.136:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| NL | 23.222.49.98:443 | login.steampowered.com | tcp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.218.90:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | 136.41.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.218.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | 18.173.189.20.in-addr.arpa | udp |
| RU | 5.42.92.51:19057 | tcp | |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
Files
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\av3gP05.exe
| MD5 | 9af7358979fd621cf352016fb15e5bc0 |
| SHA1 | 4aef20d5c4704d8ab3defe5203a92b1aa2d790ba |
| SHA256 | cf09565fd33a74ca430aa23ecfeab197d1a2ba498577f7b8c08daba846ce34cd |
| SHA512 | 40b5f086074d8cc362dc8d1e80a9fc5ff8bb0eae074e7d2b47df83d49eafcad9092ef8634b9ccee653122e9c874cac58661e03749fb54df26620a1de6636a1e0 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\av3gP05.exe
| MD5 | 9af7358979fd621cf352016fb15e5bc0 |
| SHA1 | 4aef20d5c4704d8ab3defe5203a92b1aa2d790ba |
| SHA256 | cf09565fd33a74ca430aa23ecfeab197d1a2ba498577f7b8c08daba846ce34cd |
| SHA512 | 40b5f086074d8cc362dc8d1e80a9fc5ff8bb0eae074e7d2b47df83d49eafcad9092ef8634b9ccee653122e9c874cac58661e03749fb54df26620a1de6636a1e0 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\KC4Ym62.exe
| MD5 | 4a24f54357d7549fc40c938b444e5fd1 |
| SHA1 | 9de2d76b156d497a8e4862db5a9cab5d4a7a5b55 |
| SHA256 | 4d548737d49087326979108dfe59a16618af18519ce10a0874cd72e654e6c745 |
| SHA512 | 2e11e6c106fbb5da95ae348db1e8b38feef28b8559f7f283192295ece2575f31612afddd2cc375626e83bf5098b462e58686ad206e2e49131dafbad574e5e692 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\KC4Ym62.exe
| MD5 | 4a24f54357d7549fc40c938b444e5fd1 |
| SHA1 | 9de2d76b156d497a8e4862db5a9cab5d4a7a5b55 |
| SHA256 | 4d548737d49087326979108dfe59a16618af18519ce10a0874cd72e654e6c745 |
| SHA512 | 2e11e6c106fbb5da95ae348db1e8b38feef28b8559f7f283192295ece2575f31612afddd2cc375626e83bf5098b462e58686ad206e2e49131dafbad574e5e692 |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Hb438hu.exe
| MD5 | 94a5d771548c6e00b278a4405d402684 |
| SHA1 | ba1addb060b6fc1866ee1bd87da892be2233b17d |
| SHA256 | c80e293f308132a53795de49d47f6c5f1629c6cf03102d14a36f4e14955d1915 |
| SHA512 | 09131c71dcc03451b147a35772bbe036415fb5853aff5c0d457e0d373ec3e50fa0545288a025affdf997942c2268dcef6217d6b6abf52b7e454816a45f34dfb9 |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\3Hb438hu.exe
| MD5 | 94a5d771548c6e00b278a4405d402684 |
| SHA1 | ba1addb060b6fc1866ee1bd87da892be2233b17d |
| SHA256 | c80e293f308132a53795de49d47f6c5f1629c6cf03102d14a36f4e14955d1915 |
| SHA512 | 09131c71dcc03451b147a35772bbe036415fb5853aff5c0d457e0d373ec3e50fa0545288a025affdf997942c2268dcef6217d6b6abf52b7e454816a45f34dfb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a7f568a3d32bd441e85bc1511092fbe0 |
| SHA1 | 89fbee8e2eb6d74cc3ad66ae3ba6c7f25dce33d2 |
| SHA256 | 0d60fa886bcba8089cbdc944265c78bddf1a77f28820f5314eba6c83f44c913a |
| SHA512 | 8fc5e847481d2bfbb6c0d70a1f152c43fe152d4c4aa8ec61988136945da0af944e4643adafad64a754b9b7f4d117e368916140e8275fc7568e150a98fe570779 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4or8gT5.exe
| MD5 | be1bfea5365b83f8a65725d0c0e52d87 |
| SHA1 | c204d073318127e8fc6d86adc0e82d37a3353d6c |
| SHA256 | 410b4f1818f524a1dfbfab8e86c24f2b9747f90d81a592e5b5f31ed0038a258d |
| SHA512 | ecaf26a1ac720235226819c8ff452fdd9b20d3a755a6c02a224968c7ae9ec417ce6fb633c04992516d3eb769d661fa89ae1c0404b9284c166b348fc96201cd9c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Temp\IXP002.TMP\4or8gT5.exe
| MD5 | be1bfea5365b83f8a65725d0c0e52d87 |
| SHA1 | c204d073318127e8fc6d86adc0e82d37a3353d6c |
| SHA256 | 410b4f1818f524a1dfbfab8e86c24f2b9747f90d81a592e5b5f31ed0038a258d |
| SHA512 | ecaf26a1ac720235226819c8ff452fdd9b20d3a755a6c02a224968c7ae9ec417ce6fb633c04992516d3eb769d661fa89ae1c0404b9284c166b348fc96201cd9c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
\??\pipe\LOCAL\crashpad_3668_XIDZGDDOZNLTJWWM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_564_TRKZJPVTFKEVSNDS
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_3844_GHWGFMLHIMXXKDTW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_1768_XZVFMAQYKXWLBMTY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_1816_HRGWJIXFRTSQQVQD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
\??\pipe\LOCAL\crashpad_2272_SUIWECIJUZSPDXWL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aed593b08b94f34dd8f68fd369652ac2 |
| SHA1 | 3ce2a17e426e09c2fd9a8d2ab191fe29248f2d95 |
| SHA256 | 5c0cdd5dc1bccf7e3ffa8568fdd2fe35f3edc85832f3d11331aced965aaeeba7 |
| SHA512 | 16b34c29d8ea3793f7d4491847d2fecae2c6c9d7b7b1ec16d1367828d0a4da4cdbf912c2040bc0ca98ac32cd701355ddd16b4865629d51bae2527e1a05411137 |
\??\pipe\LOCAL\crashpad_4300_JUSRRGUMUDQFRSPI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_4012_OCFHGRKEQDJWNTXM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
\??\pipe\LOCAL\crashpad_3464_IROXZPESYCJSQJSU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5d3f35b6c5cc14ddfa3e4d84272ebd2f |
| SHA1 | 1b1518f155a7a4b75c740f55c7aa973d0b4c6ebf |
| SHA256 | f2f97829ae1eaa2ca8050499e73982c288715b368690ae71bf9738f38fe931ac |
| SHA512 | 73ddd22192ea38e7441af7fe120508e22dc45ccfb7a6a78b333f12b43936232c076fdacdf0f1ec3811cc23f932137d78d1edfe026457e457cb7fd53e30f2a734 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\bc1b66f3-d8d4-437f-9794-c6e6981f54d6.tmp
| MD5 | 76d06e94a36d693030f619de69048547 |
| SHA1 | aace228ea1fae4cb9635e6ed148faad297d28834 |
| SHA256 | 04528cf5d155b964be2bec3b2dce690a9fe2530730992acc8a63b089724428ac |
| SHA512 | 2fc09d890e9feed05e7233967afab12b224877c69e2a223cb0ff39780efd1f915350c40abdf70f36603eedbd4620d3971d8a16e2c1bbf22ce20bf47b4f3930ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5a92a17dcac8752dacb9a773e47047ee |
| SHA1 | 33a1bc518e892fa08fae8836fd9cee55651cd2b7 |
| SHA256 | a6128ed638779de5ec064b222dc354fb41392e0aa123b1aaddf383496e8af9ee |
| SHA512 | 357dc1e69947170e5cc375a35f55d75dfec00e9972bec38848eb21aef7528f3a07aceff0adf73ba8782ec6afe02da3f696e569b49cd77fd8c51e1dfbb4978705 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5a92a17dcac8752dacb9a773e47047ee |
| SHA1 | 33a1bc518e892fa08fae8836fd9cee55651cd2b7 |
| SHA256 | a6128ed638779de5ec064b222dc354fb41392e0aa123b1aaddf383496e8af9ee |
| SHA512 | 357dc1e69947170e5cc375a35f55d75dfec00e9972bec38848eb21aef7528f3a07aceff0adf73ba8782ec6afe02da3f696e569b49cd77fd8c51e1dfbb4978705 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\1c50dbcd-e800-4b16-aee6-ad537cdf636a.tmp
| MD5 | 2857ff178dba6ce1e21dda54d4d7557e |
| SHA1 | 37fd6fdea92dc42da854acd727603ad3c5b889cc |
| SHA256 | 005422f798ce6d596f39b775835d5c94d95e21b0d2b767639834d4b69c75babb |
| SHA512 | 52cda062daa0319384599701c9691a9d2fd6c9556f5ed5dd0af9148d8295068409e5a36a46a6e549816f7659435b396f609de5eef4b9099be68b072c400103d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 18b3849c9e5852f36a5e40230beed965 |
| SHA1 | e3aef8eb8d483197cbf7c08072519f3147820b87 |
| SHA256 | f79051aefceadbb149440c051959422bb8d11ab1a64c507e107774d3f6f152dd |
| SHA512 | 29db8878e10713c91ab534840267e160759af1a265faf48cecdfedd68204609f956c0768dff90a5863a70aa4acc2c7a947d65d6ffa0102ba3d6b5dd629e386bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 59988aee315cd715c1bc989836929c44 |
| SHA1 | ad1cf7b21c723bf3ca0795b5db108373baeea119 |
| SHA256 | 971003150edb9a6d72361b2ea3e8af90f7c7986a99578e307fc15aee932a59b5 |
| SHA512 | 84fc2a025a9ac0438a2b0f027f65a71ee7459c6a2d7e193cf30423800f6c535a10f88949c2039a1d708fb7541ade126fc8886bf5c30c8742d92f6e47a8a83bc1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 18b3849c9e5852f36a5e40230beed965 |
| SHA1 | e3aef8eb8d483197cbf7c08072519f3147820b87 |
| SHA256 | f79051aefceadbb149440c051959422bb8d11ab1a64c507e107774d3f6f152dd |
| SHA512 | 29db8878e10713c91ab534840267e160759af1a265faf48cecdfedd68204609f956c0768dff90a5863a70aa4acc2c7a947d65d6ffa0102ba3d6b5dd629e386bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\367e3ea9-ea25-4294-bb7f-bc7c528c6499.tmp
| MD5 | b16b68f39b3a45492ebba39f3201ad38 |
| SHA1 | 551253647f18c6aaaf5dc7bf132ab14467c1dcb1 |
| SHA256 | 85c160558ff34955a427c8d2fd9f1f01b32855d9f9c792571dd62e70bc6357e8 |
| SHA512 | e0869a0b23b1bd09df649b3fd2383977af1beba7dd5032c294ff0f368ddb4a50e6cf254f913ee4e3e89c6ece4226dd4cb4a29f79ee7610443068cd6389c29ea3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b16b68f39b3a45492ebba39f3201ad38 |
| SHA1 | 551253647f18c6aaaf5dc7bf132ab14467c1dcb1 |
| SHA256 | 85c160558ff34955a427c8d2fd9f1f01b32855d9f9c792571dd62e70bc6357e8 |
| SHA512 | e0869a0b23b1bd09df649b3fd2383977af1beba7dd5032c294ff0f368ddb4a50e6cf254f913ee4e3e89c6ece4226dd4cb4a29f79ee7610443068cd6389c29ea3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\0e127207-1476-45c2-bbe6-c9cf5ffd6906.tmp
| MD5 | 3540bbfec9c732cace3693e2c97c1a46 |
| SHA1 | 29cf6254c18f468bb1cc5019782eaa5453dfc9d9 |
| SHA256 | 593524b3fdb0755bad177227caf9c979a14290a0a9026f635c16d033defa32c0 |
| SHA512 | f1ceed977f65cb71af2ccfe8d2b018089d062b68b743fd9ac7d7e44e5693968da827246e6e8d5c26bf90aa16c22b9b31bac457118f2127719af36290250bf692 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 59988aee315cd715c1bc989836929c44 |
| SHA1 | ad1cf7b21c723bf3ca0795b5db108373baeea119 |
| SHA256 | 971003150edb9a6d72361b2ea3e8af90f7c7986a99578e307fc15aee932a59b5 |
| SHA512 | 84fc2a025a9ac0438a2b0f027f65a71ee7459c6a2d7e193cf30423800f6c535a10f88949c2039a1d708fb7541ade126fc8886bf5c30c8742d92f6e47a8a83bc1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ad5ffe40f5d050a67110c156d33a6a98 |
| SHA1 | f5632432ab2642c5f09a880cfe564b7e6383890e |
| SHA256 | ffbc0b2bc9237b60cb997e3bcf6a92c0a6a91572e2ad989cdf050630a4321978 |
| SHA512 | 3c6063756f4f30b880a64d0902d91e6380b3e6c6962778e3f7431dc7911b3abf43ae04d241b779e769f9e9fdaa1bbd62ab3b5215a296a55dd2b38181fc966121 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ad5ffe40f5d050a67110c156d33a6a98 |
| SHA1 | f5632432ab2642c5f09a880cfe564b7e6383890e |
| SHA256 | ffbc0b2bc9237b60cb997e3bcf6a92c0a6a91572e2ad989cdf050630a4321978 |
| SHA512 | 3c6063756f4f30b880a64d0902d91e6380b3e6c6962778e3f7431dc7911b3abf43ae04d241b779e769f9e9fdaa1bbd62ab3b5215a296a55dd2b38181fc966121 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 76d06e94a36d693030f619de69048547 |
| SHA1 | aace228ea1fae4cb9635e6ed148faad297d28834 |
| SHA256 | 04528cf5d155b964be2bec3b2dce690a9fe2530730992acc8a63b089724428ac |
| SHA512 | 2fc09d890e9feed05e7233967afab12b224877c69e2a223cb0ff39780efd1f915350c40abdf70f36603eedbd4620d3971d8a16e2c1bbf22ce20bf47b4f3930ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 59988aee315cd715c1bc989836929c44 |
| SHA1 | ad1cf7b21c723bf3ca0795b5db108373baeea119 |
| SHA256 | 971003150edb9a6d72361b2ea3e8af90f7c7986a99578e307fc15aee932a59b5 |
| SHA512 | 84fc2a025a9ac0438a2b0f027f65a71ee7459c6a2d7e193cf30423800f6c535a10f88949c2039a1d708fb7541ade126fc8886bf5c30c8742d92f6e47a8a83bc1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\4557f9ab-bf87-4520-b734-b6f39e8aeab1.tmp
| MD5 | 5d3f35b6c5cc14ddfa3e4d84272ebd2f |
| SHA1 | 1b1518f155a7a4b75c740f55c7aa973d0b4c6ebf |
| SHA256 | f2f97829ae1eaa2ca8050499e73982c288715b368690ae71bf9738f38fe931ac |
| SHA512 | 73ddd22192ea38e7441af7fe120508e22dc45ccfb7a6a78b333f12b43936232c076fdacdf0f1ec3811cc23f932137d78d1edfe026457e457cb7fd53e30f2a734 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3540bbfec9c732cace3693e2c97c1a46 |
| SHA1 | 29cf6254c18f468bb1cc5019782eaa5453dfc9d9 |
| SHA256 | 593524b3fdb0755bad177227caf9c979a14290a0a9026f635c16d033defa32c0 |
| SHA512 | f1ceed977f65cb71af2ccfe8d2b018089d062b68b743fd9ac7d7e44e5693968da827246e6e8d5c26bf90aa16c22b9b31bac457118f2127719af36290250bf692 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5d3f35b6c5cc14ddfa3e4d84272ebd2f |
| SHA1 | 1b1518f155a7a4b75c740f55c7aa973d0b4c6ebf |
| SHA256 | f2f97829ae1eaa2ca8050499e73982c288715b368690ae71bf9738f38fe931ac |
| SHA512 | 73ddd22192ea38e7441af7fe120508e22dc45ccfb7a6a78b333f12b43936232c076fdacdf0f1ec3811cc23f932137d78d1edfe026457e457cb7fd53e30f2a734 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b16b68f39b3a45492ebba39f3201ad38 |
| SHA1 | 551253647f18c6aaaf5dc7bf132ab14467c1dcb1 |
| SHA256 | 85c160558ff34955a427c8d2fd9f1f01b32855d9f9c792571dd62e70bc6357e8 |
| SHA512 | e0869a0b23b1bd09df649b3fd2383977af1beba7dd5032c294ff0f368ddb4a50e6cf254f913ee4e3e89c6ece4226dd4cb4a29f79ee7610443068cd6389c29ea3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 560e39902a37d54d236f524f296cff85 |
| SHA1 | 3d855e11e6875c3f73b128d7321212f7dff716e3 |
| SHA256 | 322d00f8993ac6f71c97aba4f7a2831d7de113c705a307176812b8527985fe13 |
| SHA512 | 2d67f604265853891e192a5449ca281e77b1f505fcabdedd038e798a8c22e4a1bf9ea7d178475e8bac57e3cb2cda9a5d66edbaf764c26af5c5d76a1999805a4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 03fc9db64b482bac803117810e400a7a |
| SHA1 | 3d4973cceb8b757546fd2773e81ecd89eb63816e |
| SHA256 | f3db61c582b78e77d66528326816bd60f8911400f30b51e5af372cd736b29153 |
| SHA512 | 6048c943b3f013e25dda40f3c0b9c3af8bd2ad95f886b37665822059c668aa4dc7e3a35272dc617908aab68f8cec8e08b94683b1bd037aa585479a0ef4e60c95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe583e8b.TMP
| MD5 | f1dc36277d4e4359a8a1e0c7cda32a4c |
| SHA1 | 61a7ddd483681b8fbde9c1cceb6881332ed68889 |
| SHA256 | 57f34a56f036506a1df47c9c607fe0b2d5a8372c7d09a89292c3a3bdee697169 |
| SHA512 | 610992cecada9250dd25a13903fe6337c90e4ae2eb5c777772d59cf902e32543f1fa4d1f66b9fb61322835e809122eacc47e24bce179a1cfb7f40284f6e156af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | e594242835f0ae4f9e9091c0cc4cbd79 |
| SHA1 | a6b38ae79410085cb988143099b94bab9f59a672 |
| SHA256 | 94d8f2c8b6b1e14da7194890eb78805ec4a0cabbbd210e4d9cc6c2d105438e14 |
| SHA512 | 392363fbc8e89f15e04732b375cf3a733a6bfa2354945b2ed47497eece342fb80d0efda1c18b6df6e2b4260284ae0a5270319851a55779266d765e3834227509 |
memory/4248-480-0x0000000000400000-0x0000000000433000-memory.dmp
memory/4248-486-0x0000000000400000-0x0000000000433000-memory.dmp
memory/4248-489-0x0000000000400000-0x0000000000433000-memory.dmp
memory/4248-493-0x0000000000400000-0x0000000000433000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d81d621fac0ff04178d3b2e8b6cd88f9 |
| SHA1 | ac919f4b24be416a2d0ce458cc5220ff44d8143b |
| SHA256 | 60d59efe2176eb261ecc4f50aa0798eddbb7431ede95d52918f142e12da2f41e |
| SHA512 | ce4f2a267aad7284b0f6f52f98db21a6686eb281b4a09ab58cd4ab7680231c61faac8013df4cf361697b31dd3b27e78f46bbaaf635ff45e11195f36861910174 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | e2565e589c9c038c551766400aefc665 |
| SHA1 | 77893bb0d295c2737e31a3f539572367c946ab27 |
| SHA256 | 172017da29bce2bfe0c8b4577a9b8e7a97a0585fd85697f51261f39b28877e80 |
| SHA512 | 5a33ce3d048f2443c5d1aee3922693decc19c4d172aff0b059b31af3b56aa5e413902f9a9634e5ee874b046ae63a0531985b0361467b62e977dcff7fc9913c4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
memory/9152-924-0x0000000000400000-0x000000000043C000-memory.dmp
memory/9152-950-0x0000000074480000-0x0000000074C30000-memory.dmp
memory/9152-963-0x0000000007EA0000-0x0000000008444000-memory.dmp
memory/9152-968-0x0000000007990000-0x0000000007A22000-memory.dmp
memory/9152-975-0x0000000007B90000-0x0000000007BA0000-memory.dmp
memory/9152-978-0x0000000007B20000-0x0000000007B2A000-memory.dmp
memory/9152-1001-0x0000000008A70000-0x0000000009088000-memory.dmp
memory/9152-1008-0x0000000007CF0000-0x0000000007DFA000-memory.dmp
memory/9152-1009-0x0000000007C10000-0x0000000007C22000-memory.dmp
memory/9152-1016-0x0000000007C70000-0x0000000007CAC000-memory.dmp
memory/9152-1021-0x0000000007E00000-0x0000000007E4C000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 9a5ff131dee5f2122252a9dc006de7c1 |
| SHA1 | b27d32725ee2905332f1f29dcf68a93f761de69b |
| SHA256 | 7789ea04c4c754b2132c78edad84b980955bccf295e4f76e27a0090f4aea2e30 |
| SHA512 | 6b4e7a3e90c8ed99cc05d1f2126f2aaad1bcde8554e279bc2e7c39a00129ea072cc80daf017ba3ef9ae85ad2a074fe45467b305dc15e2743033c173095488181 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe589ab4.TMP
| MD5 | 851fef478e7d5f147fe1b0c6aad7a0d1 |
| SHA1 | eb750e214115fc5e451e8c4872d5ac6f90646f96 |
| SHA256 | 1b9407a0ab72a55bd37594eb94468e6be1a18a73e58be54464baefb8c0c8fb45 |
| SHA512 | bfc9b666be760f88a29dce39b840ff50e494a30bb1e9e5aeb9ab0441665c3adeadb4b39752803198dbac1c3b07a35fa01158c4ec9ac771cea71aafad7291027d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\5f07e0dc-afe4-4d16-a48b-003d92224c71\index-dir\the-real-index
| MD5 | 972381c75a7098d6db980becbd40d2e5 |
| SHA1 | 75682193f102fbe0db9182284b2151a231bf1854 |
| SHA256 | 1bd9a2db985d5ba60fd4e8a29eb88ca1cb49e9e07361dcb30e906e7cd8cd9f3a |
| SHA512 | 6abb0bf6cd07b519924612143dccdfcd11b5fb40cd194ee65182836fbe9849a77f4a193748cb51b388ca26a17460100ef8dbf04d5de1eb9eb0b4996ee290bca7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | efbfc38bbde95d951da7e2a10373c11b |
| SHA1 | bebb9ecaac81a460f8872851506e34d521a44e5e |
| SHA256 | 39c7dc89a510d7ec3f092270900d27b2a8e2d1f5eb22256a747a08a751f03793 |
| SHA512 | ed12fcd7a4bacc392df88c99f7ebdb61b3a28356c56bf6bd2d316a98d1dde6d24e48b0081d7c2f3967e9bbf9097fd28618eca91d3eb03a6c549e928bb9207dec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58a9e7.TMP
| MD5 | fc323f138b403002d245f21b6d694571 |
| SHA1 | 3a7da9912f955fe36d960daca6b39abdf63c771d |
| SHA256 | a6d218c5a4061143b16086970eaf5f07013961db1d27f5b2a0301d5697e41a16 |
| SHA512 | 6aa57718d4696660c1699c3b688546d5784791db4c3137a602b50bb4c2352b0dfdfd7942bc50aa55d68bc289315f343c6e2eeb4c343a3db1712ce71182604365 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\5f07e0dc-afe4-4d16-a48b-003d92224c71\index-dir\the-real-index~RFe58a3fb.TMP
| MD5 | a7aa3f29e96bdcd08dc0d6a5db93714f |
| SHA1 | 21046a9c77be153b115ade3bcc3aeb04a18bacc0 |
| SHA256 | 654993e2116ee41eb96c70303b95dc093000127d6ea206292e674dd636acc369 |
| SHA512 | ad2d2d6f7efff707f0d49d03c34b1a92bc72beb857498c720d173a6fe151b5faecdb4477e1fb6a1c2b3f0594ccf7325f469fe32e39fbc11e7a02b6943b57c0ce |
memory/7344-1138-0x0000000000400000-0x0000000000488000-memory.dmp
memory/7344-1139-0x0000000000400000-0x0000000000488000-memory.dmp
memory/7344-1142-0x0000000000400000-0x0000000000488000-memory.dmp
memory/7344-1150-0x0000000000400000-0x0000000000488000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 7d75a9eb3b38b5dd04b8a7ce4f1b87cc |
| SHA1 | 68f598c84936c9720c5ffd6685294f5c94000dff |
| SHA256 | 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7 |
| SHA512 | cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046
| MD5 | fdbf5bcfbb02e2894a519454c232d32f |
| SHA1 | 5e225710e9560458ac032ab80e24d0f3cb81b87a |
| SHA256 | d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c |
| SHA512 | 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916 |
memory/9152-1244-0x0000000074480000-0x0000000074C30000-memory.dmp
memory/9152-1249-0x0000000007B90000-0x0000000007BA0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045
| MD5 | 4e08109ee6888eeb2f5d6987513366bc |
| SHA1 | 86340f5fa46d1a73db2031d80699937878da635e |
| SHA256 | bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339 |
| SHA512 | 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 216c3e93020eab969cb651a2c602e20d |
| SHA1 | 2868dd62f23c9968b500d9e7ef1848cbea7be80e |
| SHA256 | 2792853c8ef871f1eafffb843fb3e002c77b2f380e9c6af1aaadd3c120143813 |
| SHA512 | 72f8b538cb3289d3879282ff0f0a141e673404bdbfa71b69513cf27eaa60855fe94ac3fd700123458103978ced67c7b1f338c9d1540ad1bab522ab31205f31c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b6dbd0fac86169364c81b6d59fbc0abb |
| SHA1 | ec2848b4a8d730369a7107fb8c81210d15fe7b9b |
| SHA256 | 649f071c2f72a1cf9ffdd639ee46d1f097e557e01b1fd0e7c54a7380d8582b22 |
| SHA512 | 3be607e2f6c0abca38287e0930269ea4a173fa5a16f20e665f5fdc23c3cf2d29ccc3903fb8a5dbd4dda9330ad074738e72246ce668860f3589c5f5d51d9d48de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aab72c80e536b023f0e1c3517a234cff |
| SHA1 | 7191e381e94c9f3fccc7ba2e437f25ebdc0e1a99 |
| SHA256 | 0385ccfad35044366099df5f04eadfd482b29d3fd5595f03b9eb7bff81aa85c8 |
| SHA512 | dcdaa0aa14b571e7000dc9f3689f08a0f70a6f94e764a9007fd41b0e4843483011ec6294641333243c2e67dfba82bc6b1620c623bb3e7bf4c8a8c201fcb51e6d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c596666a3f020988c7509a45c8cff44f |
| SHA1 | 07f4e062ef5e7883ca8cb8e0500df2941f66c8b4 |
| SHA256 | 82fddd0b391e138e4931f20ceb9b488747d037201c6f1ff6842e4246e4b9ef22 |
| SHA512 | a91c5cd5f282b43ee058bb37c387aa11239bc18a50da16d9fd8e8d7246812d975c8f9387fabbd387c87f60726d5ee9c5bb729769a200601adc11890922d8e924 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 75c7fbcb467105aaa48a1ce9e65fbc05 |
| SHA1 | ce4af073a3baef9dfab6d73b67776ccd1eeed0f9 |
| SHA256 | 8cb50af7927560b67e8c6e3e11d247a66e7362b95b30bf047252e3d12e2ab577 |
| SHA512 | 818e2eeb3f3d515e0f156f523e9f76f1f9eed2da0a99191cdc7c089c061ffe9afb8068e42aeadd0541192298e3bf7451042ffee1e530679cbc8a649da11a76c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | e6d1cb6b3d739088e16620c4dcbf0634 |
| SHA1 | b630c6ec40dc1f9d831ae4d54cfcbbaa6a642954 |
| SHA256 | bece05c8a0a6648693d27d4684ccee3bbbb7f6bd9fb91059f57326479d214881 |
| SHA512 | d00b41b6dbb38d51039b49a3696a09d3e187ded38c0efc75209826677e6b6a3153ef2fe07b6fdd36945fc5ae822a02656a1fe04cb360c09545f31c5fa22ad33f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\3ef64bd8-6e93-450a-aa37-6afd9bf23919\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 0f831d49ac9d18fb0abdfeb1a327e805 |
| SHA1 | ace8521d94b3f76229b01dab5379c4fd6b25f844 |
| SHA256 | 04a6689f2d5151f4839f4e4b4d521bb61076cc23c87413455423747d5891461b |
| SHA512 | f71421a9c1e842fdbad98913f49a50947e70fe9a8e0c62e65b60abd8332338ba419984fbc0d72bc5daf755073db3e16a204f5f0d62f5493a9666528e552e3eb5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | e62e6ae2f66db0383482763ee2a9cf46 |
| SHA1 | 72e0ba9c10ccd63ec3785c32171e28a8debe40a8 |
| SHA256 | a57c04501b1238b010f2ed47bdf85699eb490c3b5032308266fd213a6b92b411 |
| SHA512 | 83b13b246491af2e6b804b4b338476090e00e5216729c27c4a1f7881c6fcb5e5ad2a6ee8bef645d86362276aa9ee9edd2ff8e9cb29d77b105fca583391d8855b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e
| MD5 | 740a924b01c31c08ad37fe04d22af7c5 |
| SHA1 | 34feb0face110afc3a7673e36d27eee2d4edbbff |
| SHA256 | f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0 |
| SHA512 | da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | cca570c78711e02054034c76edc9fa22 |
| SHA1 | d78b4ccf882ff81dc44b5579bd9f29f1b2c56117 |
| SHA256 | a08861fbec45535625667cceb756125535dea602c2b0cc62af3ee1428af6ad62 |
| SHA512 | e4da3aae851f7b2adb54e19aa3b68eae59b8e60b73619b40c14ce433468fa63f1d490b54dd2f144217b828050c4f5417496fea5e95c2f704d9540c26f60df45e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0556531ae899940d09120ba6a4f9f37f |
| SHA1 | 46be6ee3a70797113a4b66e050969161ef6387eb |
| SHA256 | aff630090adcb6e759066f8cdc5352db956f343f578bda1b6e802b1eb2fbed47 |
| SHA512 | 7f6385d9e6f83fdb8643289ebfc168cf92aee7dbb6b0a5eeabe8ea77b5fd424ecee9fa70ca6f075173eb17685299c38c3b272a4cf6cab235e08c658b36d71db1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7a1df73c961e2956026c6ca6e50c3314 |
| SHA1 | cc7e850ee0f0eac4e3b8ab30f00fea638235938b |
| SHA256 | 30ee0911c83d5227e6ab0c15a3eb40b5e9849cbfdd12b7dbe674f7de87b436e7 |
| SHA512 | 10078b7d36ede7599061f67a2d0b98f4afd5aae5a3790d1f8895ee6b89db322d0933d859c5fb24499a4831a60c2315309a8b5b77b24795406ce136447937cc33 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b820acdd1e6453553571690a56a9c9c4 |
| SHA1 | a3cec69da274c94ac21c99b6aed3052d643eae19 |
| SHA256 | 84614412c1ba28a69b16eab59f1f82184cbdc3833651ccb55e30bed07701941c |
| SHA512 | 4d0a7c216c5cd92a19d3f7d075966ecf7c85061c0883faeefb0f75fc527ece8a775540ccc6b9ce3ac809a4b6a845755d974f90588da454908e2a77d02edff35c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 26cec57a96e935584ec7935542c08ba0 |
| SHA1 | 9c4ff42884a5ad889534031ffe9473833ff92487 |
| SHA256 | 603223a78d9e28f0c1ed09520defe6f97ead1bc90aac7732d8a5fa89b186a6cc |
| SHA512 | 505885b3a17379e8895b07609cd9511e3f9ba7d32590b76222272c14a5fb8c499e77f763e1b0dbc837b0bc41e35b1e1acc0545f06064c90116018285a51ed040 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 2b1f6355f08ba42a4f1889e3f566aa10 |
| SHA1 | bc4494ad425b7029022c58969e744c0c8cc91ae0 |
| SHA256 | b211219d91bdb190d88465cbfcc0a71cadbc897bb025e12df3da8cfb034fcccb |
| SHA512 | 0dab50c702214587db5b2aa443c7a8179ae00d85d51ef4a88fce3462f550c9d30ec30367d6cd983ebbf8c3d301a585aca6fad322c57928da42cc6ce94d9c433e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f0c368442f77e14979e6ac9eef8457d7 |
| SHA1 | fd7b2d652feaf9e8549032d44f2d418a7c15523e |
| SHA256 | 8990ffe21115dd74b898751fd30622ab18ff2db654f677f6e69d4e412e895a66 |
| SHA512 | 733ff970e34100e257070e4fa7ca6cf55aeaa4bcb31d55721574aa0a3ba5147e986fa95e4fe654ec57d9ec806efcb52e3f20b085a545ac905e905840a07dcccf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0efe2c09ae98dbe09cd1d5f39cad13b5 |
| SHA1 | d7106b95a344bc840dd4eaf7a6c611cff7c7aff4 |
| SHA256 | 57577e0b4784940288f2ef0ea2ac25c43f68df71ce929a871214d9232a9afe71 |
| SHA512 | 2f7fa35c980f96a987b9b704492ff30ed78091fabefac284cbaad1ae18c2e997df49e5e9bb7fb565c8180af05edcfc062550ecc0dd13981423d36ad2b2bb909f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\ed6678b2-02ff-4e2d-aa0a-cd5eea77ec85\index-dir\the-real-index~RFe59aef3.TMP
| MD5 | 1fcc03be52b487a5685b28352dd86eb8 |
| SHA1 | 97afcc86d65f40908a39980602ae07d8cab57b31 |
| SHA256 | 5eac72e086508e0e874de92b3c5b84b3f8206886d2572742562ef1c38fba0b0b |
| SHA512 | 2a8f0598ef2b09f4f22c7e3c5439f0a969eceb713e8191a8be512896f5aef226e1eb34ecde31200916b8bf02ea4928cf6b58e9df1c1f2e35de35660a361ea743 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\ed6678b2-02ff-4e2d-aa0a-cd5eea77ec85\index-dir\the-real-index
| MD5 | 78ce6709f76bae860a3a030a08273645 |
| SHA1 | 7ac9522fd4d2890a93225e42bbbc0b936cc34b6d |
| SHA256 | 61525af88cb983b864b1539182983ab7cb17cfd0e01cd4e76c6f93303ffe8f84 |
| SHA512 | 78390b5d8a856baade98f36f3257154541c19c3abe1341e9346e4207463efed88e7996c0534b8708aed3cba36408a73649aceb66801f4e74844190446db4b1ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | ff1f022af09b181fbe2629970e4bf8bb |
| SHA1 | dc68425c06e8c6c49b78011ae051c099e81bb002 |
| SHA256 | f5d5d39044c1c7c788f95756427c9ccaf366e675703e7e50ce5ed0c9e963fbe1 |
| SHA512 | 51e43f223c7272957c1568f82f56aca0b6e63d78ebb3ad5dcbd8ed19cb9797cdda2b4cf576974a6c64b95456516406ee0e99eeed221fae7e0006336c3b1c3860 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 770ac01552fb0d0446c6126be9b838df |
| SHA1 | 91e9ac9079d91a49c44940f12cb84a63232dcaa2 |
| SHA256 | 889b3558117ed936034451cb0e1039bc3886f1fc2df2270e037182404441b4e4 |
| SHA512 | cff75b24b06044f39c75116f76d71a8276bdaeee9ae3a71d8c2438134c1b3089c74b0f4a267d72ac5264c80f42cb7d7adbc0ef1aeb2bc1b23f926e05b3165146 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\3de87206-f51a-43ad-9789-7e2a3d5d4e98\index-dir\the-real-index~RFe59dc1e.TMP
| MD5 | fb42c7b697c9078cbf71a2948b2c41b0 |
| SHA1 | 7bc86c443bfd611410b80ead4133cfc468b982c4 |
| SHA256 | b6c4f3bcd254ef888979b1be3e43afaca8f4cc57ec8ebbd76ece0c19e38bb33c |
| SHA512 | 9d64b1c281921894122f850883564eb557a9447d3e155c6bc107f72c2bb99448fd4fa10d1d1f2cc9110ec7568073171981710fe0e961ddf7d53ef6608a3baac9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 72fa1475b0791fbe63f42e3e3054b1d8 |
| SHA1 | 66d07295f9c8a84cea1df83a7dc2b53f2e67a148 |
| SHA256 | 40655ef8714261ef956178bf6e72841d8c2e309296a3dd805bf42cea226a03a6 |
| SHA512 | 35ec80b84f63b9a182483e0bbbe821e18e40da6ca02cb7f6174ed0adfb1f6bd284f16922abef111fc16859f1bda436219a231d57c99ca380c88c74d5d9b132d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\3de87206-f51a-43ad-9789-7e2a3d5d4e98\index-dir\the-real-index
| MD5 | 84853f5d1bed230ddbedd00436ccac2c |
| SHA1 | dc5a15e4c744217b4219f412da297eeb98f45966 |
| SHA256 | 965a67e5f7d1f76c0919efc6812d283ee185f135c1a3b5a69bf9c554f6ed554f |
| SHA512 | 93c8513bd35b84abb6f658ddd93b7ce4e3978c24bb553e9e8966a75628c3877b8660a04080369bcfede4b0932a2e08a185cfdc62c7f3c3853a2cc093bf16ea8b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9b008cdc2a83feb1697d1af46051ed0b |
| SHA1 | 09e8c44cf653618f844acb2f0f2b26566d8f9cbb |
| SHA256 | 26dcee414fff0148fe1e785ccf166fd366330e29bcdac4aa9732001048a03aca |
| SHA512 | 9552ce7551556ffc6055e91bdec05b37cac6374c18092d5bbc5dd1fdcc5db2ce8e2802141caa573cbc0879aa6ff73a0a4bbfa2f458fb13dc50ecd1c73596c88b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b27baf0a2aa18ba8e0c2bd2ecbfe340f |
| SHA1 | dbeda246a9f20874a502ee6533731394306b3165 |
| SHA256 | 333c806b5c29b109f86bf9db7e047c3269b463b1ce14d7875407d526e0479308 |
| SHA512 | b59334acd22690a929591e269eb53b69e0fd6af6b3c5a4c7aaee2e67bea8337dc29875859ba5abdf33c5ab64ba95244be5ef259233a2ecc2b3ff2931d9d65dcf |