Malware Analysis Report

2024-12-08 01:26

Sample ID 231111-mzp39aea2w
Target NEAS.1f351c6e17a289120d35fe4a1f0bbcdabd289d91fb249162fae7c50f3e3f4618.exe
SHA256 1f351c6e17a289120d35fe4a1f0bbcdabd289d91fb249162fae7c50f3e3f4618
Tags
mystic redline taiga paypal infostealer persistence phishing stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

1f351c6e17a289120d35fe4a1f0bbcdabd289d91fb249162fae7c50f3e3f4618

Threat Level: Known bad

The file NEAS.1f351c6e17a289120d35fe4a1f0bbcdabd289d91fb249162fae7c50f3e3f4618.exe was found to be: Known bad.

Malicious Activity Summary

mystic redline taiga paypal infostealer persistence phishing stealer

RedLine payload

Mystic

RedLine

Detect Mystic stealer payload

Executes dropped EXE

Adds Run key to start application

AutoIT Executable

Suspicious use of SetThreadContext

Detected potential entity reuse from brand paypal.

Unsigned PE

Program crash

Enumerates physical storage devices

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2023-11-11 10:54

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-11-11 10:54

Reported

2023-11-11 10:57

Platform

win10v2004-20231020-en

Max time kernel

151s

Max time network

156s

Command Line

"C:\Users\Admin\AppData\Local\Temp\NEAS.1f351c6e17a289120d35fe4a1f0bbcdabd289d91fb249162fae7c50f3e3f4618.exe"

Signatures

Detect Mystic stealer payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Mystic

stealer mystic

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\NEAS.1f351c6e17a289120d35fe4a1f0bbcdabd289d91fb249162fae7c50f3e3f4618.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe N/A

AutoIT Executable

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Detected potential entity reuse from brand paypal.

phishing paypal

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3600 wrote to memory of 4764 N/A C:\Users\Admin\AppData\Local\Temp\NEAS.1f351c6e17a289120d35fe4a1f0bbcdabd289d91fb249162fae7c50f3e3f4618.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe
PID 3600 wrote to memory of 4764 N/A C:\Users\Admin\AppData\Local\Temp\NEAS.1f351c6e17a289120d35fe4a1f0bbcdabd289d91fb249162fae7c50f3e3f4618.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe
PID 3600 wrote to memory of 4764 N/A C:\Users\Admin\AppData\Local\Temp\NEAS.1f351c6e17a289120d35fe4a1f0bbcdabd289d91fb249162fae7c50f3e3f4618.exe C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe
PID 4764 wrote to memory of 2624 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe
PID 4764 wrote to memory of 2624 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe
PID 4764 wrote to memory of 2624 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe
PID 2624 wrote to memory of 1628 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 1628 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 2420 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 2420 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 1936 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 1936 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 4532 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 4532 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 4560 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 4560 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 4668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 4668 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 4024 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4668 wrote to memory of 4024 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 2008 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 2008 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2420 wrote to memory of 4052 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2420 wrote to memory of 4052 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1936 wrote to memory of 2892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1936 wrote to memory of 2892 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4532 wrote to memory of 5028 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4532 wrote to memory of 5028 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4560 wrote to memory of 3280 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4560 wrote to memory of 3280 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 336 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 336 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 336 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 336 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 4868 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 4868 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4868 wrote to memory of 4660 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4868 wrote to memory of 4660 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 2540 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 2540 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2540 wrote to memory of 3016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2540 wrote to memory of 3016 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 1704 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2624 wrote to memory of 1704 N/A C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4764 wrote to memory of 3912 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\4nr1Tp1.exe
PID 4764 wrote to memory of 3912 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\4nr1Tp1.exe
PID 4764 wrote to memory of 3912 N/A C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\4nr1Tp1.exe
PID 1704 wrote to memory of 4012 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1704 wrote to memory of 4012 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1628 wrote to memory of 5820 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\NEAS.1f351c6e17a289120d35fe4a1f0bbcdabd289d91fb249162fae7c50f3e3f4618.exe

"C:\Users\Admin\AppData\Local\Temp\NEAS.1f351c6e17a289120d35fe4a1f0bbcdabd289d91fb249162fae7c50f3e3f4618.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fff9ab046f8,0x7fff9ab04708,0x7fff9ab04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fff9ab046f8,0x7fff9ab04708,0x7fff9ab04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fff9ab046f8,0x7fff9ab04708,0x7fff9ab04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fff9ab046f8,0x7fff9ab04708,0x7fff9ab04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x168,0x16c,0x170,0x144,0x174,0x7fff9ab046f8,0x7fff9ab04708,0x7fff9ab04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x108,0x16c,0x7fff9ab046f8,0x7fff9ab04708,0x7fff9ab04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fff9ab046f8,0x7fff9ab04708,0x7fff9ab04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x160,0x170,0x7fff9ab046f8,0x7fff9ab04708,0x7fff9ab04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fff9ab046f8,0x7fff9ab04708,0x7fff9ab04718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7fff9ab046f8,0x7fff9ab04708,0x7fff9ab04718

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\4nr1Tp1.exe

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\4nr1Tp1.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,16348993303295066095,16953808016525436206,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2172,4873452867009446282,10955003771759218530,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,4873452867009446282,10955003771759218530,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2180,15917163775201478678,1725764904676106843,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2180,15917163775201478678,1725764904676106843,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2192 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2172,16348993303295066095,16953808016525436206,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,13971696566941074748,625017551895301799,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2160,13971696566941074748,625017551895301799,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,5707611422217541419,1501514412636126850,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,5707611422217541419,1501514412636126850,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,15985522103090852161,15875734317265705592,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,15985522103090852161,15875734317265705592,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,14783713230833124318,4826415763074980570,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,14783713230833124318,4826415763074980570,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,15954146007279654641,1697254945405743355,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,15954146007279654641,1697254945405743355,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,4550520677831887442,7189258385978858714,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4076 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6608 /prefetch:1

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\5mn08nS.exe

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\5mn08nS.exe

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 7792 -ip 7792

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 7792 -s 540

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9532 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9532 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7884 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7740 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,9459118375327404571,8424055220471656554,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5108 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 158.240.127.40.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.200:443 g.bing.com tcp
US 8.8.8.8:53 198.1.85.104.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 9.228.82.20.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
NL 157.240.247.35:443 www.facebook.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.epicgames.com udp
NL 142.250.179.141:443 accounts.google.com tcp
US 8.8.8.8:53 twitter.com udp
US 52.3.21.238:443 www.epicgames.com tcp
US 104.244.42.129:443 twitter.com tcp
US 8.8.8.8:53 www.paypal.com udp
US 8.8.8.8:53 steamcommunity.com udp
US 192.229.221.25:443 www.paypal.com tcp
US 8.8.8.8:53 store.steampowered.com udp
NL 23.222.49.98:443 steamcommunity.com tcp
US 8.8.8.8:53 35.247.240.157.in-addr.arpa udp
US 8.8.8.8:53 141.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.21.3.52.in-addr.arpa udp
US 8.8.8.8:53 129.42.244.104.in-addr.arpa udp
NL 104.85.0.101:443 store.steampowered.com tcp
NL 142.250.179.141:443 accounts.google.com udp
US 8.8.8.8:53 25.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 98.49.222.23.in-addr.arpa udp
US 8.8.8.8:53 101.0.85.104.in-addr.arpa udp
US 8.8.8.8:53 238.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 8.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 195.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 abs.twimg.com udp
US 8.8.8.8:53 api.twitter.com udp
US 8.8.8.8:53 pbs.twimg.com udp
US 104.244.42.2:443 api.twitter.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 t.co udp
US 8.8.8.8:53 video.twimg.com udp
NL 199.232.148.159:443 pbs.twimg.com tcp
US 104.244.42.197:443 t.co tcp
US 68.232.34.217:443 video.twimg.com tcp
N/A 224.0.0.251:5353 udp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 8.8.8.8:53 store.akamai.steamstatic.com udp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 tracking.epicgames.com udp
US 8.8.8.8:53 i.ytimg.com udp
US 8.8.8.8:53 www.paypalobjects.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
US 8.8.8.8:53 community.akamai.steamstatic.com udp
US 8.8.8.8:53 static-assets-prod.unrealengine.com udp
US 34.195.142.151:443 tracking.epicgames.com tcp
NL 142.251.36.22:443 i.ytimg.com tcp
US 18.239.36.73:443 static-assets-prod.unrealengine.com tcp
US 18.239.36.73:443 static-assets-prod.unrealengine.com tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 34.195.142.151:443 tracking.epicgames.com tcp
US 157.240.5.10:443 static.xx.fbcdn.net tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 18.239.36.73:443 static-assets-prod.unrealengine.com tcp
US 192.229.221.25:443 www.paypalobjects.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 88.221.25.169:80 apps.identrust.com tcp
NL 88.221.25.169:80 apps.identrust.com tcp
US 8.8.8.8:53 141.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 159.148.232.199.in-addr.arpa udp
US 8.8.8.8:53 2.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 197.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 217.34.232.68.in-addr.arpa udp
US 8.8.8.8:53 171.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 22.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 73.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 151.142.195.34.in-addr.arpa udp
US 8.8.8.8:53 169.252.72.23.in-addr.arpa udp
US 8.8.8.8:53 10.5.240.157.in-addr.arpa udp
US 8.8.8.8:53 169.25.221.88.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 106.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
NL 142.251.36.14:443 play.google.com tcp
NL 142.251.36.14:443 play.google.com udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 100.39.251.142.in-addr.arpa udp
US 8.8.8.8:53 static.ads-twitter.com udp
NL 199.232.148.157:443 static.ads-twitter.com tcp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 192.229.221.25:443 www.paypalobjects.com tcp
US 8.8.8.8:53 157.148.232.199.in-addr.arpa udp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 1.208.79.178.in-addr.arpa udp
US 8.8.8.8:53 facebook.com udp
US 157.240.5.35:443 facebook.com tcp
US 8.8.8.8:53 fbcdn.net udp
US 157.240.5.35:443 fbcdn.net tcp
US 8.8.8.8:53 www.recaptcha.net udp
US 8.8.8.8:53 c.paypal.com udp
NL 172.217.168.227:443 www.recaptcha.net tcp
US 192.55.233.1:443 tcp
US 8.8.8.8:53 fbsbx.com udp
US 192.55.233.1:443 tcp
US 8.8.8.8:53 35.5.240.157.in-addr.arpa udp
US 8.8.8.8:53 227.168.217.172.in-addr.arpa udp
US 8.8.8.8:53 t.paypal.com udp
US 151.101.1.35:443 t.paypal.com tcp
NL 172.217.168.227:443 www.recaptcha.net udp
US 8.8.8.8:53 b.stats.paypal.com udp
US 8.8.8.8:53 35.1.101.151.in-addr.arpa udp
US 64.4.245.84:443 b.stats.paypal.com tcp
US 8.8.8.8:53 dub.stats.paypal.com udp
US 64.4.245.84:443 dub.stats.paypal.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
NL 23.72.252.169:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 84.245.4.64.in-addr.arpa udp
US 8.8.8.8:53 c6.paypal.com udp
US 151.101.1.35:443 c6.paypal.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
NL 23.72.252.171:443 store.akamai.steamstatic.com tcp
US 8.8.8.8:53 login.steampowered.com udp
NL 23.222.49.98:443 login.steampowered.com tcp
US 18.239.36.73:443 static-assets-prod.unrealengine.com tcp
US 8.8.8.8:53 api.steampowered.com udp
NL 23.222.49.98:443 api.steampowered.com tcp
US 104.244.42.2:443 api.twitter.com tcp
US 104.244.42.2:443 api.twitter.com tcp
US 8.8.8.8:53 talon-website-prod.ecosec.on.epicgames.com udp
US 104.18.41.136:443 talon-website-prod.ecosec.on.epicgames.com tcp
US 8.8.8.8:53 136.41.18.104.in-addr.arpa udp
US 8.8.8.8:53 talon-service-prod.ecosec.on.epicgames.com udp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
US 8.8.8.8:53 120.146.64.172.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 142.250.179.130:443 googleads.g.doubleclick.net tcp
US 172.64.146.120:443 talon-service-prod.ecosec.on.epicgames.com tcp
NL 142.250.179.130:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 js.hcaptcha.com udp
US 104.19.219.90:443 js.hcaptcha.com tcp
US 8.8.8.8:53 130.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 90.219.19.104.in-addr.arpa udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 8.8.8.8:53 sentry.io udp
US 35.186.247.156:443 sentry.io tcp
US 8.8.8.8:53 156.247.186.35.in-addr.arpa udp
RU 5.42.92.51:19057 tcp
NL 142.250.179.141:443 accounts.google.com udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
RU 5.42.92.51:19057 tcp
RU 5.42.92.51:19057 tcp
US 8.8.8.8:53 youtube.com udp
NL 216.58.214.14:443 youtube.com tcp
US 8.8.8.8:53 14.214.58.216.in-addr.arpa udp
RU 5.42.92.51:19057 tcp

Files

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe

MD5 5bfa23386abab1683aeae2bb44cb9daa
SHA1 16723e90be68f923fdc4d3b95ab4a563c84000b9
SHA256 62f2e9fb644e5685bc637bf3edd7ddb95f65d657b21bf5f9d0d01b01fe4d0b48
SHA512 42d0c0194d6102fb848e45ab7169074fe729d639053b04537d2e7029210e0fa622c249cde7cf6544f5bff4f11056ad196db04279980cbc248e6c0c4097e78f98

C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\IF7ts47.exe

MD5 5bfa23386abab1683aeae2bb44cb9daa
SHA1 16723e90be68f923fdc4d3b95ab4a563c84000b9
SHA256 62f2e9fb644e5685bc637bf3edd7ddb95f65d657b21bf5f9d0d01b01fe4d0b48
SHA512 42d0c0194d6102fb848e45ab7169074fe729d639053b04537d2e7029210e0fa622c249cde7cf6544f5bff4f11056ad196db04279980cbc248e6c0c4097e78f98

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe

MD5 9e3fc3f0aaad6d061972fd4ba4892937
SHA1 b8cb1aa960459bde892216af08453e2ee2e8afa2
SHA256 590237f9158a0cc684b34fba3a39f63356f369bceed8b56c13747e84048ed89a
SHA512 cc1752bccd43c53dd2ec47d925846bf257c66927b8acd3c4ba0d36571c0f753ac6d1be1b2f0b6b0faa0b91c1334c2e35dd5d48647f62fe511263b8f849cbfc15

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\3qq524Sl.exe

MD5 9e3fc3f0aaad6d061972fd4ba4892937
SHA1 b8cb1aa960459bde892216af08453e2ee2e8afa2
SHA256 590237f9158a0cc684b34fba3a39f63356f369bceed8b56c13747e84048ed89a
SHA512 cc1752bccd43c53dd2ec47d925846bf257c66927b8acd3c4ba0d36571c0f753ac6d1be1b2f0b6b0faa0b91c1334c2e35dd5d48647f62fe511263b8f849cbfc15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 777424efaa0b7dc4020fed63a05319cf
SHA1 f4ff37d51b7dd7a46606762c1531644b8fbc99c7
SHA256 30d13502553b37ca0221b08f834e49be44ba9b9c2bbb032dded6e3ab3f0480d5
SHA512 7e61eab7b512ac99d2c5a5c4140bf0e27e638eb02235cd32364f0d43ee0784e2d8ac212d06a082c1dce9f61c63b507cb8feb17efffbd1954b617208740f72ad9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\4nr1Tp1.exe

MD5 e5fb5ade74bffb7e3f03a93202c3f095
SHA1 06903b1cd59ede6d8a2692cb210dae67d2326545
SHA256 cae909c5bbf18a7ee4a6fef934fa394bc3341bd019cd14ccab8075c7aaba0488
SHA512 440bdb51d05130bd977e35b95da1c6d838d802ae37af75935de627a69541834dfa47ff02d2014f18c11121050054ea939da63a7629b44a325da6a4d68ecfe64b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\4nr1Tp1.exe

MD5 e5fb5ade74bffb7e3f03a93202c3f095
SHA1 06903b1cd59ede6d8a2692cb210dae67d2326545
SHA256 cae909c5bbf18a7ee4a6fef934fa394bc3341bd019cd14ccab8075c7aaba0488
SHA512 440bdb51d05130bd977e35b95da1c6d838d802ae37af75935de627a69541834dfa47ff02d2014f18c11121050054ea939da63a7629b44a325da6a4d68ecfe64b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

\??\pipe\LOCAL\crashpad_1936_HGKDSDAEMDWZEKAC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4668_UBFBPBXXIBWVDFNV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_336_ROPXBNLBVBTEXMFK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4532_NOHSSJUQLQLKYKQN

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4868_TDNIGMPWHUWYFWVD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_2420_XLVEXJBMCBVMREKL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_1628_KSIEGAKCBIUHTJMT

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

\??\pipe\LOCAL\crashpad_4560_SDKJMCTVBASHZJOO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

\??\pipe\LOCAL\crashpad_2540_JUFZZQPCMLBMEJBU

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 921dca6a135d87d0baca160cb53007d2
SHA1 dd601ed70c3d13419f809173ed9649b171113919
SHA256 cb58d5c4d05f8e1e8cad72ae253668ab3ad4679798d67463584eb7e724e98db1
SHA512 df244326ed96ec0c897cc7a87581435ffe6d145be7846104308fa23610beb360f1326077cee04d2e1546d7c9b192fea709b91fed9ceb7cd0f7b74505c96db7b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\4e5c7b60-d150-487c-8784-ad071df3ba25.tmp

MD5 cb3254e5d39f04014cdb7f7779557081
SHA1 06749e09fb8d06f1d5a53c8423ab736dad084e7c
SHA256 a99251f48efa4821c989ff3d8857f18dabb8ac95a4f3d801e05033e84b6238fa
SHA512 00bb384a6aec657ba2f2ec2099190b8de8f56d769820644f3b1b7f1907630363424dc6ed57679f2c9c2ba6899e98dff3ab35ead6972c0e6daa915c6e714ad20d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 921dca6a135d87d0baca160cb53007d2
SHA1 dd601ed70c3d13419f809173ed9649b171113919
SHA256 cb58d5c4d05f8e1e8cad72ae253668ab3ad4679798d67463584eb7e724e98db1
SHA512 df244326ed96ec0c897cc7a87581435ffe6d145be7846104308fa23610beb360f1326077cee04d2e1546d7c9b192fea709b91fed9ceb7cd0f7b74505c96db7b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cb3254e5d39f04014cdb7f7779557081
SHA1 06749e09fb8d06f1d5a53c8423ab736dad084e7c
SHA256 a99251f48efa4821c989ff3d8857f18dabb8ac95a4f3d801e05033e84b6238fa
SHA512 00bb384a6aec657ba2f2ec2099190b8de8f56d769820644f3b1b7f1907630363424dc6ed57679f2c9c2ba6899e98dff3ab35ead6972c0e6daa915c6e714ad20d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9c87f117cd3f7f25fc2121423520d147
SHA1 ac69baf4dcc0ed6863ccfbc8910ad9945c9ce6f3
SHA256 6b7d8daa85d3205764e1d7ed262ee25571ac056da55a8429d089c3b3dc7f4bc6
SHA512 d196991c88630aa2aaaa8afb84839c2446f19d2734c6f4a54798b23d52c2a629f054ad0a0edf8d57f7b809c00af7d1de5f0aeca8ff3a0fbb330ae69a72064393

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 242ace0873b6f4f86ba7cf6aea647a81
SHA1 ccde34e022d1fdfa141be76ff20d7e7f1fe2f617
SHA256 bc02e23db62dd70ae8acd8f3abc4e4fbf878c4ab28a8a28d29075e4486aa989b
SHA512 9009548529d1de4313edf7bbebc83faad71b5be87f45685a8456b90a862705724c1314c435d2511380439ce2b0ee0bfd4ce37a20e8c82bb03ce1c4eeaa3106ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 242ace0873b6f4f86ba7cf6aea647a81
SHA1 ccde34e022d1fdfa141be76ff20d7e7f1fe2f617
SHA256 bc02e23db62dd70ae8acd8f3abc4e4fbf878c4ab28a8a28d29075e4486aa989b
SHA512 9009548529d1de4313edf7bbebc83faad71b5be87f45685a8456b90a862705724c1314c435d2511380439ce2b0ee0bfd4ce37a20e8c82bb03ce1c4eeaa3106ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\3f9e5d54-34d2-473b-a084-9420a20a99b8.tmp

MD5 537744a9dd676b5c34e754d2411d87df
SHA1 230c1e9695eab5f2693f2d5868f6f594014ab1bf
SHA256 dd4f007a44f1cff8b9ac4b25c14d9a9598a88d673350eab57cf507a2a33482d8
SHA512 86ff8ead88b908074003fc664f4e1472af9e196e96a77ddc3e4c23cc1cf0ed2900819f536c647e41ed624400136966fbe40a0f7bc9cade9847cea79b588572a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1f70ad982ee4d283b1d5069cfa56c85c
SHA1 1e41dc10ca102261233b07ac5629a38e17da0b9e
SHA256 d6256a90bf047283f48323c2cdccd9cf1ee5f6beb044b9214ffd7acea052f2c3
SHA512 a582fff00e1edfc4050cdb4a418c5cd19b3d1b03b134894704d33ab78fb2e6115ce692940f9aa0496f737f505319855d27135f9b4b47783183d6fbe5af41d7f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\061a09c6-b112-4894-bcb1-e25f322468c0.tmp

MD5 7e9a85a2aa4918ccfe12a08937c2a873
SHA1 3e7e2406b0db77fe2a362422cdcf21b32ae43b9d
SHA256 a368beef32379258445855160c952835a73f4506239fcdfdf02ebf42a8bb1169
SHA512 ad1d1fb68d7f3893b6d67c64fe2c762dca9f926aef66b5db2cbcd615e49c7fda10f5ace1dd92719c15ff2c41856c3515558e3643f904868d9be858a150ffa317

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1f70ad982ee4d283b1d5069cfa56c85c
SHA1 1e41dc10ca102261233b07ac5629a38e17da0b9e
SHA256 d6256a90bf047283f48323c2cdccd9cf1ee5f6beb044b9214ffd7acea052f2c3
SHA512 a582fff00e1edfc4050cdb4a418c5cd19b3d1b03b134894704d33ab78fb2e6115ce692940f9aa0496f737f505319855d27135f9b4b47783183d6fbe5af41d7f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 762f9114d1967ec5f6bcb76918b1f664
SHA1 e29e4d754d4107f6078ef6f5756af554cb9d3f7b
SHA256 6be11955592e4ae33287e4936753d928bac67dc39a7ab806726127efbc874bce
SHA512 b311c6b40e4c9b988de6e3a265096e304aed0a028a96a88389607b15666a7a898d1927fe69e26258e80906ebb5473820f8ce8605070a345bbcedb5c6837711c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 762f9114d1967ec5f6bcb76918b1f664
SHA1 e29e4d754d4107f6078ef6f5756af554cb9d3f7b
SHA256 6be11955592e4ae33287e4936753d928bac67dc39a7ab806726127efbc874bce
SHA512 b311c6b40e4c9b988de6e3a265096e304aed0a028a96a88389607b15666a7a898d1927fe69e26258e80906ebb5473820f8ce8605070a345bbcedb5c6837711c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7e9a85a2aa4918ccfe12a08937c2a873
SHA1 3e7e2406b0db77fe2a362422cdcf21b32ae43b9d
SHA256 a368beef32379258445855160c952835a73f4506239fcdfdf02ebf42a8bb1169
SHA512 ad1d1fb68d7f3893b6d67c64fe2c762dca9f926aef66b5db2cbcd615e49c7fda10f5ace1dd92719c15ff2c41856c3515558e3643f904868d9be858a150ffa317

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9c87f117cd3f7f25fc2121423520d147
SHA1 ac69baf4dcc0ed6863ccfbc8910ad9945c9ce6f3
SHA256 6b7d8daa85d3205764e1d7ed262ee25571ac056da55a8429d089c3b3dc7f4bc6
SHA512 d196991c88630aa2aaaa8afb84839c2446f19d2734c6f4a54798b23d52c2a629f054ad0a0edf8d57f7b809c00af7d1de5f0aeca8ff3a0fbb330ae69a72064393

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 483924abaaa7ce1345acd8547cfe77f4
SHA1 4190d880b95d9506385087d6c2f5434f0e9f63e8
SHA256 9a111c2b76c1b5f6d4f702502b9ff4326b7b5682921c2760286dd073824cb684
SHA512 e4ac0a0d5f06e056901c68488e34358a32a5bc7aeffcd82af7eba6043d0fa35eaa67a67c3716dcb661aaca441677819bcba7d35bc4efc6103f3ce32f78e32310

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fd75d9b39b5d86dd6088d58701b95e6a
SHA1 57fda8ec66c5ef85065db00b1bc98d1ef845f648
SHA256 e58a48e5440af8163bd7b8b3510e634fcb8c459d07ff0525690ce9247c533da5
SHA512 29abf6555658993957771c213d9cc73769f53b882101d10e06a141c80ed81e153f7650719f2ad44e27d260fd1eeaa8f5897ac67f62f5d549ee38df2a53c89b55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 537744a9dd676b5c34e754d2411d87df
SHA1 230c1e9695eab5f2693f2d5868f6f594014ab1bf
SHA256 dd4f007a44f1cff8b9ac4b25c14d9a9598a88d673350eab57cf507a2a33482d8
SHA512 86ff8ead88b908074003fc664f4e1472af9e196e96a77ddc3e4c23cc1cf0ed2900819f536c647e41ed624400136966fbe40a0f7bc9cade9847cea79b588572a4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 fd75d9b39b5d86dd6088d58701b95e6a
SHA1 57fda8ec66c5ef85065db00b1bc98d1ef845f648
SHA256 e58a48e5440af8163bd7b8b3510e634fcb8c459d07ff0525690ce9247c533da5
SHA512 29abf6555658993957771c213d9cc73769f53b882101d10e06a141c80ed81e153f7650719f2ad44e27d260fd1eeaa8f5897ac67f62f5d549ee38df2a53c89b55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7e9a85a2aa4918ccfe12a08937c2a873
SHA1 3e7e2406b0db77fe2a362422cdcf21b32ae43b9d
SHA256 a368beef32379258445855160c952835a73f4506239fcdfdf02ebf42a8bb1169
SHA512 ad1d1fb68d7f3893b6d67c64fe2c762dca9f926aef66b5db2cbcd615e49c7fda10f5ace1dd92719c15ff2c41856c3515558e3643f904868d9be858a150ffa317

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1f70ad982ee4d283b1d5069cfa56c85c
SHA1 1e41dc10ca102261233b07ac5629a38e17da0b9e
SHA256 d6256a90bf047283f48323c2cdccd9cf1ee5f6beb044b9214ffd7acea052f2c3
SHA512 a582fff00e1edfc4050cdb4a418c5cd19b3d1b03b134894704d33ab78fb2e6115ce692940f9aa0496f737f505319855d27135f9b4b47783183d6fbe5af41d7f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 56aa1431e51f7c37241ea6e79387abd9
SHA1 bd823d2769fbe53594b87bc378c2c0d784706b33
SHA256 4b7624c01c59f7895584d30278b79ac66241d12bca663969fe63dc43e41456f8
SHA512 33be697a4a147cf670ee5976f3be26108bc78cf708ccf4508323f0bc7ae66832f24eff7f064e21cf2850a75c5bc9adeb25c0d551853958bc4e66adbc9b3c23bd

memory/7792-341-0x0000000000400000-0x0000000000433000-memory.dmp

memory/7792-371-0x0000000000400000-0x0000000000433000-memory.dmp

memory/7792-372-0x0000000000400000-0x0000000000433000-memory.dmp

memory/7792-374-0x0000000000400000-0x0000000000433000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a9c02a04093310fc2f113ce818b1f033
SHA1 62579347a0cbf2383479d587d12ced56d634bd7c
SHA256 583d8c026686dfd2ed2d1879cc19e600a25ddcd3fee1ff6cbec5ce62827fc6d2
SHA512 3a0bc5145e1538e48398b9050c8e53c52d853ab7eb8b235c7a072df6455ed1eaecf9492c2b91975e54592f62a4cf4f207ac51c6ff4e5a506c92d33408c8bbc45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fccf3aa72ed8c11529849678a20175bb
SHA1 e35dd6ccf93eb4d70f2c940a5a0817735332bf8c
SHA256 da6f870254b74540c5d14a225b2172e09d1883eb0d3c2fb7492b2208a08336b3
SHA512 75d7134cb09c3966f0400b3239732532906a9b94399780ff1ecdafed194441deb241b68f7500eb923fb998423f805bc39b28503c5935688dfdd6e91d00308606

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 69da389f968ffd1c6cc035e61be79011
SHA1 a168f7878bd33c17c409b4ba59d0c1c7e81764b6
SHA256 fb0c50af322f41749be80c3c3f3ea07a724375b16bf835e96672a86deec30012
SHA512 890d512f8d738876d5d9e4de67c2ba302a305dce04fdfcc9727c3ec3b34f4cf0adda8ac54057aacf485106ba963ba93dd459695af53ae83942a474a6f9d52218

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 1c706d53e85fb5321a8396d197051531
SHA1 0d92aa8524fb1d47e7ee5d614e58a398c06141a4
SHA256 80c44553381f37e930f1c82a1dc2e77acd7b955ec0dc99d090d5bd6b32c3c932
SHA512 d43867392c553d4afffa45a1b87a74e819964011fb1226ee54e23a98fc63ca80e266730cec6796a2afa435b1ea28aed72c55eae1ae5d31ec778f53be3e2162fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

memory/6656-479-0x0000000000400000-0x000000000043C000-memory.dmp

memory/6656-480-0x0000000073BC0000-0x0000000074370000-memory.dmp

memory/6656-481-0x0000000007810000-0x0000000007DB4000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 7d75a9eb3b38b5dd04b8a7ce4f1b87cc
SHA1 68f598c84936c9720c5ffd6685294f5c94000dff
SHA256 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
SHA512 cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 fdbf5bcfbb02e2894a519454c232d32f
SHA1 5e225710e9560458ac032ab80e24d0f3cb81b87a
SHA256 d9315d0678ac213bbe2c1de27528f82fd40dbff160f5a0c19850f891da29ea1c
SHA512 9eb86ebb1b50074df9bd94f7660df6f362b5a46411b35ce820740f629f8ef77f0b49a95c5550441a7db2b2638f0ed3d0204cb8f8c76391c05401506833b8c916

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 4e08109ee6888eeb2f5d6987513366bc
SHA1 86340f5fa46d1a73db2031d80699937878da635e
SHA256 bf44187e1683e78d3040bcef6263e25783c6936096ff0a621677d411dd9d1339
SHA512 4e477fd9e58676c0e00744dbe3421e528dd2faeca2ab998ebbeb349b35bb3711dcf78d8c9e7adba66b4d681d1982c31cac42024c8b19e19537a5615dac39c661

memory/6656-507-0x0000000007350000-0x00000000073E2000-memory.dmp

memory/6656-525-0x0000000007420000-0x000000000742A000-memory.dmp

memory/6656-519-0x0000000007460000-0x0000000007470000-memory.dmp

memory/6656-562-0x00000000083E0000-0x00000000089F8000-memory.dmp

memory/6656-565-0x00000000076C0000-0x00000000077CA000-memory.dmp

memory/6656-568-0x00000000075F0000-0x0000000007602000-memory.dmp

memory/6656-569-0x0000000007650000-0x000000000768C000-memory.dmp

memory/6656-571-0x0000000007DC0000-0x0000000007E0C000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bc358003c375320585dd441c618c0cbf
SHA1 cac7237a62d6c5e1d6ded37bed66e43bdd20c66a
SHA256 26196942592a284eea4f3e9fdaba882c6ab565c5e7409ae16c3a6cc3344c8c89
SHA512 deadc0509c3c571a5e0970f3c5c2facb4a0f9a21fef2d001db72fabbb3d9cf4eb4ce51014302a613fcf6803e03c9cb6d7c89368cd94d6049e48a14e97efebb43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581c8c.TMP

MD5 a223fd16ed474f3c39ff0259f6653f15
SHA1 5f79665e52e04e4389a5a39743d58c275d590e56
SHA256 473e979a17faa14ac3a03ae3b9cf3e1833180839ef10e3bd8e9e475bb1750016
SHA512 f3061a6d5a235f543abe6a12a88db4329fa78b8fceb60b69aba4db228e9fa2c53a72e4b6a98528c0635d39b25a6d2ec2225e767c64304a5e35cfaa75bd66d1e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4d5b1845eecfbe8999ac25ea7b0ddc07
SHA1 0cbed3c215492034ad21c1ec6e1d80ed74292677
SHA256 2670af0043d20903b2caafae577c621fc51cb41cdfaee5b39626a1cd869a693a
SHA512 ff042ebdc48709b1a8f5d577b126f20b3ff9b21764512fed23698a163ef9313c89d9516ed5e1155d0457f64703afd601fab4344662f4c51f680b9bb7aad98e28

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 740a924b01c31c08ad37fe04d22af7c5
SHA1 34feb0face110afc3a7673e36d27eee2d4edbbff
SHA256 f0e1953b71cc4abbffdd5096d99dfb274688e517c381b15c3446c28a4ac416e0
SHA512 da7061f944c69245c2f66b0e6a8b5a9bca91bda8a73f99734dcb23db56c5047de796fa7e348ff8840d9ac123436e38a4206408573215b7e5e98942ea6d66bb7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 44466e304cd01caafd2d7b26df78dcba
SHA1 955161f33769fdff7a7c1d6010fa5e4a713da2ff
SHA256 df84349feffbeb4afb5fcd8071a67628d4719bc55c8b5e70f5c1ac6d2833665b
SHA512 89d15ff18a2f995b818b4eebbdb64614fe6149f360dea72728534de317eec091721b1dfd2296e8f405b67e1545b4a83bee1af951607941029b099f0d011deb7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

MD5 cca330843aff5fa148c512a0d5f6d8ca
SHA1 3631aefdf656dff500e18920c405fff3e95a1b5b
SHA256 4760fe27487a6842eeedd120fb8664ed4d43d0dd2af40af8d22d23450d08ac2b
SHA512 699ab79f481926f8f184c5b5fea711cf8392a8744c9c0c5d72cc6da53d4c5158cc84ff85449b5fd47868579f6fd0a8f2ad3754aaf6d1da22260695ac1c4d898d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt~RFe58465b.TMP

MD5 1e286a200646dd8860784cf12ad17048
SHA1 1677eb780a297bd74b74a640e92f999628cf8813
SHA256 d529012f51d5ab08b680b7c9bd51333d4a8e2017cd9718aa463968d8a82789aa
SHA512 f6c443dfc330d77ee402c3d146a8965aba6d4bdf9a45592dcfbd6fffcecf283e41c6f4204e3915f02d76357bda79de4564913cfdc3a2d3a0acf6efcad36f4dc1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b819efba58b194d58982683d8f18879e
SHA1 67898d0182f52f09bec3c5ce540cd8cd27962637
SHA256 23edc7f3037d8c1ede6254de8532c0422e80e9f792d8f6627cc84a4bd949a6e5
SHA512 b2c623231ffe4a956be83a5329e5c130b1be585bdf90d8799e2754e4721e8dc0fe789eef2946bd6a93694b58496df4dd7cb472c1e8737c5d69990adb5de9089b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\5c8305a1-21b9-4f12-a667-c0ca92dec435\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 5995d02e68d91cd86efe331f253a36c9
SHA1 5a651dd375492896bab719b41738b565fbe107b5
SHA256 6efe905aa85efc2b097f701413891722f62cff5b4fee5c9807e6bdbea625a722
SHA512 1e663785ccd6c33481c2cf09323fef3d2e48c76eadab3cd499a60b7f412a98377d8bdbd904dbbe21d03d945637bf1736f5a4f8b1e0e1b0b15960dfd139215af9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp

MD5 2e2a4e04ffa89914ffa247c308f85c23
SHA1 798bbcff58670a1508e2c6034a2ca63b40b316f1
SHA256 8b3f324ab9568be7021397a60668a5af2d6e97e1331f2dea16fc270c31e0a8e0
SHA512 0b437cfec8c8af883a99842d63828df9669389a48689e1b689c463c5d6ab76b86ccb2ff7ed60eea419a5e87f54c979f7a5f32eed1546b89a32175865f2d7a541

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8e38c0d99ab8529ea22499d7d9ea00ad
SHA1 b6f982ab53b468a9c793b7db77cdc0653649bd90
SHA256 4455a0650b644f7387527f84d611e256218ba40ec8dcca70cc8dad11039214eb
SHA512 318bc1b2bd75a5e83e59c404e171064b97325d89cc4a7c65fa3e320cbf264fb76640b4b0473527bf1827d5d2527a6d297010553e2f096a54ba5f9e1ac07d9e55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a42b578cf90610a5f21a45196e2b5295
SHA1 d5c8bad37d7372dfba425e68a6b786d193453c5a
SHA256 52c003a3563ba5576d801c08b2baef4f89e3178ee1e23c4d1474d1977dd437e7
SHA512 0c7c317ef80baac5c3e5776fc6f583dedb632393b87902edbb91faac8b25c9640244e53747a728c40380b1e7e460c7f5e230e5020d3851b15ba33bb94bfffdd4

memory/6656-1278-0x0000000073BC0000-0x0000000074370000-memory.dmp

memory/6656-1349-0x0000000007460000-0x0000000007470000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 3e536a2b69873946265a2f8e778c7fc3
SHA1 9d092e62d7282b3b6e050cb8881b7eaf7f39f8c8
SHA256 4f47199c8f25fcfd7d0b1ef51f4e0054c15ea56ddbe078ca9067b234fae9a772
SHA512 fbd9e71ea0415681039469a45cf3b777532795e54e04ba30ccd85e1f6aba67ac50abc7d30500d6d2a9320585f58065134df797811efc2291514e94fdb00362f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f2e97b99d2378837de525dace099d683
SHA1 47678332cd3f88b162ba4808f4deeda48c932133
SHA256 f9271ef99be54862652ad5f4866a5c6305f87214981302c09f8ecd33f37c5f23
SHA512 a8d15ae4d38273667063b20adf29caa76d197c36d8b1bddc7029fd0e735f179360ca6d8bff9a4f75b061b42f5352ba9e6a3677ba50f8a6d6a1fa7fae25975cad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58946b.TMP

MD5 7236713e686a73e7fcba5864e95266f3
SHA1 9ddc8a7a4e3ad3211a6e9607115d3d8ecabedb42
SHA256 5532341cb1ae66836b38c25ab3f411b912d43eaed3491a057eaeb17edf739ad1
SHA512 f0b5f91c4b29530962c88bce5b35e98dea9b0aa5fb67e99b8fd258a306cf7b707e1fc1d58e29b63af2e5400b3fb9b2eacc769480d7f06e37d0aa1a92ec6a07d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\e8719324-48d0-4e50-bb84-d636fe94c648\index-dir\the-real-index

MD5 c6128a04a87845fce8ff7421be999e49
SHA1 89805fb27b92b0f0ef8812a988aae39d18fda1e1
SHA256 1864fa0815e0b50be49a96a7b2172c46b079a44bc14426a5f118cf9fd3f96031
SHA512 a5effb62d30986bba0d2b1ef1eca8d7a7fe94f91201feeda6145cd856822096a3bfbff26e8dba1304e02f79009060d3e8b101455a285de742e1b48e9e2130abf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\e8719324-48d0-4e50-bb84-d636fe94c648\index-dir\the-real-index~RFe5896cc.TMP

MD5 51f31faf430562efa8589c914c5b0f24
SHA1 e03bee5cdae6882a15b04e7cda06b587c6dd6037
SHA256 295627ad32a7da75bb9cd6a7418730c9b876c0c3761915605cfa9afaa9b6f4dd
SHA512 988cc8f422f6c6a05563438fd02e84742db81428dea464a50c620052207b0d2510d9bd4e7d0ad1ace5b1010661089995e38d0d5f86a9f08c03546414fabc3b22

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 057e0ae2b7554ceb62f113f2fccd69a1
SHA1 5491721c7b1d0406df52d7d84aa3e123e13da24c
SHA256 2f6fe4aafd2d6526cd18114581bbf23c27d1858d76170f26df9d6302a2ecfd72
SHA512 531a6149231bf73dd1eb0002cf0d7de5e3c6fa28e036846b02f0379775d3a7823721c360abbf35790bba357cdd2dab705d60eef6ca9b10ae54702df7be6faf9a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 feff13dc7da6bfc31379b9d5ff765566
SHA1 fa7b15a4d9f461c8f1ed9a80001cd25dc8bd5890
SHA256 9de3dd57dd5ce9eb73fb04496dc0b27e552796cc97a9f93f86deb8058787bfd9
SHA512 f159daaa7009d92dd4cc594baa32a90ec6ae19f371dd8ef74983418f411ade83d923c7c9ffc8379f14d62b215789703f0ebec74fc0c6bf122eeaa3400abe2abd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 51e01ff9a9a5a1ec009d8778f43d70fe
SHA1 34e012e29375d0247fdcca1a85e520e563e0c9df
SHA256 890cd48d20e8449fe3fa7f065ad11cd2bb56014eb4226935b84db107eb2356cb
SHA512 7ff34e22d5962a9bae2f06706047104ea38a67d5cc70fa6a74babe5b448509373a022e74208eb25f0bc218854bb6470540c899a32bacab5d9c8fa482faa0e52b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 7b24a8457dafbd75bf5b42575768eb9c
SHA1 f5d4055c9911b4306974e6d3254fd348e32d9422
SHA256 9de0f580f79d6b555babe407d7a6c7537a84fb4d8570d513a5783edf42297e51
SHA512 ab39076977c180f2722c0c6930e419e843d7c770ae2fe787651197ba4a379665c7d8099db0c6b94011a388cdae1c7263f2c4f186d3c79d4ee768521ae656cec7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1b919018b90448aac62280f51c282fa9
SHA1 1b9965b8d110fbfc553315bc832c3f721beb272d
SHA256 d3cbf91d32a9ec933c452607072a1dae5c74b5dd065050c1df50e714d2980249
SHA512 5e974c18bd5742cd49ddb86585964f7c17e1a72db2560dbdf068814625ef9c754a66785aad9b71d230a67e991f41b88111994fc9e557b118f2248bc63353a94e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 6dab3837a02aba0cfa107b3a41adcc59
SHA1 dbbbc7111c36f850fc052b8544754082ee3a250a
SHA256 dafa566050d0dd7a6f7b47d9087b3676ef3a80868217ddf6aade7ff3fd1c37e8
SHA512 32e25f7d3457932d418ea13a0c7c0bc4ae979ceee831db18358a177bc5962b88fe3c404474ca39e8230b2a5411723889e2e61d8aa86b9b67f7a3972e13cdbdc0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fd0295a2d8ac20e2324fba9dd98b6697
SHA1 e8dcc0d66204893ba58a65ebd1581e5982eaf0f8
SHA256 cfcf9ea2e80a0c34d8e89ff3e5a1b47cbd9ba78f93fd15410fcb11b666f4a549
SHA512 51719f42347227c388bfb6a9dad5b66eae41e1cc09be96919430f092995d1d73be385fa828f4f7f8e2bc7868edd85cff02058d2bbcaaeb6b85d187741de60d5b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 052a32f9969d25eeb2a3611a5f20fe26
SHA1 acc1b0c648999a9c3dc4a7f2d59ab36065311a40
SHA256 b2f4c4a4e19403cfe3146b6f866fdb5a421a2158f1ca7afc66c73d05b610c7dc
SHA512 3a20af6926ce2de6fe5d0bbce3ad5c5ebd69701832db99f2f3aee834f044a1ddef0f4b2b566874605667fb6d00439dd0bf4b4b81d8648c5bd37aead749f607fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\443f66bf-20a9-488c-ad2d-0af1a446c4b6\index-dir\the-real-index~RFe5953d3.TMP

MD5 2f799ae4761114a967f5d19e0dee9fd3
SHA1 e8c8f91b6a5cd821993e839ba2519d2360c4b194
SHA256 24497afb66c5914a769897602e940052619cf9aa43c23162e1c248d2fd259156
SHA512 0ee9c19a4b8fcd5963924330883bbe420267f508a3804c9e876949270dfda0e5e8756aa89de207a558adfbfb4bee68630067492c4013ffbec33494bccefba38e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\443f66bf-20a9-488c-ad2d-0af1a446c4b6\index-dir\the-real-index

MD5 e856d55d76ee97e10615d1491aa16d82
SHA1 0b4607429909496b784e779b7565347f505cb08a
SHA256 309fe49b48c2b8e9ac207a9dd4f70039865185f0cfa466956b216204d6dd08a2
SHA512 44b65f0809298f9d57de54c81c4be9b84f5a0a837b0fb5678a6364388d1038bae744297a656e3b34ea9b2f19f969fa1fd33c111fc357500a6151dcd848fae4c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 dd25fbf6e382ac11969b317f1869bf81
SHA1 19d1d515d9f0de8dc34d427ee651f8f86b1663f1
SHA256 5c5f7f5f68edc970ec88dbe151e96d396e0e9bf4a625bdb05aa93f39f9210a99
SHA512 3b7dfa12cb748398f79e56090c463f08d0b0ac884d8ba8a1fcacaac71e672ddb0e59447bedb4f90babeefee68b83e9a5554dda2b59eb74b8462f739550dd05f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d271216f61cc3eacb8828d1dc14476dd
SHA1 95f133f328e8e059126e4d41668086d8b69ccdf4
SHA256 ce912c114eb818a4fc205163dce7f61993faa5b88bb569de387e70c6d6474386
SHA512 9060098f6cc549a7908d121b8f1d9e0924b5ddc125a00827a0e53a1306065046a173455f9699bf3b0b00f1a7d33c2b9be58c3dd596ec5d7ac4c1cccb1db98996

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\a3923066-0121-4be8-8996-4531e9d27fc6\index-dir\the-real-index~RFe59865d.TMP

MD5 49ee87ef682f47e7d553016c2ab8c9cd
SHA1 a33dfe2a0670ae57409df020be2fefd4fa5aec1f
SHA256 a5c9b5a6175e97b9d089fd8e435e590e5f2c3f9b6af835cc174404c92dc2fba1
SHA512 c7b7e4b7f3adffdea54c04a81ad095c7b4701cf49c2de1f33e591cbdd92900aadf57977e048992e6ba3a1c9d0c7de96d4d4255a5af1f9e7a8e4a0742d4d7cd1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt

MD5 b768c8f50c091a63c7c8dfef34450df0
SHA1 06ae7f13eadb9e989552f468caf62be52e090bf9
SHA256 e7b30d9f23fd5fbe8b18529a16f3810aaa5929fa96a39c3e418acb6c0862ad5a
SHA512 0cd2257d1f200357f5a65b8b794e160791274ff1ada9ed573ff398c03916f4efd0d27b0490484486b582a3752aed9e9352ab6c33656845e656abd94b7aa33536

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\a3923066-0121-4be8-8996-4531e9d27fc6\index-dir\the-real-index

MD5 7060c2be9128a0ea2400c25be0a8fd2d
SHA1 3665d17dc592c156482a428b1ee338fdbf168be4
SHA256 af9f829519d779b5a0c5636c0bb8e1c9cf6419f393260dccf5b6399ad4ab0318
SHA512 77f50c6d267399257fcd83a75ed9930eb01c1a8679f770a527660a8f16fd1e7889dfc90b2f986e41ccb1877419fb4ec199aa645adfca187597fbb79507ffe8dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6bcca0eb5a362878c82d804027904f31
SHA1 a2a38669b8e01866c9b4318025e8dfa604806a4e
SHA256 02c5c2bc84c6dafa39f951e61a3d8caf5ef6ace687e1a73507ea9594ad788a74
SHA512 adaf2b95f7f069ee89b8dc92063cbf61d5e9684ac92e4077da1ae005e203a5070edfd992d4335348f39a73a25e75c4d66a8d55a0e12aee73fec022fddcf172e9