Analysis Overview
SHA256
3eeb967bd0929e107e857e57ba7789dfd35d38d2249b56ba61e361b28f8ca1dd
Threat Level: Known bad
The file 3eeb967bd0929e107e857e57ba7789dfd35d38d2249b56ba61e361b28f8ca1dd was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
RisePro
PrivateLoader
Detect Lumma Stealer payload V4
Executes dropped EXE
Adds Run key to start application
AutoIT Executable
Detected potential entity reuse from brand paypal.
Unsigned PE
Program crash
Enumerates physical storage devices
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-12-14 07:40
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2023-12-14 07:40
Reported
2023-12-14 07:43
Platform
win10v2004-20231127-en
Max time kernel
151s
Max time network
155s
Command Line
Signatures
Detect Lumma Stealer payload V4
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Lumma Stealer
PrivateLoader
RisePro
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Kt7Pk25.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1CO85JC9.exe | N/A |
| N/A | N/A | C:\Windows\System32\WaaSMedicAgent.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\7jJ4IH18.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP000.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\3eeb967bd0929e107e857e57ba7789dfd35d38d2249b56ba61e361b28f8ca1dd.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup1 = "rundll32.exe C:\\Windows\\system32\\advpack.dll,DelNodeRunDLL32 \"C:\\Users\\Admin\\AppData\\Local\\Temp\\IXP001.TMP\\\"" | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Kt7Pk25.exe | N/A |
AutoIT Executable
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Detected potential entity reuse from brand paypal.
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2xs5428.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\7jJ4IH18.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\3eeb967bd0929e107e857e57ba7789dfd35d38d2249b56ba61e361b28f8ca1dd.exe
"C:\Users\Admin\AppData\Local\Temp\3eeb967bd0929e107e857e57ba7789dfd35d38d2249b56ba61e361b28f8ca1dd.exe"
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Kt7Pk25.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Kt7Pk25.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1CO85JC9.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1CO85JC9.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffb85e146f8,0x7ffb85e14708,0x7ffb85e14718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x174,0x178,0x17c,0x150,0x180,0x7ffb85e146f8,0x7ffb85e14708,0x7ffb85e14718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb85e146f8,0x7ffb85e14708,0x7ffb85e14718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://store.steampowered.com/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb85e146f8,0x7ffb85e14708,0x7ffb85e14718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://twitter.com/i/flow/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb85e146f8,0x7ffb85e14708,0x7ffb85e14718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://steamcommunity.com/openid/loginform
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb85e146f8,0x7ffb85e14708,0x7ffb85e14718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.epicgames.com/id/login
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x164,0x168,0x16c,0x140,0x170,0x7ffb85e146f8,0x7ffb85e14708,0x7ffb85e14718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.paypal.com/signin
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb85e146f8,0x7ffb85e14708,0x7ffb85e14718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb85e146f8,0x7ffb85e14708,0x7ffb85e14718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x160,0x164,0x168,0x13c,0x16c,0x7ffb85e146f8,0x7ffb85e14708,0x7ffb85e14718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,13882126559657081234,17845609959654167590,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,6121791439157108195,7841268462629915030,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,17677256485452179356,6697099601565501563,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2168 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,6121791439157108195,7841268462629915030,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,17677256485452179356,6697099601565501563,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,13882126559657081234,17845609959654167590,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,13391698161842862164,17130175537579432216,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2416 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,13391698161842862164,17130175537579432216,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,16933160437806396213,5277781404458530103,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,16254181571738080067,8191280205355141171,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,2018134619989433755,12150522701519590740,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,16254181571738080067,8191280205355141171,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,16933160437806396213,5277781404458530103,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3876 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2xs5428.exe
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2xs5428.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 6768 -ip 6768
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,16303386803036981192,13000953819745077403,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,1457774329502141609,14873429678922486683,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 /prefetch:3
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6768 -s 608
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6404 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\7jJ4IH18.exe
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\7jJ4IH18.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 6640 -ip 6640
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6640 -s 1020
C:\Windows\System32\WaaSMedicAgent.exe
C:\Windows\System32\WaaSMedicAgent.exe 819c32dee09a8c7dea14137a922fde38 Vwep/EsMPkK1FzQI/5+0sg.0.1.0.0.0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8328 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8328 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7936 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1972,12795618984241175564,14151479183625129564,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7512 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 23.177.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 59.128.231.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 92.123.241.50:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| BE | 64.233.167.84:443 | accounts.google.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 50.241.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 34.196.45.42:443 | www.epicgames.com | tcp |
| US | 8.8.8.8:53 | 84.167.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| GB | 104.103.202.103:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 42.45.196.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.202.103.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.181.190.20.in-addr.arpa | udp |
| BE | 64.233.167.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | soupinterestoe.fun | udp |
| US | 104.21.24.252:80 | soupinterestoe.fun | tcp |
| US | 8.8.8.8:53 | dayfarrichjwclik.fun | udp |
| US | 172.67.174.181:80 | dayfarrichjwclik.fun | tcp |
| US | 8.8.8.8:53 | neighborhoodfeelsa.fun | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 252.24.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.174.67.172.in-addr.arpa | udp |
| US | 172.67.143.130:80 | neighborhoodfeelsa.fun | tcp |
| GB | 142.250.200.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | diagramfiremonkeyowwa.fun | udp |
| US | 172.67.183.217:80 | diagramfiremonkeyowwa.fun | tcp |
| US | 8.8.8.8:53 | ratefacilityframw.fun | udp |
| US | 104.21.74.182:80 | ratefacilityframw.fun | tcp |
| US | 8.8.8.8:53 | reviveincapablewew.pw | udp |
| US | 8.8.8.8:53 | cakecoldsplurgrewe.pw | udp |
| US | 8.8.8.8:53 | opposesicknessopw.pw | udp |
| US | 8.8.8.8:53 | politefrightenpowoa.pw | udp |
| US | 8.8.8.8:53 | 130.143.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.183.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.194.73.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.74.21.104.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 54.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| IE | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| IE | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| IE | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.213.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | abs.twimg.com | udp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | api.x.com | udp |
| US | 104.244.42.130:443 | api.twitter.com | tcp |
| GB | 216.58.213.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | pbs.twimg.com | udp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 172.64.150.242:443 | api.x.com | tcp |
| US | 8.8.8.8:53 | video.twimg.com | udp |
| US | 93.184.220.70:443 | pbs.twimg.com | tcp |
| US | 104.244.42.133:443 | t.co | tcp |
| US | 68.232.34.217:443 | video.twimg.com | tcp |
| US | 152.199.21.141:443 | abs.twimg.com | tcp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 242.150.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.220.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.34.232.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tracking.epicgames.com | udp |
| US | 8.8.8.8:53 | static-assets-prod.unrealengine.com | udp |
| DE | 52.85.92.12:443 | static-assets-prod.unrealengine.com | tcp |
| DE | 52.85.92.12:443 | static-assets-prod.unrealengine.com | tcp |
| US | 3.232.181.43:443 | tracking.epicgames.com | tcp |
| US | 8.8.8.8:53 | 12.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.181.232.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| GB | 104.77.160.221:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 96.17.179.205:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 18.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.179.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| GB | 172.217.16.227:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | 2.136.104.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| GB | 104.77.160.221:443 | community.akamai.steamstatic.com | tcp |
| GB | 104.77.160.221:443 | community.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | facebook.com | udp |
| IE | 163.70.147.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| GB | 172.217.16.227:443 | www.recaptcha.net | udp |
| US | 8.8.8.8:53 | fbcdn.net | udp |
| IE | 163.70.147.35:443 | fbcdn.net | tcp |
| US | 8.8.8.8:53 | zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com | udp |
| US | 104.17.208.240:443 | zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com | tcp |
| US | 8.8.8.8:53 | 240.208.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fbsbx.com | udp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| GB | 104.77.160.204:443 | store.akamai.steamstatic.com | tcp |
| GB | 104.77.160.204:443 | store.akamai.steamstatic.com | tcp |
| GB | 104.77.160.204:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 204.160.77.104.in-addr.arpa | udp |
| GB | 142.250.200.4:443 | www.google.com | udp |
| GB | 104.77.160.221:443 | community.akamai.steamstatic.com | tcp |
| GB | 104.77.160.221:443 | community.akamai.steamstatic.com | tcp |
| GB | 104.77.160.204:443 | store.akamai.steamstatic.com | tcp |
| GB | 104.77.160.204:443 | store.akamai.steamstatic.com | tcp |
| GB | 104.77.160.204:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 187.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.paypal.com | udp |
| US | 151.101.1.35:443 | t.paypal.com | tcp |
| US | 8.8.8.8:53 | 35.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.steampowered.com | udp |
| GB | 104.103.202.103:443 | login.steampowered.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| GB | 104.103.202.103:443 | api.steampowered.com | tcp |
| DE | 52.85.92.12:443 | static-assets-prod.unrealengine.com | tcp |
| US | 35.186.247.156:443 | sentry.io | udp |
| US | 8.8.8.8:53 | talon-website-prod.ecosec.on.epicgames.com | udp |
| US | 104.18.41.136:443 | talon-website-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | 136.41.18.104.in-addr.arpa | udp |
| US | 104.244.42.130:443 | api.twitter.com | tcp |
| US | 104.244.42.130:443 | api.twitter.com | tcp |
| US | 8.8.8.8:53 | talon-service-prod.ecosec.on.epicgames.com | udp |
| US | 104.18.41.136:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 104.18.41.136:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 104.18.41.136:443 | talon-service-prod.ecosec.on.epicgames.com | tcp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.219.90:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 90.219.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 8.8.8.8:53 | www.epicgames.com | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api2.hcaptcha.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.178.14:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.16.208.104.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Kt7Pk25.exe
| MD5 | e7dae2d0167ed3273d7ed372daee4b85 |
| SHA1 | 280fcb02b2b91eb650b28cf809574ffc1a1505b7 |
| SHA256 | 9cd4c95290813720ba73039e589e50a36562361fe2173fcc87db50a4f232475c |
| SHA512 | a49d60c6f88038ee501b776a5d22f684ea603dd774f7429f546c54748911e00e91ffa9436d0594d9fcac7f5dd254ee4ece640bafc88bc327175356dd5c66548a |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\1CO85JC9.exe
| MD5 | 5ceb9f084698c69c2ae076c3429f044e |
| SHA1 | 1cd2d3c6cd420efc01a78d4d4ac412574576833f |
| SHA256 | 0d15022a0f728f90c7c8d5213643f3b8fc3b9fd9aadacd3273caa077d730f0b6 |
| SHA512 | 3632cbb844a02796a0aeb3e0397c2a3b66fe8a42d1e5c3bd15877ffd28646a8525937fa3c8c9fe2348e771d19a3082c7f1b2269b8cafc3b4ebe63588905056ad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5990c020b2d5158c9e2f12f42d296465 |
| SHA1 | dcb52612d301824d3a7fdfd0ea20c3fcfbb7a1b4 |
| SHA256 | 2f33956ce5a0bb01abb3c0fee9a321c8f8f7abcf1d7535800bf25f1dc44b1643 |
| SHA512 | 9efb70c4922365967c5fa7e89967e21eede96979a149e027099da786cd8b198d4e81bb3bf2b39c8d65a8796c5d72ca79241e66fc69e2502fdec8a0c5f230412c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 208a234643c411e1b919e904ee20115e |
| SHA1 | 400b6e6860953f981bfe4716c345b797ed5b2b5b |
| SHA256 | af80020ae43388bbd3db31c75aade369d489a30a933574dea19163e094d5f458 |
| SHA512 | 2779b96325234c836cbb91820ee332ed56c15b534ec0c7770b322a5c03849ec3ee67b0ec7978e1fab563eeed1cea96f5155d7b942702555d9352ff6711a548d2 |
\??\pipe\LOCAL\crashpad_5064_HDDNDRIGJTVQIRYX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\dacf5590-f216-4fdd-a05e-19ce63ee1f74.tmp
| MD5 | ebe144130d37ad8384e71d87d8a4ccf3 |
| SHA1 | f00b85dd41326994374290315e4d604c227777f0 |
| SHA256 | 1e29f212137a71175c9a9b3ec7192513eb95186c92ca02b1f01cfee5aab43438 |
| SHA512 | eabd515b676657acffbce299ed917d726478d72ce87c57873c04e8221c74242cc0d39386538bb6601025897c4994976a332f94cdb33b2d65d5350b72aa6c7894 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\855bf4c7-9c6f-4656-9e61-d63ee9db2d8d.tmp
| MD5 | 110fdf8c5f08ac7b7c4308e6bff78723 |
| SHA1 | fb0a4a6c5c7a3b6e067243c5d9a7a27140e9097c |
| SHA256 | c7f985b76e21e707203c810fb9c3f0ca83a9468931c8d1c4480e474ca731b0ba |
| SHA512 | e3d6abededa04d83188a3889964518e46fc2bc9b1996dd4a5e11ac7242d9db29ed3871ff8b5fce9aa6bd5a7ab0bb91b1137f05da53b2fdde0febb8455096341d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8a4a5777dabae625a8207f8ee361a237 |
| SHA1 | a3daebae3977da7bc783e577d40427aa1918b059 |
| SHA256 | 4679be17b4f8bbed0b28da3443042d1358ca5d25a490e2fead66fa2b0d7dd65a |
| SHA512 | 2ac2b08da95797a74c1d2622990e3638a5b937c584d77a9aebf190d7310be8657248ca69c019994196df73551044230ff0a66f2db39d16dc3704d62241dc670b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0159f8f167a87ac346f43a2a0e13bb9a |
| SHA1 | 50a5c3f28b08e16b554ebd453bf15f110cbeae5e |
| SHA256 | 6104f21d6f19c1fe07b1ca47e5aa2bb8a7b9a115cf83cf62aaf68d6f22bfa187 |
| SHA512 | f42284ec3f3613fee83337b60261b7ceb64f8d7ca165f923e62ffa5dec984bf7fcdb9bc12e1d8a63288feddf50e6911cda5bec9a6fb255e1c4e09dda63479b35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0fd5bc371f22947ecb509c6c8dfbccaa |
| SHA1 | 3428640e543349b532f4a5446242193dc013f753 |
| SHA256 | 9cb0cf94dad128f3987ffe855fc66e8d6d88e09b7fc66c2c1d604c8282009faf |
| SHA512 | 95bf7af420f5ce61cc49be7ed20d146ab645272dce43b29d8275f0991a90027fc2a9e8f4ae494dc19fc49d1b40a4f7c9fdee86c4fb2d6c981177c4d5fdaa4885 |
C:\Users\Admin\AppData\Local\Temp\IXP001.TMP\2xs5428.exe
| MD5 | ef5c1ec128ac1822358d9281dcf3b710 |
| SHA1 | e0c8a7594d258b02e691f0bf85a289490ee4c110 |
| SHA256 | 183181709acea935fa0e22bcae4c80d05d090283ada960a0a386aa930c588ed9 |
| SHA512 | 82b5bb583c02c55aa425a939307bc17bd89644d2f6271a3cd7fe640423bee61f1e1ece424e12633b8e82ea78012da838aefbee5321b0d4013f2ff2707ebcc05e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\d3dcdb72-2e09-48f8-8c15-59d2cf7f0806.tmp
| MD5 | 0cb7ce9680ec8672428ca565c87be3c1 |
| SHA1 | 0026a9aea4488047408ec224945be402bd6995c8 |
| SHA256 | 70d152c67c78d5b217833db6ada605aa0cca38a0b181d46609f78561b2b1e7b1 |
| SHA512 | ec35b841dd304b33529e6e548912cd98561ff2006630cd83d0358c4dcaf3e0ae3303f2eb8b23cc3c2f7c2700f2138a2e7ef22f0b8dfb43070c63d6db9f3cb8d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9d024430e95b02dcdf06d5b390b93b2a |
| SHA1 | ee3172553e95a02e64283aaf880ef11a042b4256 |
| SHA256 | a2921389be288b26179ae44ace095bb4010e77fc4707c2f70e94465d6f36c956 |
| SHA512 | 18eff14f9f0eb4e594e897b2a0c3ba5096cdd41d001dfea3613829c663303108d49374a05b7afb969a3e3e78b8b7d45e31bb16256fa9485de0b03ff5fbbcecc5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c6522130cd6de861cdc46bb4d8cb388c |
| SHA1 | 7352d3c6a9d96c773ceb2a56acacb1df1ada77b9 |
| SHA256 | e14491a06bfa66b3119bece8a713b62133c69312edb96b006d62f8d27fe275a2 |
| SHA512 | fbcddf5022e0c672f15ef0928e9c226e13f54eb257f5cca8afa211a0f8627e8c775fd11565f52513c2f7d7bf21bf1520943745e24cd8688d97c8564d6a312526 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a0196e9a7f5a04fdca95aefaea2f0f56 |
| SHA1 | e6daeb8e93124c19a52643ca054d7abb6f650f43 |
| SHA256 | 9eca36993937433e61883d5b7fcd88ffe5b29026bae1ce2ca2fb05945effb263 |
| SHA512 | a2ae801a2b0b06c9027155f2f308d5df8e871d8aff73ee6070ab2bece2840b763f6a0439d1cf6f06d2530694b89ab55733ecb2c801faf66ba7038893ac8dbeef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fc27ec8a350dffad52b07eae941dd50b |
| SHA1 | 861296cd08e625e72c7b40abf11f9f5d3ef6940a |
| SHA256 | f1241a8007b16cf4c377e07cff54849298f9e156a3973bbb8b866279ae56a14f |
| SHA512 | b5b5eebf53dc9a61d07819d6bfdefc11834dc9135bae4a232a0d3b328040446184119ec827bee9cfc04852f8d583edd81de9589f5b6d10b4f85869f6b6209700 |
memory/6640-321-0x0000000000B00000-0x0000000000C00000-memory.dmp
memory/6640-322-0x0000000000A10000-0x0000000000A8C000-memory.dmp
memory/6640-327-0x0000000000400000-0x0000000000892000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7f1a1a14780bf8c050fd5e79d6144fc6 |
| SHA1 | 4ac94b4307d7c456cbca9710ef332cb615aec2f6 |
| SHA256 | c06a649e6f5f861fdf2be05cd2d65dd86a79ca98458296a2490ed11e87936ba1 |
| SHA512 | f5cdbb10f68664cdffb7ea251d30221b586bc665051ba7db65b0f91aa465138f6fbe0350d1d1f69c2d663e513b07d1e015cfc6dafe5ca0fb677722ed6acc4d05 |
memory/6640-337-0x0000000000400000-0x0000000000892000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3ec367d7229483de7ad201810fc6a5df |
| SHA1 | d65a53140f699c051c745c72f31b9fbc0f0345fd |
| SHA256 | 250b1acba1ba0b52a8d78eb8ba1de0dc25caaa1f8ebcb1ea9d2071a692727f84 |
| SHA512 | da8c86993c8555313d10c87a753cd6f18e9dd65637ff38acf96504b8a870161fc9f2b43eb3c0c0c0dd1627cf2233d56d4f116eda7da4ca888fc086c4319d0433 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 5a6206a3489650bf4a9c3ce44a428126 |
| SHA1 | 3137a909ef8b098687ec536c57caa1bacc77224b |
| SHA256 | 0a9e623c6df237c02a585539bffb8249de48949c6d074fe0aaf43063731a3e28 |
| SHA512 | 980da83c3142bf08433ec1770a2ec5f5560daf3ee680466f89beae8290e921c0db677489daad055fbc1f196388f8bc4f60e050600381f860b06d330062440a78 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001
| MD5 | f035cb410e0d0db605ade433d006833f |
| SHA1 | 725f34845c9d1a1f903fc0097f01fbf1d5fb01e7 |
| SHA256 | 6c412194112335e60d063ca8d084e27a3081295a70e9bc8e499956b2a7620483 |
| SHA512 | ae466c7ff3c2748076e828ec5176303cd6e4104b767c3ec70f17fa0318a66cda248699b252571856d6f69a5ead27badf37c940c92e988c6d5e8426130640bece |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fd835f2f58ee3aeec6506c8f59026ab7 |
| SHA1 | 5c99f2554f8c780d97a57c9f1b731f2a3ad5b43c |
| SHA256 | 271cc9951204ea07c2c8df679965f8cf57790b9a4745aa9de19fa3b96b0bae70 |
| SHA512 | 416a16977e696622dbb875c595a63f6192d63053d497630a7eebbdfa220b7ba3055dc4f85a3f90ac87fb76333d9e759c85a4e2d93d9f88945ac0d70b01fa1398 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 803468ccd86217edc09a26a093804650 |
| SHA1 | cba74fa34cb8cc6713f5abac97da6cf41ae55542 |
| SHA256 | e1beabe89071818273c20436b262c7f2ff6b96b4fc7072a2af57d773609cd6f3 |
| SHA512 | 5065aabbb6b64b6927311a7f351871a165b4dc9eb5704d546c73149f8fcd6eac9287b68d6b7871789bf7df1992ea070ab0cbbaf25dac809ec586a55a3406185a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 923a543cc619ea568f91b723d9fb1ef0 |
| SHA1 | 6f4ade25559645c741d7327c6e16521e43d7e1f9 |
| SHA256 | bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd |
| SHA512 | a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | 7d75a9eb3b38b5dd04b8a7ce4f1b87cc |
| SHA1 | 68f598c84936c9720c5ffd6685294f5c94000dff |
| SHA256 | 6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7 |
| SHA512 | cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 909324d9c20060e3e73a7b5ff1f19dd8 |
| SHA1 | feea7790740db1e87419c8f5920859ea0234b76b |
| SHA256 | dfc749d2afefe484d9aa9f8f06d461ad104a0ca9b75b46abfaaddda64a5e9278 |
| SHA512 | b64d2dce1f9a185fbb8a32adc1ff402d8045d379600bf3f9154bbde18303610f18af9fce258442db1e621ecf10b77aafe99cffedfcbe2a1490056c50cc42d0f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | d55250dc737ef207ba326220fff903d1 |
| SHA1 | cbdc4af13a2ca8219d5c0b13d2c091a4234347c6 |
| SHA256 | d3e913618a52fe57ab4320e62a5ace58a699d6bce8187164e198abe3279726fd |
| SHA512 | 13adff61e2cfa25dc535eba9d63209b7e7e9bd29fc4d6c868b057df7f680aa66ef5783a0e82a8367185debf7f6fe5bae89adc0770daff5317d2e16db5ad3ab39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5ecad068d678a5c955f82310fbe2091f |
| SHA1 | 88f1dc2510025722aa4ebc36bf28aed4f1ae252d |
| SHA256 | 42cc819fe9e894621fe6a49525a45f3628cddfceea5ce09c6b213504fc88f5fa |
| SHA512 | 80ab0bd16260cb258e8ab529ae4a133b58eba1bebf6647ad7f138f0ef81052f3233996cf04fc811705b044af8f28a458638bf6506060930cda8d9ed3f6b1189d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
| MD5 | b3ba9decc3bb52ed5cca8158e05928a9 |
| SHA1 | 19d045a3fbccbf788a29a4dba443d9ccf5a12fb0 |
| SHA256 | 8bd1b2afcbe2fa046b0937197f1b2f393ef821ff89331f99754b9006f0114df4 |
| SHA512 | 86a86d370e96fa29c0c1d12991c2287936b400830869ff7b5abe4de6f32db2df782b626d724496cd6de27f8cbd32101ba34cbcd4c650ef11afa26bc048d68529 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f7853e0b43ee646df312a0ef1cbdb4a4 |
| SHA1 | 9fbd456d1dbd8592ff7877582292ea0987d75568 |
| SHA256 | f7501c9deaefb928e817fcd2d9c6c6ccf2d81a395b8a69766296ac75f9cbedd5 |
| SHA512 | 695eabfcdf5905b5e671102ffca2f99a282bdf220fc91922897beeba1a5c3b614dfb8f938793358c95981d97f6289c311718937277ca471df3920aca14082fe4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 72d774d979688c5004d0a2eac58ab77d |
| SHA1 | 8b9c46b174d0d5dd52f9d861c441031fe5834cae |
| SHA256 | 338064468a687637d77938a33b0df7c29778d52874f39bd64d4f5d2dc427f100 |
| SHA512 | 84eb0f641815d527b0fac5b4e33e869fa0f05cec5467d8e7339e0596d52b3559aaee3b3ebcc7679402df296cc86745cad0c8186f283c30116fffcd617e2cfe49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ddf65ece08eac402557288344081a213 |
| SHA1 | a71731f03750ff0858557c2ae5cb3214a46ba577 |
| SHA256 | 20bc7e0d912a2542d759e1f17cada28122bb1c9b67887511ffdd05e03b517673 |
| SHA512 | 42ce15b00101aab1ada6b240cb1aa52ea0b460b0e7718f8f9e0c5ec4e08348efb71097b8ce5536644153399566cf60bb18d4e63be6d1dec77cfc19be0f6411b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4411205d4a454d10abb596e295ef7408 |
| SHA1 | 80e0ba29aa80f9d58c071843fcfb8f8d0d4d5a5d |
| SHA256 | 5cc16134a1aef2ee2d44e3a0a2da2399030bf9fee26a925546b7b86ece38e1f5 |
| SHA512 | a7081c933b5f34db9ca900b5bec1789e0acd7853e4284f868566619527d74f7ffabea603f21bd0fe0f2e222fca1f19150c0e6b9419099c7f2eab109e51b9f9e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | d9412062baa85abe392fe6f17e0e50c8 |
| SHA1 | 2e4cfd031dfb3a144f901ee5195e02765ae15fc3 |
| SHA256 | 8375c03bb20ddf794efe4ddf565fa5c752b04db00deaa722cb33cfd5fcb6f656 |
| SHA512 | 5e7f0d3c0e9870c3c88f1a44475a002d66835ebb2a1b5a41ced129c200181238afd8ddb5fcfa904d45cb52ddcd3aa4702df1b74efc717a74f05b4857af4759d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 79fb07a7596590f3fd6387977ed87264 |
| SHA1 | 7f29c469073dbfe90d919ab42af3e4ce6aa42e7f |
| SHA256 | 8ce25008dfbf7c9dcf2a61cdd00af0b998e213737782e2a9dbca186e02d6b5f1 |
| SHA512 | 0161fc78b1f26eaed49135f6df372fbf4b030734dad04b500ca84079bda22a1c2503f6066d92bdad67b9e63e300512b7042967dcaf0800aedddc34c37d68b422 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | cc13e0ab4b337892f6bf1f985a8a4e19 |
| SHA1 | 385203e8eaa1c5e5e0662a2690636936bf106c5d |
| SHA256 | 654f50e03bd0331e2e30dbbf085cfe2613b237679fea8b33e108a460ea4516f4 |
| SHA512 | 87d0f5a1b448e1508246d16669a69c871bc25bd1a27908e0b0274e9408ee7e68e33e9e21199b97c748333a90fa227c767d3185a7cb98aca89c5d96f4bd3e0440 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 35a26b90621b1fd8f3a914f98746339e |
| SHA1 | eb1d96de28f96e5ed7ef703c14d1973ad467f596 |
| SHA256 | 2d2ee812d95c4eb590caf54854032951aace9771e186f3f985619d37e6d8aed1 |
| SHA512 | 09d03fcf11ca9ebd0580f23a90f531a01583e323af62e38b38874f7c6542c3cc9e1ff4bef862d72df416596702b8a48b4715427d80a75df7dcfbaba6cc5d9839 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 406b5dbade4052309a5bcdfcf3526b52 |
| SHA1 | 3ffa0967e76a695e1ada0b3987cb41b39c2c4347 |
| SHA256 | d76ce70319c55ae8f2ce7d877bd77311809f45f67f7b4b5e8777f80302cb5dbc |
| SHA512 | bde60d383d1e38c36fe4b08e57c187736af7b35ccb4a3e9d3d4898a7ed8193b6bc9af26581bd0ab2237d5a1c5ca7ac26803da906de27712baff83dc4cc0c7587 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 725ace52a03d0ed3f030038958707b71 |
| SHA1 | f5bf2ef8fbeab5fb0e1a71aa97049fe1339c53cd |
| SHA256 | 8b6c6a74eb2af67c222ba93492f0559aeb694963e08c33fb3b39215fa3cd918e |
| SHA512 | bcd604fd2a078f2d5345d226efef61f5817886f10ef158a11862f97e3ea79d78b9ace851589760532d8fc3b4fbcc0b2ff9102f05c25200448a190472981148bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c1e7b1a61087b9e65268e1ec976c0276 |
| SHA1 | e3a7ab519ddb72c84b21b69b1a505234842ad45b |
| SHA256 | f4200f7c578ae8684ec9979d09ce025b39d96286669d92399aeac9ea3c44be0c |
| SHA512 | 753aa6502327a5222a089cfd25e5f4ef7771cb4c9e7940465bdd1cd5b40ec5fc27412f13b20b4b15bb1bf5780f283bb616b7c3557b029fba565a5b884b7c26bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 405d004c6ea6d49c88f4c0bee64649b5 |
| SHA1 | 7f7ba21a2cd02abd9ff366e1b01bfbc16c055c6c |
| SHA256 | 90b92edad560cfd000ea9e27bba87802ffdb5d492a43aa282f00b1eb1494b867 |
| SHA512 | 7642dd9c72b851edd8c491473c863b5ba5ea7a4c9f365b18f5619a454e62f59f95eaed060370766c0ad99ae6f17e5371fa76b60ea43249490a00ff493fb6c863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 5514b4acb92efeefca4b0f77550d9567 |
| SHA1 | 99c3b8091cd64d29f00e72d1fb01af212516f5aa |
| SHA256 | 55108d87a41e542ac1383ff69eac12fad1a737b39c8b750e6930e1090e348c1a |
| SHA512 | eec5876517db6504dd033cd3be5dba1e52d39f9d09b771b3feb33a4f0d87b5287e168d0ce70d69eead7451da5af9407b6d09f08d2824ca1646c121123a51b9c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59abe6.TMP
| MD5 | 3662df9c75915acac0742ab55c14e3c8 |
| SHA1 | 50a92c6afb9e31541b38329afa07c726c181b098 |
| SHA256 | 501c5e19321c563db5ac25e2a4d6d19d617e6b84e940212f2fb35fdba4c6f33b |
| SHA512 | 55d6e41ba07191319de79529b63b87d2ec42fa574b5f9e321b05e5b4800b1e68b7358203a600a79cb1d8841b0d55b568cdafacf1d83a1c80fcc0916bd4ca10c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4e7e76804b9ca4fbe1214c1a7cf0c5e7 |
| SHA1 | 7f101bc7387e0d74995bdaee8e9c9d1d13deb84a |
| SHA256 | 475d07c9a66fe0aa8eca37d0a74d808096370597bf3701f7fd1133ebb5b46171 |
| SHA512 | 8b48aa8120656ff208f9e848525da69d91fd1bda188d59395f5edd18bf0a674d2adaf915f3018cfd1487d38144cb91acb1e02fd915b27c89eb4c3529b014f146 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\b9033568-e63d-4820-b35c-10e0b7deea80\index-dir\the-real-index~RFe59e507.TMP
| MD5 | b60d033aa49cfc415d09f8e1891583c0 |
| SHA1 | 0096878a69a5a8671185eb019ba9695fd3bbf2d6 |
| SHA256 | 005e3ade16911a58f48839f5a8d713f6aba2314954bcf010eec2d4b630a3215f |
| SHA512 | 5b8c99b5d0c17072b9b94b40e6590a85ff25874a4bdabeec1290a7234894de906e53e327a9e45a9f36996bde517a6db49a822f1e680c9d2572bcf7773d7e45df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\b9033568-e63d-4820-b35c-10e0b7deea80\index-dir\the-real-index
| MD5 | 5a0cee2f8c34ea33ee6b9bf4405a3513 |
| SHA1 | ec3ad1a1e2d773bb8a13eb871971f260e7887e43 |
| SHA256 | 4b37295595f7ee32c97c4a23eeb35e7a0f7ff77b158560790a93e68ae9c0e99b |
| SHA512 | 9d54f2958a726de476b0ed9b28b38bddb7f1051db5507cfdad51d33ae62b57c9b42678294a526bb990ece54dee8f0306f779189f74256222d8cfb89e9d57bb56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8f7abdeb3486c1b8780fede76afc20e044eff1b5\index.txt
| MD5 | 247ec9fc2dad8716e04de2e2f8b59257 |
| SHA1 | 3a0fe4f78e9a8dad687f4ed8380050d49979a4d9 |
| SHA256 | 7bdd01356032fc03d8d9cf1a7e6b6077ad3e4e63971398840a05abec8c1c1117 |
| SHA512 | f18a1cbce80882d8cf8d60c821dfc4a231aa2838cd0ba4a2e488d6a11b6fcac30806869156827f5420c24e293dabdb2e67269336494d98ae47e05f8cfe4794df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aaa0f964bb2e763589ebc329bf8ab67f |
| SHA1 | ed2afc847ba86ad5ca384ebd29b295756ee058c0 |
| SHA256 | c27e3570b6978d60e0f301d155f2c4d72ba45a71a29bcdbee7952f47fb3aa427 |
| SHA512 | d8287d5af6bac952ca11f56cda9acb504a402a95e0114f97cf5e1f0f4efc70832c959fa5fe949ce5e67f0879ddaa756db53d93a5e813407a5cce20723abf15b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 96e7a3fe18f60ef33eb56c6d97142799 |
| SHA1 | c4afaa41936129530ae7741bb135a2d4115596ad |
| SHA256 | 53690c1f0e69f158c5d9b72e771139e818e99e9eeb0896616396ddfe65b15a2c |
| SHA512 | c133bcf0be165cf4149bfe878e17d18339e03e7783d864151640296d174edeb4f043ca13e2115bba671f01df9aeb250c798cf9b808fc93bac15b7cf2cd27b37f |