Analysis Overview
Threat Level: Known bad
The file http://gfhfghsfhf.fdag was found to be: Known bad.
Malicious Activity Summary
Detect ZGRat V1
Remcos
ZGRat
AgentTesla
Loads dropped DLL
Executes dropped EXE
Reads user/profile data of web browsers
Reads user/profile data of local email clients
Reads data files stored by FTP clients
Checks computer location settings
Checks installed software on the system
Adds Run key to start application
Looks up external IP address via web service
Suspicious use of SetThreadContext
Program crash
Enumerates physical storage devices
Creates scheduled task(s)
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Enumerates processes with tasklist
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Modifies registry class
Checks SCSI registry key(s)
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-15 03:00
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-15 03:00
Reported
2024-02-15 03:13
Platform
win10v2004-20231215-en
Max time kernel
764s
Max time network
768s
Command Line
Signatures
AgentTesla
Detect ZGRat V1
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Remcos
ZGRat
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Programs\uniapt\Uniapt.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Programs\uniapt\Uniapt.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads data files stored by FTP clients
Reads user/profile data of local email clients
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vlc = "\"C:\\Users\\Admin\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\VideoLAN\\vlc.exe\"" | C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vlc = "\"C:\\Users\\Admin\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\VideoLAN\\vlc.exe\"" | C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vlc = "\"C:\\Users\\Admin\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\VideoLAN\\vlc.exe\"" | C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vlc = "\"C:\\Users\\Admin\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\VideoLAN\\vlc.exe\"" | C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe | N/A |
Checks installed software on the system
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Suspicious use of SetThreadContext
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\f6eb315ec598c33da6bb1302eba8d8122e8b669d733d1339a2d01364cf1ca630.exe |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Creates scheduled task(s)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
Enumerates processes with tasklist
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3073191680-435865314-2862784915-1000\{26780DDA-6AF0-4CFF-9EB7-E6AD2A03049B} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://gfhfghsfhf.fdag
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff921f646f8,0x7ff921f64708,0x7ff921f64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff921f646f8,0x7ff921f64708,0x7ff921f64718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2548 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,15511147603522819473,2738883303644083243,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4640 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3880 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,15511147603522819473,2738883303644083243,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6012 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5660 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5924 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2e8 0x454
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6560 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6680 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=1264 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6580 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap16513:190:7zEvent10492
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
"C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5188 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:1
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap27627:190:7zEvent13693
C:\Users\Admin\Downloads\f6eb315ec598c33da6bb1302eba8d8122e8b669d733d1339a2d01364cf1ca630.exe
"C:\Users\Admin\Downloads\f6eb315ec598c33da6bb1302eba8d8122e8b669d733d1339a2d01364cf1ca630.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 5176 -ip 5176
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5176 -s 828
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
C:\Users\Admin\Downloads\f6eb315ec598c33da6bb1302eba8d8122e8b669d733d1339a2d01364cf1ca630.exe
"C:\Users\Admin\Downloads\f6eb315ec598c33da6bb1302eba8d8122e8b669d733d1339a2d01364cf1ca630.exe"
C:\Windows\SysWOW64\cmd.exe
cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq Uniapt.exe" | %SYSTEMROOT%\System32\find.exe "Uniapt.exe"
C:\Windows\SysWOW64\tasklist.exe
tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq Uniapt.exe"
C:\Windows\SysWOW64\find.exe
C:\Windows\System32\find.exe "Uniapt.exe"
C:\Users\Admin\AppData\Local\Programs\uniapt\Uniapt.exe
"C:\Users\Admin\AppData\Local\Programs\uniapt\Uniapt.exe"
C:\Users\Admin\AppData\Local\Programs\uniapt\Uniapt.exe
"C:\Users\Admin\AppData\Local\Programs\uniapt\Uniapt.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\uniapt" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1732 --field-trial-handle=1736,i,9326183192041675340,3763352647878876353,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Users\Admin\AppData\Local\Programs\uniapt\Uniapt.exe
"C:\Users\Admin\AppData\Local\Programs\uniapt\Uniapt.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\uniapt" --mojo-platform-channel-handle=2076 --field-trial-handle=1736,i,9326183192041675340,3763352647878876353,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Users\Admin\AppData\Local\Programs\uniapt\Uniapt.exe
"C:\Users\Admin\AppData\Local\Programs\uniapt\Uniapt.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\uniapt" --app-path="C:\Users\Admin\AppData\Local\Programs\uniapt\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2348 --field-trial-handle=1736,i,9326183192041675340,3763352647878876353,262144 --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6572 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap26056:190:7zEvent18491
C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe
"C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe"
C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe
"C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Admin\AppData\Roaming\AZibCvGEQY.exe"
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\AZibCvGEQY" /XML "C:\Users\Admin\AppData\Local\Temp\tmp8179.tmp"
C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe
"C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe"
C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe
"C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Admin\AppData\Roaming\AZibCvGEQY.exe"
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\AZibCvGEQY" /XML "C:\Users\Admin\AppData\Local\Temp\tmp5F17.tmp"
C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe
"C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe"
C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe
"C:\Users\Admin\Downloads\f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,18264097684344953081,13203404028285233305,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4800 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap11056:190:7zEvent7128
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap19463:190:7zEvent5336
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 178.223.142.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gfhfghsfhf.fdag | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 92.123.128.181:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 181.128.123.92.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | gfhfghsfhf.fdag | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 167.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.76:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gfhfghsfhf.fdag | udp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | bazaar.abuse.ch | udp |
| US | 151.101.2.49:443 | bazaar.abuse.ch | tcp |
| US | 151.101.2.49:443 | bazaar.abuse.ch | tcp |
| US | 8.8.8.8:53 | 226.20.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 232.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gfhfghsfhf.fdag | udp |
| US | 8.8.8.8:53 | bazaar.abuse.ch | udp |
| US | 8.8.8.8:53 | 170.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.110.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bazaar.abuse.ch | udp |
| CH | 185.19.85.149:6667 | tcp | |
| US | 8.8.8.8:53 | jaffinryu.loseyourip.com | udp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| US | 8.8.8.8:53 | bazaar.abuse.ch | udp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| US | 8.8.8.8:53 | gfhfghsfhf.fdag | udp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| US | 8.8.8.8:53 | jaffinryu.loseyourip.com | udp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| US | 8.8.8.8:53 | bazaar.abuse.ch | udp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| GB | 92.123.128.167:443 | www.bing.com | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| US | 8.8.8.8:53 | bazaar.abuse.ch | udp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| US | 8.8.8.8:53 | jaffinryu.loseyourip.com | udp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 104.26.13.205:443 | api.ipify.org | tcp |
| US | 8.8.8.8:53 | 205.13.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mail.hotelzora-razlog.com | udp |
| BG | 217.174.149.194:587 | mail.hotelzora-razlog.com | tcp |
| US | 8.8.8.8:53 | 194.149.174.217.in-addr.arpa | udp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| US | 8.8.8.8:53 | bazaar.abuse.ch | udp |
| US | 104.26.13.205:443 | api.ipify.org | tcp |
| BG | 217.174.149.194:587 | mail.hotelzora-razlog.com | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| US | 8.8.8.8:53 | jaffinryu.loseyourip.com | udp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
| CH | 185.19.85.149:6667 | jaffinryu.loseyourip.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | efc9c7501d0a6db520763baad1e05ce8 |
| SHA1 | 60b5e190124b54ff7234bb2e36071d9c8db8545f |
| SHA256 | 7af7b56e2f0a84ae008785726f3404eb9001baa4b5531d0d618c6bdcb05a3a7a |
| SHA512 | bda611ddba56513a30295ea5ca8bc59e552154f860d13fed97201cdb81814dd6d1bca7deca6f8f58c9ae585d91e450f4383a365f80560f4b8e59a4c8b53c327d |
\??\pipe\LOCAL\crashpad_220_KBLLUIPVOJDGRUZT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fbcf1b1ad590092d52a8933052032407 |
| SHA1 | f60a8878599d74cc2a71f494b7f1c30ea4153314 |
| SHA256 | 5a7755bcb6560570e62ae703fe8445b2c571569bbecbc33101a2107d26b0c0f6 |
| SHA512 | c7a05c8501f6452788ddfdcd378b042b029b129b99dbaba37f8e9c2b6e357d60ef2db79a6e14a43193479942141a18b97df71e2150f35c0a00e9b6e414af51b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ad66571738a6095e65ec83cc405c395d |
| SHA1 | a2909f2ff6f308d23da6332a89843dd7e5416959 |
| SHA256 | 1a99a13ce88702cc5ce0410cf12921ff6a992e0e08d67c540fe814f82656f996 |
| SHA512 | 468d907f805beb3e1599e880345955c98066f9ea9cf545b990ab97356ac17cda7cde864d758be86ed94024a7386ddaab86fd142f5228316e0e35539b5db3aa08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7055a34f472318e870999fa05bdb3552 |
| SHA1 | b6eddcd5d1a77d9bb0dd245b20992c7e46b546d4 |
| SHA256 | 639cdf758a4f4b3d9a9a63d8038a406b28af258c8e9f98ae33d00d817426542b |
| SHA512 | c183d06c6be5a8b72d652ff663470054e444e1782a6b002d59c9b0cec285d6fe926c99740d2b0492b8fd117ab6a3fdee1223ca8115ae236ea01e72abae8244bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ded70356d80a2a9a3baec314dc8eca8f |
| SHA1 | 7e92de141dd8b477a0866a78699a0b93993702a0 |
| SHA256 | ac446ee9a2289db3f25e52f565cbd72031f1a9785eef6c883d84cc488af33a62 |
| SHA512 | f5ba478eaf5a8185039edb97ae1942cdf9dd4f614b46374122f76bef96d71826d3de474fa5bbc00d066338a8447ec81cfea0e4873c02df7e49648cb0ce4059d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 121510c1483c9de9fdb590c20526ec0a |
| SHA1 | 96443a812fe4d3c522cfdbc9c95155e11939f4e2 |
| SHA256 | cf5d26bc399d0200a32080741e12f77d784a3117e6d58e07106e913f257aa46c |
| SHA512 | b367741da9ab4e9a621ad663762bd9c459676e0fb1412e60f7068834cbd5c83b050608e33d5320e1b191be1d809fef48831e0f42b3ecabd38b24ec222576fa81 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | a127a49f49671771565e01d883a5e4fa |
| SHA1 | 09ec098e238b34c09406628c6bee1b81472fc003 |
| SHA256 | 3f208f049ffaf4a7ed808bf0ff759ce7986c177f476b380d0076fd1f5482fca6 |
| SHA512 | 61b54222e54e7ab8743a2d6ca3c36768a7b2cf22d5689a3309dee9974b1f804533720ea9de2d3beab44853d565a94f1bc0e60b9382997abcf03945219f98d734 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | e969e99f960c2a9c52616ed38a74af82 |
| SHA1 | 0dbda7fb75e89704519d6af653cedcb760ad78a4 |
| SHA256 | c02e3222ba87462777803058a8bce8a643342db13fbd74f242cd320ef9921d5c |
| SHA512 | 8414ba71d1eeba0fcaa37225b321910ad6c7a3930b16ae4ec286a8ad9c4ad93437e6bcc50ec6cfdad6fcaffbb32f2e4c61bbc9ec9053749c91a2d90e3860feb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 35b7ed514a5792471df1231218737f10 |
| SHA1 | 3e96a7c2258347c04971c3b15a8b546d934e49a8 |
| SHA256 | 193862f6f223c56aa5fc3a26c24128f9f1849d50875073c480ebafd84746af99 |
| SHA512 | e9b2ba9fca3a3734894a5efe520e9d0ce2ecf9966c2df637bf80cf2e3c3c2aa6b94d820267b619e7f96d6d81e79f35f5db4e67dcdf3ea6a0b65e14b03f695ce0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 07917e07d6e233b89f4d254dd612aa8d |
| SHA1 | 1a4d73470c380be3f01eef133bdb4df32facae85 |
| SHA256 | 9d4c742ace35aaf98b2824219398d0f433ffdd8eb3337892474f08828ddc4b7f |
| SHA512 | 79dc109b9d39e4dc89058080498aa80334ec5c3340dbd556d8a39a30c779dcae2cf405106999c2a5b7883126996dd1c72d94479eb52aaad7e69a9e98c2461c9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8af1abe9f336653eb247f211190412f4 |
| SHA1 | 1c02bd5f03a9087aa2653a7c917d30a3215b902c |
| SHA256 | 339ee427831da6706f50ebd859d87878a294b2b8ab4e6c0469ab7802338e7f29 |
| SHA512 | 2b5a976adde8edfce14172dde6421f532c8938480ad96a969e451ae4887954b13cb3a342559e236da6eecb38d600171fa9019f432775b2d49b654ea4d5129a48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe583c77.TMP
| MD5 | ff3b41bbeaea1512c111d1b094f180e0 |
| SHA1 | 36411b5e6866eca08996e49f43f4bd13fbe58337 |
| SHA256 | b13fbc34442dcb0e709c2219e4cc361fd37960d8cedd1fe1bcca3171aae3b704 |
| SHA512 | c13046916e702d2e4a7ff0bcd1696e3bd0f1f2679a67d9b9b1847788be392a6c7042bfd7c2b013768f098ea179617c8193469d42da4106a1151f170f66acda5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 843503810bca66651b9de7d0e2391d1c |
| SHA1 | d5f281fdb96ba1d08afbb8070f78d9d13c18867b |
| SHA256 | 030cedc80335a312a77ab6910d6d9813262d8006fa49f3ccc8686d5c5aa3da1f |
| SHA512 | 2ee667182472296c909179c1967d4a25596b023f2a5212e9bee22e556cc50a7b474c8843af30c00d50e7d063367a2d9ed502c39415a6821ea3d81e5b78bb2d7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
| MD5 | 36104d04a9994182ba78be74c7ac3b0e |
| SHA1 | 0c049d44cd22468abb1d0711ec844e68297a7b3d |
| SHA256 | ccde155056cdce86d7e51dfd4e8fb603e8d816224b1257adfcf9503139dd28f1 |
| SHA512 | 8c115e3e5925fb01efd8dda889f4d5e890f6daaf40b10d5b8e3d9b19e15dadcb9dcf344f40c43f59a1f5428b3ee49e24e492cf0cb6826add1c03d21efdec52ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | acaf311417bf2e492ade4164cb69a7ff |
| SHA1 | 93b07b0dabe319f6aa48ab3c8e8fb25edb80e0c8 |
| SHA256 | 5aa9ba13d1fcb2229b68fd128651b9c8882efd3e2384a555c68a0b76dace0bd8 |
| SHA512 | 5a1a088fb6fa771dcb0c81ddad104c8f1b8ca3523c2afdbaed5d1c403c91fd55976106bd8b2a9a8a6466f63e4c949d95a179b7381a5b924f16cd0ec479c7fabd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3a0d84e880d86f358ef266f88ce1f54b |
| SHA1 | 560f8fa8d54586c870d18dc5cda14ff16df832c5 |
| SHA256 | 1225dab1d70e374a99aa6bb32a24c757e5a3229b0e12b17003316455dbfc3cdb |
| SHA512 | 28f682020be1b502846bd2a4a6183458e766c48a3ac3576aed29f02d47d50da46519cfd6f4c2c26b7c1723746de93083b1185ad1571023894817a63dd40439d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3a28b7fb0fe962cbfb9f78b525f88d94 |
| SHA1 | d4b6d3d5deb80fefe6b7a3c073b3173e816b9821 |
| SHA256 | 5b430c3b1d43bc6a98267b071029274e6b4100f40ec1e701c1554bfb92d7ced5 |
| SHA512 | 92058546ef15d31bf0fd14b80f9a4df87b647b3d7bbb7f3510b65059a77c04857b18dea0784a50703a3792ac450d981e471016cc57c1e2dda93971da9340e254 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a99043a355ac28f37395fa149bb44d60 |
| SHA1 | d48e1843329cb49304d9f82cee5c4c7b6a55ed1d |
| SHA256 | 7be3e4f4dc54e35e2baa8a4977bcc8e0e8fd7b6efe355b7a4c3185dd22070c88 |
| SHA512 | 3b14784a2139351c442c8c57caacc4d4586dfd2fa74662f74c1d02ec67323759093d51a7c966bec19a2ee0b3e7d22c8e1475089cafe6dd33f91e516f33ec8dfd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | adc15f7c6bfb417894becea7fa312fc5 |
| SHA1 | 38b43caa3d3386b8d87a953f56d0c78fce4d0539 |
| SHA256 | 350197475072479151a5f023259ce678fafe574347ded9576062d11813a158b4 |
| SHA512 | f72d5b2b9023d793b6095866282a22d9ff2593baaf3f501abf512a01fe72314757f01e2a206d9c6db805d4017f9da2081dc0a272175bbc966dfdc9283d7f4978 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a1f07b35f7050a037cc2eb61ced368f3 |
| SHA1 | 074ed96eec7e5e92ef8fe42806ceff480ec5c3cc |
| SHA256 | a800d7e0bd9f6ad9998677b8c74471c99f60bd90f58d5be6febc3a7783a4823e |
| SHA512 | 259b8f09dd1846d93e7803d866e0c3806a12169d4c240bdeaf2cbd6492121590abdc89376a2123f5100c1a0a948e1bc77bf21b2a543b580359af2b904f7ed758 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ce67ec10f0590557de44e368479bb0ab |
| SHA1 | e7ff0cd1570f3f54da772d30417fa73eb9ae1e66 |
| SHA256 | 793924ff01ab3e42e5444ae6848004dac80e332e90752ddb2d46aa9277a63005 |
| SHA512 | f59b7b43c1e84b1b558582594b76881ba84680f45b91eb6360534984d2c07700b100b109a70e63af64175718f30d13295374696c8fd639666fc0931bd84a92f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e7c60cad0efe63464ef9e719fb891095 |
| SHA1 | 694fa15f740329ac287406acf8c2097db80f7d95 |
| SHA256 | d68f05293c7a770fc2725fcfcacd6a60f5d00aae821afb612ab7e4fa99550c0c |
| SHA512 | d6612bdaa76f19bf731a82dcfdc3fda0af785dbb62584c7a03cc72376d63142edb6d51b398fd96e1672f88dd4c936075373e3c023ef9929f07c1f5d15af29c10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | fdf02a43330f662a9899fb8c7ddcc08f |
| SHA1 | 785e93a8df354801ffa15461249e5a2004929f20 |
| SHA256 | e09eb2ea5fc88e3a72a7e6069c625c506dff0bf573002b7665b9f508f0e038ff |
| SHA512 | 821e4d86cc2c533dab1db21bf81a2f25dc3899dac5f85ed1b1df212205f2d5763732dc95c306a06d0eb9a5ff87bde22203bd0d5e0bdda37a03fce339a4cc0ccf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 36f2c3b1d94e43f8547f99155cc276a3 |
| SHA1 | 171e82e1e8c629f53efd1198a4bd2fb86634e378 |
| SHA256 | 6fff04df64d37478a44af4e53a068516c5ab21cf9e6ed6eaec1c677a4615f65f |
| SHA512 | 25e4319fb990e6e66713ae710ec413a91403f92dcba48bec8129dd87a00d449788e2f928290d317cf2fba3f0fb61b2c6d55ed37b4797b7ad2226d394a5e134bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | 3b5537dce96f57098998e410b0202920 |
| SHA1 | 7732b57e4e3bbc122d63f67078efa7cf5f975448 |
| SHA256 | a1c54426705d6cef00e0ae98f5ad1615735a31a4e200c3a5835b44266a4a3f88 |
| SHA512 | c038c334db3a467a710c624704eb5884fd40314cd57bd2fd154806a59c0be954c414727628d50e41cdfd86f5334ceefcf1363d641b2681c1137651cbbb4fd55d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | 5d53eef2887d92486895fe26c370447a |
| SHA1 | df61502f7ed39c46b6ab51b4ef72e7f5fbc899b5 |
| SHA256 | 76047fccca589a2690185bed64a9d92d6c2df93b3eba66769e283b78220754fe |
| SHA512 | 4ff5730f9f4e8507ea93a6ae30228cc6f994d6a39ef0152b2117d63ae0d0c5e9e425549f24fbedb6832ae1cdc088d61bff0042e29fefa919229328b3dbe32104 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6b43527b95f43c2f62fa8d3f950057e8 |
| SHA1 | e03a1d7a808fa7e2af2151cacc736cb908ffa05c |
| SHA256 | 86cfb151aedc3a011a9f639d2b0b844df898ec844390d1b9e562dc642e64534a |
| SHA512 | c0e604383f3ba78d96df66a5ee37d5a4634b859b0412fc9e9420bccb1ba7523624ade283da41047da971218ac43fefb27610f662ba60615404cf13c5dfb88e2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 92ae5a2799993d313a58504f55c54bf5 |
| SHA1 | 984d095e9b48c29d739697a405b5c6234be44a7a |
| SHA256 | 4246b23ff2cb7b4fa2973fb032ee979894f643b19e1d65f1afa33c4e08bc564d |
| SHA512 | b70be8babd695352968286fabed46fdfd9000dda96dd054fada9df1cf1c3399254ba3a9c34901355f7f871fd678206ac087462275e74dfb35d02a8f1cfdc6633 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e7053c2c6c2e4cd6a1285d365c8cf095 |
| SHA1 | 69d0545a7be11601b80cc7a8cdefff6039515ec5 |
| SHA256 | d4cdce96f85e53d7c65524ade8221d5a7e31843419e42e760e52d7ab8726d1df |
| SHA512 | 95335824fe4518a23ddca0ed613b64b5ae79b495e65f33be8eaaa40ae838604db0b6d002176cbee08f7059ff7b1ec4e9b6d10d8bfbbc6ac1a4a7562fc378479d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8d9cdd8cec30aff8b79e07bf555542ed |
| SHA1 | d79367765e8cd6b77d610be8b796d8ff93e4d406 |
| SHA256 | 29eb22303d56f9e1249f79b1d1c62824429dd966fda674281ccd9cdab398bcd5 |
| SHA512 | 30f89c95ae3fbd8888f8e2de6aaf63a44490bae78db7362e0457b9f9ae6180d8e087e6d8801ef9d0cf806c832f1fa1a9cadad2b206b840bb1569373fb1e0c222 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 67f83236256f0a65a0d0d14cfb1ae67c |
| SHA1 | 518a579f7b16161601ae74caa96ebe83202e3f59 |
| SHA256 | 784db62948bb565e592b425fa23da9b6b9029b456c90a634b32525aceb6016e2 |
| SHA512 | 0fdb3334eb70860222fd32f83426bc9df51113c1533cfd09e6f1dd7117dcb7821a0ae598432d1947adf15b3524b9bafb0f36cc390d3d2bb769a0ad4cf3a84d35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d52be9e17c61f232afe5462abade3e93 |
| SHA1 | 48adccce5291da47efa5b6f0f1df3cfda6462e88 |
| SHA256 | 538ad10e7a0b2cd615ccbcb96b18dbe46b0d628b997fb6979782e1266bd0005c |
| SHA512 | f2698291d66b3f87de94b7699687bf9e03398dba6fb20664c3257927666b9a4b933d56e5618fd82fb0a6eed1927454d740afc5ef24f7ea0ccf35daecd34469e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1621d1323b26a60829fbe181cb62eff3 |
| SHA1 | e435c11b1e85c5f9d42fe742b4a7e5968aebfaae |
| SHA256 | 899810170cdeb8b6fa8a47fa36243f4d7ab7692cc1dead4afb088a9ddd0bb057 |
| SHA512 | b79bbaf1243399c5966f4e1cd4d682aa06a891810b8f61c3d5aef35d3bdcbc7294f58c68e4a3582adb334895f02e17400f710ed2df69834f4de77396e8c7b5ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e0b33423901f2d3f68c93e647d9818d0 |
| SHA1 | 8eac0249f2a3e49ef6b90d0de0bb82e8da76cecf |
| SHA256 | 475b12ba2966940e450c2309014715905c0ab77b1b817ef84e4d4808ffa49f62 |
| SHA512 | 7177b047d1263ce13acac22098566e0c08e1b5a10713ec22c9c40f93fa3281df77eddd60b61dc7aebcedfcb446125fd49fa91f7dcea9b3836f957cbc39181d84 |
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.zip
| MD5 | d7af2108a5fde68d83d38d78322ac9ed |
| SHA1 | 0ce58d3c81beb1bdba8fbdcde6f8896ace049c3e |
| SHA256 | 7f52f1696ecd6631d92c592c6055ba326946c843f8ab9c39710ee3baf62d914d |
| SHA512 | df91c9ad5762a16c48d7d026d5f4cd7f5b9b7097198710628e6c9ccee495aba2a73f899f9a1ac2d86ce31e88c7f39a91f46422efd1f8fe90b22ab250d57e7ef1 |
C:\Users\Admin\Downloads\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe
| MD5 | d114a69f8415cae2e4bd1595e7fb4790 |
| SHA1 | e5583bc3e48b0f0f93173518d493e27f28268875 |
| SHA256 | 11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44 |
| SHA512 | 34801c7f707f04bb87a38323182de0d2e48ee0c9fd7d2bdcea4947492590e78feda54c7986938181c6d8ef7a5806d4b56cb911a2043e5a28fc38e8612fa1d1fc |
memory/1952-900-0x00000000743F0000-0x0000000074BA0000-memory.dmp
memory/1952-901-0x0000000000640000-0x00000000006DA000-memory.dmp
memory/1952-911-0x0000000005060000-0x00000000050D6000-memory.dmp
memory/700-914-0x00000230A7050000-0x00000230A7051000-memory.dmp
memory/700-915-0x00000230A7050000-0x00000230A7051000-memory.dmp
memory/700-916-0x00000230A7050000-0x00000230A7051000-memory.dmp
memory/700-921-0x00000230A7050000-0x00000230A7051000-memory.dmp
memory/700-920-0x00000230A7050000-0x00000230A7051000-memory.dmp
memory/700-923-0x00000230A7050000-0x00000230A7051000-memory.dmp
memory/700-922-0x00000230A7050000-0x00000230A7051000-memory.dmp
memory/700-924-0x00000230A7050000-0x00000230A7051000-memory.dmp
memory/700-925-0x00000230A7050000-0x00000230A7051000-memory.dmp
memory/700-926-0x00000230A7050000-0x00000230A7051000-memory.dmp
memory/1952-927-0x00000000743F0000-0x0000000074BA0000-memory.dmp
memory/1952-928-0x00000000052E0000-0x000000000532C000-memory.dmp
memory/1952-929-0x0000000005580000-0x0000000005590000-memory.dmp
memory/1952-930-0x0000000005360000-0x000000000537E000-memory.dmp
memory/1952-932-0x00000000053F0000-0x000000000540C000-memory.dmp
memory/3304-935-0x0000000000400000-0x0000000000421000-memory.dmp
memory/3304-939-0x0000000000400000-0x0000000000421000-memory.dmp
memory/1952-942-0x00000000743F0000-0x0000000074BA0000-memory.dmp
memory/3304-941-0x0000000000400000-0x0000000000421000-memory.dmp
memory/3304-943-0x0000000000400000-0x0000000000421000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\11b16ba733f2f4f10ac58021eecaf5668551a73e2a1acfae99745c50bfccbb44.exe.log
| MD5 | 3654bd2c6957761095206ffdf92b0cb9 |
| SHA1 | 6f10f7b5867877de7629afcff644c265e79b4ad3 |
| SHA256 | c2a4be94cf4ed33d698d9838f4ffb47047da796e733ec11562463a1621212ab4 |
| SHA512 | e2a81248cca7732ce098088d5237897493fd3629e28d66bc13e5f9191f72cd52893f4a53905906af12d5c6de475738b6c7f6b718a32869e9ee0deb3a54672f79 |
memory/5560-946-0x0000000074190000-0x0000000074940000-memory.dmp
memory/5608-948-0x0000000074190000-0x0000000074940000-memory.dmp
memory/5664-950-0x0000000074190000-0x0000000074940000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\926ce55b42de6847_0
| MD5 | 6a5cd899441c2b7e3dbf9c97516c911a |
| SHA1 | 1d6e343de39c55cf426ad3da7ded4a6e7abe95ba |
| SHA256 | cf37c33f66871ba196c5bab10bed5940ea17068e95bb9cf0fa42a456246a1b29 |
| SHA512 | 79c6d415a8b826ac449b8013dfc6696137e01a1f1eec4a047d10fdde7aecbd6423e41aa2a664c3a03c058762e41013ddf6bf2fbb5922427306b82ddefdaaab4c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\41a4ebffd069515d_0
| MD5 | 098e04de2cdd87169198826e61abe9fe |
| SHA1 | bbc859059c10860ad1ea937f5c440dbbf8f1ae02 |
| SHA256 | a9628b56cf1e8e5d181052a9219d96db5a0ffadb8d8a44765905eb3b1e38db7c |
| SHA512 | 128bf06611254518d7117868f024d59fe7975be66cb7c888a35881c20bdb6b86dfdd2a21fd2ce24084c731d4eb0220c80a08d9d283ec7151fe0871946289bb06 |
memory/5560-966-0x0000000074190000-0x0000000074940000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e6bc13fdeed259de914b62faf462f018 |
| SHA1 | f20ac1f696b702417757a733027c65bec96bdd03 |
| SHA256 | 9e5b0b89a73386af9c15daa556eeabff0f50cd04a267008c12b1b587f7c4afd1 |
| SHA512 | fc7d293b83ffc4917bd40c9a21588520db6bce3204957a6c791fbd7de6018021350ae330c3ed1b255751397bbb3f2ca0f56d8c378e1c1f9f54302c957612f29e |
memory/5608-992-0x0000000074190000-0x0000000074940000-memory.dmp
memory/5560-993-0x0000000004D60000-0x0000000004D70000-memory.dmp
memory/380-1003-0x0000000000400000-0x0000000000421000-memory.dmp
memory/5560-1004-0x0000000074190000-0x0000000074940000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 870db3e7d2c88915272649962a104c0b |
| SHA1 | 2c21b63e1b1147507e2b7c29d10bd2b3a5db59f9 |
| SHA256 | a1c0080fee1df1df249cafb7f0d891cb0527519cb8a956654bd2a1fca32dd8d4 |
| SHA512 | 26b2c4bf4cb50ae085305c3b3927c5a5d3a2d55e92e38decce3e6e792fd425a36728588cb1ff2567aef2f8a9aa24ce0e2bfa2b88350d67273797ef0cb74ec2ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 28a50314d0403016098e2a6ba478accd |
| SHA1 | 03e9287dddebef49926fda6e30cb8a9df9202847 |
| SHA256 | 7acab7fced079a173310423357edcb3b69d10d4b38d4780b8b250ec8c2161c06 |
| SHA512 | 59f3e3bdef9c38e7e12d2a00ea0071c6886a4ed08c093617825b0c4a72b6613d793055b9bddafa81b31ed7f11b50d7c579867730d6971299428c65373ddfe481 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\911a1398-008e-4d9d-8dad-5d0a83e3285c.tmp
| MD5 | e948ae45865e83f5deaf96149a9455eb |
| SHA1 | d8c223609aca11e93b0fd9a6490960710cb992fe |
| SHA256 | ad77de0bd0f8ebb498d7d491665dc9322fb27e74fd5abae93b6ac8ffe6b55bad |
| SHA512 | b523bc5682a1171ca6525da8cf2532c570df0e3afa3ea50435778fce9dde42fc0dffa940deee555f593d29f5b84bf1a8b0005b0338bc654c34537648685280b0 |
memory/5664-1036-0x0000000074190000-0x0000000074940000-memory.dmp
memory/5608-1037-0x0000000005910000-0x0000000005920000-memory.dmp
memory/228-1043-0x0000000000400000-0x0000000000421000-memory.dmp
memory/5608-1042-0x0000000074190000-0x0000000074940000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c
| MD5 | f3dc9a2ae81a580a6378c5371082fc1d |
| SHA1 | 70f02e7dd9342dbc47583d11ad99c2e5f487c27d |
| SHA256 | 230189617bfed9ee9f2ac01d11855b9a784d0b6481d3411693db7e1c10ade132 |
| SHA512 | b1266043a310a5fe5834df6991537b61803ab14b737546a87dd422d2bce7277307973963a6cf4cac4a2a6030831611be9333f8ea4e56ec3d11b70313d30dc3d3 |
memory/5664-1053-0x0000000005610000-0x0000000005620000-memory.dmp
memory/5664-1058-0x0000000074190000-0x0000000074940000-memory.dmp
memory/1488-1059-0x0000000000400000-0x0000000000421000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 39792a234537d9d8dbe1a5be016b40f6 |
| SHA1 | e1919cbd552b00f33aca44747317991692c607e0 |
| SHA256 | 8ec93da9323fb5ce8a1642ed8f3997dec0ca3a0a4f378cb410a473b5e96c5263 |
| SHA512 | 452f2a1cb0fb4c23f06b252a1757d04261013ce8b8b391535e216ed28e51d1731cc16ded042d444b4a764e8e9bfc4814119d02a60cdd9a5e18b49ee9652063cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1295a773ec3d77f0a3ec1a2225d4a025 |
| SHA1 | 7e67c26474b392cc6b1ea663e3518dc4e37d8e65 |
| SHA256 | d343291796eb91196f37d9784742c3525b27ca80f2e3564eaae49e1fe50d7c45 |
| SHA512 | 653a2198c40b716a4eb8400e6ed5956b696f2b37045f89dd0bcee5475f5338f1f3af10b7ae72ad8752f9891293ab1c4ec8c33dd9bfd0d5abd4f29b47165cc055 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1bdcb7d030cd151cdf4b788cf2dee1d0 |
| SHA1 | b67bfcc692e14a2d249d5dc93e4d6f0fa77d4123 |
| SHA256 | 4242e50c61e41973fe40b14c5d7bf630bc7b0f355763b55dec1084c127446da0 |
| SHA512 | 48bfb62092801cded21e3a1e69f08da3dc3f52d8774ff1811cbb1495e8be180c752f29bce4bb13f4099124062dc5316b64cac414067908299413c5e16720b972 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fb20673b6f04cff530e0baa3eee896f8 |
| SHA1 | 035329d48141fec512b61b56e7c608317d8b904f |
| SHA256 | 373433a49a95c8bb08c59662c38301eee0e9391d1495adc31bb20ffe63e84e43 |
| SHA512 | f2c233180798d188e62cd46eee5a2db4a7e67d27ca275915efc694aad09b173735c0ae69f04e37bcdb4781668b44462a68768d7eafe6bd5d378a9f46fb20b343 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | dc77ea2cd7caa98ae097c0f9a32cec2a |
| SHA1 | e7be13ab87281a3cd317396e8854823428383b2a |
| SHA256 | 8458c8f58383ad09089e5b937637689211f78b0dd34c2c67f496ca704af7feca |
| SHA512 | 948a856bf646fe235c8957b917706afee594372dc2ff934940d44586bfb673074b5072915e8c698e8bcea704166acad2a9acdef6a81ac0857ff02720b70914b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ef48d0adf114cad260b87514116ba1fa |
| SHA1 | 3416edf6c4ef6179571c216a324548ab6dcd1252 |
| SHA256 | 6181f09837dc4d706141a0ea87ded393a84f31cf45a09abe17c229836cccf89b |
| SHA512 | c91a07e042332ae81f44ef6a198ac86275a49281c9f2ec193c57f9c5a27caf2b3d5a46e834d1b52e8e4f83ef1464608a72e737115d8a175d925c58c3e2c488d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0812a4063ceea3d2fbb38d9c7901bd2a |
| SHA1 | cd244e8389680d03957e2f918f661ef6433dfa4f |
| SHA256 | 632a623550de56122d1d485a5e96d5d25691b9e3b17dcc3fbc9358c1d3577704 |
| SHA512 | 70d82f7b4aa01e9c000e2d10ff3491f47ad1a3d34dc5bb9bcc6b23b8ab93f0fac580cf7b93904ae55ffe5f4980509974972dc493752d9d40026fa39ee428e67b |
C:\Users\Admin\Downloads\f6eb315ec598c33da6bb1302eba8d8122e8b669d733d1339a2d01364cf1ca630.zip
| MD5 | 53552ee6b88bb358223980579177d1f6 |
| SHA1 | b12c70d31aada579283dad426dae30caaf107fa8 |
| SHA256 | 5f34207e42b03bc16eba24fc623d40a8a17e8b522dbfc210566d7be7a16243f5 |
| SHA512 | b7f4d38f5484a9e79bcb0ee63508d5b4e9e95bf99cfb0ea80ba5368204daada6ca4ad1845b0c3ba8718e8afedef9e0d8da7605a545e083f6d858910e72feea6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 19d3c9e2d58677e24f07f7246ed27b5f |
| SHA1 | 2f6b59e95e62ac77a46d1814f57517124b8ebe33 |
| SHA256 | 83e000d0e5a583e469643e1ed2ea19364925380e08c65dbbd8ba590ca705903f |
| SHA512 | 9fb35efac9ccb0cd84062ac23830db8ddb41617de779f53f97a5b9bcb133ff087fd7dd8429f12efc6d47b80264df43ebcf22ec4bb735ab24c447adb68687f760 |
C:\Users\Admin\Downloads\f6eb315ec598c33da6bb1302eba8d8122e8b669d733d1339a2d01364cf1ca630.exe
| MD5 | 936fef453cc7e22a915f830357d99847 |
| SHA1 | 29a0065442b80aefad3454d7dad48a5d3af9a83a |
| SHA256 | b4f91d7af3e51dfae9af09a0cb03637122cb54ca19bc7221d35ca93162a0909f |
| SHA512 | ce74f8370a9388e07527af7ae50b9ac75449e9fcc792984a6882cd38b61092b40376b26c6da069e819aa5267d6a8cd5bac37e1e458e5b3ce06d1cdb7f22b2206 |
C:\Users\Admin\Downloads\f6eb315ec598c33da6bb1302eba8d8122e8b669d733d1339a2d01364cf1ca630.exe
| MD5 | d28b4ce3385c629306efcbc965d0528c |
| SHA1 | 0727c7a9abdfd8ccce366a971a3ebc5de1a58fe0 |
| SHA256 | ea2a78d825f3d6e24e4e052c8c1df981ad981131940b10388647999ea89a5fbd |
| SHA512 | 3b9be4f694761617c0be3db54cfdae7c89b286a3b8aae027cad6c63ffe0346bf9262036f4909cc0291503f33a1aaa11672c157298b739d242b87f27c520202cf |
C:\Users\Admin\AppData\Local\Temp\nsr30E2.tmp\System.dll
| MD5 | 0d7ad4f45dc6f5aa87f606d0331c6901 |
| SHA1 | 48df0911f0484cbe2a8cdd5362140b63c41ee457 |
| SHA256 | 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca |
| SHA512 | c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9 |
memory/2988-1203-0x0000014CB31D0000-0x0000014CB31D1000-memory.dmp
memory/2988-1204-0x0000014CB31D0000-0x0000014CB31D1000-memory.dmp
memory/2988-1205-0x0000014CB31D0000-0x0000014CB31D1000-memory.dmp
C:\Users\Admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | d2fb266b97caff2086bf0fa74eddb6b2 |
| SHA1 | 2f0061ce9c51b5b4fbab76b37fc6a540be7f805d |
| SHA256 | b09f68b61d9ff5a7c7c8b10eee9447d4813ee0e866346e629e788cd4adecb66a |
| SHA512 | c3ba95a538c1d266beb83334af755c34ce642a4178ab0f2e5f7822fd6821d3b68862a8b58f167a9294e6d913b08c1054a69b5d7aec2efdb3cf9796ed84de21a8 |
C:\Users\Admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | 6bd369f7c74a28194c991ed1404da30f |
| SHA1 | 0f8e3f8ab822c9374409fe399b6bfe5d68cbd643 |
| SHA256 | 878947d0ec814fe7c343cdebc05eebf00eb14f3023bdb3809a559e17f399fe5d |
| SHA512 | 8fc5f073dc9fa1e1ae47c60a5f06e0a48709fd6a4302dffaa721858409e7bde64bc6856d3fb28891090516d1a7afc542579de287778b5755eafe75cc67d45d93 |
C:\Users\Admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
memory/2988-1210-0x0000014CB31D0000-0x0000014CB31D1000-memory.dmp
memory/2988-1212-0x0000014CB31D0000-0x0000014CB31D1000-memory.dmp
memory/2988-1211-0x0000014CB31D0000-0x0000014CB31D1000-memory.dmp
memory/2988-1213-0x0000014CB31D0000-0x0000014CB31D1000-memory.dmp
memory/2988-1214-0x0000014CB31D0000-0x0000014CB31D1000-memory.dmp
memory/2988-1215-0x0000014CB31D0000-0x0000014CB31D1000-memory.dmp
C:\Users\Admin\AppData\Local\Programs\uniapt\chrome_100_percent.pak
| MD5 | a0e681fdd4613e0fff6fb8bf33a00ef1 |
| SHA1 | 6789bacfe0b244ab6872bd3acc1e92030276011e |
| SHA256 | 86f6b8ffa8788603a433d425a4bc3c4031e5d394762fd53257b0d4b1cfb2ffa2 |
| SHA512 | 6f6a1a8bfe3d33f3fa5f6134dac7cd8c017e38e5e2a75a93a958addbb17a601c5707d99a2af67e52c0a3d5206142209703701cd3fab44e0323a4553caee86196 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\chrome_200_percent.pak
| MD5 | c37bd7a6b677a37313b7ecc4ff01b6f5 |
| SHA1 | 79db970c44347bd3566cefb6cabd1995e8e173df |
| SHA256 | 8c1ae81d19fd6323a02eb460e075e2f25aba322bc7d46f2e6edb1c4600e6537a |
| SHA512 | a7b07133fa05593b102a0e5e5788b29488cb74656c5ee25de897c2ba2b2a7b05c0663ade74a003f7d6df2134d0b75f0ad25e15e9c9e0969e9453b7fc40b9f8bb |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\d3dcompiler_47.dll
| MD5 | 8f175418c97bb50e673371b376270514 |
| SHA1 | 1cd16934788afac2988148011f5e5453ddf9c5da |
| SHA256 | b8768dab2c7aafdac1785435e12783f094e84235d0056870a50a0f02f088ced2 |
| SHA512 | 239e394c8cbeb16b467e224cfd61f008a3b08da789099a130b4c02e38caac5d00a6fe8faeab1dcc89cacc9c07145e073b01a764c188012422cbb20e55d5b6ba7 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\ffmpeg.dll
| MD5 | 51f1baa7fee261d4a7d7f188c0cf7502 |
| SHA1 | ad414b2046101e49b5c74d2cac96be782f50570c |
| SHA256 | 4218ee7a02556cf4a925f79957e3e157c54ef236a22208464406c88031695f1b |
| SHA512 | b9ca5d7bfff98c07c7ffafade7e3cb3da0c7dc63bb2ff4e8da3223ddb46a9e972fa3540ab86bb4c2e2309966af38cb5572f8f4bd54c8528a4c36789773a8a98c |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\libEGL.dll
| MD5 | 24d21aafc8df659211ef982beb29c2f0 |
| SHA1 | 7196fc5dd9a4cfcb5c828d86bc333f422e1e3587 |
| SHA256 | d421431e5390d9e1a9f3d75c987d8cb73bb47e81208f0320bda1a945dede8939 |
| SHA512 | a6f1f5435be3bf37aebd8060d258a1e4c09b467d26034fdc7b2b1d3e63cba0e03f7ab733f616616708e0f4efd2aae9aef8d191c7beebdeb71e5ca6792a6fbd2c |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\icudtl.dat
| MD5 | 626fdd12b8ac3d5d84525bb2a38e26f3 |
| SHA1 | 5a752c123ec941d4f47af57163f68190c4689a21 |
| SHA256 | 16bbed2b88f4958e5fdf32342da33c5b09cc42b629b3b55ecbbd37d3c99129f1 |
| SHA512 | c0dbb9b3770a25ab27263c080f45ddc195afaa257ff4e2922da6664612646ba5020ac10039a5335b48cb60e8861e222dde01d791e720359a750cca348eba159c |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\libGLESv2.dll
| MD5 | b7a97274473799ede668f39967c77662 |
| SHA1 | a1023fadedb6b9768c3e8e808799d154bb9e6b56 |
| SHA256 | a27274ebda32c348a3bfc6eb2ea5db94a91ea451531d2d7530879bc126746513 |
| SHA512 | bc50641e2966a82e1d38cd64e59c28c46fbc5831e27dd3fa57aed10a842a5e2356847304e88e905d98814a088dc9adc1165181fe2e67349f5ad946fe8f5035d0 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\LICENSE.electron.txt
| MD5 | 4d42118d35941e0f664dddbd83f633c5 |
| SHA1 | 2b21ec5f20fe961d15f2b58efb1368e66d202e5c |
| SHA256 | 5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d |
| SHA512 | 3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\snapshot_blob.bin
| MD5 | 9dfc22c8fdc4a2420879a2c4ef9848c2 |
| SHA1 | f539e4e09e6f7b8edb2b539434db5fba1e80ee96 |
| SHA256 | 721b2fe7c122bca5b8b7819cc7869c33a35384eb79da03a263dc792ce3862e86 |
| SHA512 | 92c45bc4aa29288a13f569c0c7b4d67eebd5c80803f4b795737cbdc6978a9738ba4e4b06541033332c57bf8ee045c396b87231c9b60efeed04e98e1163cdc7c6 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\resources.pak
| MD5 | 3186b653998ddfe6812f4965d857bb60 |
| SHA1 | e959b50b5ab29d33b1f7d1e45355c6835fe05291 |
| SHA256 | dd550af5f8adbdfc31c71553e218335f02ab1b4567c184499ff44b4a90f75ef4 |
| SHA512 | 326877565fcf8e3e6c14b94c4ba4a93230c10dab82703ba5e369856a232d7fbe07b5048240e616e1b17680fb4240a100637d48094334b63e00dbd715175e2fb0 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\LICENSES.chromium.html
| MD5 | 1af0bda0cd656a4f468a9babf9b96c0d |
| SHA1 | 0f1713a73e83da36bf978c2fb89490a816713d3e |
| SHA256 | 6ac9ba60cabdc5e067284607b52b416290ce35a40b30f450bf89fe739d1e9c76 |
| SHA512 | c42e5a1418e397965596408087776dd7a83206c2f5235533a5d6dc5a13a8602a1bca4f66bed8d13c8826e2a44648df55e7b5d41ca800d8959c757af88d3326d5 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\v8_context_snapshot.bin
| MD5 | 66ab82aff2c300ac0aba6eca0708f318 |
| SHA1 | 79f3eab3ddb137843c3f81598c75048e4bb4ac90 |
| SHA256 | 24c939a5fa34d0a67eee43fa861dd9c097a657147d3ed96390cf3663d7720628 |
| SHA512 | 1c0de49a645f0047c28a4d2d63a4b55cd0042eeff529da6ead527c4756deb1242efdc70efa6f0a3d6f0eee76c32462da4cae82a05d619341f56bbe7f23a7e92d |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\vk_swiftshader.dll
| MD5 | 7b459725dbf730449d946434696bf47b |
| SHA1 | 5b15169fcbbb57e134d5ef4b46383c51389e5784 |
| SHA256 | e81f7c8a0d690e811be8cb0a19cbed58f3e8347935e8b217a1f0c1bcd85c0dcf |
| SHA512 | 5030fc3ff5bd04e135f1ee763cdac4b5dd5c631765fabd83e938d73382761dfdac447beca02924ad6aedb4ee120618277c174d8cebb3951f21471a02a31f0917 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\vulkan-1.dll
| MD5 | 12a535824e36933c909cc089ee1c13ba |
| SHA1 | 8b30ba5b5d244b2efb1a924bc6ca14c48ea47a1d |
| SHA256 | c61ae364870dfe2566edd92d6a5d79cb4fe6ae1293f5c78363eb6e08850745d5 |
| SHA512 | 063a8c5d28ce0b3a776af62ec5e56075e5d8d843dc2383232d51dec59a369e5d53e58a91a6320ef93c439b5e72c35fca6f23e110e2c72b810dab94bc62028654 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\vk_swiftshader_icd.json
| MD5 | 8642dd3a87e2de6e991fae08458e302b |
| SHA1 | 9c06735c31cec00600fd763a92f8112d085bd12a |
| SHA256 | 32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9 |
| SHA512 | f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\Uniapt.exe
| MD5 | d4a64e16dd3f70675d67c63a5eeadc82 |
| SHA1 | 41ef5eb7280033db52e2768f136908b3e16099db |
| SHA256 | e6c110b2f1502860b27a5a3b79a82fff4a33a091b19e318506a88c0986790f7d |
| SHA512 | ab688f6f51f909b4300f3d295d3751c4c40fb5e775532055acd9a8b32a1372475052ba84e31c859a5ed22f5029dd1a7b44b0be869f87265f2625509fa4173077 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\cs.pak
| MD5 | c194b0dc73de42cac7879c8d8aad38bd |
| SHA1 | fb5a91e03a414deb3588e483cbff3894d9b5174b |
| SHA256 | 51c00cfa284b70fadc95fb4a240c86c1402f31fc8a23951fb56ccb6f1e6c92d1 |
| SHA512 | 82b821f25e0f138da92ac2130c59773db493dc9626d6aa4d117cdf6c04572f7e78d9bb4c95d4821b1b9a7af312e975aeb1338abcae18f86f8a52561d91792096 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\el.pak
| MD5 | ee84bac64eb387b6da9b073bbcadeebc |
| SHA1 | e3756c286999a15183f60e1e16c13bae8fb44371 |
| SHA256 | 6ebda53a524100728f921330824651ec7d786093012a3c00634dec444137d15f |
| SHA512 | ef97037137261e7723ce7025b979c4252a572e8a43180aca30644e7ed89833c6e12ecdd57e945da52ea99c43d845de8cd8a769a454ca97001f74f279dcc20c87 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\fi.pak
| MD5 | fe011231bbc8b3a74652f6a38f85bc88 |
| SHA1 | 2b851e46738d466b3a5a470de114d15051b6eb6b |
| SHA256 | 7a3249514585491eb47fe4b579edc27ccc48761e7ad6bc11d113b257132c5dd2 |
| SHA512 | 2a4e5c1409347b4b514556c81ef32c8ae118add28e3469717b13045c8424fed9b817c7988629050ed3e732e0cdca181891b6a8b9e64e4c8d65f004d7c8db9796 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\fa.pak
| MD5 | 0cf88d6a24b9afa309deaf8b311804f6 |
| SHA1 | cb6441a56d63511d72295007e8bb47fb7fd62bd3 |
| SHA256 | 904d529631cccf9efc39774538fb529259c2f50e4972f4582500c09838e90388 |
| SHA512 | e843c0cb50b51aaa89da0445a675e0b37a6ff5d1acc98315281d357c3ba6103d774a66c61edb86d5b9d0ed69a36836c8494c56730e4181ff7adb5f8969af8249 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\et.pak
| MD5 | 82a07b154cb241a2ebe83b0d919c89e9 |
| SHA1 | f7ece3a3da2dfb8886e334419e438681bfce36cf |
| SHA256 | 84866ccaf2ec39486f78e22886bef3fe75c1eb36e7a7c071471040e12018db28 |
| SHA512 | 07319d155bdf9e27762ecb9ef6871430bef88b1af129450eb65aa798ebaa4e02b25b0cf9bde3b12ff1b04a3d14241569b73d6af895d2e85dd7b24d393e7317e9 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\es.pak
| MD5 | 198a99df04dc127677755cd021faff60 |
| SHA1 | e97692d927059d507e99144fbb4ef4829abeeaab |
| SHA256 | 10d257b76fcc484ab163eb570de406fe07607ae75abba94681719dc7415f40eb |
| SHA512 | ddc0d64cf906a9357aa675acf6037effd9a79d49dc0bfa8e49ffe41592f4b776095db5a6a49f33a637514f56ffa08bc9f1dfcb03572a205fc5ce7e658cc77ca7 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\es-419.pak
| MD5 | 01a9ea4b1a6e834f248e602c6632674c |
| SHA1 | 78b28df07edb3ab49b33496d47ba6da623bfc3fb |
| SHA256 | 0ef2e7f6786569bc06897f21b86b4532a2f4d938b199f6f96eede05126401200 |
| SHA512 | 25e6134f115933138b82ae05be2621b36d6757ae159557ec1d516fa0090207cdabf4bb8405412510003e16e99d678955c30c4703830f19f1721bd7fff433e190 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\en-US.pak
| MD5 | 626f30cfd9ad7b7c628c6a859e4013bd |
| SHA1 | 02e9a759c745a984b5f39223fab5be9b5ec3d5a7 |
| SHA256 | 0fd74bb69ad35b3f9391fa760bf0eb0ee73d2bea0066244577ef2abd269513de |
| SHA512 | 9ce902f21fef70c5b5af444b532b36c9a00d896878cb4021c9b1dc07aa3277d956bca65ee0adb68467eec113e535b60a8a5fb5414c7d0ca761ceae5c43b7d9a9 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\en-GB.pak
| MD5 | b7f9397c0f3cee07667f78a47dcb79b5 |
| SHA1 | 23b195409aa79065ec6719ad7731b4bfa6488fa0 |
| SHA256 | 37de35396aa9f339a24ead5435d7d7b7a46a698129e3e160bf2e753519e71a9e |
| SHA512 | 6a6ac49e72cd93f01a6b95dc8f789ce8097b51ca4404079e32a6699af744b87520f9b8c7a5dd38af27b8f0cc480ea637a2bc387872f1e53121a2b0a5187c0c42 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\de.pak
| MD5 | 8e0fda4334aca9fd38c08fc04f902f14 |
| SHA1 | 911fd9bb8465cc93016eee6295a51d2e1056a665 |
| SHA256 | a6d699ef46a029c61fb911b5f09e86944436d4b58e4ba5ba99b69c178e8061f0 |
| SHA512 | 8a411a922413dd68d507bbdae681c5a2c340fcebf2ef4b3353d4c1801a328bb0a1557d9d0dd118368e02c6153141fca5ae11bec6d83c9ab10f33cc56b7328dbc |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\da.pak
| MD5 | ca86dc72b319d93e16aefe20ddbe4d19 |
| SHA1 | 686904628ccaee9bb75a95c02a866368ea6be69f |
| SHA256 | 29f88dbe1952b71a7f72aeb31d9646b5ab2586714878a731f11f66cd30de89c8 |
| SHA512 | 0435bfa042e51747212504e0a7de90bff452774d71b61ab9fd8a48895e219f89ded44f4786a399fcf966e325fd957362bcb85542ee6402d868b057a4bd352cb8 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\ca.pak
| MD5 | 9e77a9cf601f1dade57f5a9033ac3397 |
| SHA1 | 798d12be16d85179717e18b3dc82f8c8e5dcea88 |
| SHA256 | 2bd71156915aab5977b031bba00637ebb66c39cb9279a174c84f7ebeea865f97 |
| SHA512 | 24ea151b3f4c584f270bc23c44f01a23a8145cadbe34948be519bbf47b516534ebd8775356bdbea4fa49059f3150d508c1dd53657d6460f2a50147a59e3d4af2 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\bn.pak
| MD5 | 245c44ca6387ad79bc6f691969f60075 |
| SHA1 | bca892ed95924a11888b3b14694c86b0809913ad |
| SHA256 | 8bc5d3147dc3151b2f3b4472ae9beff688c44a18a943b4e3d1eaa011dd1bd2fd |
| SHA512 | ca79498b41fd19a29d4eeb3f1268d07788e3dc7e7e648ddf34263d8bb18dc44c0ba66ce9254ff1c1438c652377c50a48ea20d1ba04438b539f22608e42fd66fa |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\bg.pak
| MD5 | a69f6075863d47b564a2feb655a2946f |
| SHA1 | 062232499ff73d39724c05c0df121ecd252b8a31 |
| SHA256 | a5eb7038ed956bad7704a722f05691474ff709dffbad92b8e31dbb869ad58334 |
| SHA512 | 930ce3938aa02a8bcc609a64bd86b7e6164d63baad157a980fd079859a6bee5db87bd1f7a74a71108f8368bc9c6154bf14a2dba1abf269f572bc262614bcf1db |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\ar.pak
| MD5 | 7b8716f78ca2106653b53dc9080bfc2f |
| SHA1 | 28cfd5648408c8df83f301f59823986ff93a8858 |
| SHA256 | c50503cf71e33c1ea32030aa2613a3e02bfd6e24b01a77da7c52c99cd2b1a0a5 |
| SHA512 | c467dc452f254872dcc73242760fc094fef10e6e23e34dd5d50988252ca55794d2c5a3b8846b96039f9e95971c66a84a7801711d047a7b3e046ab09b88460dab |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\am.pak
| MD5 | 3cfd7c5bb92ab72c63e003208a9e4529 |
| SHA1 | 165d2f69ab6a6e237f0fec943b5577123cefea87 |
| SHA256 | 12e9e1bec1c46e5ea706157726e17a4429acf288a5754fa183bd9b4cf7d3853b |
| SHA512 | cd7c7837d758ea66abc871503cda6fe99ff45990405e60c1133e7c1f4cb29ee69723c9558bb2d3eccb42948da57351f4f095062616686ab2e255acd3c86236f0 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\af.pak
| MD5 | 917a688d64eccf67fef5a5eb0908b6d4 |
| SHA1 | 7206b01bbc3fd8cc937db9050dd8ac86cf44d8cc |
| SHA256 | 6981249837ad767fc030edc8838878a5e493fb08cc49982cffaed16cfbeb564d |
| SHA512 | 195dbec8463cf89990232296c5c927e1501f0c2e01a7be7c6a6acae651853ce1edb23d639af65979b39a3c61979119c3a305acfa3aadf0cb93e241c5e57f4534 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\he.pak
| MD5 | d9ef2209d1095488f4ce0af4523d9395 |
| SHA1 | e4d8d8af130893e55a867715e42ff02d02dddf2d |
| SHA256 | 1174a04de2fc394a4eb0671c4c7410969a23b8e59af20983a27ac95f4edda3f6 |
| SHA512 | d83399f4605ce25667ef9ca848dee1f7da077c7ee9be5350a4aec464a316dc83d14dec3a2432bfbbf985a164bc242100a463796e3b3a8b57c98cbbaf816370c2 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\gu.pak
| MD5 | 04e9a5277c22b5de6ee2432f00c67b40 |
| SHA1 | 022af342dd3f2829af75677f9b510ac168972718 |
| SHA256 | d9c134e069da17e9f197761a627d54e24d33fceea0f2c26929b7ca77b9706376 |
| SHA512 | 62dbffc7ad66136c9eda93a5745a3d44651fc4fba9b5f65111805574956171fd02716e33d55666e3d8b8a584ffeec30e844185b82959d6c569f63771208077e4 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\fr.pak
| MD5 | d79d49987aa7937fb37e48aa0fb51165 |
| SHA1 | ee9ba7adc9aa4507b70f2da4e36612f083e8cd2c |
| SHA256 | 720e8fb0a093412e516db4414f2e017eb98dbe376e50a0a09977f31162854841 |
| SHA512 | be2299543df30c25faf70e7083b3fd711ae8c0929aeb964e60282314f747b5b36db4ebc7ddcefc63279c10524fc1330c8930074ced5e0954d16b28d9b78e59b9 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\fil.pak
| MD5 | 87a7559bc0ee1687cfec84fa1c73afa5 |
| SHA1 | 2400d64387c66ddf8a3c3f8285e2c61dfdad16b4 |
| SHA256 | 5260c38823b4aa6c717bee9dec2f7440e46fba439d83a48b4bf1a68690322862 |
| SHA512 | 8032f233808f5544da963f0abbadb490d8814bda55ccbcc1db0a23fb3e141448cf54618872cac303abced9b221f3c1ae243d9689e547fd1a9a9c21d0d38d876e |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\id.pak
| MD5 | 19a196f6c33c6a206690d93408c1f2ef |
| SHA1 | 2dfbbd4133c48799ed4fcf9f388fc018ec3c2ff0 |
| SHA256 | 53f24ad354cfa4a96d22140f8ec72199c3769ec057141fa1ac2d0108171741c4 |
| SHA512 | 0ba4c694684ff8a8000f39d1b645cd6285a3b79f6a10f698e7a2ffe4a51529b2ec78bf04ecc6aca192557967fb08bcfe8d2269c2b80fe29e5a9b413f47a180c2 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\hu.pak
| MD5 | b93beeb1e35a29b310500fa59983f751 |
| SHA1 | 45c0b2cab4c4a820cfc2aed4b7236ddc79a0db00 |
| SHA256 | bab09c3cb80130a4a288642633c2b31ab08b1757466d9a468bc36d276079f002 |
| SHA512 | 249de5b8bd7c4755caa8b9552254d353b0d885b63bd5f7c6c8e29b3f4e447c9e8d6c0e88d5aaba0b898aa26880592b3904e19ca4797a2ac1dd757aaee782c37c |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\hr.pak
| MD5 | 878e5979029909167217bba0756dd695 |
| SHA1 | cc5cc5566f014fa13fa724428c3670e6ba6f11a7 |
| SHA256 | 4745358d0ef8ba3cbb1b160f372eded72c3a6ce80a6eee4bcd2869b1a6a6a702 |
| SHA512 | 687bce4aa2a6ff95baa35d6497a8fc11a773d69dd9a1b99c37a1789e44f1d01efd0f72678c391196c4fe197b928ba2bc6fcbc6822ccbeac34eff37e091ead847 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\hi.pak
| MD5 | 96e62c548005bcadb3e6b12fad9a249d |
| SHA1 | b6efdbc7fc583a8bb7187fce2cfe9ec222c90f55 |
| SHA256 | 9e21c0e29f913ac595fd7c6a414b6b0946134e445f757af8790a8d8b4eea7d73 |
| SHA512 | 7a27fac58fe6884f6335b7dd090b079a36ab79bb11b863b05c31b5b5cca92face02ae6633fbe71a0d9c48dedb601c30bc85704490799552cd6f3382599d29f04 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\ko.pak
| MD5 | ec59b052a85b244d45d76c795c0f7cff |
| SHA1 | 46663ce3c4a617a8c641fab8f3a47b5b00d1c7bc |
| SHA256 | a3513c85206a06179223ee7c890ffded53dba6d13ebd4aed6c8dae6009d36ef9 |
| SHA512 | d5b951245fb15e044fb4e4d74a4e0c482b0fed4d1c0e8529dc9c288a6df0dd763b5a620a5b1a23fe9827c97dbdbaaf55248e41e739558386bd671a4de3389c15 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\kn.pak
| MD5 | 83a8652a6fe3d0411061f224c875c8f8 |
| SHA1 | 21c1117919497db487c15dad7959f3a5d19b0796 |
| SHA256 | a07f6efcb5cb28277052dc73b0ee022257756387cede71355bd22eb617b339b2 |
| SHA512 | 979ed0ce7c2c2ff4e04ab850e4a31a41b3a080b9b072f5a4d0fd10d9d6a4933b8fafc9f5f797b1b21852d9afb5f4f8c7a5d550bd304c016a30c736d133117975 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\ja.pak
| MD5 | a4dab00e991737a89335b1606edc0cc3 |
| SHA1 | 111b692a2b5d4337b2baacadc8bd3c6ad787a304 |
| SHA256 | e9f2a4cb104d14c168bbca4cc8eac462fa074cd0f80c62134afb763d7b444944 |
| SHA512 | 473cec3d92a343de1e0143f2301af5423fe6067bf997c40b8e3e7a9eeaed8878c3d3add41141262745c52688ff91a004057681b55864b6229a24b1ce3acbcdb6 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\it.pak
| MD5 | 6b6e505c15f8ddf44876762ad2ca51a7 |
| SHA1 | 551d6e3b111aac6c96cea4cff939d0e25d4f1403 |
| SHA256 | ea71154eb34bdc4183e0be8bf803730d6bd315020b814cf0ac63a04a1f6ea42f |
| SHA512 | 3e17189ea9c3f22ba88afa99b3d4d8abf08e84af0d5c1e345a280ffd7ff1716ef3d7ab299f884fe1f272617ad595d21530464477576e6282ae4907b60668aeb4 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\lt.pak
| MD5 | 3e9119a712530a825bca226ec54dba45 |
| SHA1 | 10f1b6bf2fa3a1b5af894d51b4eb47296c0dbc36 |
| SHA256 | 3da531a9a5870315823e74b23031cb81379d2d94ae9894a7fb1d8a8ad51a2da9 |
| SHA512 | 765c872cafa1b266575b0cac09dfa796cdb860bd82e1c657397fe2aada11771f306b0a1776e4d66ff41e94b153c812592430f31e7b1ff97abe7d8e6b96d321f1 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\lv.pak
| MD5 | b69dfbbc9262ef0396cbccbae1a450a5 |
| SHA1 | 18cdbd405f9ba96516d4089019e9d10f8513c594 |
| SHA256 | 7e343ba5eddbb08350e701bdbeb41196500a4b21b165a7cecb258cdd4666ed6f |
| SHA512 | 5365f788c8b7c70b68011c236388251d08c39cbe2ed8ab2694937e3c4ef5989663f11891900474d8200c1df20b4c3dd6ea60b141227a2d116d50d0e4842ad916 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\ms.pak
| MD5 | 73096184d7bd6a9a2a27202d30a3cfa1 |
| SHA1 | ea711b29787aa8b9e9af6bde5b74103429e5855f |
| SHA256 | d1072514bab63af5dfbf923175d491787139f0c1b6361acb23e67543836c84ba |
| SHA512 | e3fbee4896554e502c222b5ffe38e9d61e9db4d18cdc92ce5118b819dc60789bfd6d6c7f8444ff1763222455ab91e79bfe500e75c0e06b0de70c2c64fb043c6f |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\pt-BR.pak
| MD5 | 88a0d51135ac6eb63a1ae2c3d7d6b7e1 |
| SHA1 | 0d82dce50f9971039ffcc3c52cb10ef22b5c0879 |
| SHA256 | d773a3feb2f96d7eaa488430525efa2c3e1c332eb23a73dda5318a9cf3311fc7 |
| SHA512 | d9c332f159b1f866a554823cd9c50a266cb9b68459c8d4d128fa00416067630ea255ea685f3529ef8f4982798a5c3d13193bfc99ef8185528dc693842f86a3b7 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\sl.pak
| MD5 | e8ed4db6b4aeb22fe5fcacc6930942f2 |
| SHA1 | 71b46213d399c2f1e4ca15d10a352b0910e357c8 |
| SHA256 | 892b70d912b09b2b2cfc2e0de740730fc95efd9144d42da4952da7809a41a39a |
| SHA512 | 6cc685329fbfdd834813575aa912e8001a4de47c2fe7156f83cc8ff9ebaadea44c412f2e18ca23972041ee0ef8869028b736f483f2230a3f71e463f71b840672 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\tr.pak
| MD5 | 4421ecf9f210190446bb1f6bfbf32968 |
| SHA1 | 339f33edd05433f909a3ec82a82bc9b7ebc8d551 |
| SHA256 | c388ffbe429cfb886a19fbb7b2c184dd82f09614f4a05e70fcfc1813b785b042 |
| SHA512 | eaa11a2e6f9039c877c5abb1a5bc8c31bc4161defdbe509000792b7526c8fa0af8de76b60008d4256ada0b9f6bbe25dbb44baadcf26a67e58563aa5d98c916e9 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\th.pak
| MD5 | cfe988427f59a8eee9912a0598c5d874 |
| SHA1 | ef81ef21da5c93895a5a0a7ed09944f7dc16ce2f |
| SHA256 | 0b61787cd5aa05a6b631f9e59d68f2f1a6f8d955e7d136aa186b920d091ed1e6 |
| SHA512 | 2f4e745ec9830ca4b958b9ce40ba4ad99a180e08b3d4356f4ba3376be1f72ee33dfe018e7538bc2d851548ca448601504eab9147e9b88e8f9e1564e78436ef51 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\te.pak
| MD5 | fb1f79e63c6be573ecf4f3848640e41f |
| SHA1 | 21c705991bbd36b06fd8f773b144e77a6fe58d0a |
| SHA256 | 21bcb510745b3427647195d35ecd18a2eab47aac47c04e8284105fcc76626352 |
| SHA512 | 339e7135104532163a048a01bedfd6e92e3dc5059b2390c1bd59a5a9db73cc3d70c40d1b10f6ca7a3baee5123e995208b88e6800875b151b4b53004ea3ac8988 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\ta.pak
| MD5 | c86a6fca8f0bdb5e8058fc37cc32e4e3 |
| SHA1 | a4cfee55fa92a182aead90a0edb84082e04c35bf |
| SHA256 | e6fe05a4e8644c69eb6dfd0ac80a3196b9f7b8adb90836ad077309463b04bb23 |
| SHA512 | b5709c92a96241c630124e249edb682ba00d035f1fe689e2cb685cc4f4050aa99ae8ae83141eaf6aebdd747d26228716c4e3ae44ae23ef96951a9fbcb1d58a67 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\sw.pak
| MD5 | ce3a3e426d21f1c6ec7930106350fd81 |
| SHA1 | 44693544eefeb7f8441420228c8f7c0a80a40d28 |
| SHA256 | 77df771dbb7e70097bf43152d941e5295377d8864aebb3ed22b2079be74fc90e |
| SHA512 | 2a6d8dd8978d48b6f9b8745b383e3298855dddc4b238f0bcf07df697b1139d002696dddcacd4afc93096ee3b72e5a2eefe605c90c5c79fe76585168eedf2ad91 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\sv.pak
| MD5 | d578b2f9ce88de97b201258aa7b54bda |
| SHA1 | f45b2ff661694f488df36485a078b55941314b76 |
| SHA256 | 4e70a55b463922080d544fea186f7266519dfed6caa15f5cfd229265ad36a531 |
| SHA512 | 2283a7e45b3729237446aa9b1b2439a1a9b759822c4fa8235bffaa9628a49b33e45e539db208e935440782001ae63b4b995a057fdaa2f828d04b257c20a670a3 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\sr.pak
| MD5 | 8f58b2463e8240ef62e651685e1f17d8 |
| SHA1 | 6c9f302aed807a67f6b93bcb79577397a5ad3cf7 |
| SHA256 | 5a55320d6953efb5b565893e32e01f6dae781a16460df5502c8ba012c893edfd |
| SHA512 | 6076d43a73d5fa5192cbe597e018b268cfdc7efb94a6cb45dad5b0da9c3abf68aaf2ea06f3ad650b28a993605917b6d356339d79f8dd6962d2c40dbf4653ef83 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\sk.pak
| MD5 | f117e58e6eb53da1dbfa4c04a798e96f |
| SHA1 | e98cee0a94a9494c0cfc639bb9e42a4602c23236 |
| SHA256 | b46db20eeba11f8365296b54469fdd001579852dc1d49a01fc59d2a8bcf880a3 |
| SHA512 | dea792a63e0557d9e868c0310ec2a68b713daf5cf926389e05a0885cdb05433d20f35d087de269f9584795da50600966b8ff5dd95583861443a1e90564a89793 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\ru.pak
| MD5 | 2ff64897da3f382ca433f7e6dfa9b971 |
| SHA1 | 435fda3cd1377021aad69337f1ba0f6a22eec1ae |
| SHA256 | 5f65b10de8ee34faef509345c41311f468e4042bfa8990c799fe94cfaeac00c7 |
| SHA512 | f59770d9977c94daca4ae100f45be5dcda96e758a9de32a15020c481a50a0f5db24ace9e68a9e08602815b282a337edd2276c1c988dcae06ca343f78f30180d7 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\ro.pak
| MD5 | 4e692489e2ae74a4a11ca0a113048f15 |
| SHA1 | cb2b80217d5372242d656ac015c024fe1e5e77b7 |
| SHA256 | 4a2a305668f1926cfe4bb72e8fbfde747c83ac4dd9cf535c13ae642d0b96fb79 |
| SHA512 | 8ad9e0a79137a862def24d6963536e75b87bb71ab74dbdd43531c5c95ddd3cd834f22c6a8e3a1e03aad35ade65ecd227d5101b5be3ce3f0b7b471f5136cfd77c |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\pt-PT.pak
| MD5 | 0237374730fa1a92dec60c206d7df283 |
| SHA1 | 62dbbd855d83ef982a15c647b5608dafb748745a |
| SHA256 | 2fb2fd2e32b952dcbc8914f9d3aaf02bf2750b72abfee2e8b2bb08062ddd9934 |
| SHA512 | 63ec4ec44002724e22703a3bd952d1ff4062b367c4f5e3f106349bd226ad1317bef2e371fda0e099ea5c0afd32a9d2c1246c93c18d73dccf8fc2c1644a6fb6b2 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\pl.pak
| MD5 | 00011ac2cb23c159ddca327e8e3e9d81 |
| SHA1 | 639163df3b7cfb798a93414a162d2e86c20707f5 |
| SHA256 | c12b119ed6e762b7c0bcf5c52e6fee1ad0ef57b9f7af10c3ab71efcdafe7a2e1 |
| SHA512 | 10f4d34aeaf8c26afe82ec5fce69a0d0da26d7240798bb455eec26fc5029c5f41853a7e510c07dbc37cbc6bc7b08c680e231f3a0410eb5fc21aa3c307d2c2379 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\nl.pak
| MD5 | b7829a2ae1b6fb747335ab6cd650f63f |
| SHA1 | 6c6962bf9432d035add7e28a2c4b890b026363c3 |
| SHA256 | 7243b7c2500a06683a381d47c8aeb1e3088f8b7415f29bb7bf50c619e3e6c13b |
| SHA512 | eb553f46b75d2cb2dd267705a75742314ce031da1f0b7355f859b3c9fb64efc6e6554db8d08c19ac42c5cd6055915cfa2a9dec05f9e8528b7fc42758e6f22187 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\nb.pak
| MD5 | f8c436fd011fea36b29e8d889de11793 |
| SHA1 | 68b30e8b9390572accb406bc0d2be8f6de07bc46 |
| SHA256 | 508426fded0a52c389dc3ae325d1a7b93bf56d49086c4e0326e0e70dad2d11db |
| SHA512 | ba275ed48313b33b1ae28a9d5bd3c079a613c2149d5945fdf4b08db3ea5bae6aa0d2f314e855fcaaee1d1388b7c38f4d43c3faf58f60be467562cf2cbe84286e |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\mr.pak
| MD5 | fda40999c6a1b435a1490f5edca57ccd |
| SHA1 | 41103b2182281df2e7c04a3fff23ec6a416d6aa9 |
| SHA256 | 0ebb125a0bdfd1e21b79914ca8e279790d41f7bac35bf2d031dd7981f1c1c056 |
| SHA512 | 666ceb24d2e568a00a77512295e224a6545bf6abcfa19c93aa823db5330117fcb39fde570e7601dbd41976950c3ec03634f89fc5d9203357515e6651ab0b6d32 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\ml.pak
| MD5 | 6e96eddfe80da6aaa87f677feef4d1d6 |
| SHA1 | 8a998785d56bc32b15cee97b172cd2dcdc8508d9 |
| SHA256 | e2fb73353ab05eb78f9845bdbdf50b64c9fb776b7f08948f976fe64e683397c4 |
| SHA512 | feea11dfc6ec153ab903b5828306617eedeee19daa73bd046ae47757795fecb9abce6192bb3a9561aaace7fc85ee442057b93081c6c986855b819fd38815e6f7 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\uk.pak
| MD5 | cafb6184f8a3d80aeedf5cab50cbaf27 |
| SHA1 | ec19a2093c4c552344486b52e4919084aa47037b |
| SHA256 | fb3dc0a600e80774c4bf45d25ed62b76d7cff32eab3a79fa88cda50fc12b5fc7 |
| SHA512 | 2479a0afdf2eaf779f4db96804e346424385f5f8c07366984daa4f5692e4a1d9fca965cba424935688592f38852040c1896475026ad519dc83d8463113183b29 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\zh-TW.pak
| MD5 | 5ad179cc582933b6afd977514b8a89d4 |
| SHA1 | cdaac5025b94a1cc041133bd17bb82319b3cb004 |
| SHA256 | edc4bb5b93b6dc1263f10c2c1282e0b60445fe673dc68f06162d1c11b6ec0719 |
| SHA512 | 2422487594909c3808cc7b27f728a220aaddb8200d202686035d554c71e61b64283a2ddab9c49b03ad99bb21c94f119d1bcd58c5b1a7d5ed1955ee36ea8364b8 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\zh-CN.pak
| MD5 | 168968ed7705a2a62c559395724c92ab |
| SHA1 | f0a67118affc19e8298ec79a87e0978bf1bd3278 |
| SHA256 | 2398097bb87c9ce6e844ca69a6c65e75b3930e70ba085be7d2ea9bdfd09dd5fa |
| SHA512 | b6d4f8a19c3cfcc80e29f6cead38d95f1cb8116680573b554a97709882a25473d9b02aad60a1ca2a2fa474274ea8cb0ca6fee2d631190e1ee63d83a90399f1fb |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\vi.pak
| MD5 | acb8af4f3dc1ab39439e6421884c610b |
| SHA1 | 1fe795293b2ecb88ae58968b4646a6dad22e130f |
| SHA256 | 7524a99ecb0fa8cafb168386ff075a51972aee8c3287ae403938a2b1cce36642 |
| SHA512 | 3249f1e823d54d613574b6d4475c3d94c833a12127057d6d514f1c0ce1646d8875743fd36dc3a2bcc5d338f9bfc068394df6d903e7f24e6b6cbb293314b4779c |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\locales\ur.pak
| MD5 | 861ffd74ae5b392d578b3f3004c94ce3 |
| SHA1 | 8a4a05317a0f11d9d216b3e53e58475c301d7ea5 |
| SHA256 | b9f22a23368bf1e21f3085583ecb775cce8045176721ff6ae798b06bd2810dbc |
| SHA512 | 52ede35b7ed1fb6e51b18e450b95c3245d326f2afda646e3642ee68b714dcf9a726afe32e2759e9ea87a104f4a59e6fc2c60b3275aad8332ae1c626231e6747b |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\resources\app.asar
| MD5 | 0056bc4caa6b0577debc0dae0db4f47d |
| SHA1 | 63197f3b54b9aacb678d697a51c4110f5105ddf9 |
| SHA256 | 1175ad7557eac28efe79df9da282e978c7b4fd541dd656cbc379e39cf65b5d39 |
| SHA512 | 88854cd9abddd09e83fce1b8b29f3a844c85a6c7a3789142d082cb962654f94234acaa837e518cbef702bdd3be8f52e103de4fc51f78e294487adb36580221c1 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\7z-out\resources\elevate.exe
| MD5 | 792b92c8ad13c46f27c7ced0810694df |
| SHA1 | d8d449b92de20a57df722df46435ba4553ecc802 |
| SHA256 | 9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37 |
| SHA512 | 6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\WinShell.dll
| MD5 | 1cc7c37b7e0c8cd8bf04b6cc283e1e56 |
| SHA1 | 0b9519763be6625bd5abce175dcc59c96d100d4c |
| SHA256 | 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6 |
| SHA512 | 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aabef1f49e09086987597e75dd8b72c6 |
| SHA1 | 5cd0b39831457d0563fc15a5bd3cc3bb06bc9cd7 |
| SHA256 | a631d71a34fc540b1f916bc93183f8f5f749bb5b0bd0963d9b2e3fa7355a8fc1 |
| SHA512 | 0188e4e6271328ef1135fdc36c31f8b62d357f0004e79bf156cea51817284268abb940ecd6987ecbdfc2491d7c74a51dada8532675221a69c47165d923a706f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c34183f1c44bba818a604544c4e110e7 |
| SHA1 | de1e238a72c89706cb3bc84224d14c52ce7cb25c |
| SHA256 | c9b8d0f0f82ad6b45f6a80066bf2c9d693c5584965f7bf855b329d6bd769e82d |
| SHA512 | a032a815af70f3f556e3ff0d7d21ff5401b0f014642edbb055844e8955aef3b62bc02e6fe67abc0bd29c65dbc02c2a5663ff279de08f2ecb6cb33f6a64e4f4b7 |
C:\Users\Admin\AppData\Local\Temp\nso8183.tmp\StdUtils.dll
| MD5 | c6a6e03f77c313b267498515488c5740 |
| SHA1 | 3d49fc2784b9450962ed6b82b46e9c3c957d7c15 |
| SHA256 | b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e |
| SHA512 | 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | e2200f83df563e7df016bfeeb36d23ae |
| SHA1 | 81ada65f6f20802121b7fb2e7ebb4d2734b2f88d |
| SHA256 | 5fd0eebc1fbd5788fa460b4e2531665138e48bbf7b3128f9dfa9d9c78f8c6c40 |
| SHA512 | 3a1e67de7711b58cf426cf57cf45a67f1e947d17d6cfc75a883f0165cf1a92900347d28b7a5fc5b3e3e4364e47fef349f350cffc4adf37922c19c9789e4ecb36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6139865b5d22c4642058cb55e214d624 |
| SHA1 | 1bf9e828f08c87cf0437879716fd3d65a26d7e59 |
| SHA256 | 09524261f1d58d061214fc0e8e8ba8612cdb714a7fb0f2f3317dd51bf49105d8 |
| SHA512 | 51a2d101f8752b42abf938412eba1da746d808cd33b37d553424198872a766eb333ec30e213f4ae9f2730ed44e78975d46e0347b1099e3762c96ad787f673d1b |
C:\Users\Admin\AppData\Roaming\uniapt\DawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Roaming\uniapt\DawnCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Roaming\uniapt\DawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Roaming\uniapt\DawnCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Roaming\uniapt\Session Storage\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Roaming\uniapt\Network\Network Persistent State
| MD5 | aa88fcb956a36b0f1edc4b13a57d7b6c |
| SHA1 | b8ae80b494ba82deac9fd9f531c6d7e46eb34538 |
| SHA256 | 3d40a61b4c9f424808d26fae1abfff082efaf1b220dd5a3efb8cdf63d6ec53ff |
| SHA512 | 46b37da5ed872c62fd2dbb1cf42e3044ca3c7967f2d29fde513bab6a87ef1c7f221540e6a06f2a5d40823c98aa28441b98f20a74ffb4609432e18105347cfa00 |
C:\Users\Admin\AppData\Roaming\uniapt\Network\Network Persistent State~RFe5f42ce.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Roaming\uniapt\Session Storage\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
| MD5 | bc60deb3c0273dc1fcb96748b86b2302 |
| SHA1 | 960a5e4c41504a6f3b078e90be539ef0e0eb8559 |
| SHA256 | 631d382e3a0c3efaff4cedb1ddbf6d55ff983e745d8f7b64077ca858645a7b64 |
| SHA512 | 3853e8f5fd2dd3a5c6ac68bd1de6ec0bb627086eea2c1bb94d9ef97be63976906bcd7646ded25e1dc681a7b1b77267f5b7605af4b35911e10f8a8323f277a8d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
| MD5 | c6334512044b038e1299c4edd3654bb7 |
| SHA1 | 490f7cd5c7fdd875227c49344de31a2ca58f9335 |
| SHA256 | 3724e559397032d8851ed76802b57fe479e56925d63e5d760aff536b9249df47 |
| SHA512 | b4c9d98a802525ee82dd8a0de6f07fc77c0243f7d001aca5d54b2ec71325119be45aa4e1ef5d1d035d6237ea9dcf2c976fa170550942c50b568326157d7bfd7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
| MD5 | 253a356d4cf0f8be6526e2bf748f5752 |
| SHA1 | f9dae621348bb7825fc52839a5f0ead7f9b24e20 |
| SHA256 | 3476996d66e9b61dc2f6dec6bbd715a6bdaff07771721884cce0221a76da25b0 |
| SHA512 | 3d99f4f7059ae4c0b7eaed5aecb0f1b660427cafa77c321783ab59a698e5804699e10d447116b0690443df847b7223450cd728b1cd1aff956a90bc1e311e7300 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
| MD5 | 7d0e72a5e00e5a7827904ecb649b7333 |
| SHA1 | 0a3345d1c2056e532148cc7b7b53dde893690b4f |
| SHA256 | 4d5ad677fa9917aba64646f6c298bc0eb28f94deec5dee9a6903b3434ebc980a |
| SHA512 | b887b9c4712deace98eadb34acdd7000db3b3bad8e41dc8de02ea2776f69973e2e7f47f5fc407fb850dae8a81662869c9d87e7788e8d56f5504f404b40a77183 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
| MD5 | fef291823f143f0b6ab87ee2a459746b |
| SHA1 | 6f670fb5615157e3b857c1af70e3c80449c021aa |
| SHA256 | 2ccc2b4c56b1bc0813719c2ded1ef59cff91e7aeb5d1f3a62058bb33772b24be |
| SHA512 | cf28068cc1c1da29583c39d06f21ffa67f2b9a9c4a23e22cbfe98aacae6ddc3dde1f8dab7eaef371dc0a2230d21cc8fd41653fc5d812b14c389e07f5ef7fd5c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
| MD5 | b40f185cda34bcab137acaeab2afd3d5 |
| SHA1 | 05cdbac403f5aff64ca40d9bf4f1e7040bcf0f72 |
| SHA256 | 2ac410486727a5e4440c49cde4233e292deccd7dd84d70c81fd8951f0e51b9ea |
| SHA512 | e61732fd70b169b901dd4323132d9c854772e416639ec7b21984c96c6e94f5c77cc1a098265935135f59da15bc2c428e409c3c0209eca4c1415df3e0d42a63ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | 888c5fa4504182a0224b264a1fda0e73 |
| SHA1 | 65f058a7dead59a8063362241865526eb0148f16 |
| SHA256 | 7d757e510b1f0c4d44fd98cc0121da8ca4f44793f8583debdef300fb1dbd3715 |
| SHA512 | 1c165b9cf4687ff94a73f53624f00da24c5452a32c72f8f75257a7501bd450bff1becdc959c9c7536059e93eb87f2c022e313f145a41175e0b8663274ae6cc36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 450fb6a48e336b24a12e050d5f2090aa |
| SHA1 | 548880fa93284cee6ec520d31c8b6502a6a3c340 |
| SHA256 | 17d6861d24c9be9f166845fbf7c3eb0d700e91838199ce3c800e4ed52b194639 |
| SHA512 | 5a912a46a4722ea2ae167624bfac59c8d2c6993833ed81b94aabae4eccb5c36b080538049c9dd5ac3db8ea98b50ca1fb36e8f96b90f5fe9b48f28789ff6c9295 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 12ef192df15011d506da25c2f0d871e3 |
| SHA1 | 17e2ed54269a2030933deb6558d305a199545436 |
| SHA256 | 48205f2b6292617b0815ad4082641689f1ea21e4f071ee640b46d05cc246c718 |
| SHA512 | 960d09a3ad3a1a409b9895a32f883f5b8dd28363e3a3f0cfb3ee200bdf72a0d4563ac9a3e72326e8564f2b0987fda3c0ee629e1fc855c71c1a067ad35f037a39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | adacd4df1585d4c4c936edc4562f2543 |
| SHA1 | c62cd295ba243be4173a4ffa13b42fbc9cdad08c |
| SHA256 | be08302751b74d3577a05494e8b7fcc3b151090197ad2c964d2b6f6011184709 |
| SHA512 | a7ac25950f32d4ae00dc9c0db6a759cc45d52e80d3876a2f7a60c8b762bd72653c0bb8eb14ea939092d0f4853eb8d5bb188f775864ff09e9549e5fe7e4b5985c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a3078018bbe3f5ba3b4f783044b51044 |
| SHA1 | a2db5b32092f65697991ae056e5f048922957558 |
| SHA256 | 126cb3839f905a268604da8408ad04d5f1ced905d86bf7df377bd79f1eba68ad |
| SHA512 | 28a9352a1b827c951dfdd8077343842a89f31f8b7f363ea0b8888b3869fd1af17575ab4d68c2d9222fa27547b94b3d91f9da5178879fa452651a539a6cc0da24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cbf5d9222abbfe43976899536481481d |
| SHA1 | ebddd56c9308f1e524ef4e6329371f326a32c8f3 |
| SHA256 | 975a456e19d9910dbb4f83ae92f28c7fc570dd0f69bb2c6250956bec543b569b |
| SHA512 | ec841c339d0fa1f13abe63ebee3e0b89035990ccb18b128c0ffe8452d30e1a9e5c5d534b922b43e521d33320e899c889ae68c7b6dac1a2e755ab87c05729afdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 89f5553eda7af43a7ff87361054b5473 |
| SHA1 | e8632f45062eaf147ff39ad749c1dc2806ec4889 |
| SHA256 | 8cac8841c8868e7bf790a9baad37806272d3612de48863bcc159a3cb6ccad340 |
| SHA512 | 7b178d3fd7b6d9255cf856783e65581561d2d8990d30ed142b47d5d05650447c6e099f9b6b7b967ef86f1c6bf2ea47be87029a9c4c76266f90988ffa0b825af4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9832282727ab0efe63ac0518024dd2e5 |
| SHA1 | 0e10da83715069cd54b203e3072fa1b488af2034 |
| SHA256 | d8a04901a101bdba816532114e3f7a48f1188a9f7c68b2e241b9a4b86f57cc75 |
| SHA512 | 8f38854649f19ddd2386c54af8d21bdfc38c4e24da531d186de0d1540ebdc6c5519f6bc26f92b93daf5d3f5960c80b83c4e51e8d0b3f3801abceb3dba5aadf8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a577ba3afb6fdc413283349ae10b0b13 |
| SHA1 | 034a0543da98046c0da513180fb0fe1b2b1cc8b1 |
| SHA256 | e2898ddd1cce400764c8a34fa7c826512f57ac7d7aec82a6a5794dfc7ae512da |
| SHA512 | 743c085f6255eff542f1a2e79eb88b5b37cbfd780e16e692cd4111554b8d8b225324a53407b1d6f4b47c1997909aeac35bba440efe007f5a05ade54b89ac13b9 |
memory/2956-2284-0x00000000001E0000-0x000000000028A000-memory.dmp
memory/2956-2285-0x0000000074190000-0x0000000074940000-memory.dmp
memory/2956-2286-0x0000000005030000-0x00000000055D4000-memory.dmp
memory/2956-2287-0x0000000004B30000-0x0000000004BC2000-memory.dmp
memory/2956-2288-0x0000000004C50000-0x0000000004C60000-memory.dmp
memory/2956-2289-0x0000000004BF0000-0x0000000004BFA000-memory.dmp
memory/2956-2290-0x0000000004D00000-0x0000000004D14000-memory.dmp
memory/5888-2300-0x0000000074190000-0x0000000074940000-memory.dmp
memory/5888-2301-0x00000000055B0000-0x00000000055C0000-memory.dmp
memory/5888-2302-0x0000000005530000-0x0000000005544000-memory.dmp
memory/2956-2303-0x0000000005CF0000-0x0000000005CFA000-memory.dmp
memory/2956-2304-0x0000000005D00000-0x0000000005D0E000-memory.dmp
memory/2956-2305-0x0000000005D50000-0x0000000005DD8000-memory.dmp
memory/2956-2306-0x0000000008920000-0x00000000089BC000-memory.dmp
C:\Users\Admin\AppData\Roaming\AZibCvGEQY.exe
| MD5 | 66469c7a7dd603a5910183207c000503 |
| SHA1 | c97d702a6c01b2dbfeba714d902d1b0bdcf914d4 |
| SHA256 | f29ca51ab4f94de1be168737174063f7fb8540543160478c64bef4ba611b0e14 |
| SHA512 | 6461578613929c9d1985eb870511e2f1a561d4d0a1b2b27835d17a7b042e5cb5f683edc9b4dd8499b8b71dc2bd38a9fde0e079a96a253a8f8e4b6af1db05067a |
memory/5564-2311-0x0000000004780000-0x00000000047B6000-memory.dmp
memory/5564-2312-0x0000000074190000-0x0000000074940000-memory.dmp
memory/5564-2313-0x0000000004820000-0x0000000004830000-memory.dmp
memory/5564-2314-0x0000000004E60000-0x0000000005488000-memory.dmp
memory/2956-2315-0x0000000074190000-0x0000000074940000-memory.dmp
memory/5564-2316-0x0000000004820000-0x0000000004830000-memory.dmp
memory/5812-2317-0x0000000004CF0000-0x0000000004D00000-memory.dmp
memory/5812-2318-0x0000000004CF0000-0x0000000004D00000-memory.dmp
memory/5812-2319-0x0000000074190000-0x0000000074940000-memory.dmp
memory/2956-2320-0x0000000004C50000-0x0000000004C60000-memory.dmp
memory/5812-2321-0x0000000005AA0000-0x0000000005AC2000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_y5p132e5.jae.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/5812-2328-0x0000000005C20000-0x0000000005C86000-memory.dmp
memory/2280-2329-0x0000000000400000-0x0000000000440000-memory.dmp
memory/5564-2322-0x0000000005630000-0x0000000005696000-memory.dmp
memory/2956-2336-0x0000000074190000-0x0000000074940000-memory.dmp
memory/2280-2346-0x0000000074190000-0x0000000074940000-memory.dmp
memory/5564-2345-0x0000000005710000-0x0000000005A64000-memory.dmp
memory/5888-2347-0x0000000074190000-0x0000000074940000-memory.dmp
memory/2280-2348-0x0000000004F60000-0x0000000004F70000-memory.dmp
memory/5812-2349-0x00000000062E0000-0x00000000062FE000-memory.dmp
memory/5564-2350-0x0000000005D60000-0x0000000005DAC000-memory.dmp
memory/5812-2351-0x0000000004CF0000-0x0000000004D00000-memory.dmp
memory/5564-2352-0x0000000004820000-0x0000000004830000-memory.dmp
memory/5812-2353-0x00000000068B0000-0x00000000068E2000-memory.dmp
memory/5564-2354-0x000000007FAC0000-0x000000007FAD0000-memory.dmp
memory/5812-2355-0x00000000714E0000-0x000000007152C000-memory.dmp
memory/5812-2365-0x0000000006890000-0x00000000068AE000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cc00ac333f0bf986_0
| MD5 | c48cf6d54f6391dbbc80314c0cb2c4c9 |
| SHA1 | 11973751d48f37d25f93af24487f844d9ba6ad90 |
| SHA256 | 99e7f565393163b263228553a55f4e38eb743c118aa4f9bcb417d76747eba411 |
| SHA512 | 70f2d7984bbcfbf4a165d259f651c9467102078da2aa80539b2969f2712fcbc6c5db786aeba3d378b9b4447f318f0757b16afb7465126bc0206a77253ba06d77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1d6f86f8bd95fd1d_0
| MD5 | 74341b38e7298abfda4ea9145af767db |
| SHA1 | 3d2c432c04858dff90e0ae8dc4bea580f5247ceb |
| SHA256 | 034d86577519a09d8495d9907dd1ba1f7ee44c421984086f3dd6b6716cd6851f |
| SHA512 | b986b685c09e52c1a8160d20529532d43b95444989a6df4ac8dcd175e66229ee274b477d60e98204e090c3d4704c137c1f7d4143ee1be8979899ca5838aeef58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\64d97b09dba174fc_0
| MD5 | cb87c07f2b919a4366ebdef7a747d496 |
| SHA1 | 8328d0dd6671ce1da4c5e7ceb20f3458f2caa3dc |
| SHA256 | c6209a247f43fce7c74861e728ff6121a6e351475e6cbe599b95427e023768ac |
| SHA512 | 149305081f48acb537e5c7c79f68da3342e4af8e8968f61387887ee740514da467a7a5f8d057daf27598c05d64da52c5c24faa9b95a73325f50dce767778608b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c12ccb2945c7c3c3_0
| MD5 | 80e45f746fb5bc0de29f23352636f7b7 |
| SHA1 | b96fc9a81e6cac9243432261adba1d5e620782d5 |
| SHA256 | 96d75b6889652c6e29dd6b251d6a5b36b2d314d1fe996d51eb9cf1f2ff5fe27d |
| SHA512 | 0272592758c8c7bf0456878fed5f227d13951fd42de6ed1715598cba496602d1846ffaa9d401fe08c001edc4011a742a1dbd3f7f68ed95627f90f08d769ae431 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d38d81d256ea7ab1_0
| MD5 | 8d44e5a82476e9b75699101a633f2c7c |
| SHA1 | f936f0c1f28355c0ff98e4482f74de3faedfee26 |
| SHA256 | 6a1b23c657e9581e6e83ace3a5c6c548fcec3702b5ab2d89f91e8e0882b647ec |
| SHA512 | eb65151a167d5e8ae8ba3191717203a3fa2702c505c8a589d0a1464a79b99a56d342ffbe823b9227f4376c904bb30d05ec04acf6d590fe24458ba66a8efb34f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\515fe5b21749ce9e_0
| MD5 | 0ad8162a93922cb67ed41a8cac8bff28 |
| SHA1 | 4a7fed85deeeaa5df1389475f01d2832d8be0b94 |
| SHA256 | e6ece124cb89d326bd4b54bb13b3a35543de917218c5c9f9a848d01925da48be |
| SHA512 | 14f0d8a1bd3675c7d6694ab7e7f760dba6327e3987656145cf0e959ac22cae958eed2547e8b17023798dd1eb2458a80f1e5cb4827fc3c80a750bf97d859ddb10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d3c3904fca3e0eb07f33858c9a6c9163 |
| SHA1 | 6af8f436042547d23d05a68640e2a8e926a71ef0 |
| SHA256 | 65fbca21d752a6e07ab4c6fcbcfe3dca27e50ce7cf03ead2701c7046495104d3 |
| SHA512 | 5c384bfdb7e3d8769669caf7e94ba555edbb1c162d1a8d8c6b68bbabc980e0a9b09cf324051edf37d22e8ca88e8a07ebb63c5620bb07196fd135284436ccfa84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 43368e5fa4fa92fff8d993a5a4819331 |
| SHA1 | 4febd35edeaea2104da6ff453a890897d3ae0787 |
| SHA256 | e9d6d17e854f4b6a23426759efda0a9bebcc7145844f94b5eb97e92ecc3e9415 |
| SHA512 | 30595e77bcc334a166c4b2e616b42ee6c2b5baaf58184be7155b8d89d41af2563de8a47bb1599a98e5be98fd94c396538431c94e297159aa2da1974a778ac960 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 98f2f3ea130b83a35d9a17a21fcd890e |
| SHA1 | 53f129a2eb4adfad0db92d53bed073cf7c352f94 |
| SHA256 | cad369f1a3ff5e808c655714d965a4938b48d404a4c8731066cff352e86449d8 |
| SHA512 | f0e7c670178cb007bcfe283952c44d7192314d39979e959b92e802bc619d5c0c3a19a997730e50f456e7eb045eb76c324b80472a310ff7e7142a578730c5b3dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3989844e52bc7717b35b3a20c5c04326 |
| SHA1 | 09bb2c6482382e19ca16c8c27bd000a34f4cafb5 |
| SHA256 | 5b9f2b97ad022b8d34dc408ae3da07c12336a0347d2fc830b673d5722d67654a |
| SHA512 | 4a954f0b64269eb8e176104688aa41c58e1823f871136ebed5108931a834abc7374d633014fd86698329d415286b683f90bec8ae4923d4f533e78a83dc095c33 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3d923daccd6eab2575ed45bf99840dab |
| SHA1 | b71311c58c8b65a493a9ce4ae7769b12e5d25f4c |
| SHA256 | 821335714c3a1b34a4c7a413e83db896ed7560cf2d08bd0c21c1235f5726a055 |
| SHA512 | 548bc07af10950c30b8bd91755eaba280d6cf95519e0142098afa357773b06c5e8fa3f632de9752be049e0d96df6196cf5c37bcf241d9a9d11a4b541ba09064a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0a3f8cd2650c05d3c569188992f6f203 |
| SHA1 | a1b270b19d65a5fa15cca8590af7a65181830389 |
| SHA256 | c34090ba573e268b8125f3a0f1c717c7aae90b5194b73bd9483160baa231203e |
| SHA512 | a1e0d72d729ceb7765ecdacdd17c9a118f2a7372a96ff72f2c743b2b919780d15d3d36209cf00f856550cad29b31f0be20798a0ea2fd8ea544a55918e5b72069 |
C:\Users\Admin\Downloads\d391d938c4fe11b3e2f65ada257e9331f85e44766ae3c29427ea082473d063c2.zip
| MD5 | 0996f4c5f771d798d2046e9fe34b7c5f |
| SHA1 | 0ac61b30be10f69b0f89937afba9338a570af1a5 |
| SHA256 | 666d22ead6be8c2ce9ee981f66b2e199e35e0d8f3fd5ecf3653619b002e2a42e |
| SHA512 | 8d41ca57cf1d332310be0975a4f029b260fbc11e1580d74fbecbadbec166fae5c258c8f1a48b0504bb6945a832265b195872b017cb9ecded7086cd676128af16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8ab15f6aaed395ffbcf67066df7c5aae |
| SHA1 | c48c4d11abb7b7b2113528deff04e3e3afd09bba |
| SHA256 | 5815e1a0a56c2dd7f00ee989274c3a2ab0fbeba27e62bfc3f5d3dbfa2657392d |
| SHA512 | 1f5b28ca535e721c6ffb76db85999993efa50ad15ec181e6c18ca7adea094e6ddbefe5447b3d549d98483b9bacb044abf9fa33e1d2cf7d4ef4e1f12d66a08e93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 880ade2a4438cc70f1de751960356661 |
| SHA1 | 03b292066565c667ee8c66312cca918118bdfa55 |
| SHA256 | 1a6b2c118ad6a00a09e34e907c1eee264db1ad41f1ea0cd1a98dfdc1a2316ec3 |
| SHA512 | c067d7b592008f524bc6d8fbb9c0c33385f30fc7e1405967c6ce3b354c35ea2996f8f87eca2352fb0ba79f277a02fcc6a85bf71fbb22776b0b66b0a533ad0897 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e9f918a2372484016675efd428bd0c45 |
| SHA1 | cab9dcbc673cecb843dbb8cab9078fee3568e30e |
| SHA256 | 28993d2fc098cfdce7c0c99249fc44bc5a6b9c33e89989041acd0aa03b4d69cb |
| SHA512 | 40c51270355bc1a07e66d8ca3cb2ff8c4580dc01ad1430f1f7b0041684d0413f99d3d7044664ecec490676909c26d3fda9b9f70c05fb4939bbebce8419509852 |