Analysis Overview
Threat Level: Known bad
The file https://www.mediafire.com/file_premium/assofbaf8cg4hmn/Tool.rar/file was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Sets file execution options in registry
Downloads MZ/PE file
Registers COM server for autorun
Checks computer location settings
Executes dropped EXE
Loads dropped DLL
Checks whether UAC is enabled
Checks installed software on the system
Checks system information in the registry
Suspicious use of NtCreateThreadExHideFromDebugger
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
Enumerates physical storage devices
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: GetForegroundWindowSpam
NTFS ADS
Suspicious use of UnmapMainImage
Suspicious behavior: EnumeratesProcesses
Checks SCSI registry key(s)
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Checks processor information in registry
Modifies Internet Explorer settings
Opens file in notepad (likely ransom note)
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Modifies registry class
Modifies data under HKEY_USERS
Enumerates system info in registry
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-23 03:55
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-23 03:55
Reported
2024-02-23 04:15
Platform
win10v2004-20240221-en
Max time kernel
1199s
Max time network
1201s
Command Line
Signatures
Lumma Stealer
Downloads MZ/PE file
Sets file execution options in registry
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EUE35F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EUE35F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU91D7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU91D7.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EUE35F.tmp\MicrosoftEdgeUpdate.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{491B3F26-48E7-4BF4-9079-EEAC5D81371F}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{491B3F26-48E7-4BF4-9079-EEAC5D81371F}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.17\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.17\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{491B3F26-48E7-4BF4-9079-EEAC5D81371F}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.17\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{491B3F26-48E7-4BF4-9079-EEAC5D81371F}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.17\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{491B3F26-48E7-4BF4-9079-EEAC5D81371F}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.17\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{491B3F26-48E7-4BF4-9079-EEAC5D81371F}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.17\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.17\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{491B3F26-48E7-4BF4-9079-EEAC5D81371F}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{491B3F26-48E7-4BF4-9079-EEAC5D81371F}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.17\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.185.17\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{491B3F26-48E7-4BF4-9079-EEAC5D81371F}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU91D7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EUE35F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU91D7.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EUE35F.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\AvatarEditorImages\CircleCutoutLarge.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\GameSettings\ScrollBarMiddle_Wide.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\StudioToolbox\ArrowDownIconWhite.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\LuaApp\graphic\player-tile-background-dark.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\LuaApp\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\LuaApp\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\AnimationEditor\FaceCaptureUI\ReRecordButton.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\Controls\DefaultController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EUE35F.tmp\msedgeupdateres_el.dll | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\WebView2Loader.dll | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU91D7.tmp\msedgeupdateres_is.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0238851C-B96D-4FF7-9EE5-84E9CE667F9B}\MicrosoftEdgeUpdateSetup_X86_1.3.185.17.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\AnimationEditor\button_control_start.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\StudioToolbox\package_dark.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\PlatformContent\pc\textures\ice\normaldetail.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\LuaChatV2\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\InGameMenu\TouchControls\move_area_landscape.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\fonts\families\ComicNeueAngular.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\121.0.2277.128\Locales\kk.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\EDGEMITMP_9BC89.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\TopBar\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\DeveloperFramework\MediaPlayerControls\play_button.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ViewSelector\front.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\SelfView\SelfView_icon_indicator_on.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\Locales\ro.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\EDGEMITMP_9BC89.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\121.0.2277.128\show_third_party_software_licenses.bat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\EDGEMITMP_9BC89.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\VoiceChat\Misc\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\Emotes\Editor\Large\OrangeHighlight.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\PlayerList\UnFriend.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\9SliceEditor\Dragger2OutlinedLeft.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\StudioToolbox\AssetConfig\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\MenuBar\arrow_right.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\Debugger\Breakpoints\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\RoactStudioWidgets\button_hover.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\121.0.2277.128\identity_proxy\dev.identity_helper.exe.manifest | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\EDGEMITMP_9BC89.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\StudioUIEditor\icon_resize4.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\Chat\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\PlayerList\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU91D7.tmp\MicrosoftEdgeUpdateOnDemand.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0238851C-B96D-4FF7-9EE5-84E9CE667F9B}\MicrosoftEdgeUpdateSetup_X86_1.3.185.17.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\fonts\gamecontrollerdb.txt | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\StudioToolbox\AssetConfig\copy_2x.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\121.0.2277.128\Locales\ro.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\EDGEMITMP_9BC89.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\Controls\DefaultController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\LuaApp\ExternalSite\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU91D7.tmp\msedgeupdateres_mt.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0238851C-B96D-4FF7-9EE5-84E9CE667F9B}\MicrosoftEdgeUpdateSetup_X86_1.3.185.17.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\DeveloperInspector\Close.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\LuaApp\graphic\gr-avatar mask-90x90.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\LuaApp\ExternalSite\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\RoduxDevtools\ToolbarIcon.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\StudioSharedUI\RoundedLeftBorder.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\avatar\compositing\CompositTShirt.mesh | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\advClosed-hand-weld.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\TerrainTools\icon_shape_cylinder.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\Input\DashedLine.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\LuaApp\graphic\GameDetailsBackground\loadingBkg_base.jpg | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\LuaApp\icons\ic-more-settings.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\avatar\meshes\leftleg.mesh | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\SelfView\whiteRect.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\StudioSharedUI\close.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\ExtraContent\textures\ui\Settings\Help\GenericController.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\Controls\PlayStationController\PS5\ButtonShare.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\TerrainTools\sliderbar_button.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\content\textures\ui\Lobby\Buttons\scroll_down.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService.1.0\ = "Update3COMClass" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\ProgID\ = "MicrosoftEdgeUpdate.Update3WebMachine.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\ = "Google Update Policy Status Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\ServiceParameters = "/comsvc" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\VERSIONINDEPENDENTPROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine.1.0\CLSID\ = "{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{491B3F26-48E7-4BF4-9079-EEAC5D81371F}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command\ = "\"C:\\Program Files (x86)\\Roblox\\Versions\\RobloxStudioInstaller.exe\" %1" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ProgID\ = "MicrosoftEdgeUpdate.PolicyStatusSvc.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ = "IAppCommandWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreClass\CurVer\ = "MicrosoftEdgeUpdate.CoreClass.1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LOCALSERVER32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox\DefaultIcon\ = "C:\\Program Files (x86)\\Roblox\\Versions\\version-70a2467227df4077\\RobloxPlayerBeta.exe" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search\ = "56" | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ = "IProgressWndEvents" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods\ = "12" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\Total | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\VersionIndependentProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\windows.search | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc.1.0\ = "Google Update Policy Status Class" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods\ = "27" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.CredentialDialogMachine" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 841443.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 332688.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| N/A | N/A | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediafire.com/file_premium/assofbaf8cg4hmn/Tool.rar/file
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcde7446f8,0x7ffcde744708,0x7ffcde744718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2960 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5392 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5392 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2316 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3472 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6488 /prefetch:8
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Tool.rar"
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Tool.rar"
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Tool.rar"
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Tool.rar"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Tool.rar"
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\YourHack.rar"
C:\Users\Admin\Downloads\InstallYourTool.exe
"C:\Users\Admin\Downloads\InstallYourTool.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2284 /prefetch:2
C:\Users\Admin\Downloads\InstallYourTool.exe
"C:\Users\Admin\Downloads\InstallYourTool.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Tool.rar"
C:\Users\Admin\Downloads\InstallYourTool.exe
"C:\Users\Admin\Downloads\InstallYourTool.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault36d98badhb5b8h4807ha3f0h47b7317439a0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffcde7446f8,0x7ffcde744708,0x7ffcde744718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2088,5540083855612620872,1751506465365497157,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,5540083855612620872,1751506465365497157,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault3eb3c228h08b3h4967hb644he332759ffce4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcde7446f8,0x7ffcde744708,0x7ffcde744718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,15758249228281580012,13300009668670376397,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,15758249228281580012,13300009668670376397,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultc340752eh5808h4e71h958dhc43768117679
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcde7446f8,0x7ffcde744708,0x7ffcde744718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,15836712881925183698,1306005583034215895,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,15836712881925183698,1306005583034215895,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
C:\Windows\system32\SystemSettingsAdminFlows.exe
"C:\Windows\system32\SystemSettingsAdminFlows.exe" TurnOffDevicePortal
C:\Windows\system32\SystemSettingsAdminFlows.exe
"C:\Windows\system32\SystemSettingsAdminFlows.exe" TurnOffDevicePortal
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\YourHack.rar"
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Instructions.txt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultaab87fc7hf832h4bbeh99ddh532f768d96de
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcde7446f8,0x7ffcde744708,0x7ffcde744718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,8962560547024874384,8144394255116690265,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5756 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4740 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6760 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7996 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6852 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2816 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EUE35F.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EUE35F.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MUQwOEZGNTItOTlEOS00NTI5LTlBNjMtNjU2N0JDRkNCMjYwfSIgdXNlcmlkPSJ7RDg2M0VBQkQtQTkxMi00QTZELTk5NEItNjI1MzJDNTUxQUNDfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntCMDk1QzRDMC05OUIxLTQ3RkEtOEY3RC00RkVBNDlBNDdFQjJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xODMuMjkiIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDg2NTY1NzM4MSIgaW5zdGFsbF90aW1lX21zPSI2MDQiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{1D08FF52-99D9-4529-9A63-6567BCFCB260}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MUQwOEZGNTItOTlEOS00NTI5LTlBNjMtNjU2N0JDRkNCMjYwfSIgdXNlcmlkPSJ7RDg2M0VBQkQtQTkxMi00QTZELTk5NEItNjI1MzJDNTUxQUNDfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InszQjYxNjIwQi1BRjYxLTRFODItQkNDNC0xQkQ1NTcwMkM1RjV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEwNi4wLjUyNDkuMTE5IiBuZXh0dmVyc2lvbj0iMTA2LjAuNTI0OS4xMTkiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSI1IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDg2OTU3NzI1MSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\MicrosoftEdge_X64_121.0.2277.128.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\MicrosoftEdge_X64_121.0.2277.128.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\EDGEMITMP_9BC89.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\EDGEMITMP_9BC89.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\MicrosoftEdge_X64_121.0.2277.128.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\EDGEMITMP_9BC89.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\EDGEMITMP_9BC89.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=121.0.6167.184 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C33C8358-64C2-4A37-874A-88810FEBBD43}\EDGEMITMP_9BC89.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=121.0.2277.128 --initial-client-data=0x228,0x22c,0x230,0x204,0x234,0x7ff6987f1d88,0x7ff6987f1d94,0x7ff6987f1da0
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe" -app
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MUQwOEZGNTItOTlEOS00NTI5LTlBNjMtNjU2N0JDRkNCMjYwfSIgdXNlcmlkPSJ7RDg2M0VBQkQtQTkxMi00QTZELTk5NEItNjI1MzJDNTUxQUNDfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins5MzMzOUU1OS03REZBLTRDOUMtQTM4RS0wMzk5QkEzMDU2OTV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEyMS4wLjIyNzcuMTI4IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDg4NDc2NzM5NSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwODg0ODI3NDIzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTEyOTA3MjcxOTIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzL2Q0NWE1MmU5LTU2ZDEtNGNjNi05YmQwLTI4ZDI0NjgzOTA5NT9QMT0xNzA5MjY1OTczJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVJXd2dpYTVHQ2dMMnRYeVVMWE1hNFF3Sm1jZFB2ZGpyWk5oQXRvZXdKSmdpQ3MzWEFoaXhybzJ4UWNHWDBaMlRST2xxRW9Jc0diek1tM2QlMmZ0NEM4RnclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzQ5NjA2OTYiIHRvdGFsPSIxNzQ5NjA2OTYiIGRvd25sb2FkX3RpbWVfbXM9IjM0MzMxIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTEyOTA4MTczNzciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI2IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMTMwNTg4NzMyMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTE3NjQ1NjQ4MzYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMDEzIiBkb3dubG9hZF90aW1lX21zPSI0MDU4OSIgZG93bmxvYWRlZD0iMTc0OTYwNjk2IiB0b3RhbD0iMTc0OTYwNjk2IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0NTg2NyIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:ezr_qKLNfDXXIgpVk6JbT5XgYR2Iam2odlnGrn8GFtaX2dRsAnMDm2P6qeSEaPj1BfeHmQUVxm5X-JC1Rx7d2FPW0p_y7s03rvu-zf2fQIxlV3pbz2qbUL8Ix-Q_MIMlHHi7hheAQPIkP_OMxesDU1kS--qR0O-GHD9eGfovUfs7nSdiclMntBEBE4qpwjQoOendoqi_JVXbnVfuU5h12hIdGEUTnO2CnkyyeFDExXE+launchtime:1708661128287+placelauncherurl:https%3A%2F%2Fassetgame.roblox.com%2Fgame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D218916977318%26placeId%3D4639625707%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D621a011d-d604-4b6f-bbc1-cd1ed0936eec%26joinAttemptOrigin%3DPlayButton+browsertrackerid:218916977318+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3936 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:gxHaj_dyw19sMPe7ZDSmLhQ6XqjMkAZ70yxIFtmsYEa4LsuYHWAXnBQ6Gb5tEVMoXYM5mV8WBo2PTnib2AiFQM5uf5ISXoXG7wJ1VZUxS6FUjauErjtvIfXsIyBY5wGjyUt-8j76pkkXcpD0rdNvwzymMd-vZrG5_VN4R73AoTJeWM2V49ECGKzia1qkCt_ZYr6pmA0gzgQSuJJSDaoInk4oASnI2b8-VWwhu9T13I8+launchtime:1708661306707+placelauncherurl:https%3A%2F%2Fassetgame.roblox.com%2Fgame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D218916977318%26placeId%3D4639625707%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D2e7f63e4-7028-4577-8814-69531d36f26d%26joinAttemptOrigin%3DPlayButton+browsertrackerid:218916977318+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:48b9gGNZ6wJVN05ell8wFzqRr0ZSji-qezBp6Z7p1GoTBxDicXXUBhFs9G8UhZllFRIEECOJ3aacgbhIvHO1H2X2aaF4nnbWH9eknXVUyCHfUcIWbMUNjnf30RyTd8HI1ND2vdOQxxHk8DozURQSV_pVVr_Ia0ZTtjlNtxmRaWOVUX7qTI4u4yQPtPWpu2_Fx30exiZ8y_i75PeEVXndD2knntIDrEoxVvPYJ8pvHsM+launchtime:1708661376547+placelauncherurl:https%3A%2F%2Fassetgame.roblox.com%2Fgame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D218916977318%26placeId%3D4639625707%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D498570f2-7881-4626-aab3-868c17ec5b19%26joinAttemptOrigin%3DPlayButton+browsertrackerid:218916977318+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8088 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:TXw_8BtUkJVEU6i0LY9P2UrnLCEw2cvNRyZmFc13aGrLZ0OPs5D4esUblmw09VtMuTkDp1DYnayTrcH7wisYTZzsQ-IoDr68lWg2wCalgXVXrQz1xBarCDon53IgT5ZA7Y87Xn51616Cyt7YA5buBy8ngY58caXxCQ98o4_qPCD_jQgqVzAqsDNnyKRD0Y50vcpawvSVD4ptsuScy8ZMBwxk4LOU_8ybcCNtHxgUJW0+launchtime:1708661415698+placelauncherurl:https%3A%2F%2Fassetgame.roblox.com%2Fgame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D218916977318%26placeId%3D4639625707%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D4ef9824e-b4e2-4286-80d2-3d495391570e%26joinAttemptOrigin%3DPlayButton+browsertrackerid:218916977318+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7428 /prefetch:8
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7804 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2132,6328350471078120969,3238460190570469583,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6584 /prefetch:8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3132.0.284892276\1288309256" -parentBuildID 20221007134813 -prefsHandle 1884 -prefMapHandle 1800 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6da1f146-ee14-4beb-8431-fce2e1221c93} 3132 "\\.\pipe\gecko-crash-server-pipe.3132" 1964 1649b4d5158 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3132.1.308081030\1839058266" -parentBuildID 20221007134813 -prefsHandle 2356 -prefMapHandle 2352 -prefsLen 20785 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2b5b8649-a052-4a40-b17b-92d91adc78bb} 3132 "\\.\pipe\gecko-crash-server-pipe.3132" 2368 16487671f58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3132.2.42027501\1247045819" -childID 1 -isForBrowser -prefsHandle 3032 -prefMapHandle 3288 -prefsLen 20888 -prefMapSize 233444 -jsInitHandle 1456 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f8efa50a-efe4-4c0c-b535-424b5f6f3c22} 3132 "\\.\pipe\gecko-crash-server-pipe.3132" 3284 1649b45b858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3132.3.1907875699\138173484" -childID 2 -isForBrowser -prefsHandle 3548 -prefMapHandle 3544 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1456 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {11f2cf5d-0373-405c-a149-687931390b60} 3132 "\\.\pipe\gecko-crash-server-pipe.3132" 3560 1649de17e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3132.4.1609349345\2014896998" -childID 3 -isForBrowser -prefsHandle 3760 -prefMapHandle 3548 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1456 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {653d4e13-8573-46eb-af51-cd46f5016d97} 3132 "\\.\pipe\gecko-crash-server-pipe.3132" 3768 16487661358 tab
C:\Program Files\Mozilla Firefox\minidump-analyzer.exe
"C:\Program Files\Mozilla Firefox\minidump-analyzer.exe" "C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Crash Reports\pending\2949f9e5-cb62-426b-a594-24ce48f491f6.dmp"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3132.5.2072979599\591624237" -childID 4 -isForBrowser -prefsHandle 4004 -prefMapHandle 4424 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1456 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4bff8906-0024-4a6a-a47d-57275e596220} 3132 "\\.\pipe\gecko-crash-server-pipe.3132" 1484 16487672e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3132.6.133733756\2131598976" -childID 5 -isForBrowser -prefsHandle 5340 -prefMapHandle 5316 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1456 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9f452e9a-1ceb-41e5-aa9c-8b4cff624a6e} 3132 "\\.\pipe\gecko-crash-server-pipe.3132" 3812 1649b3fd558 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3132.7.2129084923\23854818" -childID 6 -isForBrowser -prefsHandle 5464 -prefMapHandle 5468 -prefsLen 26206 -prefMapSize 233444 -jsInitHandle 1456 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e580dbc3-a46b-4fd1-b3fd-de8503186afe} 3132 "\\.\pipe\gecko-crash-server-pipe.3132" 5452 1649c35f858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3132.8.2083268701\1776910404" -childID 7 -isForBrowser -prefsHandle 5804 -prefMapHandle 5496 -prefsLen 26460 -prefMapSize 233444 -jsInitHandle 1456 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {43269c90-1246-4acb-b2df-a3998ffe153e} 3132 "\\.\pipe\gecko-crash-server-pipe.3132" 5812 164a2b68958 tab
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0238851C-B96D-4FF7-9EE5-84E9CE667F9B}\MicrosoftEdgeUpdateSetup_X86_1.3.185.17.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0238851C-B96D-4FF7-9EE5-84E9CE667F9B}\MicrosoftEdgeUpdateSetup_X86_1.3.185.17.exe" /update /sessionid "{A7CB4ED1-D73E-4FD0-A511-4E7F38BCF59A}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTdDQjRFRDEtRDczRS00RkQwLUE1MTEtNEU3RjM4QkNGNTlBfSIgdXNlcmlkPSJ7RDg2M0VBQkQtQTkxMi00QTZELTk5NEItNjI1MzJDNTUxQUNDfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntDQzAyQTRCQy1FNUI0LTRGQjctQTRBMC04OTI2RUM2NDZENzF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg1LjE3IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQzMTkwMzE5ODUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQzMTkwMzE5ODUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NTcyMzQ5MjcwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvZmRhNDMwMGQtMzA4My00NDZlLWI0YzUtODNkMTU0NTNmY2UzP1AxPTE3MDkyNjYzMTcmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9QktwM0xyQk1IRmg4UjBVZ3hjVVNOVWVrVEtPYiUyYlA1TjNBR21sUE1yTUNxdVBiNkR5bEhoSFNvdzJrRk9wOHYxbDMzeDlTdFczS1Qzcjl5T215QVhKQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NTcyNDI5NDI4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy9mZGE0MzAwZC0zMDgzLTQ0NmUtYjRjNS04M2QxNTQ1M2ZjZTM_UDE9MTcwOTI2NjMxNyZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1CS3AzTHJCTUhGaDhSMFVneGNVU05VZWtUS09iJTJiUDVOM0FHbWxQTXJNQ3F1UGI2RHlsSGhIU293MmtGT3A4djFsMzN4OVN0VzNLVDNyOXlPbXlBWEpBJTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTYyMTU2MCIgdG90YWw9IjE2MjE1NjAiIGRvd25sb2FkX3RpbWVfbXM9IjIxMTE3Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NTcyNDI5NDI4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0NTc3NjI5MjkxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iMiIgcmQ9IjYyNjAiIHBpbmdfZnJlc2huZXNzPSJ7NTZBMjc1OTUtQzQ3Mi00NzQ1LUE1Q0ItMzk0MUU5MEU1QjdGfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1MzEzNDUxMjQzNDAzOTAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSIyIiByPSIyIiBhZD0iNjI2MCIgcmQ9IjYyNjAiIHBpbmdfZnJlc2huZXNzPSJ7M0ZCMENDRTUtRUIyRi00MEEyLUI3MTktRTA1NzI1RkQxREU3fSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjEuMC4yMjc3LjEyOCIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2MjU4Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7ODA0NEVFRkQtODJBMS00RDMyLTg5RDctRkJGRkYwOTIwQzI1fSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\Temp\EU91D7.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU91D7.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{A7CB4ED1-D73E-4FD0-A511-4E7F38BCF59A}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.185.17\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODUuMTciIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTdDQjRFRDEtRDczRS00RkQwLUE1MTEtNEU3RjM4QkNGNTlBfSIgdXNlcmlkPSJ7RDg2M0VBQkQtQTkxMi00QTZELTk5NEItNjI1MzJDNTUxQUNDfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7MkY0NDcwMjUtODEzQS00MTgyLTgyNjMtNkQzNDA4MzVEMTRFfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IkRBRFkiIHByb2R1Y3RfbmFtZT0iU3RhbmRhcmQgUEMgKFEzNSArIElDSDksIDIwMDkpIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE4NS4xNyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjEiIGluc3RhbGxkYXRldGltZT0iMTcwODUxMjU1NyI-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTQ1OTA5MDkxNzciLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3132.9.1519097358\29486601" -childID 8 -isForBrowser -prefsHandle 5492 -prefMapHandle 5200 -prefsLen 26725 -prefMapSize 233444 -jsInitHandle 1456 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4922e2d6-596a-4e8b-a369-d058666dd954} 3132 "\\.\pipe\gecko-crash-server-pipe.3132" 5936 164a39a0a58 tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xdc,0x100,0x104,0x40,0x108,0x7ffcde7446f8,0x7ffcde744708,0x7ffcde744718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3816 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2420 /prefetch:2
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4416 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5380 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,14989628277092622394,9718962834958057187,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="972.0.282275232\2013158778" -parentBuildID 20221007134813 -prefsHandle 1752 -prefMapHandle 1744 -prefsLen 21138 -prefMapSize 233583 -appDir "C:\Program Files\Mozilla Firefox\browser" - {86d3d4ad-c816-4be7-9e3d-ed28f44441a9} 972 "\\.\pipe\gecko-crash-server-pipe.972" 1832 1d032ff0558 gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="972.1.1598873165\508388802" -parentBuildID 20221007134813 -prefsHandle 2180 -prefMapHandle 2176 -prefsLen 21138 -prefMapSize 233583 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b46f091c-0514-416a-ad29-5c8ad3312335} 972 "\\.\pipe\gecko-crash-server-pipe.972" 2200 1d01f3ddb58 socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="972.2.1691921094\780807902" -childID 1 -isForBrowser -prefsHandle 3064 -prefMapHandle 2968 -prefsLen 21599 -prefMapSize 233583 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {68bb40de-5ba2-40b0-b99b-2091bd48655e} 972 "\\.\pipe\gecko-crash-server-pipe.972" 2876 1d036ab3e58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="972.3.481648082\672892729" -childID 2 -isForBrowser -prefsHandle 3616 -prefMapHandle 3612 -prefsLen 26777 -prefMapSize 233583 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fc24ba9c-2b92-4e84-bf98-1507b607856c} 972 "\\.\pipe\gecko-crash-server-pipe.972" 3628 1d01f362858 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="972.4.1027092340\1540655548" -childID 3 -isForBrowser -prefsHandle 2648 -prefMapHandle 2520 -prefsLen 26836 -prefMapSize 233583 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e17f70c4-3cbc-4545-885a-62716af4bcdd} 972 "\\.\pipe\gecko-crash-server-pipe.972" 4544 1d038d27258 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="972.7.1224460812\1070371866" -childID 6 -isForBrowser -prefsHandle 5480 -prefMapHandle 5484 -prefsLen 26836 -prefMapSize 233583 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cc988d9e-3361-4972-8a47-ffe49e9bb048} 972 "\\.\pipe\gecko-crash-server-pipe.972" 5472 1d0394e6b58 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="972.6.1368129358\763012514" -childID 5 -isForBrowser -prefsHandle 5284 -prefMapHandle 5288 -prefsLen 26836 -prefMapSize 233583 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {733c6ff7-bcaf-4c48-896c-8cbbd829a424} 972 "\\.\pipe\gecko-crash-server-pipe.972" 5276 1d0394e8658 tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="972.5.703176885\906531102" -childID 4 -isForBrowser -prefsHandle 5128 -prefMapHandle 5124 -prefsLen 26836 -prefMapSize 233583 -jsInitHandle 1352 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2de8bdef-7c39-421b-ab1e-e995478ee714} 972 "\\.\pipe\gecko-crash-server-pipe.972" 5144 1d038ff5f58 tab
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | download2392.mediafire.com | udp |
| US | 199.91.155.133:443 | download2392.mediafire.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 133.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 8.8.8.8:53 | technologyenterdo.shop | udp |
| US | 104.21.80.118:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 8.8.8.8:53 | detectordiscusser.shop | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | 118.80.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 8.8.8.8:53 | turkeyunlikelyofw.shop | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 8.8.8.8:53 | associationokeo.shop | udp |
| US | 172.67.147.18:443 | associationokeo.shop | tcp |
| US | 8.8.8.8:53 | 92.60.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.202.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.147.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 104.21.80.118:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 172.67.147.18:443 | associationokeo.shop | tcp |
| US | 8.8.8.8:53 | problemregardybuiwo.fun | udp |
| US | 104.21.80.118:443 | technologyenterdo.shop | tcp |
| US | 8.8.8.8:53 | lighterepisodeheighte.fun | udp |
| US | 104.21.60.92:443 | detectordiscusser.shop | tcp |
| US | 8.8.8.8:53 | edurestunningcrackyow.fun | udp |
| US | 8.8.8.8:53 | pooreveningfuseor.pw | udp |
| US | 172.67.202.191:443 | turkeyunlikelyofw.shop | tcp |
| US | 172.67.147.18:443 | associationokeo.shop | tcp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 23.214.133.66:443 | cxcs.microsoft.net | tcp |
| GB | 92.123.128.181:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 66.133.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.73.42.20.in-addr.arpa | udp |
| GB | 92.123.128.181:443 | www.bing.com | tcp |
| GB | 92.123.128.181:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 167.128.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.64:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| NL | 128.116.21.4:443 | www.roblox.com | tcp |
| NL | 128.116.21.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.206:443 | static.rbxcdn.com | tcp |
| GB | 104.77.160.206:443 | static.rbxcdn.com | tcp |
| GB | 88.221.134.83:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.83:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.83:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.83:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.83:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.83:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| PL | 128.116.124.4:443 | roblox.com | tcp |
| US | 104.18.33.170:443 | roblox-api.arkoselabs.com | tcp |
| GB | 104.77.160.223:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | 4.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.160.77.104.in-addr.arpa | udp |
| GB | 104.77.160.222:443 | images.rbxcdn.com | tcp |
| GB | 104.77.160.222:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| GB | 104.77.160.221:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 170.33.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.124.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | www.mohmal.com | udp |
| US | 172.67.71.128:443 | www.mohmal.com | tcp |
| US | 172.67.71.128:443 | www.mohmal.com | tcp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 128.71.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 193.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| GB | 23.213.16.142:443 | s7.addthis.com | tcp |
| US | 8.8.8.8:53 | ads.eu.criteo.com | udp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | rtb.fr3.eu.criteo.com | udp |
| NL | 178.250.1.17:443 | ads.eu.criteo.com | tcp |
| FR | 178.250.7.12:443 | rtb.fr3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | rtb.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | 142.16.213.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.7.250.178.in-addr.arpa | udp |
| NL | 178.250.1.10:443 | rtb.nl3.eu.criteo.com | tcp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cat.nl3.eu.criteo.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | csm.eu.criteo.net | udp |
| US | 8.8.8.8:53 | imageproxy.eu.criteo.net | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| NL | 178.250.1.6:443 | cat.nl3.eu.criteo.com | tcp |
| NL | 178.250.1.25:443 | csm.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.15:443 | imageproxy.eu.criteo.net | tcp |
| NL | 178.250.1.25:443 | csm.eu.criteo.net | tcp |
| US | 8.8.8.8:53 | 6.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 25.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 8.8.8.8:53 | chat.roblox.com | udp |
| US | 8.8.8.8:53 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| GB | 88.221.134.57:443 | tr.rbxcdn.com | tcp |
| GB | 88.221.134.57:443 | tr.rbxcdn.com | tcp |
| GB | 104.77.160.206:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | ord2-128-116-101-3.roblox.com | udp |
| US | 8.8.8.8:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 8.8.8.8:53 | gold.roblox.com | udp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 8.8.8.8:53 | mia2-128-116-127-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | c0aws.rbxcdn.com | udp |
| US | 8.8.8.8:53 | aws-ap-northeast-1d-lms.rbx.com | udp |
| US | 8.8.8.8:53 | c0cfly.rbxcdn.com | udp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| NL | 128.116.21.3:443 | gold.roblox.com | tcp |
| GB | 87.248.205.28:443 | robloxcorp.s.llnwi.net | tcp |
| US | 128.116.127.3:443 | mia2-128-116-127-3.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| NL | 128.116.21.3:443 | gold.roblox.com | tcp |
| US | 52.8.79.247:443 | aws-us-west-1c-lms.rbx.com | tcp |
| JP | 13.114.149.88:443 | aws-ap-northeast-1d-lms.rbx.com | tcp |
| US | 205.234.175.102:443 | c0cfly.rbxcdn.com | tcp |
| US | 3.162.140.59:443 | c0aws.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 57.134.221.88.in-addr.arpa | udp |
| JP | 13.114.149.88:443 | aws-ap-northeast-1d-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| US | 8.8.8.8:53 | 28.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.175.234.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.140.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.101.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.127.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 247.79.8.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.171.66.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.149.114.13.in-addr.arpa | udp |
| NL | 128.116.21.3:443 | gold.roblox.com | tcp |
| NL | 128.116.21.3:443 | gold.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 128.116.127.3:443 | mia2-128-116-127-3.roblox.com | tcp |
| US | 52.8.79.247:443 | aws-us-west-1c-lms.rbx.com | tcp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| US | 205.234.175.102:443 | c0cfly.rbxcdn.com | tcp |
| US | 3.162.140.59:443 | c0aws.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | cs.ns1p.net | udp |
| US | 8.8.8.8:53 | sin2-128-116-97-3.roblox.com | udp |
| US | 8.8.8.8:53 | silver.roblox.com | udp |
| US | 8.8.8.8:53 | sea1-128-116-115-3.roblox.com | udp |
| US | 8.8.8.8:53 | lax2-128-116-116-3.roblox.com | udp |
| US | 8.8.8.8:53 | atl1-128-116-99-3.roblox.com | udp |
| US | 8.8.8.8:53 | sin4-128-116-50-3.roblox.com | udp |
| DE | 18.196.76.24:443 | cs.ns1p.net | tcp |
| US | 128.116.115.3:443 | sea1-128-116-115-3.roblox.com | tcp |
| SG | 128.116.97.3:443 | sin2-128-116-97-3.roblox.com | tcp |
| GB | 128.116.119.3:443 | silver.roblox.com | tcp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| US | 128.116.99.3:443 | atl1-128-116-99-3.roblox.com | tcp |
| US | 128.116.116.3:443 | lax2-128-116-116-3.roblox.com | tcp |
| US | 8.8.8.8:53 | aws-eu-west-2c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-ap-east-1b-lms.rbx.com | udp |
| US | 8.8.8.8:53 | c0ak.rbxcdn.com | udp |
| HK | 43.198.145.198:443 | aws-ap-east-1b-lms.rbx.com | tcp |
| GB | 3.11.223.22:443 | aws-eu-west-2c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | s.ns1p.net | udp |
| DE | 18.196.76.24:443 | s.ns1p.net | tcp |
| US | 8.8.8.8:53 | 24.76.196.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.223.11.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.115.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.116.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.99.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.97.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.50.116.128.in-addr.arpa | udp |
| HK | 43.198.145.198:443 | aws-ap-east-1b-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | c0.rbxcdn.com | udp |
| GB | 104.77.160.221:443 | c0.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | games.roblox.com | udp |
| US | 8.8.8.8:53 | bom1-128-116-104-3.roblox.com | udp |
| IN | 128.116.104.3:443 | bom1-128-116-104-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 198.145.198.43.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.104.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | voice.roblox.com | udp |
| US | 8.8.8.8:53 | b.ns1p.net | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 88.221.134.122:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 122.134.221.88.in-addr.arpa | udp |
| N/A | 127.0.0.1:49215 | tcp | |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| NL | 128.116.21.3:443 | client-telemetry.roblox.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| GB | 104.84.73.17:443 | clientsettingscdn.roblox.com | tcp |
| N/A | 127.0.0.1:49219 | tcp | |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| GB | 104.84.73.17:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | 17.73.84.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:49222 | tcp | |
| N/A | 127.0.0.1:49225 | tcp | |
| N/A | 127.0.0.1:49228 | tcp | |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| N/A | 127.0.0.1:49237 | tcp | |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| GB | 88.221.134.122:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:49241 | tcp | |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| GB | 88.221.134.122:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:49246 | tcp | |
| N/A | 127.0.0.1:49251 | tcp | |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:49284 | tcp | |
| N/A | 127.0.0.1:49290 | tcp | |
| N/A | 127.0.0.1:49293 | tcp | |
| N/A | 127.0.0.1:49299 | tcp | |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 89.58.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.f.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 88.221.135.73:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 73.135.221.88.in-addr.arpa | udp |
| N/A | 127.0.0.1:49608 | tcp | |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:49611 | tcp | |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| GB | 104.84.73.17:443 | clientsettingscdn.roblox.com | tcp |
| N/A | 127.0.0.1:49719 | tcp | |
| N/A | 127.0.0.1:49722 | tcp | |
| N/A | 127.0.0.1:49725 | tcp | |
| GB | 104.84.73.17:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| NL | 128.116.21.4:443 | ncs.roblox.com | tcp |
| NL | 128.116.21.4:443 | ncs.roblox.com | tcp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | c0aws.rbxcdn.com | udp |
| GB | 104.77.160.202:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 104.77.160.203:443 | static.rbxcdn.com | tcp |
| GB | 88.221.134.83:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 202.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 128.116.127.3:443 | mia2-128-116-127-3.roblox.com | tcp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| US | 128.116.99.3:443 | atl1-128-116-99-3.roblox.com | tcp |
| US | 8.8.8.8:53 | fra2-128-116-123-3.roblox.com | udp |
| GB | 128.116.119.3:443 | silver.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 8.8.8.8:53 | waw1-128-116-124-3.roblox.com | udp |
| DE | 128.116.123.3:443 | fra2-128-116-123-3.roblox.com | tcp |
| US | 52.8.79.247:443 | aws-us-west-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | aws-us-east-2c-lms.rbx.com | udp |
| PL | 128.116.124.3:443 | waw1-128-116-124-3.roblox.com | tcp |
| US | 3.20.105.136:443 | aws-us-east-2c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | s.ns1p.net | udp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| DE | 18.195.234.177:443 | s.ns1p.net | tcp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.123.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.124.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.105.20.3.in-addr.arpa | udp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| US | 8.8.8.8:53 | lga2-128-116-32-3.roblox.com | udp |
| US | 128.116.32.3:443 | lga2-128-116-32-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 212.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.234.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.ns1p.net | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 3.32.116.128.in-addr.arpa | udp |
| GB | 92.123.128.167:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.128.167:443 | r.bing.com | tcp |
| GB | 92.123.128.167:443 | r.bing.com | tcp |
| GB | 92.123.128.181:443 | r.bing.com | tcp |
| GB | 92.123.128.181:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | rule34.xxx | udp |
| US | 104.26.0.234:443 | rule34.xxx | tcp |
| US | 104.26.0.234:443 | rule34.xxx | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.56.101:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | 234.0.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.56.16.104.in-addr.arpa | udp |
| N/A | 127.0.0.1:56266 | tcp | |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | shavar.services.mozilla.com | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | firefox.settings.services.mozilla.com | udp |
| US | 34.160.144.191:443 | content-signature-2.cdn.mozilla.net | tcp |
| US | 34.117.237.239:443 | contile.services.mozilla.com | tcp |
| US | 44.227.167.82:443 | shavar.services.mozilla.com | tcp |
| US | 34.149.100.209:443 | firefox.settings.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 34.107.243.93:443 | push.services.mozilla.com | tcp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.content-signature-chains.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | 82.167.227.44.in-addr.arpa | udp |
| N/A | 127.0.0.1:56273 | tcp | |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 20.114.58.89:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 88.221.135.73:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.178.14:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.178.14:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| GB | 216.58.213.14:443 | plus.l.google.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| GB | 142.250.187.206:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.206:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.206:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.206:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.206:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.206:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 216.58.213.14:443 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.187.206:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| NL | 128.116.21.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | us-central-default-px.roblox.com | udp |
| US | 8.8.8.8:53 | us-central-default-px.roblox.com | udp |
| GB | 104.77.160.202:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.202:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.202:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.202:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.202:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.202:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | a1962.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | a1962.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | a1992.w27.akamai.net | udp |
| GB | 104.77.160.206:443 | a1992.w27.akamai.net | tcp |
| GB | 104.77.160.206:443 | a1992.w27.akamai.net | tcp |
| US | 8.8.8.8:53 | a1993.g.akamai.net | udp |
| GB | 88.221.134.145:443 | a1993.g.akamai.net | tcp |
| GB | 88.221.134.145:443 | a1993.g.akamai.net | tcp |
| GB | 88.221.134.145:443 | a1993.g.akamai.net | tcp |
| GB | 88.221.134.145:443 | a1993.g.akamai.net | tcp |
| GB | 88.221.134.145:443 | a1993.g.akamai.net | tcp |
| GB | 88.221.134.145:443 | a1993.g.akamai.net | tcp |
| US | 128.116.101.4:443 | roblox.com | tcp |
| US | 8.8.8.8:53 | a1899.dscw27.akamai.net | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | a1992.w27.akamai.net | udp |
| US | 8.8.8.8:53 | a1993.g.akamai.net | udp |
| US | 8.8.8.8:53 | a1899.dscw27.akamai.net | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com.cdn.cloudflare.net | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com.cdn.cloudflare.net | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com.cdn.cloudflare.net | udp |
| GB | 104.77.160.222:443 | a1899.dscw27.akamai.net | tcp |
| US | 8.8.8.8:53 | 86.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.134.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.101.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| NL | 128.116.21.4:443 | metrics.roblox.com | tcp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | us-central-origin-px.roblox.com | udp |
| GB | 104.77.160.221:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | a1818.b.akamai.net | udp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| NL | 128.116.21.4:443 | apis.roblox.com | tcp |
| NL | 128.116.21.3:443 | us-central-origin-px.roblox.com | tcp |
| US | 8.8.8.8:53 | us-central-origin-px.roblox.com | udp |
| US | 8.8.8.8:53 | a1818.b.akamai.net | udp |
| NL | 128.116.21.3:443 | us-central-origin-px.roblox.com | udp |
| GB | 92.123.128.167:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| NL | 128.116.21.4:443 | www.roblox.com | tcp |
| GB | 92.123.128.167:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.128.181:443 | th.bing.com | tcp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| GB | 92.123.128.167:443 | th.bing.com | tcp |
| GB | 92.123.128.181:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 200.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | gold.roblox.com | udp |
| US | 8.8.8.8:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | c0cfly.rbxcdn.com | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 104.77.160.202:443 | css.rbxcdn.com | tcp |
| GB | 104.77.160.203:443 | static.rbxcdn.com | tcp |
| GB | 88.221.134.83:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 172.64.154.86:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| NL | 128.116.21.3:443 | ecsv2.roblox.com | tcp |
| NL | 128.116.21.4:443 | metrics.roblox.com | tcp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| GB | 104.77.160.221:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| GB | 104.77.160.212:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| NL | 128.116.21.3:443 | realtime-signalr.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| US | 8.8.8.8:53 | chat.roblox.com | udp |
| US | 8.8.8.8:53 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| N/A | 127.0.0.1:53609 | tcp | |
| N/A | 127.0.0.1:53613 | tcp | |
| US | 8.8.8.8:53 | content-signature-2.cdn.mozilla.net | udp |
| US | 8.8.8.8:53 | push.services.mozilla.com | udp |
| US | 8.8.8.8:53 | contile.services.mozilla.com | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 34.149.100.209:443 | prod.remote-settings.prod.webservices.mozgcp.net | tcp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 8.8.8.8:53 | autopush.prod.mozaws.net | udp |
| US | 8.8.8.8:53 | prod.remote-settings.prod.webservices.mozgcp.net | udp |
| US | 34.107.243.93:443 | autopush.prod.mozaws.net | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 854f73d7b3f85bf181d2f2002afd17db |
| SHA1 | 53e5e04c78d1b81b5e6c400ce226e6be25e0dea8 |
| SHA256 | 54c176976e1c56f13af90be9b8b678f17f36a943210a30274be6a777cf9a8dc4 |
| SHA512 | de14899cfaad4c312804a7fe4dcb3e9221f430088cb8bf5a9b941ac392a0bbad4e6ca974e258e34617bbffff3bf6490fa90d8c6921616f44186e267ddaa02971 |
\??\pipe\LOCAL\crashpad_1952_XAWMHUALWDXWASYR
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a65ab4f620efd5ba6c5e3cba8713e711 |
| SHA1 | f79ff4397a980106300bb447ab9cd764af47db08 |
| SHA256 | 3964e81a3b4b582e570836837b90a0539e820886a35281b416e428e9bf25fd76 |
| SHA512 | 90330661b0f38ca44d6bd13a7ea2ab08a4065ec4801695e5e7e0dea154b13ac8d9b2737e36ebe9a314d2501b5ef498d03c5617c87e36986e294c701182db41b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e42f3262fa48a7699d9628a5c3e11eb1 |
| SHA1 | 3c636b22355f29c9243505f7ca494f3f5b919a3e |
| SHA256 | d61c4f227b33a1ecca6a0acbbf05ecb21d2f9c4f7ba53e452ad411741a0e7b2f |
| SHA512 | a929871405691fd06db4e6cdae151b37670a5245cb7c9e8b673eecbd329390c4073c10537244967f6d3c45f9e002b56ebfd00553e3cc35a643080b02c949067c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3c43c585a8869fba520a101b1f9d9748 |
| SHA1 | abab412d3a3bca42476734437e5e09cd15471a20 |
| SHA256 | f513009e687bcdb4ffa0053f1b52b544b2a7c2650f36b3c9ae4aa5eebaa8a590 |
| SHA512 | 30a70cacebfe0c29eb1f006b2b452f79ebc702ae17fa87ef47b8045811686b36e58f1383f6ffc112fbde7250b1b279ee2efa4b8baef09ea96d0402fbada1084d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e0ee30dafff6a9c1a897692bca47c89a |
| SHA1 | e58956e9681e35f7e93e76f3aaece476fc6d9d44 |
| SHA256 | 7b9a1780e8292d802e7acd0e9603ae5313fef13001a6187c4df9e399784aba17 |
| SHA512 | a3d58ff2d58f7cfd16b31d0d841e7a7349b6c9f90e430801eace19dedaf8e814bcddeeec4ec5e37adbfac140a7aad452986706b434d5ea34a079c22e9c8f0fc8 |
C:\Users\Admin\Downloads\Tool.rar
| MD5 | 730752802a881687d24289b058c7d0fc |
| SHA1 | 5cb05c1e23292b2eff189667c99686745e75e90b |
| SHA256 | 0a1b00d6eb1c6b3afa48b8d95742fd82cf1b694fa5d30a759b76fcdcbe536bc7 |
| SHA512 | 762d229f06a1a90e5d79d027bf26e0255d3b5d31dd8eb5de2368d7558b9b77d088983a53b6e0b2b435fa4559120e54a8d0a14d534bf08e7cf50bbdca2bd304f3 |
C:\Users\Admin\Downloads\Tool.rar
| MD5 | c50d23105986b84c1a42232e1ce2343b |
| SHA1 | ee60cefa5aa2cd2e5adf8712051fe2f776368453 |
| SHA256 | 867efe6b1b89389babbfa56047e32fd4bdfacbccf5aafa2a4a11e466f58a80cf |
| SHA512 | ea8efef5c279f4c32237143b4f72d978223afdf3b981f0794257bf76a8a9d44777f546659ddc255dec2c2c998df2f685a1040197cf406269b85e570d1159d5dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 37514bee7d7c5f9af2d725be18b8e062 |
| SHA1 | b08bec6e4ecd2f714517510ddd084afa5ee2f8df |
| SHA256 | 6dc22d542be40dcaecc77cfe74d8a70d3010a067fe8659d995f982f1d7b878ce |
| SHA512 | 533ac8889b5edd6a7dd466c526a407a43566499d8e32b9e972b05e251db554a15b6633781c2bd4eb4e4217d752dac47390ffef03b704f9ad9354811e2aea8ddd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b69adcfb75f2916b35c51474352bb803 |
| SHA1 | c4646f34326f902dcdd824338e0e9d9ec98c1eca |
| SHA256 | ba460330a066edf83b12d01733f71ee2e5a1d9ff657473ce6a02c1d55635d971 |
| SHA512 | 6074e327f9c72839df92f70fc623773128abbe598a6af6ac65f57fdcc94b219a5718721676e5e7c982383861ae40b6cb8a9284f0fa2b0db1c05192ab89fbd36f |
C:\Users\Admin\Downloads\YourHack.rar
| MD5 | 8910f0aa2040f9608ea8573a9318d111 |
| SHA1 | 6bf337d8e433c268d97d8be50b29ff54edf7feca |
| SHA256 | a51bb9c7d52de5b38066d6f7ca64fa412b788fc7f465d5c399cfa7157a526327 |
| SHA512 | dd56fd179ba2fbe87d080ff2000b636e72e192318af33f289a6e0df57f176af2643acaac11713c3eaac56fd500980fb679ae311d1df6393b337b45252b04b5e3 |
C:\Users\Admin\Downloads\InstallYourTool.exe
| MD5 | 8892bafa9b7fcba1016fbbe76a27668f |
| SHA1 | cf38ba318d56b85dd666116f7207d20bf2f3c2b9 |
| SHA256 | b9149e33535f668b88f1e829ea7e1922055c821d01e0f7f8b4dcb1004e26018a |
| SHA512 | 4b548c4f9ed37b288987d29da48448a3b580f92496e4f7d7a944fbfbe20fe158512a0fd6a04266f37017a33c3140c9ff0ad8c6edb888c7ee3af1b890bec20f85 |
C:\Users\Admin\Downloads\InstallYourTool.exe
| MD5 | a4fd56692db2dff3187350ed7a9e2919 |
| SHA1 | ab6a6f6aff2008a4bd4fdf9315d94ca17abb9071 |
| SHA256 | b6f58e4b7b40a3de880f4c1a4afb285b66741f82f6f6ae01e293324c74830ca2 |
| SHA512 | 6f63f9d06a6e2e692268d50a2be77deb00f644a6c15c4936c63a1278d0b818eb1457fc662434039ed22ad410552b1678663f2c39d1c21620e341011a44ba1c93 |
memory/3040-424-0x0000000001560000-0x0000000001561000-memory.dmp
memory/3040-423-0x0000000001550000-0x0000000001551000-memory.dmp
memory/3040-425-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/3040-426-0x0000000001590000-0x0000000001591000-memory.dmp
memory/3040-428-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/3040-429-0x00000000015B0000-0x00000000015B1000-memory.dmp
memory/3040-430-0x00000000015C0000-0x00000000015C1000-memory.dmp
memory/3040-427-0x00000000015A0000-0x00000000015A1000-memory.dmp
memory/3040-436-0x00000000015D0000-0x00000000015D1000-memory.dmp
memory/3040-437-0x00000000030A0000-0x00000000030A1000-memory.dmp
memory/3040-439-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/3040-440-0x00000000030C0000-0x00000000030C1000-memory.dmp
memory/3040-438-0x00000000030B0000-0x00000000030B1000-memory.dmp
memory/3040-441-0x00000000030D0000-0x00000000030D1000-memory.dmp
memory/3040-442-0x00000000030E0000-0x00000000030E1000-memory.dmp
memory/3040-443-0x00000000030F0000-0x00000000030F1000-memory.dmp
memory/3040-444-0x0000000003100000-0x0000000003101000-memory.dmp
memory/3040-445-0x0000000003110000-0x0000000003111000-memory.dmp
memory/3040-446-0x0000000003120000-0x0000000003121000-memory.dmp
memory/3040-447-0x0000000003130000-0x0000000003131000-memory.dmp
memory/3040-448-0x0000000003140000-0x0000000003141000-memory.dmp
memory/3040-449-0x0000000003150000-0x0000000003151000-memory.dmp
memory/3040-450-0x0000000003160000-0x0000000003161000-memory.dmp
memory/3040-451-0x0000000003280000-0x0000000003281000-memory.dmp
memory/3040-452-0x0000000003290000-0x0000000003291000-memory.dmp
memory/3040-453-0x00000000032A0000-0x00000000032A1000-memory.dmp
memory/3040-454-0x00000000032B0000-0x00000000032B1000-memory.dmp
memory/3040-455-0x00000000032C0000-0x00000000032C1000-memory.dmp
memory/3040-456-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/3040-458-0x00000000032D0000-0x00000000032E0000-memory.dmp
memory/3040-457-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/3040-459-0x00000000032E0000-0x00000000032E1000-memory.dmp
memory/3040-460-0x00000000032E0000-0x0000000003312000-memory.dmp
memory/3040-461-0x0000000000240000-0x0000000000E4A000-memory.dmp
C:\Users\Admin\Downloads\InstallYourTool.exe
| MD5 | 0cb2ccad83b488e284b3f80b7d052c67 |
| SHA1 | 1a27dd8f26afcddf3919308172ce6bda0d102e71 |
| SHA256 | a84836e41148c1077ad674cf380bbb972e75d264e684d8e7f4b0ed13f8d9d77b |
| SHA512 | ca06c9407d4787571ecb6bb783f69d8346ef9a23a48c0a446803816aa0df32452a049c7c4f1cbfc2e53b5c4f8a566fdefce827b98b55fa7223caea81040762f2 |
memory/1380-476-0x0000000000FE0000-0x0000000000FE1000-memory.dmp
memory/1380-480-0x0000000002DB0000-0x0000000002DB1000-memory.dmp
memory/1380-478-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/1380-479-0x00000000013D0000-0x00000000013D1000-memory.dmp
memory/1380-477-0x0000000000FF0000-0x0000000000FF1000-memory.dmp
memory/1380-482-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/1380-483-0x0000000002DD0000-0x0000000002DD1000-memory.dmp
memory/1380-481-0x0000000002DC0000-0x0000000002DC1000-memory.dmp
memory/1380-489-0x0000000002E00000-0x0000000002E01000-memory.dmp
memory/1380-491-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/1380-492-0x0000000002E30000-0x0000000002E31000-memory.dmp
memory/1380-490-0x0000000002E20000-0x0000000002E21000-memory.dmp
memory/1380-493-0x0000000002E40000-0x0000000002E41000-memory.dmp
memory/1380-494-0x0000000002E50000-0x0000000002E51000-memory.dmp
memory/1380-495-0x0000000002E60000-0x0000000002E61000-memory.dmp
memory/1380-496-0x0000000002E70000-0x0000000002E71000-memory.dmp
memory/1380-497-0x0000000002E80000-0x0000000002E81000-memory.dmp
memory/1380-498-0x0000000002E90000-0x0000000002E91000-memory.dmp
memory/1380-499-0x0000000002EA0000-0x0000000002EA1000-memory.dmp
memory/1380-500-0x0000000002EB0000-0x0000000002EB1000-memory.dmp
memory/1380-502-0x0000000002ED0000-0x0000000002ED1000-memory.dmp
memory/1380-505-0x0000000002F10000-0x0000000002F11000-memory.dmp
memory/1380-507-0x0000000002F30000-0x0000000002F31000-memory.dmp
memory/1380-506-0x0000000002F20000-0x0000000002F21000-memory.dmp
memory/1380-504-0x0000000002EF0000-0x0000000002EF1000-memory.dmp
memory/1380-508-0x0000000002F40000-0x0000000002F41000-memory.dmp
memory/1380-503-0x0000000002EE0000-0x0000000002EE1000-memory.dmp
memory/1380-509-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/1380-501-0x0000000002EC0000-0x0000000002EC1000-memory.dmp
memory/1380-510-0x0000000003010000-0x0000000004010000-memory.dmp
memory/1380-511-0x0000000002F50000-0x0000000002F51000-memory.dmp
memory/1380-512-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/4644-514-0x000001EC78610000-0x000001EC78611000-memory.dmp
memory/4644-513-0x000001EC78610000-0x000001EC78611000-memory.dmp
C:\Users\Admin\Downloads\InstallYourTool.exe
| MD5 | 003a843770093d9193432697a6af1879 |
| SHA1 | 247a34d98b0b61c0a39938567ca2bb184164ad31 |
| SHA256 | 42bae92ac2aad123f5b3529404eaff48570ed3343de6fd5955c43c925d077d45 |
| SHA512 | 5090eaec912ce3233034fd7cc992f27e641af9159a6dbc95106ef9989aa97ed090a17746c3783d1ba78c300e00c69f0bff678803a6dc545fee908a781564ebd8 |
memory/4988-529-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/4988-540-0x0000000000240000-0x0000000000E4A000-memory.dmp
memory/4988-560-0x0000000003170000-0x00000000031A2000-memory.dmp
memory/4988-561-0x0000000000240000-0x0000000000E4A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b189ca5735bc7bc16409a078fcdf0a6b |
| SHA1 | 91e0a4bacfd4d9af85fbc301fe67509b5d9c5d3e |
| SHA256 | 578124d14a5baa61ad0dfacd793d6fb4822eaa5cb257ca55cee61806f103a9a0 |
| SHA512 | 13b3f20b6a0800433f32d03b0c95427e2bfeb22becb85991b5018c24b5d5525c6481760070ada366f97299213b442e5f7d0ab312bc160b93d43bd87de0d3ddf6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9f14b40e1d597f1937402c927485241e |
| SHA1 | 6a037caa138f0a44f19f37eea1c8fa6d66238ba8 |
| SHA256 | a701d6eb48c4b2bbebaa89cc7cad5e8af27ae875553d4124123acdea705e17c6 |
| SHA512 | 97d797de684dcc58fea91636cb4bea3b7cf1afaf7bbbec82ada0e33270671ec3f0318bdb091fe4ef34d875fcfec4e977bc6642f1758822b396f2dea0856cab0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 408aa521d52199496d3fe5b1e609eb6e |
| SHA1 | ebc2cea1e57895dfbdc7f62b4be5faf3e36ad2b7 |
| SHA256 | 30dd6326fec0eb8288665422b322b7d27cde741cf88d6b640da52d8217cc4a5b |
| SHA512 | ba124f2550088bf99723e2ce55ea39f706201f764164589421fa9393092bbecf631a0e26f2cd950c4afc5b4ee220c24b7522ddc18298dbe08a1daae03d7f0139 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5d73ab2e92fdd2de92c9078f8e2a4204 |
| SHA1 | b8b6822615a94709d9c36f3113d9083613b7c172 |
| SHA256 | 2affed676fdeb16bd5b08e4e8ad0fd02ee93c0707ce9f7ca8f311482bf08e3ba |
| SHA512 | 918a7d4caf5dcde332ad39c3aed9e172ccf8b5e6c4339ef16b06e1c507ccf6ace74762961e7a06ef0def0913abf1e77c665cee79d4c44c1819584ef7088dbd58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5b0759ff8ab175cbc91379f651d3e88a |
| SHA1 | e6f49eb08baa64c4585f2ac1a4b95a81ed943cf7 |
| SHA256 | 0a6845b32e50cb49c1cb81c895d799d183fa7d7f6b010636038d85086c58ba4a |
| SHA512 | fa05644558aedea9d45a106062c45d1e46a9fefc55a34cc7ac59b61e3e0260a48aa6248ae250417b594f083dbdb7588e89c7ff30fa841bcbe57f92b7d00b27e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ba4fff022deb4b88cce8e8ebee0bbd58 |
| SHA1 | 96e3e3ad0f505af8710a2e6e8603ad440d51402d |
| SHA256 | 3bc1d50f9411d443e6cb5deca3ac6cb7a5eafded3132e0659fe05051a7fb9483 |
| SHA512 | 7cf892bd397ce15f374948f7234c10e38c94bba9c50843232391eade15c75011889add16367cee1b6e4f0342797a5c4e3077f37aa2f1de9ef7b264a85543e153 |
C:\Users\Admin\Downloads\Instructions.txt
| MD5 | 53e50be3b7785e9edca26fdbc1654b9c |
| SHA1 | 033a8e61cabbcce97d530aa89de8495050c2731a |
| SHA256 | 55a83bf686d87c2f1f32488d0491614026f2ca0e30d07d96de5c4265bce6dd35 |
| SHA512 | 063d4dd598b6c3e584b13b24d4c209f6897a4914016abccef570306490a5e4888aaec5037868b9fef7282ec23368261bd13bbc0aef1aff2799c542a04d034996 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4221bd568a1a7e61dc4cfe1770a1161f |
| SHA1 | 4498cec78616e981ab2adb9f41a05757a3b21108 |
| SHA256 | 420c02426ee2f9cf80bb8eb702d9d0a892bf0aaf37da3fe715d865c872de9022 |
| SHA512 | b6fdce6c590c79d18b7c40e50848ad8c797c99180205d0c38bcd2a31f0ef988a3075e07622d5e0afd8c02aaa7003a09321e99000e309c2f07b7627fecea725a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e31df0eefdf6692a17c241ff6e260dd5 |
| SHA1 | 4d2d452c81224f2041208f8fabfe73ebf76fe5b8 |
| SHA256 | 3e615d870962e7db6372928d2ad60105ccb0ccaf701657ffa53cc48c9e98fe8c |
| SHA512 | cfb04040888d80e1b60b0a3d79c5b69ca93800a71f74027f8d5c744fdac9eb2da4044c85ce9ba7758b555f33d4fe1f99560dcae86d31901004b640a9e4fb5fa5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8e09f7b6386090dc25fbc7a62794e6c2 |
| SHA1 | 3ea6d2d665f5575058fd221c356d76edbc297e76 |
| SHA256 | ae5a80df18b1f67ac3f6bc169d08b375aa333a6878279cff6504d16728568ea4 |
| SHA512 | 65497c67950eda8833bca9a8dde18aed43725f62645b8ff5ba83d36317aefbeeb12f422b2a8a8caeb2e20d002f12779be850d55a41e0c9f23aa966a5dfae74d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3d25868cc8d24989e2d1f68a09d77994 |
| SHA1 | cb0abae78210488b74d0f9c80dc7b2c256a61577 |
| SHA256 | 8439f0267a647e22b45b27dbfbf92bebc4fb66fae3c4e23a536b7b3ed0079a70 |
| SHA512 | a97c5946201973a45f9e5363221968edb1796116675918b1b4555b34bc2211e837173da18d5f591f54646ed26a63ed2c5047fe2a9e6a20e87913fc44c2be2ef7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f0ea40abdb3a50d748b8ba98f4faa1da |
| SHA1 | a2c501a9060ee6199dfd91c2b1b0798b569d7c12 |
| SHA256 | d6c92511a31e843a1c21b7c21774918fa088a6cd7caeaa8a5cefa137051a8904 |
| SHA512 | 269db649eb653fb0dc7e47c43a0b7954e5607e961cb4c096e0b65d0db8bdc5387896c0d19e86ebb4ab67b63abc141c967f245a1cc6151ffff43ff11972a25ef3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5e2e61.TMP
| MD5 | 661760f65468e15dd28c1fd21fb55e6d |
| SHA1 | 207638003735c9b113b1f47bb043cdcdbf4b0b5f |
| SHA256 | 0a5f22651f8fe6179e924a10a444b7c394c56e1ed6015d3fc336198252984c0e |
| SHA512 | 6454c5f69a2d7d7f0df4f066f539561c365bb6b14c466f282a99bf1116b72d757bef0bf03a0e0c68a7538a02a993fc070c52133ca2162c8496017053194f441c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 450516d3d03c81e60ebca98baa13df05 |
| SHA1 | ec3a3cd229c556369449e689e76e734e68db176a |
| SHA256 | c5ac4dc945803083f27579f52b6e710d9fd5409548671c6d1a2ddccc980e26ed |
| SHA512 | 11b8964952d7d4b94433a471a546f949136e2104795bf1b76e41db40583ad7c2dd4fa821e88ac3a17cfdecdf399cae386451a4fc74297a6181398629aa9158e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 777711737165464b4870e1a6987a6a3d |
| SHA1 | 6d5a7dc5fe7e57eef6464125c507bdc618600ab6 |
| SHA256 | 68012e3bd05c120e83375fefcb63ecaef9a4ff93eadab2b0661c75096ba94218 |
| SHA512 | 2ff6c8ae2800fcdc4ed76c79413d4f07cbaa143502773662eb4762d7f0ab65eb8cf08999d538e0391096bd2c7550c7111edd82e61fcc10c6aa7ddb1b18668376 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 19459f2a00ef2f19dc80b0d5c8cf74d4 |
| SHA1 | de59a55d3eade4f9fca2ca5f457673669f28f705 |
| SHA256 | 4bdfb2286f088b5b8c6b6b895e513f15321d62be0e079d1be3d07a5d31585571 |
| SHA512 | a9c3654b4de0b45e78e16425c2241926f674cb39ff265a50d5b81d51be52ac7e049614c2ea558120a57246dadf370ed8ca0a1e3826a6e0b7bd075cdad78b68e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 0a896ffbc0f47ee5330751109c8216ac |
| SHA1 | a211dc17aaa7274706be5fbadac7433d1af2d5d1 |
| SHA256 | 8de317c4f9ce743d33ce0e39ee723304d126cc19dab22efe76eec215c0934903 |
| SHA512 | b3cca57cf9ba3df5ab5ac323058d92315a81c19a84fb360529a7b9966f456266c2895bd71f7b15c0e0d3ba30630e6809154fc90c9af03978e5f7f40959d1f1b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | a127a49f49671771565e01d883a5e4fa |
| SHA1 | 09ec098e238b34c09406628c6bee1b81472fc003 |
| SHA256 | 3f208f049ffaf4a7ed808bf0ff759ce7986c177f476b380d0076fd1f5482fca6 |
| SHA512 | 61b54222e54e7ab8743a2d6ca3c36768a7b2cf22d5689a3309dee9974b1f804533720ea9de2d3beab44853d565a94f1bc0e60b9382997abcf03945219f98d734 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | 74e33b4b54f4d1f3da06ab47c5936a13 |
| SHA1 | 6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c |
| SHA256 | 535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287 |
| SHA512 | 79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
| MD5 | 3114eb92aa8bedb1c98152d2e37ea0f9 |
| SHA1 | 59c03c9291da5beb07b367b7b2c20fed780c08d4 |
| SHA256 | 18ff3bdf3debb467322f9c0caa10bf0c5a32f9b7e2010d8eea1bc12cb4b25c56 |
| SHA512 | 22644dac5129a71fd7b8cffeb9c2d313abe9a1ff9a6bcd768c159a1ae1ec19a8576460fe7a6c5fa36b6a58720b5dd59472ccd34244cc690004b4b921f2eb6741 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 66db6c0497a3916d45a8835d0cfbb3f4 |
| SHA1 | 7256d71e92c5e366e22965f788aa13abd714caf4 |
| SHA256 | e4cbc6318e7ff0a2c9395d3699ab7ec7d4edfbc7c360f12a4eb0485de94bd3c4 |
| SHA512 | 0eab22b06b61899c417b9ce6b778f92326b6e409e85584166938638ba5d48026b8385c30bd8f0140d247eadd544522f92fd623822edd85c0f2fc2a40150bb606 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a72c3ded8fb0c10bba077367749d4858 |
| SHA1 | cd37dbc556a28e3a4520af16e8003c05292bd73d |
| SHA256 | b35d642e998d82ccd4ec21a36ea0e0f49ae4388a7f2e894e5f02fa76f01e8413 |
| SHA512 | 34ab328121d5f2f2499d72cc61f4a4733a0efe3ebef1ddb21282711b2e2801f5eb81e033b78ecf6b8401775bb95440c751fdf916512cd999309f9a610bd64ae2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e682bd2f11a1a8bdaba1425435756d37 |
| SHA1 | 886389459c5f7fc6a3b583d6286cd437528d785d |
| SHA256 | 026bf7439f9d26e3c96ccb3a3814fe72b58a92ef1c279fd140b5b64a864f0d9d |
| SHA512 | 4d0823ac7de2784bf559562ccd3fea12ccbbfc1b1d7f54e8b3d5f139eae2be483af7523f3384e1cc069b57d65ef920bb29622e995d01fc2ab9dd4287e931f18c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e9d24aededff00d002e202ce8d862b53 |
| SHA1 | 417da850bca9b25b53a753eb3efe467b413ff752 |
| SHA256 | b84019ac27fb7317d287e66f7b20cdecf6e8c9b8de59f0f8527ccb8bc2857fa1 |
| SHA512 | 776f0dd3ea447fa1f879dd79b7e97a6b12204ee92e0be38023a90d2d25d4f79a51990ba32958954b2bf4bed8dc289b7045dfcb5b9c59102c5b8babf5f672f556 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | df7c61b0e40d8050d108cb9d96d1dda8 |
| SHA1 | bcde1f08c50716bfc057bc129422dca7c221d523 |
| SHA256 | 8eeb7e27eec5fb0f8e383529e9705ccb4e511d57293efcedddad70045b690ddd |
| SHA512 | fdb3364fb06550ddaa1aca17a839753971c5ef75559f2edf69d3b7c497431069512a77e6c46fea59bd09816e7d109bc8b8001bab3a84da5d1914df5ab285261e |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 34020b3f0ed03f56b9065bbebde618ae |
| SHA1 | 0b7389f59551710015163e9fedb629e7760af7b5 |
| SHA256 | 36ff0164d7ff707edf18adf251c3e2e25db7f94acf9c22ae7b0ddc5c6f3d381d |
| SHA512 | 7060fb2b341eb4317de2c07b4f6736a1fc45233602e5765039e0ff0c1e7bc0ef2032121884366c2baa04dc0393dac87a4302e31b6c75953693c7ccc3819e23d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6fde57e9d162de18c5be42f29e71ca22 |
| SHA1 | 3cfcb713d671dbbbd4e514adbaae8e9aa12fbb46 |
| SHA256 | d8ee4eec4cc641298b8de9a628069a0e1ca9279c902f6592cbcb0e19691a816f |
| SHA512 | 009efa0461e858367016f79abe3bba7fd317eb0cab751fed15bb9fedf56e13be6a7768a4d4fc976d2719c86b2a81c5976c9fa04b23949016c61aee3d52d8c9b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b786d4995be99493970ab4d3b1ea94a9 |
| SHA1 | d99ead3079d5d8e55c5f46df3b96e16e56083d79 |
| SHA256 | 5e2957d3edaa3031a26b5dd3a79ff9da865886016ed14864bce908a32b568d2d |
| SHA512 | a8615697879799b48d03a6f40a4af64c926a2a6e117aeb038fe1ed4097b0835a9601bc0463d2f4708516c0a6ffe8321186cdcde7d27b405dc302ca5a4a0dfdf5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4f6d29ead1288cad9fe0545eea145df1 |
| SHA1 | d278960ef9fa5063214a2d9710615d0ea6519157 |
| SHA256 | 424bdf5283f9cdc3e84b35cbeb1451efd2e1cd77a4d38ecc8d1532607d5ce9a5 |
| SHA512 | 3304641d05df4e5fba0aa333b44963642903a4a20458ada9af1ed0a381d2467b1975a654fe5f386b5fd80c5200fdce2bc24e747529f79cd1721b5635de638f68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3aea5ef4d4b6142b21ea6b527b31b0ea |
| SHA1 | eda23b5735807878dabcf151181b8e4c049aab5c |
| SHA256 | aeb72955c442e25931b5b1fe2b957307d777ed63639628042672a4023230ee5c |
| SHA512 | 5a11bcf21ef2356abb0531f0db481a3dd98e3cad65aab22417f6b2672616d43cbfb0f4868bd68fa8f13c261236f45f380b46a6118f16833e6e38e75fb82e17aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | d347e96ce4517124b58ded44d539c691 |
| SHA1 | cdf955ccc2a9edbde36fd89c385d86189e44a1eb |
| SHA256 | fa785a5e3361dd9bdb4b0b2154d071e690d668364931b24f706ce639f517a11c |
| SHA512 | cfcaf432f2440f8fd43d68ca2f1f0265c44c0356d90555e0266b38239afd89ba625eda927a34a9431bc1319440d1d2ebbeb0b027b46bb127fbf803672d50ce5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
| MD5 | 21af9bc981d404957c6344aaff4b3e28 |
| SHA1 | e5569bc0876884ded0d9594432cc261effc66d47 |
| SHA256 | e9515acb1b0c8f7c1008358ed424d6563cae681f0e87c53547d0cb7b9f51b051 |
| SHA512 | fb42427a114a3cb5739c30f6235c4fe3102876b2063772665c82ecce483955d357dead930e6da185f2b27fb0e72b9837ee272c3271efa5b7e80f98edf4cfaae8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007f
| MD5 | 588ee33c26fe83cb97ca65e3c66b2e87 |
| SHA1 | 842429b803132c3e7827af42fe4dc7a66e736b37 |
| SHA256 | bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760 |
| SHA512 | 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ebf34e59b96e81f9c512269423bdaa5d |
| SHA1 | aedc7b0a954aadc3c7395878becac7b787d27c28 |
| SHA256 | 5cb0ccf8b7ffd0475a5a76fb98ee93c6230d52ed071ae3293ae281c6f5b60474 |
| SHA512 | 26926be06e21d9f77f98e2f84b8b722f9108afb757949c83d9512ac5e0cf5f24d9510b4792ad04b3e94daea74fb87dff416df25626806a582b41d1ad5e240b74 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f89847dc60ea848f7b1eb8f8d2063b12 |
| SHA1 | 04d82f3c783c62e60d805a097d066ff595dc0509 |
| SHA256 | 7a06b8300d4fb2c8596141d38144c42f370a31e5f511aabf63f20eca2a6e0108 |
| SHA512 | 5efa1522f5a186d600a273b0086b9e51f0f45c5897e99137ea26268e753612eac508988e7d727ab42014d66829bfcf5261449924136478381969e5b340dfa05d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b19beb2b9a520242c583c8a463e0b23e |
| SHA1 | 6d42fc5c579747eb623afce0f68be6c3a03a52f0 |
| SHA256 | dee1c2ab5470da7b8a005201df045bf692b7ab4fb05dde3bbdb6844da7b15143 |
| SHA512 | 649271142c0c9dff9aebf4de052b3b1899cc2e4c471876d2812317c6b0938b184dfffcc5e46bbf9d60d21198aecaa690797fc0518a11c8076c7b41a3b6d72888 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | 45dec1cf7798930b189a53a98fd714fe |
| SHA1 | da0751e9a7f58a14561c62caa607e5665a0c1299 |
| SHA256 | 7e05ce8aef5ba4f58aaf5efcfe176da2f4d9b5484ef254dd57ca605d1e40392c |
| SHA512 | b37c4f2671d5871f0cb564ddbed85d91e081280660bc53bd16fd14bdd2efc89b79f7369cd935624e3fabc457b537713b65eaebe7a064e6ce3f8975c2da5c5946 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe602dab.TMP
| MD5 | 252e2904113dd384eac3fa4160dd4874 |
| SHA1 | d4a126270842730ec548089b45c0b08e35194401 |
| SHA256 | 92d62b1f82ca740a992d27a81f0d972015901f01419ef2d037d65e9084d267cc |
| SHA512 | 89c3edfc538adde41731e0b8c5fb48fcea477bba32906465d79d13c6e18416d9af6b05442e64acc7ab4278c1447e06ca2de8677dae19f4eefbc00304e5aa75e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fe7b69845c1d7e9b075839113b0c476f |
| SHA1 | 974dfe7e74f173637f5c4053950dfd265e7b3937 |
| SHA256 | 34550fb413dd13d86f4a11e0fde3c9d4db21b58809195c49e605d936b82d0db1 |
| SHA512 | 87286960a7da40877d01326463eccce5b1bec66101af875aca4c80c82f45468c95b693a436e65d40ab62bf4cf3331b2a781d07e0517041bdc1ecdc88befee310 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bdcfddc5903b21c3ad2633ac7bb27100 |
| SHA1 | e930e6be9bd15c681412f42184a2d83237dc9ef5 |
| SHA256 | 547eb4d76be6c2dc926f7ac7d403de680865e4e53e4a6447c68754072d3c2ae3 |
| SHA512 | 6b1a5cf4807a0e3824b4237f245eb23dc2a0488bfc70787f9115c472c5c55d4352d486de74f61a3f969d8568297f927e15fada7bbd730b17d82f364867427430 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d1960de23a309f3c699a8c9ba4a49749 |
| SHA1 | ad2d64b61e7447f38a8a947eed012edfca0a8360 |
| SHA256 | 68a75ea49fd69e6a440b2ec16927d4e85f6296338a9d1765f2d6ac60c7f76d0f |
| SHA512 | b138b26ee4b0938d8912019e74d396046695cb641e63d6b401dfea626f26564bef51004675d6f4f50075d625a98114c3976fe8ec13bcde335a9bf61ce24da220 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c108d60a77e9b1819f59ddd47ded9944 |
| SHA1 | 597ccf10b52cc8f2600bde695e433e04730e02d3 |
| SHA256 | d4484a04c0e68b371f7b0192d18e59135d30ab9fc1ea602dd7cfe7fc10432cc6 |
| SHA512 | cc0d8e7ee6a214801e465e53b27bf3f17529719c9d97a62196d253550b809b218eed8a270dd00588f8c8a496e935d150ff2eb43df0041fbb8f86b246a7a6cda5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | dd14816db416ad966e1f0e2e35e0e590 |
| SHA1 | f6011fb9bcaca88db2594c834aa37c0049e0f599 |
| SHA256 | a7c064957ebfa8bc6a2685ab314c8e39b182d4d071a2cbf582ad8a76bad0567a |
| SHA512 | fcade04f801b6ee358d32db50fe85c08c9a95f1a3004af95dcc685c6413d8322434b7d3a659775ef1d384a241d856014c78c19c5edc3800c1b665535cddf31fa |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
| MD5 | 884f182558478768a43de12bbb5bd168 |
| SHA1 | 831ce37ca2289cf123733306077b936c9407319d |
| SHA256 | bb4fa744d72612edd395213bba74efe233464cc8707ec55aa85052b6211757b4 |
| SHA512 | 665e957a508547a673ec354ef8008e16058e7aa50f1520e0539940c99beb35b9375c9546efa3dab58ced01a80c95a68ed17c76350efde3472da625ea877043ff |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | 99a7511e154cbce73843fad1b433d28e |
| SHA1 | 6be733a679796d39b6ca56d90ccd1fd43af1ca71 |
| SHA256 | b80a2aecaf37ada0b7e10886203208cb88e429f727d00a227867d48c8daddc1a |
| SHA512 | 4015f4615c8eca3128ea2de127625a64f436826eb85ca5eba4daaaa330fca9647cde26b6435f53f8108698ed8b68a2185a61fd7a3bf975e5380b2811f3ae8fb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 43c9e9adc906742b2ae7fd86bf0f964c |
| SHA1 | 35600cd116bfee7e20f02dded7bd0feac810e832 |
| SHA256 | 602abb7e00dd319417cb10c6f8211003d75a7d17029dff96781d34fc2508db65 |
| SHA512 | 42d127e9736cfb9d979aa6d78cedcaf00c6d9872096f50f006593aa8b7b12b5bd63f943789a22b4c5ee045fbebae134ac1352b76eb4b0dd31cdaea11cecc1a89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0354d6fb293c95b97f794a1df1e4031e |
| SHA1 | c4ebf63cd5e1f1a1d11799845e90cae98a658c0e |
| SHA256 | 0c958e916940163becfc7cfa02981c36e3eb22ae1fee1d38eb0affc0d4a27c3e |
| SHA512 | 00920f965c395406e9c4211333493be9d796a0a279a0a6f24a320e9aed954071d369cc741027a59ff8bd3b768055dcbf20573869c57a2dbf76897630d15044b7 |
C:\Program Files (x86)\Roblox\Versions\version-70a2467227df4077\RobloxPlayerLauncher.exe
| MD5 | e5d3b8a1a30406c5f0899e94020cc821 |
| SHA1 | 37351bacdd4f8edee07dfecd1ed14fcfee18eb18 |
| SHA256 | 2a5b535ccd9620aff782560722a034f5a2556a11df84e9bfe62c0b84fc86228d |
| SHA512 | 8003f619e281870ef33dfd775191dfd697deb7d2f0a4e0b4ce68a0b80514aa9ee6bdbae6eaaa1289030c31b2460d62b6091fb8f2cda18f41ffac6b7443d32955 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | dbc99c8a6e18b1a854cfedf473840b3d |
| SHA1 | 72061c7cf5673f58b8d503a4a8dc6f50f7c53994 |
| SHA256 | 17d1e811d2651a954a32992afe38d87ba911f7241135888e2567d03076f60568 |
| SHA512 | 2f81c7bac5b4675ead54bd72d2ebea02564bda05f64e15d39622c7518525fc819bf4f211777406053181b5a912b75c4cbed7ee8459d9330c199f19fad52792b6 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 00903dfa44caa9f6e6603dfc8d811d46 |
| SHA1 | 3b07f2d2066a633e67a595aa99ba82e22dfa6c09 |
| SHA256 | d25c742884f002f9ae79cfe1d4ba0ac455439980be1fa2b7d457f9c6216b7d68 |
| SHA512 | 99a6494c40487d9d09bd9033305ef851e36fd0116aaddf7bc75900d3861038ac74bf069e6ed4d3c578eaacd75946b0fce9c56ca8453e5272ed0f11dc8f776fd1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 31e4ea1a661f191ad94faabb4da06fd2 |
| SHA1 | de8e90c1d4329f28f5ac2b0411781100bc49da4e |
| SHA256 | 0ccdebd66e072568269b324dd3e6c6004d8e635309982c3258f9ac3f48762a4b |
| SHA512 | 2a94af11be38fe776ca1c7d0145f819dc6cb712c69de705bbd287fbb914dcbefa0a6aa9a0c75280d6cb4d227876ebd0b7692b59f634daa10f285befec204d2ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b784a19189bd9ff97ef7d9d369fe234d |
| SHA1 | 5446884968e36beb57f7bf1f903a82963b76a6c9 |
| SHA256 | 0cd67b0e80d78003fcd9b58153a312ca96f6ba9f4c7301ffa2bfafcfb9d70f74 |
| SHA512 | 69943ad2bf2890dad2e0e40377f3ad13a31d0477657d9e997a18b5b258e8f75103d5a3b79bbcdc1b28c74ff1719c981aad79a2805d0ed4ebc245a066fd6550ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c0d0a70b1a956801122196830d21ebd7 |
| SHA1 | df5114007cc488aaa6dcfd88d1aeb92d6baa0d66 |
| SHA256 | 11cb579bf93b8371d456e8a62bd94e8ab08be24439419cfd35335fe106547cfa |
| SHA512 | cfa368a108a597f911f70f9782a27f35a38a6a6dedf6d6f991e7f7fbb173cd1d999664a36e4d3261c716feae731d4dc05cdeab936df095da6bc56cc6936e9af3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | de794014835f45764c1449e0ff7adf52 |
| SHA1 | 09ed72ec40fcfac9bc9180c5d484463ec809e8da |
| SHA256 | fa553837b20fd1515ab5e213c80ff4a29be58598b3530f4afb12bcd029efb976 |
| SHA512 | 960ff3ee37a8470d08f867b150ed108d5050317fc0ab478dc97034c6326321f4b81666e5139678057ece945589e5c4804ce1cc828a1116657a03a0cbc2ba1ff3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\cb5d2920-b1f0-483a-b593-9f9912955ee0.tmp
| MD5 | 21d746bfb6d31e8bf52e6c91f0c7b4a1 |
| SHA1 | 073103f24e73bb041952c449731b5531be27ddba |
| SHA256 | 1b6a1b94aa936feaea36e64ddbc1b4c4bba0291431355a96ac3a879b0df91090 |
| SHA512 | ccdda13201e0c2e292f73c5db2c2d6cc0fd63826ed00109f9b26b021cc8f6a31bc1f078300e6322d9683af986a23c2958ff5c24f5e34d0f9cb532e24c6d84fdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 527fe5afd51dc046775e2eddd0688cce |
| SHA1 | 2026db7d990b882f06b266bcb795b20d6f9895ec |
| SHA256 | 089ca9068079da3105d9a86256a3515fdcbc1adf5bb2035b4bd4beb33880ec7f |
| SHA512 | 08d666043d67da58fd534a6463bc6f900709f245a61b7505da63df2b63544dc1c2b17d1af88c6f68b3c4a89c25354143069b09307d7eedc3d886a9515be12048 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fae37896497813271a1e551bdfb8b30c |
| SHA1 | 1306d47abe6575eb803ee612fcc42138327a2623 |
| SHA256 | 0b0fa6307e1c1b584ea8f74194be72bad3470f4280609a752d75afed90e7a7bc |
| SHA512 | 24c8f1aa8eb00587cc32311980cbdc18036d137f78b21cf2837a438642e7d7e3bae7c971db0d147fc8ddb71170fd150ca566a96b04e46de13396d6eeb454908b |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\121.0.2277.128\MicrosoftEdge_X64_121.0.2277.128.exe
| MD5 | e9cd8f549c2aa6be4ade62e865524c34 |
| SHA1 | 7b12119b96f5c8da3ba7760a8285c8dd7a7e5f00 |
| SHA256 | 1a71e178e117d38c31e7c8e34d9db7205c219308ec14494c40919a1997cfad03 |
| SHA512 | 5d9f83eab646022c14cca2d9a380a4e8c1bc2bfd4308b34fd84b6c4e53459577adac2e174e881903bf5e1322db1b3b6907dce3486eeb25a9e24661a89b29ec41 |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | 9b49ee49866872ae4985a272946b18a4 |
| SHA1 | 81759ce7f0ffe4dac69128be359e861c9ded8c4e |
| SHA256 | eb49919d7d1a9b2998c85ac06a9e7384409102ce75cafb0f6e4d8babc8889975 |
| SHA512 | a4011aa52a4feaae3ffec1af0401b1fbef353148cafe2aa28be1fa263bb30811feb31871eb2354ac060108de95ca1cf2a1830784ad274093c91cf2eab1eaf419 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 442751b2c891e4195cdaec1ee82f622f |
| SHA1 | b36bf67d47b07b68a26835bb5c4f3042e7e0e607 |
| SHA256 | f45210d16c5e59286486b3468e6419c5303e3a87a1fd2590c5a0f3753beeec46 |
| SHA512 | c43f9dd9ee6ae801a4194fb51742f09778475b8e937603a056e771d972305b892de903fa302bc20aeccd2be744e50972a56475e9464333ceeba194e531457131 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5de989c2ffb07ac411e5d87f200864f2 |
| SHA1 | 49b7e4b7688a38ec63be688727fb936e185b8b05 |
| SHA256 | 2939b75eb1feebabfb9628036faad50bf999bf81e58c121e07d67731d3cbabb5 |
| SHA512 | 9cec4032b502145eef08889c110491d799207273433d6a98ed2238540e875a3db0b4d7a2f7dd3bb42f5f09df0e509fb23ed1f16cccb5b679586d3fa30f7f3bc8 |
C:\Program Files (x86)\Microsoft\EdgeCore\121.0.2277.128\Installer\setup.exe
| MD5 | 7a4813d6dba0b2abf7376d79e068afb9 |
| SHA1 | a790f1518cb919875b603fc180e92f96c9e076f1 |
| SHA256 | dec061040fb655f176211bc8a3fc3a0c6d096f23d35129804a98261f1534447e |
| SHA512 | 6d93407376271abb5c902b6f508c33c83fa7e69fb192a61efa4d7a825b7abfdbfdf7b8a5f934857082a2976cd9cfcdfae1d76596aa4a2f1bebb3d712e6f6e4b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5ca0884c9a2b35737d36a6629b6acca3 |
| SHA1 | 9c396b4f58ef6865c5d50813544d120a3da70cf8 |
| SHA256 | b57810e3b73d5eb49b8242d9f59725b1bb49eefaa9011ff23aeebf0dcf3a4e6f |
| SHA512 | a8d1f1dc0a0ad247f3c32f0ffd64a98a4ca0b7863fa7b479e298602fd59c0edf10e7443f7254c2708ef4b11f7140c5b5d7b3f73d2fab8827e722475d81d38e66 |
memory/4044-3188-0x0000000003170000-0x00000000031A2000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1d7b6ecf06e6b993d88106a2a7989cf4 |
| SHA1 | c19b8255e72cafbcaad2a472dcd755474d3e50fa |
| SHA256 | 5cdb5031f8d0b989a9ed75bf7b5f88070dd281195b7b5511c498b86296e3115d |
| SHA512 | 6328eabff6d5ccdf80d1774e8daa94e6b354bcfffd86611d90e8de7d867e21e8b2e0591f2640e1707485a2bf124ec77e1335d9cada155cb7a52d6b5f1ea37410 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9b913fea179b3deaec602e6afe69531d |
| SHA1 | 447632d9c0aba203ece4a73bbad5f5fb157575a0 |
| SHA256 | 0dc742202a489beba41d38d4346568ec47deb02b9c83dd721d0ae4983947aeaf |
| SHA512 | fe4ddbf0b9da0f03b222df48b99757118a5ed46ee8af1746722167ce83d365fe6a73cffbae1e0ec5b57b29e7a262ef3bee7f2638acc72985068ba64f44e9de0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fdf2f308a86681bdcfd062cd853bc070 |
| SHA1 | f0fd1e85058a51b213c761ef9946cd100255b2ab |
| SHA256 | 5d24a73e82f7f01204a8a6fae869b97d2584beb054db5fc355c9997acbff6133 |
| SHA512 | fed69d027fc90a88694575d27e18c69c3dc1122a0e236bd7fa7a0f3e36c6b031c910ac97a248c9f4bb82a9c0243f0604bfd1f9ca0938551a0b2f7bc59e476f50 |
memory/4044-3312-0x0000000003170000-0x00000000031A2000-memory.dmp
memory/3768-3322-0x0000000003170000-0x00000000031A2000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a822b4e5931ee46d0c158fac5e1bf3e2 |
| SHA1 | 226fcd04b8f6b788eeebd181fd0d2575d04eba4e |
| SHA256 | d59065ca42af68ca9ff12fc0dbb629f684325a4bf2f9b1c8bed7bd448b029e21 |
| SHA512 | e41f6b80271e6fc4d1f90a1cce44f600f22dac1a520605847f4df45cb600c155c0ff824743a2ebb7592d3d299ff37034e48ba0d1656efd8b0e3d0254aa43d372 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3f864d40b24a9e1dab98a440e2f03272 |
| SHA1 | c7a496b678e3f2dfd67085f4a6434765dc8689ae |
| SHA256 | 274702f370c079d62fa4c15f7fc6e144151e97525077260c8fc6ca8af8d0d68b |
| SHA512 | 3d196d865c78967bf31a9b78991a049b3594e64c2be147d59c24d07da78d52362c66c34f4c107c898430afa31a9d2ff104b11ddab9452e7e69950f49325f8beb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f4fb909f530c4b64d056c3afc423ef18 |
| SHA1 | 4ac1278fda0acf336104a030ca3c29d416d43382 |
| SHA256 | 7bb7d831b286ab792ebbe318b29ca2ad211a3535b68a48bb31978d8a6ae6bfa0 |
| SHA512 | 9069d237321fa72e0a9ecb82f2ac8a8811627b5a21d81549720a5bbde9600dbdf974716f0c32eadd232603ca429ffc3edc13952037286155fa512f6857f3100a |
memory/3768-3438-0x0000000003170000-0x00000000031A2000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc24df95713f5dd66738e59a5fa3b0f0 |
| SHA1 | b86a36b994e1e48f707a4d78205e4959c951941a |
| SHA256 | 69f0413335ee8d3ac44217eea9a122595b2328f9a20b979415636114cf4ebaa6 |
| SHA512 | 625de54c865e3f59703c1934a82662432e03e58fa036270ed41eb2637695c0aa6b2630aa58f9d08f99c9929c19d5db705a72959ab4cf1bf85be2ade7b52b45e0 |
memory/4316-3450-0x0000000003170000-0x00000000031A2000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 81302961d72af043098104b65c820922 |
| SHA1 | ecf4a1f78f326545202a5486a38c99c5db6c1b68 |
| SHA256 | bd2c313ad8ee375c7ae3be0a6466d369fefc2027fe3c5c60e3005949263c7b03 |
| SHA512 | daf8ad6017f81eccaea0acef4559962a5a04c90cec667e774722963f583ff0ffd2cba733d01b813d8f07bd3e4519aa65a61a372ca717e67a6ae8f2180bc77143 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 72b6ce579375ef3bf78aaaf6effde0f9 |
| SHA1 | 20372564aaa9aaef701c6a3b63b618e2d6fff5d2 |
| SHA256 | ba6cf0a94b58407acaa7106fbd7ed97776ba353f680a11bd65eaa40e458581b4 |
| SHA512 | 0af82442cd5a5042b21c24abb2fcf05e9eee4d9ad7410ffad488626d5066ef42d7394605bcd4fd0005f511e1e1ec6b91a2822dc56bdfadcd858c3f5c48c9f7cc |
memory/4316-3570-0x0000000003170000-0x00000000031A2000-memory.dmp
memory/3736-3571-0x000002D057560000-0x000002D057561000-memory.dmp
memory/3736-3597-0x00007FFCED000000-0x00007FFCED001000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aea5e7e6f68ca7c138a9336d6b192e09 |
| SHA1 | ef1d7431f5c0e7c94a26bbf647b0b810b3c360f8 |
| SHA256 | a85e5dbe7febcc2106a9ac59b246d00c445a5b27082db89c6ca8b3746644dfd6 |
| SHA512 | 6bb1eb408f12c74e50ec4a656af5f693e9c25444f59689099acc70f4b709488326a3c876f0db781892d82748bcdc9f114c3a2b0b162e72e5e8d421adebad1957 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ee46ddb637576029cf91359c360f7771 |
| SHA1 | 056cf363348cb8377f6f9f4a03a80e30c9f83c79 |
| SHA256 | b7da5fa509098880f43605795d51412d852633952e8ada1d856520427f1a7533 |
| SHA512 | 5ebbd7de7554b76e6f22edeb2c639b1ebcdb76d94d5f1ae0b511a64fd09f274571af1328e1314761cd2701475e1de65e38f1e21176a197eaef01c43371639c21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bb1810f75b0a3c6fc551049a259982a9 |
| SHA1 | 92277f8eeab29cfe22ac9964f3754f8d442f7294 |
| SHA256 | c2a388711df351e78c73893377447e9b4cc839e48ceaa86b04c27f22f2b75edd |
| SHA512 | f809d7027f8d4ae41f8e685f2933d27464b732b2a67dcafbc551db2b438f14c48d13940c108010ad32389a34808ad5855a33cc91553eb611970bd8675d4e8052 |
memory/3736-3688-0x000002D057560000-0x000002D057561000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9e0bb90b961c1e18d9c400e12a5921a7 |
| SHA1 | a55b8125952a852e9a57e141f73612a3dfadf26e |
| SHA256 | 5ddf2ffab5d37325593a9560bf891c6c76fb1308b99da3f99a176e56381729c3 |
| SHA512 | 9c221fada26cf3a1a7af1ea31f044b03ac6954184287210df81d13d8258c89f9d1498845190ca2e160316c5c1761ad54ccb81873d48ee7780cf5e71a35aba89e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b955e765abaeb5be5851e72d76fee3ed |
| SHA1 | c24ee700dbda23257892b93129348b5a6c87b09a |
| SHA256 | cd72003689192a029d2e4990d5fbde62d663584da35eb7f03a51af70bf4493d8 |
| SHA512 | 66619e8f9d30961f455ab7476c4b5e5b42060291b9e4c5fdcfb1ba8f62aeb95c57a4035e221aded2227e119c518edc56771d33515e2884e362a9a2cc9636dc47 |
memory/1560-3709-0x00007FFCED000000-0x00007FFCED001000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | dcb40be687269c7e557a4510359291e9 |
| SHA1 | b11e11d00be9ce8d6f9ed81f2f1fcbb306feae03 |
| SHA256 | a463c815f411577e4a7fb7cf118b90f66a383ac7dfd5bb4326c5dbb0b1b5331c |
| SHA512 | 35ba759349d74712183bca400e8397eacf1d618856b85a04fc884743b6094a5425d93403a82fe170abdc751b1d9033f25a7c7f3367ca167480b9f8a5aa2e9e82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f730d1394d36b11a6a7388a5cfd28aa5 |
| SHA1 | d7dff47fe7a484d0366c427099b506e6ca495084 |
| SHA256 | 1c8e50c9be8f8274c69949be06f9308d301723a3cf33418b36700eaa3b7975d5 |
| SHA512 | cc6a561b6519fecc5da3dba2f8e75cbdda163bb63cdabdb4a6c33f5ac68c02c9dd176548b4559f78cbdde723f83fe32277191a2a8fcecca0d66f1812c476ad7d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a01a9533bea1f224fc803012303fbd1b |
| SHA1 | b46b9aa62231bf900ef42f2a45f46cdc62c87c24 |
| SHA256 | 4daebf07a429631e2598ba85e53b4bdbbaf94f336a1518c1be05f7b9cd73d26c |
| SHA512 | 7d4231478d35810cf5e9306e02cca890aae5912fe497108f08ad0808e5965a1e6913f15a63f3f15c764f28a3d2dfa2d802782e5550725bcfc8cf1ae9e16bb723 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
| MD5 | 7543896374d8cc335bfcdd19e7c6fc56 |
| SHA1 | ea52998d70a72b4b2ea3328f401c5f8cab6f5065 |
| SHA256 | 30a758213307cded176c3ef927a863a8eafc7779fffdb280fc953c922fa9b8de |
| SHA512 | 8da44149ba0c65b021595eb4715c0fd11aa660691794b410fc859c3d8fc4e0e770a20dcdca971630fb0e6a76bb430d7340dd5b09aa8203d94b99bed18716e9fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
| MD5 | d21bca0a3a599ce359039b7094bc2024 |
| SHA1 | 499c570e3c0c0a95358a33c69284a5332a9a280f |
| SHA256 | a5a714ced03b746ee1d80b6d407e200eff7bd66c3b880923f01a90f5b5cf33af |
| SHA512 | 2fa62f519c640a1b682597b1d13ec8646c86a7e97b47998939e55e886f1979385ce465019d1e4694da32b534b76b359e24c6537f1100e0c84d1dfa70bed9ac37 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 14ac0f4217bafffb3f075dd09dfbae7b |
| SHA1 | dba80e6ef5d99b6ec0fc336d714602a111b43ab5 |
| SHA256 | 32832e03f9ad83d23391d116b5044bb99cddd88a5a1c2db15224c951c60cc2ce |
| SHA512 | 571556ecb8076505338253c46eee527fd8ff9670c73562cc6174f6357596aa7db7a8e42001fa3eb963ec72b0ed6a38d630c642c56b8917c775f6f052e3c6e7c1 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 161cffd3b13dbde82188f250db5660be |
| SHA1 | b2fae9a61b19c2c21f437679c7dd96d7cfa826d4 |
| SHA256 | 8484b3788e1bcde80f174b82bef5d9c3b6417a817c415bd97a73db036a8307e1 |
| SHA512 | e906e821a7f5794bc94fbf95296fe1b08c62a10c68e2a066e487ed0207bc4a96c1c9c96a359a4a602dbd0c0fc46570182f2ac58bba0f82dbda0fe9dc4a2a5d37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 817b3db91bdcf587c589d404f1cf3dc7 |
| SHA1 | d3761ad7ea0b17ba5a47bb2cf188ab7fc262ce7c |
| SHA256 | c647cf68c5a4a4421b1df99bb8782cd232ebef4f3a19dc78b9712eb4117a1cb0 |
| SHA512 | 36f3e849c0dc7764cce27d5cef1c7888bdf9ddd420a5ed0d7fe4ac6b53f3fa7b991294fe72f88ee573de9cd72427cf7e4560c4073e94e349042d9e2b006e4e45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f6ba33aa3a0be390637ab1f9a8c1cfce |
| SHA1 | 6d3a909830dad5d22d2f176f9522f45f6086fc5c |
| SHA256 | 6dbc8d555c23b067697a3bc576edfe482fadb785e8f7fa31bebfd913cabbae33 |
| SHA512 | ee36bc33342aa5751ae2cff36bcec93e5740748766e53d5c66ce89fc730da13e3aaa38351a4b10165bbadc39ee973b5309cfda1f516cf26ca80f1f9568874e94 |
memory/4432-4159-0x00007FFCED000000-0x00007FFCED001000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 973ce5b50559692bc02bcd9a97ef3971 |
| SHA1 | ecc56433c0e24b4280da7dabc25ea3bc7c626325 |
| SHA256 | 9e2c70069b13f685552da096a89faa6e4d630c81f2bc9a27e92ef88ea4898c93 |
| SHA512 | 8f567731f2e8e463af2af66c46e1b7da1594b1264b9a002ffa59089d3dba6dd919e208c4c34038597504ddf65bfdc97993af82816d1027f3eeb329fce510ce20 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 482e0852fe7d8e176b1b93148b7076de |
| SHA1 | 6217e2b9dea2ad404491918368fa9e38ab3ad4a9 |
| SHA256 | 3ae7b2d3345472f2baca392ce76e6892a30a9e85c8e9505618861571e1cf994e |
| SHA512 | 7e44401c97b440c682f42172e5355e9beacff7e6e8cd5b59ed98d604bb5510d92ee316ed69c1b4dd14113e3553662afa2b602abaaf597bc4a8852e8e275d5c21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1a108699dd89c02b08da3525b971efd6 |
| SHA1 | 7911b407373f98650f415454a0ab74064c824c39 |
| SHA256 | 60e4d35ed3e6f8846f28ae860ee694afff0c09c773f1cf352249e93a8a715845 |
| SHA512 | 19b2dca5c52c6a140b717677b759a013dc55f0b160e68248f6bc5908f5e83ddd6353bba59cc8f30a093bbb5749992796faf48721b327e3237bc6bc96856dc3f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 378fb872c58a3520536076e9d8e5348d |
| SHA1 | d8f2ad848fbc9a79109c3e741b2c43999c72ee5f |
| SHA256 | b3d1cc87b32d93a1ff01a7e9d8b97391e0eaf5ee8df9e7013af46c2fafe4e3c6 |
| SHA512 | fa16fe23ed6e62c22db6fb64b0ef194d33fb3db42783e9abf8b14b3f847338200c24b4caedc81ea31ec1486e816957be6f9707526f3fbbb675d8a7d19c9d2dcf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 73ca09ef42d77257ebdd809591a31786 |
| SHA1 | f6aebc5102517fca069e761c4dd8264ef6c6c7de |
| SHA256 | c17ac9aecf37b6afc1c3130c52b0f50cc9bcff9fe7c707bf9e567d999b50070a |
| SHA512 | 6203d02d113d32df725770fc77bcb37f54754e79ea285708cc19aaacdd43345bef34e68d2bcb6dce9a9c67a98a292c947ff5712946d7a1daebdb6b15a54a8eb2 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\QIY9KDPR\microsoft.windows[1].xml
| MD5 | 33e8fb5aa712f84122569d9d56e9d054 |
| SHA1 | ec5da2b31d14d5a0e9f65f362057e61d6489e998 |
| SHA256 | 7cc1514d4cc20d7e14c1c5a220581f2f25e01929a4f7af9c9f14e0f10c2efcc6 |
| SHA512 | b505936fd3f8ddef0acf48d223c877c5b811fa491fd4f21547f6ef12de27fdcbf3912835a9073492997881bcb9cc0eac9b13a91e33c615505f33cedd3741af70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4e74b5b030384dc160e6b7b30fd142dd |
| SHA1 | 8d34f8871fa0a86fb893575229237778d44983a4 |
| SHA256 | 1006b9bf9592ee509485bd6411f9146db9e805464f919842fbd00622e537055b |
| SHA512 | 03d5f14c099713503cbca691edc1d3e7f433c8a8609f82086afbb8316eedf5af17b5ba77c2ba2035cc3407651f11efc0c499546b7062670623e3933ef3ede1a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aa53dd4872300888e19c4a446aeaaff7 |
| SHA1 | 7d552fe3fa4f3fc79b693c483014448113a2e1bb |
| SHA256 | 671ffe56b2d6bf61241f2f37b7a8f1fe269a4a76f0de62b3763dbd9b4ba36b58 |
| SHA512 | ae936e6c54578d45f1301ec0768a895d95c9108080d089e18d95330a03b0f5a6650eaee1d151eb046bc5f3a62f90b7b69523b4d391ab39a21f5464b9035039aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a3102d2bf7e121b64e1f578070a8ae2a |
| SHA1 | ec98b8e3060aa72329dfb2270624cae488087fb8 |
| SHA256 | 9b297c78f1f23b17aa92bf664bc89ac2294c83330b0fd70effafb8b0ae9b9d7d |
| SHA512 | 447274de22bc235ed35852c975978778696da6d48335bb78f27c3d0c6be3ee3acbf7c867ce030ef6dbf56d9ce5129f4e24ab72f73b0a284c7f2d5c934127d1bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
| MD5 | 3cd0f2f60ab620c7be0c2c3dbf2cda97 |
| SHA1 | 47fad82bfa9a32d578c0c84aed2840c55bd27bfb |
| SHA256 | 29a3b99e23b07099e1d2a3c0b4cff458a2eba2519f4654c26cf22d03f149e36b |
| SHA512 | ef6e3bbd7e03be8e514936bcb0b5a59b4cf4e677ad24d6d2dfca8c1ec95f134ae37f2042d8bf9a0e343b68bff98a0fd748503f35d5e9d42cdaa1dc283dec89fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
| MD5 | cf989be758e8dab43e0a5bc0798c71e0 |
| SHA1 | 97537516ffd3621ffdd0219ede2a0771a9d1e01d |
| SHA256 | beeca69af7bea038faf8f688bf2f10fda22dee6d9d9429306d379a7a4be0c615 |
| SHA512 | f8a88edb6bcd029ad02cba25cae57fdf9bbc7fa17c26e7d03f09040eb0559bc27bd4db11025706190ae548363a1d3b3f95519b9740e562bb9531c4d51e3ca2b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
| MD5 | 24cab279a1b1479cd2848b4cf4db97d8 |
| SHA1 | c59c889167dfa25ea85e0ab5b93db29270cd9a3a |
| SHA256 | 2feef54f715ea3e6192ec7a9d30e910044968a41d8fe91fc9b1b469ad574df51 |
| SHA512 | d1ec7ed765e5ec1b5e095a917437ddcd783ad01a1d6025f1125906617afc24e1d3a9cd702616d18c4231e5ffe60e5326a8dee855db42bc417568283c310e5c10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
| MD5 | 65b00bec774c969842aceb3199fbe254 |
| SHA1 | bd464411b9578497f081a5f8b6c04180b6ee0f0a |
| SHA256 | d604e67e9d16b6b3d2f10687a36ec00597c48288fa60bfa957bd3ca78eadceda |
| SHA512 | 0c89ad2ca25ecd9058e42ed477bf6cd1512859c7ac63701206a82f2591b2878acc7f9354b6a23245fd186ca9b3c809cf7700c0e3e43f469c37580d8531d3beac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
| MD5 | bb3fc9718561b34e8ab4e7b60bf19da6 |
| SHA1 | 61c958bedf93d543622351633d91ad9dda838723 |
| SHA256 | d6ea500b6752094a4c340d4f5ed01afdca1925006077560d9a3f56054cd8d141 |
| SHA512 | 97da30e9a0d14e6f9151539b77b2216e0f6b6cc4742f075077f9ff92f46f8b97e82f020c562625261eaa01bcf810ce81c0b7b71340ac566aef1bef5a07dac63e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 97ebaf44fdd837420febfc3a4199692d |
| SHA1 | 0b3092bd3aef13a0a79dcf339e2404779b5fbbbd |
| SHA256 | 469b70bbb0969898e397f482cd935014609952f0974aef7546aa3fed9731f074 |
| SHA512 | 71a9099a1269bcb173b1cffe8c6b794dfbbc3e5b2b5724f6e9719638df2ce164c7d525072cc1f363eca32ac704b14175afe5e6be6f0d622e20bebd58a5a155a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e638e53c021f33f073b9a980cf81e0e4 |
| SHA1 | e4e988d913442f3c636cc50fa7285a79bf520c87 |
| SHA256 | 6746480be05380f3831fd4fa7b609050c69c520e9a438b5ee8b872afc75708a7 |
| SHA512 | 1d4aaf2d79577789a78977c4e421f48838a6bee13ba91fc5a6308fef2b78456902f608572459071e140c4fe0de01ac63e34ab72f532915d9fb092538832f8d79 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1884c2500c22a140c0a0d86d90a5a300 |
| SHA1 | e67e7e03b225cc64f9ccfcc3286e330518ad6058 |
| SHA256 | c87355833b786a5b81a15169cf898285d18aef1727a645cd3df0782e4be31ce3 |
| SHA512 | e4f4f92079d0c9504caa482edf5aebc44337e536ea012574fa00f12ef01e8a5f2409032fbe5deceb00d52e7fdd224d2eccfc98ba200795106804ddcd0ff3023e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 539e4ff256e14b3d3eb40ac2c2949ddc |
| SHA1 | 2f9719e093626399867f3e4fd214f535170d5887 |
| SHA256 | 1b256eb9f171e1e703bd13d0ee481755bd441957502b17c4ebd3837ecdab8de3 |
| SHA512 | c2cf0408462de8e945a380e28650393c0b72ddb38624b5aa690b33f9da000887412ad227047ca2dde66dd20c766884df87e0d145358c1b39044255be60ba85e2 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 5ce6be54ffe8ec397db95592dfea0100 |
| SHA1 | f0f95e0d1e24bab77e0b050b4dabff4b2ad95ae4 |
| SHA256 | b491ae668431e952a0c564f8ac63fe4293a74810866abf0fa3ef77bab1bee324 |
| SHA512 | 070a1f8ea7e69ec7cb9bd31a87343fa5b64b13d0fc7ec6f2348b6ebcb73a72cbec2d578b764ece824fac1faf8e5218188a0fd5a6843645354fd6cee819e6d1f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f16e6739ea681df0baf150f794f62bb8 |
| SHA1 | 9a1228f9f04bc7d1be7cc471cfa9350852c3976d |
| SHA256 | a35cd742c2aa8244a02ed199988b6a6f1ad8be085cfc1919e9b8c4c4c62eb6b3 |
| SHA512 | 4bd45b94c8e86d5804ed4741f7490cdbf5e515d444b8204e2311e2206d8645317d1d311f2d36f57fd0d1126725001a22660f2baaa76d47ddb7f67c80866a7228 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c4b815de4b5ec62dae0238065d8d5175 |
| SHA1 | 648d0ba0981df11e616729d1e8f74316d9754107 |
| SHA256 | 2f9740ab0b454d854797b7b7c9b8338b8be0dfc7dd8d2967854ee0ed92f70ee2 |
| SHA512 | 753f399dec762f5f96f6d2c7b1f6a9458a9da292311c7941e1e938d9eb8190a7425fd71fe6a8ec3a0758897ccf82621cad3ee494a1c745a89778f8e987789a7f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\datareporting\glean\pending_pings\2c801142-ad4c-4522-9381-4f24c54fa1bb
| MD5 | ada01a5ddbe70d276272e057300282cf |
| SHA1 | 4ab1d2fc27fbac5661d39ac4e85ace274cadbed0 |
| SHA256 | 791b3a793bd64b4d30df21f5e1d00c112911a814b4fe2089e7688285ae2c5963 |
| SHA512 | a7279db52f64c7367403017a87854037fb3b0579922f08ba0b8b4f5ccd59dfb9cf6b7305eed8c68d0e5689211c4f3a37fc8146818bd310e2f16ec91630b2ff36 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\datareporting\glean\pending_pings\8acbb967-f600-4dff-9b14-514a477b9c8b
| MD5 | cf2f1ff8fc79df0aa5e3d0efb6a92bf7 |
| SHA1 | 7d797c66841f58a1a77fadab9596fa55af38442a |
| SHA256 | 7202e19aa88448f6243bbe0651e90b12b66e1b853757e3d2261f375d164c7430 |
| SHA512 | 77754e6a2fa41c6d16ed13cdfcfcea8451f78e7b6dd6611424532a348c8a460bbd10f0ede47145c9a9915c74b17bbe9ced9a6116bed8ad19e2338d94e200737e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\datareporting\glean\db\data.safe.bin
| MD5 | f89be100ed68bdc5ba08d6778c8812bb |
| SHA1 | 4a462e83fe659e0681fdaffa63bc3a0dbd3ccbe7 |
| SHA256 | 17ffc97dd31fa265250d6aa4ad0f3618e62beef27920cd050786ed5de402fb88 |
| SHA512 | 1e5e8ac52209f9d1672f14f45246ea34d20f2e7228ed4196709d2680bb1b30daee20e9c9f07b5876a5302a9ac1dd3225d74f434e9629aeabb74a145da6fe2a1f |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\prefs.js
| MD5 | 7a7df3557147f92ba44db707d46da2e9 |
| SHA1 | 8d48395e782460981b1cc3719856f656e67080df |
| SHA256 | 2246e1a8f408cb799b66bb62797a2687bec9fa251e6c7cb081be970b52d35073 |
| SHA512 | f8244a762eeb23efe5ab5b58a39004470e4c23bfd9fdb95d684f51a5d58ed293353ef612a6f7e4828e1cb8d29b8eae6547c20f436f2b6206de7cc28bc2abd41d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5b860ed0addbb78996717d135d88ac7b |
| SHA1 | a75fff899b627533fc1fdaabcecfbfb9eb831a33 |
| SHA256 | 9c04dcf555ef5a2cb97af75bbe701c4492155a598917d5df618e9b630f422b1e |
| SHA512 | cf575fd923d19f6c652e329a52a893a2a28b5f028e48edf6f4a62d56efb0b3aa8e27025058cc9cd548c9bf3a48e844666a38ba6ec2df471fc1b39a789a206e4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e6a85809f4afa95dac9ecf454c0cd7a7 |
| SHA1 | 3e787a05861cd2e96a969d9fcb10e78d8d72d4cf |
| SHA256 | b20be2d535c15f361cdcca8c0b9506c2aeb153c8239ccc854299fd60d2a57ab9 |
| SHA512 | 526ba852febaf60cb44e9ac7f2111da5cd344545156615c56222f7fb1c0f4bb9791d4c72e285bdf222e160b8b466bd775e57449fe4c2269568f09f2a54e2ba70 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ec9168db9af64d87e9a6efb886d66439 |
| SHA1 | e550a966e0ec4efd54d160cbfb2f8a139f7ea8b0 |
| SHA256 | fc66aad93647c22692569b6c6d56a33f24abf502c1e1b41235d69276b5ff6112 |
| SHA512 | 45b6e8d50c53d4ae9110c581ebbf5e40911c387586c825db1b85fa638be1970fdc8e73e19909162159928a36fb10dded410ac87271a9f2d8802fd5cd303a1fcf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2bb94304501ef9fed46b83386ba1d3f8 |
| SHA1 | eba6307437dc155b95736477fbb4d591c2facaf3 |
| SHA256 | 6ef6f5291cdca3157477a34431db7d3f89e94ff177756bc224f56f5a2594f289 |
| SHA512 | fc665616e9d4443ffbfb7187e3bcbf334edba6bdcd283fb8ee5628304945c5de6a5828d0a79ef11f10d5c69fe72da8cd0e6611e8b09b7985533aed7634662ec1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8019f987b893fcee71fa4985d461610a |
| SHA1 | 6899d187cf21ae5d4256434b105df7ac4bd15f32 |
| SHA256 | aadd5016a1ee5c8fa771f7227338eaa553f5bcf03e74930c0582d7a0ea817e9c |
| SHA512 | 386598ffc00300ec83019bca7f68bb7515a73c9dee5c83850fe8c4ea3633d9701d0dd2a69a6c5d3db2cd371ae3871965ffe3dadfe9579d5fd022f42b3a5bbd19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\prefs.js
| MD5 | de4869ff1711ed2932a5f1660d152646 |
| SHA1 | 3d46ae216a39a47872ebfabb52a2b48b64f567af |
| SHA256 | 7c1c9133ec3a54285b6e40af12d7a6a6d6843bdc81ad1f8f84bce9cf122ce991 |
| SHA512 | 4facc89804b26987b80de2901d0821402277bffba1c8fb7dfadb49005b55ab0e52c8b83aa3f101dd5821413647c847cb9ce52c72597fdf4062613dccfd71563a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 532bb4517f8818d74806a42f6c22cc6b |
| SHA1 | b56ecd5cab5451a7607387972802d686e93637f1 |
| SHA256 | 345064b897903c566d938c0922606abb2b1df376c1e3ff03eaf9bb414b17053a |
| SHA512 | 1f0f58029b65f78c9a381de921c633e6001179ed2b310c17f418057c9a22135a9f4e814ddf67268d01a68a1e9ccf454245b859a056a0c4f7c7f9e327d662523a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\prefs-1.js
| MD5 | a63441ee0d9b726a6242d36eeeab7187 |
| SHA1 | 544f203838947b162bc1db3dea1964cadad2be4a |
| SHA256 | d385d77c0eff93dce91e3c025e1239293869f79e45f713b8922fbdb13eb27412 |
| SHA512 | aaf06afdd9ca754ce99f2810e1f7eb164d2c3dbe1ad9746eb0d1d8c8e4824b88cb0786530ade3b69291e43adfe549753e7585a4f80437f00b7626d95150efa66 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.185.17\MicrosoftEdgeUpdateSetup_X86_1.3.185.17.exe
| MD5 | d91100ec53ee4439f4620a9f6306ebae |
| SHA1 | 962941b2107a5757dd40deb95059f623cbdf83a8 |
| SHA256 | eabb560b3fdc15ded542d9b274cc8608aa5387b1c596a58a46f54106cf08c794 |
| SHA512 | 45bc103587240efc92d7e56eaf5809aa43baea5954770836ea9342e00539481a185e4c6e2b82ce0e9c2d2a2fbfa864248c093586a43c1aa5f8bb878d6b28cca0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 273096a1c0328eb104701fa5a09d662b |
| SHA1 | a6f8cf592150ebe2a2b372e27fdec8057555f050 |
| SHA256 | 0fb358b4d9baea40bdedbf87bd7dc9fad4febdd887882c1888df19ada946666e |
| SHA512 | b3d8fa5830f1647926971fffa8ca124b593fdc6eb205caa9d22e413c58c7b4a3e818cdf6f3303c64bd5be9596eefb71481fe9128e3accb211aa2eb88f68990f6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | f1e7f27a92480d8ebca122fed960882c |
| SHA1 | 1bb6bdd966b58ec70b15dd0c7920f2b465a56a53 |
| SHA256 | 68860c94829966b9f6072c73987fadae70ba5e047d9cf1d75ce9c03e02ab2238 |
| SHA512 | 52038592aa5c487d98a147aa52d5702b94d45091bf7f90a6c02e9d5632c0e7b196ab7b3d06b6afbba391f975aece7fcacdf665b36a994d1c6901eeb12853e5dd |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\crashes\store.json.mozlz4.tmp
| MD5 | a1febc0834843902a2a1053d14a56a48 |
| SHA1 | 7a5eb8a993511aec4563bdeb394442cfb8e53126 |
| SHA256 | 79f75af9f4884974e11dfcac0a57534aed7562fbc497dfd79f3f5bc2e0bb083d |
| SHA512 | 31642f4d33945dfe87f8fd0499d033681e87b07c3c6de1e44045ec953ac082cc10a19b5d988d482ee1e319b2bd975efb582686810826667e110392407f369192 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 498603cecc097302d65c6a64216bb5a6 |
| SHA1 | a7c09f325db432b9ff4cce3f81a28078e99323e6 |
| SHA256 | ba7f771c72fd640ecaadfe4d495f2473b97efed95196fa3973e77b9d7c458bba |
| SHA512 | 3ae4dc965eb5da8fcc3214398d63c75e4c169c09832dfa2b74cb481f5882f141cdd3ea7d55f95096f194d4de64d0dc72e117255631a3c12600c92ac465b68905 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\166F2232D21D568AF4700252B7B75E876BF9C981
| MD5 | fab3638662ec43239207853ac710ef6a |
| SHA1 | d21e17be24e44623432a18a2ee2d035e9d77186c |
| SHA256 | 7241a05a4eed0c3646f7ed372f53b6ee1bf59377eca7811281f26d576406d76d |
| SHA512 | 7072291f012b1e5a56ffd756aea088a07f20090b9249984e2ede11bfcc41c0b5695ed3e90c05e88fca5f93701ffebbe725e3b79ac47d9e4e0b2b37b9decb7fa8 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 983e455e1a5cf9278f333008803a4ae7 |
| SHA1 | 28138319458fe0b61b5507dfdfab0890b5604c84 |
| SHA256 | 9353c855c7415668c810dc9eb137459c664bffae0886374a0dd82c8c9551e108 |
| SHA512 | 90de61d6c4124295bc3a97e61f5654daded0376443ecb5e3a2c2e8f1b266f3542ddfcef24a362c61e1020391124f9a0c2edbdc223ea2779218e9529d9e6668eb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\doomed\5098
| MD5 | 48fb2074d4a2fa3175321db9b004f313 |
| SHA1 | ce7baf4f9318d29428dab077941aef4bcf16e08d |
| SHA256 | 296f9fa908159ea1a744360c195e03c6e02a39b2843ce03c4e6046b19a427e34 |
| SHA512 | e4b57ed088f01531b25884f4cf3a6e66b60a3f437342ae9b57a5722b71723b7782b1d560d782995f01d1666a7d486b6cd38065c71ffe14079158a2a51911aecb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\A876C8AF86717633E6E46572013B957E820A5E24
| MD5 | 3b86e6ec424d9dadb7e4e79b245301bb |
| SHA1 | c5f2c46fb92267c618b24866f2debc461cee240e |
| SHA256 | 1d2044ac88e70d75a5da34793a5374e602fc9d5e45fbbc03135bd4e4c5051baf |
| SHA512 | 0363277da22bc5bf5117956d0c54ea703a4e686f75502c5009432bfb68bb15b607e70a3dfdd98e3cfae766625b6de56fe4ec43b8e379787906fd9c4946b96b14 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\A46D51BECA890537F78D7CB4340616581CFDB8ED
| MD5 | 615446520d3fd6828e79d3f9840a89d1 |
| SHA1 | d8c0b5e9823a72bc5e75f773391cf6732ef7a524 |
| SHA256 | a4a1c9deed2b3f23a7a32911a05d4c2e120b3e8c593b162bf4572c72af99480c |
| SHA512 | 2f9d60eaf46719111128d2e77b43d934746972e12f1c608f44f33d5dc37fca3473f959c26803d1a696a2c0ac3b9636ffc271f5d5c8caa19914120299bab02e0f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\9E8A0AC0C07480C226400E47F9ECFF67DFDEBF49
| MD5 | 879611d3abfaced5ea8118cee7c85061 |
| SHA1 | bc25129b3a5c62f7a5e5316a8a886d62eff499d5 |
| SHA256 | cbb66ba95b92179c34755c9d45fbae6c88e4b6af40abfd14bf17137bd761706c |
| SHA512 | 40b671fdbc9be87df8a3c8f6f21db141446e72fd67740cb5995363c30642ecb64959f4b4fc30e0994684d56597bfd315682cf67ac32a328e12c88799c5ed2ee2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\AC5B4849CAB26A6FF5E0D69715FFD2D5203EA01F
| MD5 | 7acc8fad7319ebca74e368929824c26a |
| SHA1 | c720bc14aafa31bed2dc5477e414bb1e42237b81 |
| SHA256 | 9e864061a4d9753b11537d29001f9ebe88f68f0701ccc14aa0c589680935fe16 |
| SHA512 | 2dbe78b8a40d71e1bdda39abd81adaf3fefecd9581aac6339639cbbb29004c92dd0a16c7777d164c174cb31ae096f6000ee1d8b30f26e05dd07f116e37d86f27 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\8A5BE08BF91162B9F253B1E330A44AE52D4CD7F4
| MD5 | 621ca3ba494e27ab5e71153519a0f460 |
| SHA1 | 572097713bbf724a46914f71ce9ae8ca8119d883 |
| SHA256 | fee94794f629d4fc4549099b4377ab5a7a0d6853cf48e30cf91ec0525762a44e |
| SHA512 | 0252e39e372911f4edd812fe565eba036b70e045f43951ffd0b1ef6888c36cdc37b1d71e9ddeade73441e8166285389b6fdb2d699d2073934c1cfba976f47992 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\36BCFA23A4D04A528CE70EF12214E3995E132134
| MD5 | 1fd351be492a6315a3537d0b75d0f680 |
| SHA1 | 386126bfa57e7d1c5d3e085fa4d7148267c400c2 |
| SHA256 | e32e64cc259c1997df2ad2e271ddb52513079104a1d6ac114caa40199a856b15 |
| SHA512 | 8a98f2cc50a1ad20ccd80023cf7c684578d45cf71a583593da3fe470633a7f83a69bb9d34d6db59b6c12181ed2e381d4c294f5c98f500e4f8b3e9b44e26b74e4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\F27E0CDCD1C7E6F6CED7F2BE71ED722173C6CCAB
| MD5 | 761a80a450ee5ba7fcbfae0d353c12f5 |
| SHA1 | ef29c0a1cd6a027e88025a9a447cff04a77d0e99 |
| SHA256 | e24f1652f6323cb479df94da775b2349f7d24524a193efeaa9f254973ab8ca46 |
| SHA512 | f21042608aa14dcc30b18dd2a7a2a4420bed14c4719d5614f6c43cfcbf8ef79414a64a92fbe7717ed834d0c1b3b5ad92838be7ba8b971ef2a314e46c5fb51011 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\050DB43D78BBC79DCD9ADCBAE96500FE04597F1B
| MD5 | 8fb13b7e827a4897d9f77a8866896085 |
| SHA1 | fd5d91b9fe2362241f4945859805ca8e2ad9779c |
| SHA256 | 0d614d1484ea0a5d829964b4b7eebea5a66c67679188a586d93f06bd37b8776f |
| SHA512 | 11fc88b4274a387a1284d9b3fb6a255e412243dab8fcfdc279425d138298a01a0919e01e59315f5cf28695af9b29a24bd583922ea5dd66240f261eb9bab9a988 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\1BF06C048882D4D5EEAD933E44EADBE654BE1596
| MD5 | 44a2c1cf9805588376ee0cfca2fcc8f4 |
| SHA1 | 2cf208512978de73f5a2569cb3c3b2831c8a7479 |
| SHA256 | 2604378d2fa91648486893c76650400e0cd6c3a5000d492408e8285a51c666e5 |
| SHA512 | 870ac304bcc668fdb47c6ccc52ad19e62dc92ef17abb31b30ae373aaad7731de8017a6e73f233cbf59e0d7b850fc99d9e441dc5c55fdf90724c6737057115486 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\E26D78C91E87E8383E1058E9DE7D351AA1CBF079
| MD5 | 4a16994b573ca9c7efcf5491001fe864 |
| SHA1 | 1185610063afd6861b46ce34a26d27124689f5f0 |
| SHA256 | f34cf9045347479e8334458e2bc2e0384b5b695d825f73fda6fce8b1e354c919 |
| SHA512 | 6eaeecdd824dd1aa7dd713471f00c024c376df0a0070c2eec2e07f5c79faf4f298ecf0c2553067004e0b7d6881e0e2ee2a8b16e79c6d4e7d13da628748dfcfbf |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\A8E47B072B0AC840B97407FAE4959230E27DA529
| MD5 | bc9576af439af863c2d50787a91845d5 |
| SHA1 | 26cefa9a5ac3e01380641dbe09481bab0ea4443a |
| SHA256 | fc6203d091f82be71a1b9e6c5bb30979a36e9143d720e74157aa381b8d8ab1a0 |
| SHA512 | 4ccf783956fde0a1a1ec1a33d5120e90e91741c403d83e6834fe5cc4333798d8fb6273c4f6dff0632b42253fff71f9fea1c78b03a72e253ae7b7418f0af25a8a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\20F73306D8FE983BD19EF69698384E8A7DDA51D7
| MD5 | 3064819207d499579eab1f964c31f6db |
| SHA1 | 9c03cc5ae77067e854743419c2af415475a52e68 |
| SHA256 | ed7a617760a7bd726ef833cb693a451f6d65335d5c3e47dc8730f82a9a497d02 |
| SHA512 | 0d9dda6ff329d38faace5416bd837852fe36b3c95a21282f8c98e1451f0a6b20cd7db280988337b8b93f71c87e38f929d23ee8634866333afc8283760de57697 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\739025F062E977A263D0043D9E01EE529DEBBEB9
| MD5 | edd5a2119f209f024ae2657d8deaa0c8 |
| SHA1 | fd42708ee821ee4ea798f8b28f2b9b90fd164ecc |
| SHA256 | f8642405136aa7d7d1de24cbbc60f2f3dcd2cf0d31cf7b66877495a30fcff22b |
| SHA512 | 8a67fde7926e04f26f4da1a340577e649519b1959aacff4d2cbec1f3d1a50d545278ddb9668ef3cb1028b8b3d74019177e025790a0c5ba4cdcaa571bb07d53c7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\3CD97724EBF47B50AE59221DC942CCA5EE96ED82
| MD5 | c4247e1a76c103de58ee1514c6f3d5ef |
| SHA1 | 9ac63ed09140f7fbd187e23c2a9fb6ba89e015a7 |
| SHA256 | 86df918d1e76d2a14bb7930f3232389d1c157d8efd155931eee3cf5d834abf0e |
| SHA512 | c56fae9d53441a4dee53908f28015b0adb3a7c6628267511339cbc41974ee36090c5bc7499b99f8b4a97e0eddadcfc5492dd3a12f0c81a2d02885b155979ab44 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\5A20400468C7D442A06D4DF8C68E50B72EEA1126
| MD5 | a2a1edbf5b054399ba5ee25eaff5bdd3 |
| SHA1 | 20bf8a19d442d07b0a4d5077169391c06c517e67 |
| SHA256 | 91bc86329a6dd28c399e143f1ad24b9fc980e6d6a29350ff11d138af2a673d7d |
| SHA512 | 3bfb82917e672b935ca27b6750ed411164efafbf6a7cc005e4e6ba7cdf0eee1747d08c45306efd384c5c55cca1eb40be9e61c03d641507e0f053a9dcaf892c67 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\3377C5065A4D36A8F4F11921BE1C101F621E6C25
| MD5 | 3cd3dc24b7367b28b2dc5fb3098e4c5c |
| SHA1 | cbfd667b758d1e36a7425ca44982261627391504 |
| SHA256 | 092e6b0b21d2695b41fcc63848af4e66f6c89fa6545d2fda85a72d4c6e0f49f3 |
| SHA512 | f9917bc4495751cfa97d897b53add25f61f8c8db6fdd64397ec2031d798c7b16622de8a9231558665a0622d70af3f9f4d3301191a7b00db73a01cd38ae00f38a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\D650AE16FF1E3AC7B6DEEC7F9E98084CF18338BF
| MD5 | e63b2afe3af0c1d6e0ebc8cb821ed2d7 |
| SHA1 | d1ea4b5b7c68ab29c5647569bf5c3bc02d39e2e3 |
| SHA256 | da12bf9a3df4bfdc8b381f6baa521159686032fb935e49667b7f0bb945e6584e |
| SHA512 | 2a08d23fdadcf85128b262669a077f7666a0ee8975e03a9801cd6e6f597dff33ecf8384f0a98e45462914492f234e39448a53d2f2e2d706ad30ed672ec9c7da0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\D6D249995A7FEE26FD401EF0955C685621C6FB57
| MD5 | 4f675ae3c1caef9a76a4173c660c592b |
| SHA1 | 54f41ca8e3dcd64c68ea578770ab87356087bee6 |
| SHA256 | 8d8144d5344805c355062e6aff823b52c553b06f22684dc778d184a4757550c2 |
| SHA512 | fb73091370f2b15d1f8298b0315d9f9425d2c05dcbfafc69cd2723faf0b7a6a8c1f1ac7a71aacee57d1c146251caec17a7cf252bd816c3bf3041e1efe1d3204f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\70C1DC7320110748439C8F1520CE59BA5C55EDC9
| MD5 | 4d8d18b0533e24069645d539546e76d5 |
| SHA1 | 46c01996027899c5becd447d35b286f1adb3959f |
| SHA256 | 8452c4d1325cba422621929756a527780de46aea2b51860f5952772b40e58c43 |
| SHA512 | 97f1e3273cfd2c353b9bc349a2c6e8e0d491fe8570b10db37877142ad1218c1fb4783d2c7c4a46238cba022500831e1bc7c7c5523a8545dd26e8ef7f3d29b311 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\D8EC8B540329FEF508F5644360410DF65508CEC9
| MD5 | 140697b220be8acd3d86c61cc1e8c024 |
| SHA1 | b0d815aef350d884f5b5c526aa2ac86aa4ce10f2 |
| SHA256 | a3afe949129368c0cb10b7a335ed284a6c03b287b5aa49b68f4c816ca19c7035 |
| SHA512 | 7b9853b74bac96c94ab7343eff948e03d3b253a921cb55907c8c0905e7dc97fe7a7be359e4a3329b3afc308db6ea1f75fe565ead1c535ded414995b951239014 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\B0FF637B84EAF2B26DF51D25397864488E98043A
| MD5 | d5c0f7ae6604f197c1c9fa0f251ba3dc |
| SHA1 | 3fd475f2901686208fcdc1a258eda5e9ca76267d |
| SHA256 | c659749b2f08c08f3b1d8ec251e7c49cd833f081dbdce70d295febc12ea003e2 |
| SHA512 | 7b02cfca3ac050eb3238ac7f156f05451f57ab52aaacac736544316aff473647c8bf25e07032c67f5e062a2669092ed3814ddeb3f7ff20f31e5aa5b22f00d87e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | 20fc0dfa12c8aa38a0aa65d203849669 |
| SHA1 | fd8f68105925b632b63dadeed5b3f02268a2976b |
| SHA256 | e6da5e4f95149eebb8d4eb614ad877daf94825aca0994fe2031e9da87c9835fb |
| SHA512 | 8ce770023c0984652c6348f2644e69174aff06bf89e903765c675bf7d48fdc007eb5590ae3deb22634ca6a30975a72d24abd0f06b61a4cd665004fa92ab3204c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5f794e1e740f5786d245b4966a8b01ed |
| SHA1 | cd17ff1e4cfcfca6729b46e2f7549bc7ebf2b0ca |
| SHA256 | 03f4a091068ebe581b59f2040d5341d24fcf3028d9d74630c2a8de9db9fd7dd6 |
| SHA512 | e2bbd2cd54aade9ff232e2ffebe49719ab1c61718f7e4dd32f91f4a59eb063910a7fc474afce0681c8a74daf866254b337f0d85bcb95ababf90e8a4aefc339fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | ed85b8619f3956a72c8438cabb2855ca |
| SHA1 | 970676066c6bfa50538ffc29d49618331afbe872 |
| SHA256 | 8015e01542bb8d39eaafebed378508282c2546121a74458c4e4de6d16049e2ab |
| SHA512 | 96194ee113245b56f4f826dce209e471013cf652ad4136b0ea377c7af4bcbf020b9fe2f097a51dcd1e200a08c1299e3b673b411e08ff31bce16cb3be69e96a3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0ef40184247f2a37ea075b6cf5bef0b7 |
| SHA1 | d0ab48f3dcd487485c9a91c46388f40e0d11c078 |
| SHA256 | a7b05a73c41c5abca8b11623a404acef12aa77834ad196f4aacfe2aa701d5f91 |
| SHA512 | 9e9aba3ae659f00a5518f17976dba64c5a3160384d83370ce32e9bd204b879c789b261b287012d9cdde11ccd39fbf1774900ceaed9d3156d8dcc8831107ca0b0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\sessionstore-backups\recovery.jsonlz4
| MD5 | b7614bcb8a6bec2d5ba9125f3e6ec55a |
| SHA1 | 0005dd26b43a603944893ea33e31de8a438230e1 |
| SHA256 | 804a103d9af1d6e03b9bfb637df4a406ff281b9c7fea96a6fec06890a56368b3 |
| SHA512 | f9bafe4f3f6158947334888ad64dae5d7d86d9cc16a642e39b8b2ed1ff4ee0496d67372f6a60690ece09b6d91db8ae2ad290d66069f284b3b0a072ef8f8114e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | 5bba73a15985e6cf8d994b9afbc54576 |
| SHA1 | 697f662d9ffe6ce440758af929de2618e08eb48c |
| SHA256 | 860d3f681f9677a1a4ae6a8b48ed8ac7f6a498d200eeeb04c14afd7331d904ab |
| SHA512 | 85f5acd67479883cd5048508ca00c898acf6991b8eb07b30c1500156b0b416c451920c0efdaf9b67c5100c02ef4f86ee4333e565a4982ddd80f52a35123290ef |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\datareporting\glean\pending_pings\b98e7621-44cb-4e27-baf1-b5190ccae3bb
| MD5 | 21154afb414105c344c021fdda4c467d |
| SHA1 | 4c245ce815d8887b12dc04aeab2fb021417c0015 |
| SHA256 | dfdcaf4794960f7030cabb73496e566783b073c1f0b07893b338e2639804349e |
| SHA512 | e92c3942f797780b2c18aa217d52857237046bdfa7082f2ced478a9f810af5623b27ee2eec01a8b4522bfc266d1cc3bfbcb34cc23368fb7930f00cf3f8e73612 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\datareporting\glean\pending_pings\d565a2d9-e24f-4ccb-9ae1-b94a198d0761
| MD5 | cd8768b05ddf5882db7149e66c37b7f2 |
| SHA1 | 02609d5734ae9e49e8b23472a4691e1a324f37f5 |
| SHA256 | 4c76c871e9a304edeb26f349fc1674aea4bc7bf7e469fad11f7aa22675e40421 |
| SHA512 | efe263554b5683a2f024356859153533dd4b1cbd1c17058ea02a7d20858e3e85c63bb6194be74681bd387e353d049dcc404991ed5187369231474df3326a6536 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1d82d9ca13849293eec33bbec18fb8b0 |
| SHA1 | 1048b567bf15bf16fdfa4d0106c44263ac7d9e97 |
| SHA256 | de5a4002243359f2e75dd2ed5500cfc94e6aa541176f381f5575af60aae43d1f |
| SHA512 | c2b3b75005228ef49b248ee16fb57b6ca415ddc109dd845fba7187fca383a08bccbe4200afcdd092c1d4f3d66f5bda51e8d90d3ec2d32157fd0ee964b6b676f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8f9f581bd92b09c8fc99fd78dcb32ee9 |
| SHA1 | 136d0df85215cce9b738835b6dae4f0c9c72469c |
| SHA256 | 741f423f2ab1abac3102d9ce155f4bde9de1a10fd0be5101778bd46f67602971 |
| SHA512 | 8602c8d2c520e6d2a6ca1c5db18d59dae89c0675ca0b5db5bc2442129a942239f5c6f6cbc108e9374068437bdd98bdb8f11360317289638ae3afc2e69b71eaaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 85cf18c894e5e47a79c064a716c61da5 |
| SHA1 | b056df9c87a42a29527dd3f9b0f05004e3a26150 |
| SHA256 | 11883c241e88f0637b19791d491955ba005d3072ecf52f7eca79516d939da15d |
| SHA512 | 4630f9d37d418ad13ff4626f928d8e533a3aa0641b97e96dc622cdf8cbbf262ec9ef1f8148e568551f3549949ffc26bfd2b18d98376b90669ecdc1fc7db5b1e2 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\cache2\entries\2A01E51A2293F46A16BB9F63AD51E1FE119046CF
| MD5 | 30097b7e12e2653bd08b902a56c62c16 |
| SHA1 | 7991f456406297a89500e8a7dbfce81e3f612d71 |
| SHA256 | cbbf6b103115f333f380761f462b07fdcd95b8afd5f8ba8dd65be496c9ad15bb |
| SHA512 | ea8cb9cec930426b5d4db2145bb6318a42981fedf036c13569d71cec92d9bbc89fb02642300cc39293e8e04d4da9310a4223085efa87d34455b2bd68da345b45 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\sessionstore.jsonlz4
| MD5 | 73ec44f10c9f9b49707b103a3863060c |
| SHA1 | 05783955572a903c30bb673dcb224fd03a1c1f98 |
| SHA256 | c0145e6393f5033ef158baefacfa8c4f3e7fd9493d384a279d6809bf8ed95a3f |
| SHA512 | 43ab8adb91b7d8908c3cc69c0a999be38d923ccf7200cc602c2452babbec106f9c5d7745f2eeff99c2d7830e17f3ef28251284cc7bb610819a8cb2360e74d81b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | eb5e96b95ed4b6b914fe67f133800c5e |
| SHA1 | 62edac7f1c39ddb20f80afb327439a7ef23f680d |
| SHA256 | e26eb41eead146559c7cf000887258bc02ea2f14df6e960735882bc674ce3240 |
| SHA512 | 8a0dcf745f4e434a9a9ae08e1643010e7a9992774ce8b13bb4a8accd598d8567300b96970961c1914610317d0781c26c43878e8738e10d9c58918e6550a72fc6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e774525e2ab4a9ee42286bc68d05982a |
| SHA1 | 2d28a84afcb344764deed34949319d656ced2276 |
| SHA256 | 3da1832583a3d220d21204d684aad5c1b2eb399af720beaad873b1d4c914386b |
| SHA512 | 220b32fabe860e9f9957ba3a5601be2c87426627a5e31b8ced5cd7f3ae67f47ab94b7ff6613e988b72fad5895c882e1ed419e4ad0512d7f336638f3b60142a08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6e366ad87395352eb6d6a5b715ecdba4 |
| SHA1 | dc5fab54df603d5f1b44b7f02b3365d346b27302 |
| SHA256 | 5e38fc1053bbf62046d7a075ef175b924004121c6e233a8e1394e07531ce12c2 |
| SHA512 | d0af8a57068980d3b96f31cec11ff1f9e673b7104a2e6555d5385bd8c2de83112039b91d23ec14eac9202d4220fa4ea11c27cb7a641df09a22dd249197944be9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 18fb91f409dda5e40a9004d55b07868c |
| SHA1 | 2c58283800a91111cd6d21546629afd9cf8f4551 |
| SHA256 | 69e67c48da69db419de96d837e209c2cf7a43b22ea1d2bf6d4811688f249e8b6 |
| SHA512 | b91de59a976c11686f0a55ac33e87a0d731eb93cab541707c0e350cd1f6691d4defbc0bb3f603055b48fb46d01af274b50714bf38a4659245287df4aeb627dc3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b47a973751e3f0044c95a9774a8f3d91 |
| SHA1 | 059e0074fec6d0a2bcba13cd05afcbacd1aa3877 |
| SHA256 | a828e5732e42dfe39b6418e0d1626c0d14f0373983e4a27317084f163914fd6d |
| SHA512 | e87ac72acf52c09e4008e6cdca948120c17457355aace8d29ebabf7a4736435a99e747fd1b40d42123d61beb5b24105a30e31901a3c9bc9f1cc3e73891ca18af |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\sessionCheckpoints.json.tmp
| MD5 | ea8b62857dfdbd3d0be7d7e4a954ec9a |
| SHA1 | b43bc4b3ea206a02ef8f63d5bfad0c96bf2a3b2a |
| SHA256 | 792955295ae9c382986222c6731c5870bd0e921e7f7e34cc4615f5cd67f225da |
| SHA512 | 076ee83534f42563046d25086166f82e1a3ec61840c113aec67abe2d8195daa247d827d0c54e7e8f8a1bbf2d082a3763577587e84342ec160ff97905243e6d19 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\sessionCheckpoints.json.tmp
| MD5 | c4ab2ee59ca41b6d6a6ea911f35bdc00 |
| SHA1 | 5942cd6505fc8a9daba403b082067e1cdefdfbc4 |
| SHA256 | 00ad9799527c3fd21f3a85012565eae817490f3e0d417413bf9567bb5909f6a2 |
| SHA512 | 71ea16900479e6af161e0aad08c8d1e9ded5868a8d848e7647272f3002e2f2013e16382b677abe3c6f17792a26293b9e27ec78e16f00bd24ba3d21072bd1cae2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\datareporting\glean\pending_pings\c002b038-69a8-4659-a08f-745f112ce5a0
| MD5 | ad436f6842c5c1d5209450151506d410 |
| SHA1 | 80ee9e6cefd95168ac480c2310b3c26712e0718e |
| SHA256 | 50e3b32461e83e84efdb542d703a2d4801d77a0595576c3cbb0a0df45786dfa2 |
| SHA512 | 61c21503651810e3bc2116266b0f3d045e8a8475153de6b4ca1535a41fdee84951df641cac6e47d1f83e807ad03a6880bdb140442b84c7d7bb52b007c7b6f4d1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\datareporting\glean\pending_pings\9860ae32-9b80-40c1-bb0d-ec23577a533b
| MD5 | b07af8a5561025fc2e2791692a820d1b |
| SHA1 | bf65b79da1a85861fa8b881aa82e8336f3f87a3a |
| SHA256 | da8ce4170dae182b6e6d58a46af09a09d268d0e298d0f0c0e6bca4889f1a067d |
| SHA512 | bb0e94e9df84d8387d822ce07dc0e12b756501304a5f3fe0f6d1c1791acc009e019cf91486a071d0ac74e30b291f4c5b5f8f68eaa2453920e5247a78f32a34e1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\datareporting\glean\db\data.safe.bin
| MD5 | 450e377ff581d903443c47ae6c1644b1 |
| SHA1 | 885e20d6c67e220e3d23e756ed52dda69a893415 |
| SHA256 | 63e3338042114bd4e093fb5e4a4d48c89099e973573911e8133d2efd9f5af3b6 |
| SHA512 | a695c521bb0150fc5c716e3119e852ba66ca503cfc30162e0b1ea7680c99dfddda2cc0054ddb67c1b2d23b15143f14fb9a04ab61edd71d25c8e8c4e332db7f4d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ubtcfhsb.default-release\prefs-1.js
| MD5 | 4a40dc40a958b08a01f1719cf69c9c1e |
| SHA1 | 7da1fbc55917a70c5075f1c3d8ef62febe957e3f |
| SHA256 | ee1c65525ac9d33b62d9932ebcfec41eb9865e619f8e60d2b93ec2cd7055e6d3 |
| SHA512 | a9471ecb65a7dc2cfee11d036d1e9cd0378577ae47ed4a74148b207c934dda21d9ac2bff6c7607afdcfb9b2957682d87c9dfc2f6d05bfc98bc766132df167fbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 678bfa09a189f5f78cfa600743bf17fc |
| SHA1 | ca1c2d47892bcb296a9b7ad79f73ce106dd0b3e5 |
| SHA256 | 4505d30a3a78a80395dfd5753d10570d09496255c0dd6ed0cc6294e0fc41d898 |
| SHA512 | e0b593fc8474a35252cbc5ee46ac1fc89dd0607d29a4d301ca114d9a5323aa0d5bb09061fa7dd4b808a62979686a5769ab2d9d5a7ecafd409e9aa8bf58d03d92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5df64e953e69cb4e935ef72f15bf3a58 |
| SHA1 | c9c3b5b0ffb491fc6e75d9b567b943863ceb4853 |
| SHA256 | a163cdcd82a27f8d710100ecc131f3c67e69946773f0e13e3668b8d1ad3e16e2 |
| SHA512 | 9351e05207eb2195ac1a872b06a04af888b4a918211c1dac3c58838caa6f89e9bc8de5ad585f4d73fdcc70c01005ad532fff0d108818291ad568673a59379150 |