Malware Analysis Report

2025-08-05 20:46

Sample ID 240302-2911tsac4v
Target Clicker - TobiaszGaming.exe
SHA256 976790c0cee5b9a2a264fdaadc28de45827047ae2448ee3be6df7fbde7baadd9
Tags
persistence
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

976790c0cee5b9a2a264fdaadc28de45827047ae2448ee3be6df7fbde7baadd9

Threat Level: Likely malicious

The file Clicker - TobiaszGaming.exe was found to be: Likely malicious.

Malicious Activity Summary

persistence

Modifies Installed Components in the registry

Registers COM server for autorun

Drops file in System32 directory

Drops file in Windows directory

Unsigned PE

Enumerates system info in registry

Suspicious behavior: GetForegroundWindowSpam

Modifies registry class

Suspicious use of SetWindowsHookEx

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-03-02 23:17

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-03-02 23:17

Reported

2024-03-02 23:20

Platform

win10v2004-20240226-en

Max time kernel

137s

Max time network

132s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe"

Signatures

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Key deleted \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000\SOFTWARE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS\{8A69D345-D564-463C-AFF1-A69D9E530F96} C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LOCALSERVER32 C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\Recovery\ReAgent.xml C:\Windows\system32\bootim.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Panther\UnattendGC\setupact.log C:\Windows\system32\bootim.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setuperr.log C:\Windows\system32\bootim.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagerr.xml C:\Windows\system32\bootim.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagwrn.xml C:\Windows\system32\bootim.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "156" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" C:\Windows\system32\LogonUI.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3001#immutable1 = "Sync files between your computer and network folders" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Rev = "0" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{D674391B-52D9-4E07-834E-67C98610F39D}\IconSize = "16" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-100#immutable1 = "Recover copies of your files backed up in Windows 7" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-2#immutable1 = "Protect your PC using BitLocker Drive Encryption." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-51#immutable1 = "Date and Time" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-301#immutable1 = "Configure your audio devices or change the sound scheme for your computer." C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-2#immutable1 = "Manage your Windows credentials." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-102#immutable1 = "Keyboard" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\netcenter.dll,-2#immutable1 = "Check network status, change network settings and set preferences for sharing files and printers." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-2#immutable1 = "View information about your computer, and change settings for hardware, performance, and remote connections." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-300#immutable1 = "Sound" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-2#immutable1 = "Conserve energy or maximize performance by choosing how your computer manages power." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-2#immutable1 = "Configure how speech recognition works on your computer." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-103#immutable1 = "Customize your keyboard settings, such as the cursor blink rate and the character repeat rate." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-10#immutable1 = "Ease of Access Center" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12123#immutable1 = "Set firewall security options to help protect your computer from hackers and malicious software." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-3#immutable1 = "Region" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByDirection = "1" C:\Windows\explorer.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\ChromeHTML C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-10#immutable1 = "Choose which programs you want Windows to use for activities like web browsing, editing photos, sending e-mail, and playing music." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-602#immutable1 = "Change how Windows indexes to search faster" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-101#immutable1 = "Backup and Restore (Windows 7)" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-1#immutable1 = "System" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByKey:PID = "0" C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 0c0001008421de39080000000000 C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-983155329-280873152-1838004294-1000\{DE0FE95B-91C7-433E-BCB5-FC0FFB3534B3} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-1000#immutable1 = "Devices and Printers" C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-2#immutable1 = "Change user account settings and passwords for people who share this computer." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-101#immutable1 = "Customize your mouse settings, such as the button configuration, double-click speed, mouse pointers, and motion speed." C:\Windows\explorer.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{708860E0-F641-4611-8895-7D867DD3675B} C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0 C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CHROMEHTML\APPLICATION C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15301#immutable1 = "Manage your RemoteApp and Desktop Connections" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Windows\explorer.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8} C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\ChromeHTML\shell C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-601#immutable1 = "Indexing Options" C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-2#immutable1 = "Customize settings for the display of languages, numbers, times, and dates." C:\Windows\explorer.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD} C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\colorcpl.exe,-6#immutable1 = "Color Management" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-1#immutable1 = "Troubleshooting" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-45#immutable1 = "Make your computer easier to use." C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\MRUListEx = ffffffff C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f706806ee260aa0d7449371beb064c986830000 C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = ffffffff C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-1#immutable1 = "Power Options" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12122#immutable1 = "Windows Defender Firewall" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-4#immutable1 = "Device Manager" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3000#immutable1 = "Sync Center" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-15#immutable1 = "Troubleshoot and fix common computer problems." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-52#immutable1 = "File History" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 C:\Windows\explorer.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8} C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4312#immutable1 = "Internet Options" C:\Windows\explorer.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\system32\bootim.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Windows\explorer.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\explorer.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeBackupPrivilege N/A C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe N/A
Token: SeSystemEnvironmentPrivilege N/A C:\Windows\system32\bootim.exe N/A
Token: SeTakeOwnershipPrivilege N/A C:\Windows\system32\bootim.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4580 wrote to memory of 2356 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 2356 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 5068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4580 wrote to memory of 1872 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe

"C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbb15c46f8,0x7ffbb15c4708,0x7ffbb15c4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5412 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5412 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7360 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=7044 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7564 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8644 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9392 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9900 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9}

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --uninstall --system-level

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff6e4157688,0x7ff6e4157698,0x7ff6e41576a8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --uninstall

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffba3279758,0x7ffba3279768,0x7ffba3279778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1756,i,10557565382124001311,3484516652028774495,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=1756,i,10557565382124001311,3484516652028774495,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument microsoft-edge:https://support.google.com/chrome?p=chrome_uninstall_survey&crversion=106.0.5249.119&os=10.0.19041

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffbb15c46f8,0x7ffbb15c4708,0x7ffbb15c4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2000 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2740 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4068 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4068 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1

C:\Windows\system32\LogonUI.exe

"LogonUI.exe" /flags:0x4 /state0:0xa38dd855 /state1:0x41c64e6d

C:\Windows\system32\bootim.exe

bootim.exe /startpage:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.200:443 g.bing.com tcp
US 8.8.8.8:53 23.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 9.228.82.20.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 187.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 41.110.16.96.in-addr.arpa udp
GB 92.123.128.181:443 www.bing.com tcp
GB 92.123.128.181:443 www.bing.com tcp
US 8.8.8.8:53 181.128.123.92.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 www.speedtest.net udp
US 104.18.203.232:80 www.speedtest.net tcp
US 104.18.203.232:80 www.speedtest.net tcp
US 104.18.203.232:443 www.speedtest.net tcp
US 8.8.8.8:53 cdn.ziffstatic.com udp
US 8.8.8.8:53 b.cdnst.net udp
GB 2.16.153.162:443 cdn.ziffstatic.com tcp
US 151.101.2.219:443 b.cdnst.net tcp
US 151.101.2.219:443 b.cdnst.net tcp
US 151.101.2.219:443 b.cdnst.net tcp
US 151.101.2.219:443 b.cdnst.net tcp
US 8.8.8.8:53 219.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 232.203.18.104.in-addr.arpa udp
US 8.8.8.8:53 162.153.16.2.in-addr.arpa udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 cdn.cookielaw.org udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 104.18.131.236:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 172.217.169.34:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 cdn.static.zdbb.net udp
US 8.8.8.8:53 9.223.224.13.in-addr.arpa udp
US 8.8.8.8:53 232.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 236.131.18.104.in-addr.arpa udp
US 8.8.8.8:53 6.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
GB 92.123.26.32:443 cdn.static.zdbb.net tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 104.18.131.236:443 cdn.cookielaw.org tcp
GB 172.217.169.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 rp.liadm.com udp
US 54.86.142.225:443 rp.liadm.com tcp
US 8.8.8.8:53 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedlon.hyperoptic.com udp
US 8.8.8.8:53 speedtest.upp.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest.swishfibre.com.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 lon.host.speedtest.net.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net udp
US 8.8.8.8:53 lg-lon.fdcservers.net udp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 speedtest.noone.co.uk.prod.hosts.ooklaserver.net udp
GB 193.3.26.19:8080 speedtest.upp.com.prod.hosts.ooklaserver.net tcp
GB 45.92.46.45:8080 speedtest-1.london.network.youfibre.com.prod.hosts.ooklaserver.net tcp
GB 93.113.26.250:8080 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 95.87.111.214:8080 lon.host.speedtest.net.prod.hosts.ooklaserver.net tcp
GB 51.148.82.21:8080 speedtest02a.web.zen.net.uk.prod.hosts.ooklaserver.net tcp
GB 188.94.45.252:8080 speedtest.noone.co.uk.prod.hosts.ooklaserver.net tcp
GB 50.7.152.4:8080 lg-lon.fdcservers.net tcp
US 8.8.8.8:53 gurgle.speedtest.net udp
US 8.8.8.8:53 zdbb.net udp
US 151.101.2.219:443 b.cdnst.net tcp
US 3.232.250.157:443 gurgle.speedtest.net tcp
IE 52.209.62.127:443 zdbb.net tcp
US 8.8.8.8:53 34.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 32.26.123.92.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 225.142.86.54.in-addr.arpa udp
US 8.8.8.8:53 6.112.37.152.in-addr.arpa udp
US 8.8.8.8:53 252.101.10.45.in-addr.arpa udp
US 8.8.8.8:53 250.26.113.93.in-addr.arpa udp
US 8.8.8.8:53 19.26.3.193.in-addr.arpa udp
US 8.8.8.8:53 17.12.22.31.in-addr.arpa udp
US 8.8.8.8:53 45.46.92.45.in-addr.arpa udp
US 8.8.8.8:53 214.111.87.95.in-addr.arpa udp
US 8.8.8.8:53 252.45.94.188.in-addr.arpa udp
US 8.8.8.8:53 21.82.148.51.in-addr.arpa udp
US 8.8.8.8:53 4.152.7.50.in-addr.arpa udp
US 8.8.8.8:53 gurgle.zdbb.net udp
US 18.215.19.117:443 gurgle.zdbb.net tcp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 8.8.8.8:53 c2shb.pubgw.yahoo.com udp
US 8.8.8.8:53 ib.adnxs-simple.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 tags.bkrtx.com udp
US 8.8.8.8:53 jogger.zdbb.net udp
US 35.186.253.211:443 rtb.openx.net tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
DE 18.184.215.206:443 btlr.sharethrough.com tcp
DE 18.184.215.206:443 btlr.sharethrough.com tcp
DE 18.184.215.206:443 btlr.sharethrough.com tcp
DE 18.184.215.206:443 btlr.sharethrough.com tcp
DE 18.184.215.206:443 btlr.sharethrough.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
NL 185.89.210.20:443 ib.adnxs-simple.com tcp
DE 52.28.203.152:443 c2shb.pubgw.yahoo.com tcp
DE 52.28.203.152:443 c2shb.pubgw.yahoo.com tcp
DE 52.28.203.152:443 c2shb.pubgw.yahoo.com tcp
DE 52.28.203.152:443 c2shb.pubgw.yahoo.com tcp
DE 52.28.203.152:443 c2shb.pubgw.yahoo.com tcp
NL 213.19.162.21:443 fastlane.rubiconproject.com tcp
NL 213.19.162.21:443 fastlane.rubiconproject.com tcp
NL 213.19.162.21:443 fastlane.rubiconproject.com tcp
NL 213.19.162.21:443 fastlane.rubiconproject.com tcp
NL 213.19.162.21:443 fastlane.rubiconproject.com tcp
US 50.16.170.133:443 jogger.zdbb.net tcp
GB 23.207.215.130:443 tags.bkrtx.com tcp
US 8.8.8.8:53 cdn.krxd.net udp
US 151.101.2.133:443 cdn.krxd.net tcp
US 8.8.8.8:53 127.62.209.52.in-addr.arpa udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 157.250.232.3.in-addr.arpa udp
US 8.8.8.8:53 117.19.215.18.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 20.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 206.215.184.18.in-addr.arpa udp
US 8.8.8.8:53 21.162.19.213.in-addr.arpa udp
US 8.8.8.8:53 152.203.28.52.in-addr.arpa udp
US 8.8.8.8:53 privacyportal.onetrust.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 172.64.155.119:443 privacyportal.onetrust.com tcp
US 8.8.8.8:53 secure-us.imrworldwide.com udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
IE 54.229.27.244:443 secure-us.imrworldwide.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 stags.bluekai.com udp
GB 216.58.204.67:443 www.google.co.uk tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
GB 2.19.169.14:443 stags.bluekai.com tcp
BE 66.102.1.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 11b3e3d762e42b21bb08d287ed40dc25.safeframe.googlesyndication.com udp
GB 216.58.204.65:443 11b3e3d762e42b21bb08d287ed40dc25.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 cdn-gl.imrworldwide.com udp
GB 108.156.46.26:443 cdn-gl.imrworldwide.com tcp
GB 216.58.204.67:443 www.google.co.uk udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 bee.imrworldwide.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 108.156.46.27:443 bee.imrworldwide.com tcp
GB 216.58.212.193:443 tpc.googlesyndication.com tcp
GB 216.58.212.193:443 tpc.googlesyndication.com udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 130.215.207.23.in-addr.arpa udp
US 8.8.8.8:53 133.170.16.50.in-addr.arpa udp
US 8.8.8.8:53 133.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 244.27.229.54.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 157.1.102.66.in-addr.arpa udp
US 8.8.8.8:53 65.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.169.19.2.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 26.46.156.108.in-addr.arpa udp
US 8.8.8.8:53 228.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 193.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 27.46.156.108.in-addr.arpa udp
US 8.8.8.8:53 kqyqyf0kv4qzfmrbt259frpzgflf51709421510.nuid.imrworldwide.com udp
GB 216.137.44.109:443 kqyqyf0kv4qzfmrbt259frpzgflf51709421510.nuid.imrworldwide.com tcp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
GB 142.250.180.1:443 cdn.ampproject.org tcp
US 8.8.8.8:53 static.criteo.net udp
NL 178.250.1.3:443 static.criteo.net tcp
GB 216.58.212.193:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 109.44.137.216.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 gum.criteo.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 dnacdn.net udp
GB 172.217.169.34:443 securepubads.g.doubleclick.net udp
GB 142.250.179.226:443 googleads.g.doubleclick.net tcp
NL 185.235.87.99:443 gem.gbc.criteo.com tcp
NL 185.235.87.47:443 ag.gbc.criteo.com tcp
FR 178.250.7.13:443 dnacdn.net tcp
GB 142.250.179.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 198.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 99.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 47.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 ookla-d.openx.net udp
US 8.8.8.8:53 idx.liadm.com udp
US 172.64.149.180:443 js-sec.indexww.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
US 34.98.64.218:443 ookla-d.openx.net tcp
GB 96.16.109.9:443 ads.pubmatic.com tcp
DE 162.19.138.83:443 id5-sync.com tcp
US 34.239.212.226:443 idx.liadm.com tcp
GB 2.17.5.216:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 213.19.162.80:443 token.rubiconproject.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 83.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 216.5.17.2.in-addr.arpa udp
US 8.8.8.8:53 9.109.16.96.in-addr.arpa udp
US 8.8.8.8:53 226.212.239.34.in-addr.arpa udp
US 8.8.8.8:53 120.33.95.141.in-addr.arpa udp
US 8.8.8.8:53 80.162.19.213.in-addr.arpa udp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 93.113.26.250:8080 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 152.37.112.6:8080 speedlon.hyperoptic.com tcp
GB 45.10.101.252:8080 speedtest.boxbroadband.co.uk.prod.hosts.ooklaserver.net tcp
GB 93.113.26.250:8080 speedtest.thn.lon.network.as201838.net.prod.hosts.ooklaserver.net tcp
GB 31.22.12.17:8080 speedtest.swishfibre.com.prod.hosts.ooklaserver.net tcp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 134.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 92.123.128.161:443 th.bing.com tcp
GB 92.123.128.149:443 th.bing.com tcp
GB 92.123.128.149:443 th.bing.com tcp
GB 92.123.128.161:443 th.bing.com tcp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 161.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 149.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.74:443 login.microsoftonline.com tcp
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 namemc.com udp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 104.22.78.227:443 namemc.com tcp
US 104.22.78.227:443 namemc.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 96.17.179.205:80 apps.identrust.com tcp
US 8.8.8.8:53 s.namemc.com udp
US 8.8.8.8:53 cdn.consentmanager.mgr.consensu.org udp
US 8.8.8.8:53 kumo.network-n.com udp
GB 143.244.38.136:443 kumo.network-n.com tcp
US 8.8.8.8:53 code.jquery.com udp
US 104.22.78.227:443 s.namemc.com tcp
US 151.101.2.137:443 code.jquery.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 d322cqt584bo4o.cloudfront.net udp
US 8.8.8.8:53 platform.twitter.com udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
GB 199.232.56.157:443 platform.twitter.com tcp
GB 18.165.227.38:443 d322cqt584bo4o.cloudfront.net tcp
US 8.8.8.8:53 227.78.22.104.in-addr.arpa udp
US 8.8.8.8:53 205.179.17.96.in-addr.arpa udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 137.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 157.56.232.199.in-addr.arpa udp
US 8.8.8.8:53 38.227.165.18.in-addr.arpa udp
GB 143.244.38.136:443 kumo.network-n.com tcp
US 8.8.8.8:53 static.kueezrtb.com udp
US 8.8.8.8:53 z.moatads.com udp
US 104.22.34.123:443 static.kueezrtb.com tcp
US 8.8.8.8:53 cdn.privacy-mgmt.com udp
GB 96.16.109.251:443 z.moatads.com tcp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 boot.pbstck.com udp
US 8.8.8.8:53 static.anonymised.io udp
US 8.8.8.8:53 tg1.aniview.com udp
GB 18.244.179.121:443 cdn.privacy-mgmt.com tcp
US 172.67.41.60:443 btloader.com tcp
US 34.107.217.107:443 static.anonymised.io tcp
US 172.67.25.151:443 boot.pbstck.com tcp
GB 95.100.246.12:443 tg1.aniview.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net udp
US 104.22.34.123:443 static.kueezrtb.com tcp
US 8.8.8.8:53 track.kueezrtb.com udp
US 8.8.8.8:53 gtrack.kueezrtb.com udp
US 8.8.8.8:53 syndication.twitter.com udp
US 34.107.217.107:443 static.anonymised.io udp
US 104.22.35.123:443 gtrack.kueezrtb.com tcp
US 104.244.42.72:443 syndication.twitter.com tcp
US 104.22.34.123:443 gtrack.kueezrtb.com tcp
US 8.8.8.8:53 ad-delivery.net udp
GB 18.244.179.121:443 cdn.privacy-mgmt.com tcp
US 8.8.8.8:53 cdn.pbstck.com udp
US 104.26.2.70:443 ad-delivery.net tcp
US 104.26.2.70:443 ad-delivery.net tcp
US 130.211.23.194:443 api.btloader.com tcp
US 104.22.0.93:443 cdn.pbstck.com tcp
US 104.22.0.93:443 cdn.pbstck.com tcp
US 8.8.8.8:53 u.kueezrtb.com udp
US 8.8.8.8:53 material.anonymised.io udp
US 8.8.8.8:53 aegis.anonymised.io udp
US 8.8.8.8:53 player.avplayer.com udp
US 8.8.8.8:53 feed.avplayer.com udp
US 8.8.8.8:53 track1.aniview.com udp
US 34.117.250.57:443 material.anonymised.io tcp
US 8.8.8.8:53 intake.pbstck.com udp
US 130.211.23.194:443 api.btloader.com udp
US 34.107.217.107:443 aegis.anonymised.io tcp
US 96.46.186.186:443 track1.aniview.com tcp
GB 95.101.143.160:443 feed.avplayer.com tcp
GB 104.91.71.145:443 player.avplayer.com tcp
US 34.117.250.57:443 material.anonymised.io udp
US 34.107.217.107:443 aegis.anonymised.io udp
US 8.8.8.8:53 mb.moatads.com udp
GB 132.226.214.62:443 mb.moatads.com tcp
US 8.8.8.8:53 123.34.22.104.in-addr.arpa udp
US 8.8.8.8:53 60.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 107.217.107.34.in-addr.arpa udp
US 8.8.8.8:53 121.179.244.18.in-addr.arpa udp
US 8.8.8.8:53 151.25.67.172.in-addr.arpa udp
US 8.8.8.8:53 251.109.16.96.in-addr.arpa udp
US 8.8.8.8:53 12.246.100.95.in-addr.arpa udp
US 8.8.8.8:53 72.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 123.35.22.104.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 70.2.26.104.in-addr.arpa udp
US 8.8.8.8:53 93.0.22.104.in-addr.arpa udp
US 8.8.8.8:53 57.250.117.34.in-addr.arpa udp
US 8.8.8.8:53 145.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 160.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 186.186.46.96.in-addr.arpa udp
US 8.8.8.8:53 cdn.syndication.twimg.com udp
PL 93.184.220.70:443 cdn.syndication.twimg.com tcp
US 8.8.8.8:53 pbs.twimg.com udp
US 8.8.8.8:53 62.214.226.132.in-addr.arpa udp
US 8.8.8.8:53 70.220.184.93.in-addr.arpa udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
NL 185.89.210.20:443 ib.adnxs-simple.com tcp
US 35.186.253.211:443 rtb.openx.net udp
NL 178.250.1.8:443 bidder.criteo.com tcp
DE 18.184.215.206:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 secure.quantserve.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 pre.ads.justpremium.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 exchange.kueezrtb.com udp
US 8.8.8.8:53 hb.yellowblue.io udp
NL 213.19.162.21:443 fastlane.rubiconproject.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 tag.wknd.ai udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
GB 18.165.201.58:443 sb.scorecardresearch.com tcp
DE 52.29.248.8:443 tlx.3lift.com tcp
US 104.18.34.178:443 mp.4dex.io tcp
DE 91.228.74.251:443 secure.quantserve.com tcp
DE 3.124.161.171:443 pre.ads.justpremium.com tcp
GB 52.84.90.86:443 config.aps.amazon-adsystem.com tcp
IE 52.209.39.79:443 ap.lijit.com tcp
US 34.120.63.153:443 prebid.media.net tcp
US 147.182.142.170:443 exchange.kueezrtb.com tcp
US 147.182.142.170:443 exchange.kueezrtb.com tcp
US 147.182.142.170:443 exchange.kueezrtb.com tcp
US 147.182.142.170:443 exchange.kueezrtb.com tcp
US 34.120.253.250:443 tag.wknd.ai tcp
IE 52.50.112.109:443 hb.yellowblue.io tcp
GB 2.19.152.155:443 secure.cdn.fastclick.net tcp
GB 18.154.77.98:443 aax.amazon-adsystem.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.22.52.173:443 cdn.hadronid.net tcp
US 104.26.8.169:443 script.4dex.io tcp
GB 18.165.201.38:443 tags.crwdcntrl.net tcp
US 172.67.38.106:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 api.bounceexchange.com udp
US 8.8.8.8:53 assets.bounceexchange.com udp
US 104.26.8.169:443 script.4dex.io tcp
US 34.111.8.32:443 api.bounceexchange.com tcp
US 8.8.8.8:53 events.bouncex.net udp
DE 91.228.74.251:443 secure.quantserve.com tcp
IE 52.209.39.79:443 ap.lijit.com tcp
US 34.98.72.95:443 assets.bounceexchange.com tcp
GB 18.154.77.98:443 aax.amazon-adsystem.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 34.98.72.95:443 assets.bounceexchange.com udp
US 104.22.4.69:443 id.hadron.ad.gt tcp
IE 34.246.36.174:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 rules.quantcount.com udp
GB 18.245.187.38:443 rules.quantcount.com tcp
US 8.8.8.8:53 ed88d1eea085af4a6e463984ce2038c4.safeframe.googlesyndication.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
IE 54.239.33.159:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 a.ad.gt udp
US 104.22.4.69:443 a.ad.gt tcp
US 34.111.8.32:443 events.bouncex.net tcp
US 34.111.8.32:443 events.bouncex.net tcp
US 8.8.8.8:53 58.201.165.18.in-addr.arpa udp
US 8.8.8.8:53 178.34.18.104.in-addr.arpa udp
US 8.8.8.8:53 86.90.84.52.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 250.253.120.34.in-addr.arpa udp
US 8.8.8.8:53 8.248.29.52.in-addr.arpa udp
US 8.8.8.8:53 171.161.124.3.in-addr.arpa udp
US 8.8.8.8:53 169.8.26.104.in-addr.arpa udp
US 8.8.8.8:53 38.201.165.18.in-addr.arpa udp
US 8.8.8.8:53 109.112.50.52.in-addr.arpa udp
US 8.8.8.8:53 173.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 155.152.19.2.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 8.8.8.8:53 32.8.111.34.in-addr.arpa udp
US 8.8.8.8:53 170.142.182.147.in-addr.arpa udp
US 8.8.8.8:53 95.72.98.34.in-addr.arpa udp
US 8.8.8.8:53 79.39.209.52.in-addr.arpa udp
US 8.8.8.8:53 251.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 98.77.154.18.in-addr.arpa udp
US 8.8.8.8:53 174.36.246.34.in-addr.arpa udp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
US 8.8.8.8:53 159.33.239.54.in-addr.arpa udp
US 8.8.8.8:53 38.187.245.18.in-addr.arpa udp
GB 142.250.180.1:443 cdn.ampproject.org udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 34.111.8.32:443 events.bouncex.net udp
GB 23.215.239.190:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 contextual-analytics.wunderkind.co udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 80.77.87.162:443 cs.admanmedia.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 190.239.215.23.in-addr.arpa udp
US 8.8.8.8:53 162.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 sync.admanmedia.com udp
US 8.2.110.17:443 sync.admanmedia.com tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 104.22.0.93:443 intake.pbstck.com tcp
US 8.8.8.8:53 image6.pubmatic.com udp
GB 185.64.190.78:443 image6.pubmatic.com tcp
US 8.8.8.8:53 17.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 78.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.17.2.184:443 challenges.cloudflare.com tcp
US 104.17.2.184:443 challenges.cloudflare.com tcp
US 8.8.8.8:53 184.2.17.104.in-addr.arpa udp
US 8.8.8.8:53 cdn.consentmanager.mgr.consensu.org udp
FR 178.250.7.13:443 dnacdn.net tcp
NL 185.235.87.47:443 ag.gbc.criteo.com tcp
NL 185.235.87.99:443 gem.gbc.criteo.com tcp
DE 18.184.215.206:443 btlr.sharethrough.com tcp
US 34.120.63.153:443 prebid.media.net udp
US 8.8.8.8:53 ib.adnxs.com udp
NL 185.89.210.244:443 ib.adnxs.com tcp
US 34.111.8.32:443 contextual-analytics.wunderkind.co udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
NL 89.149.192.245:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 244.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 u.4dex.io udp
US 8.8.8.8:53 x.bidswitch.net udp
US 34.149.40.38:443 u.4dex.io tcp
NL 89.149.192.200:443 rtb-csync.smartadserver.com tcp
NL 89.149.192.200:443 rtb-csync.smartadserver.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 89.149.192.200:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 s.amazon-adsystem.com udp
GB 142.250.187.226:443 cm.g.doubleclick.net tcp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 a845820c3884a5589ccf0cf4d81f8c26.safeframe.googlesyndication.com udp
GB 142.250.187.226:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 csync.smilewanted.com udp
US 104.22.69.131:443 csync.smilewanted.com tcp
US 8.8.8.8:53 ads.us.e-planning.net udp
NL 193.3.178.4:443 ads.us.e-planning.net tcp
US 151.101.1.229:443 cdn.jsdelivr.net udp
US 8.8.8.8:53 245.192.149.89.in-addr.arpa udp
US 8.8.8.8:53 38.40.149.34.in-addr.arpa udp
US 8.8.8.8:53 200.192.149.89.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 91.130.46.52.in-addr.arpa udp
US 8.8.8.8:53 131.69.22.104.in-addr.arpa udp
US 8.8.8.8:53 4.178.3.193.in-addr.arpa udp
GB 216.58.212.193:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 qsearch-a.akamaihd.net udp
US 8.8.8.8:53 cdn-geuw1-xch.media.net udp
US 8.8.8.8:53 hblg.media.net udp
US 8.8.8.8:53 warp.media.net udp
GB 95.100.244.20:443 warp.media.net tcp
GB 95.100.244.20:443 warp.media.net tcp
GB 95.100.244.20:443 warp.media.net tcp
GB 95.100.244.20:443 warp.media.net tcp
GB 88.221.134.90:443 qsearch-a.akamaihd.net tcp
GB 104.91.71.145:443 player.avplayer.com tcp
US 8.8.8.8:53 s0.2mdn.net udp
GB 142.250.179.230:443 s0.2mdn.net tcp
GB 88.221.134.90:443 qsearch-a.akamaihd.net tcp
US 8.8.8.8:53 20.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 90.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 230.179.250.142.in-addr.arpa udp
GB 142.250.179.230:443 s0.2mdn.net udp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 content1.avplayer.com udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
GB 104.91.71.139:443 content1.avplayer.com tcp
GB 142.250.178.2:443 googleads4.g.doubleclick.net tcp
GB 172.217.169.34:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 go1.aniview.com udp
GB 142.250.178.2:443 googleads4.g.doubleclick.net udp
US 173.0.146.6:443 go1.aniview.com tcp
US 8.8.8.8:53 139.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 6.146.0.173.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 u.openx.net udp
FR 154.54.250.150:443 ads.stickyadstv.com tcp
FR 154.54.250.150:443 ads.stickyadstv.com tcp
US 8.8.8.8:53 cs.krushmedia.com udp
US 8.8.8.8:53 inv-nets.admixer.net udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 8.8.8.8:53 secure.adnxs.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
GB 104.91.71.139:443 content1.avplayer.com udp
US 35.244.159.8:443 u.openx.net udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
DE 116.202.167.133:443 inv-nets.admixer.net tcp
US 8.8.8.8:53 sync.aniview.com udp
US 8.2.110.134:443 cs.krushmedia.com tcp
DE 37.252.171.149:443 secure.adnxs.com tcp
US 96.46.186.182:443 sync.aniview.com tcp
US 96.46.186.182:443 sync.aniview.com tcp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 sync.kueezrtb.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 96.46.186.182:443 sync.aniview.com tcp
US 96.46.186.182:443 sync.aniview.com tcp
US 13.248.245.213:443 eb2.3lift.com tcp
US 96.46.186.182:443 sync.aniview.com tcp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 networkn-d.openx.net udp
GB 96.16.108.246:443 acdn.adnxs.com tcp
GB 2.17.4.21:443 contextual.media.net tcp
US 142.93.124.30:443 sync.kueezrtb.com tcp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 api.rlcdn.com udp
US 52.223.40.198:443 match.adsrvr.org tcp
US 34.120.133.55:443 api.rlcdn.com tcp
US 96.46.186.176:443 s2s.aniview.com tcp
US 8.8.8.8:53 150.250.54.154.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 133.167.202.116.in-addr.arpa udp
US 8.8.8.8:53 149.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 134.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 182.186.46.96.in-addr.arpa udp
US 8.8.8.8:53 213.245.248.13.in-addr.arpa udp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
NL 213.19.162.80:443 token.rubiconproject.com tcp
US 8.8.8.8:53 rtb.gumgum.com udp
US 8.8.8.8:53 21.4.17.2.in-addr.arpa udp
US 8.8.8.8:53 246.108.16.96.in-addr.arpa udp
US 8.8.8.8:53 30.124.93.142.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 176.186.46.96.in-addr.arpa udp
IE 52.211.35.42:443 rtb.gumgum.com tcp
IE 52.211.35.42:443 rtb.gumgum.com tcp
US 8.8.8.8:53 imasdk.googleapis.com udp
GB 142.250.180.10:443 imasdk.googleapis.com tcp
GB 142.250.180.10:443 imasdk.googleapis.com udp
US 8.8.8.8:53 42.35.211.52.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 match.justpremium.com udp
US 8.8.8.8:53 c1.adform.net udp
DK 37.157.3.20:443 c1.adform.net tcp
US 8.8.8.8:53 pubads.g.doubleclick.net udp
US 8.8.8.8:53 csi.gstatic.com udp
US 216.239.32.3:443 csi.gstatic.com tcp
US 8.8.8.8:53 track1.avplayer.com udp
US 96.46.186.15:443 track1.avplayer.com tcp
US 8.8.8.8:53 tg.socdm.com udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
JP 211.120.53.204:443 tg.socdm.com tcp
IE 34.254.110.70:443 pr-bh.ybp.yahoo.com tcp
US 54.205.227.51:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 20.3.157.37.in-addr.arpa udp
US 8.8.8.8:53 3.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 sync.ipredictive.com udp
US 52.87.49.60:443 sync.ipredictive.com tcp
US 8.8.8.8:53 usersync.gumgum.com udp
IE 34.247.233.198:443 usersync.gumgum.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
JP 211.120.53.204:443 tg.socdm.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 216.239.32.3:443 csi.gstatic.com udp
US 8.8.8.8:53 15.186.46.96.in-addr.arpa udp
US 8.8.8.8:53 70.110.254.34.in-addr.arpa udp
US 8.8.8.8:53 51.227.205.54.in-addr.arpa udp
US 8.8.8.8:53 60.49.87.52.in-addr.arpa udp
US 8.8.8.8:53 198.233.247.34.in-addr.arpa udp
US 8.8.8.8:53 204.53.120.211.in-addr.arpa udp
US 8.8.8.8:53 prebid-server.rubiconproject.com udp
DE 18.184.215.206:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 prg.smartadserver.com udp
US 8.8.8.8:53 targeting.unrulymedia.com udp
NL 213.19.162.71:443 prebid-server.rubiconproject.com tcp
NL 46.228.174.115:443 targeting.unrulymedia.com tcp
NL 81.17.55.113:443 prg.smartadserver.com tcp
US 8.8.8.8:53 onetag-sys.com udp
DE 51.89.9.253:443 onetag-sys.com tcp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
DE 51.89.9.253:443 onetag-sys.com udp
US 8.8.8.8:53 t.adx.opera.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 34.149.40.38:443 u.4dex.io udp
US 8.8.8.8:53 71.162.19.213.in-addr.arpa udp
US 8.8.8.8:53 115.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 113.55.17.81.in-addr.arpa udp
US 8.8.8.8:53 253.9.89.51.in-addr.arpa udp
NL 213.19.162.90:443 pixel.rubiconproject.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
FR 5.135.209.100:443 ssbsync-global.smartadserver.com tcp
NL 213.19.162.80:443 pixel.rubiconproject.com tcp
US 216.200.232.249:443 sync.mathtag.com tcp
DE 3.69.82.17:443 rtb.mfadsrvr.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 8.8.8.8:53 aniview-d.openx.net udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 b1sync.zemanta.com tcp
US 192.132.33.67:443 bttrack.com tcp
IE 52.30.150.129:443 ad.360yield.com tcp
US 8.8.8.8:53 wt.rqtrk.eu udp
US 8.8.8.8:53 match.sharethrough.com udp
US 64.74.236.95:443 b1sync.zemanta.com tcp
DE 57.129.18.121:443 wt.rqtrk.eu tcp
DE 52.57.57.202:443 match.sharethrough.com tcp
DE 52.57.57.202:443 match.sharethrough.com tcp
US 8.8.8.8:53 90.162.19.213.in-addr.arpa udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 100.209.135.5.in-addr.arpa udp
US 8.8.8.8:53 17.82.69.3.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 249.232.200.216.in-addr.arpa udp
US 8.8.8.8:53 129.150.30.52.in-addr.arpa udp
US 8.8.8.8:53 67.33.132.192.in-addr.arpa udp
US 64.74.236.95:443 b1sync.zemanta.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
NL 213.19.162.90:443 pixel.rubiconproject.com tcp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 ice.360yield.com udp
NL 35.214.247.195:443 csync.loopme.me tcp
IE 52.19.9.47:443 ice.360yield.com tcp
US 8.8.8.8:53 121.18.129.57.in-addr.arpa udp
US 8.8.8.8:53 202.57.57.52.in-addr.arpa udp
US 8.8.8.8:53 95.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 195.247.214.35.in-addr.arpa udp
US 8.8.8.8:53 47.9.19.52.in-addr.arpa udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.8.8.8:53 ade.googlesyndication.com udp
US 8.8.8.8:53 cdn.consentmanager.mgr.consensu.org udp
FR 178.250.7.13:443 dnacdn.net tcp
NL 185.235.87.47:443 ag.gbc.criteo.com tcp
NL 185.235.87.99:443 gem.gbc.criteo.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
DE 18.184.215.206:443 btlr.sharethrough.com tcp
NL 213.19.162.21:443 fastlane.rubiconproject.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 ed22e35de65ad6dfb07322d90532a38f.safeframe.googlesyndication.com udp
US 8.8.8.8:53 us.ck-ie.com udp
US 8.2.110.97:443 us.ck-ie.com tcp
US 8.8.8.8:53 ce.lijit.com udp
IE 54.216.78.237:443 ce.lijit.com tcp
DE 37.252.171.149:443 secure.adnxs.com tcp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
US 8.8.8.8:53 237.78.216.54.in-addr.arpa udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 ads.yieldmo.com udp
IE 52.211.253.53:443 ads.yieldmo.com tcp
US 54.205.227.51:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 53.253.211.52.in-addr.arpa udp
US 8.8.8.8:53 22.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 support.google.com udp
GB 142.250.187.206:443 support.google.com tcp
GB 142.250.187.206:443 support.google.com udp
GB 172.217.16.228:443 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 tools.google.com udp
GB 216.58.204.78:443 tools.google.com tcp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
GB 216.58.213.14:443 apis.google.com tcp
GB 216.58.213.14:443 apis.google.com udp
US 8.8.8.8:53 feedback-pa.clients6.google.com udp
GB 142.250.178.10:443 feedback-pa.clients6.google.com tcp
GB 172.217.16.228:443 www.google.com udp
GB 142.250.178.10:443 feedback-pa.clients6.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 scone-pa.clients6.google.com udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 gstatic.com udp
GB 142.250.200.35:443 gstatic.com tcp
US 8.8.8.8:53 35.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 cxcs.microsoft.net udp
GB 2.20.37.224:443 cxcs.microsoft.net tcp
GB 92.123.128.146:443 www.bing.com tcp
US 8.8.8.8:53 146.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 224.37.20.2.in-addr.arpa udp
US 8.8.8.8:53 14.173.189.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9f44d6f922f830d04d7463189045a5a3
SHA1 2e9ae7188ab8f88078e83ba7f42a11a2c421cb1c
SHA256 0ae5cf8b49bc34fafe9f86734c8121b631bad52a1424c1dd2caa05781032334a
SHA512 7c1825eaefcc7b97bae31eeff031899300b175222de14000283e296e9b44680c8b3885a4ed5d78fd8dfee93333cd7289347b95a62bf11f751c4ca47772cf987d

\??\pipe\LOCAL\crashpad_4580_CXAUQDQPMTBGMMLS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 7740a919423ddc469647f8fdd981324d
SHA1 c1bc3f834507e4940a0b7594e34c4b83bbea7cda
SHA256 bdd4adaa418d40558ab033ac0005fd6c2312d5f1f7fdf8b0e186fe1d65d78221
SHA512 7ad98d5d089808d9a707d577e76e809a223d3007778a672734d0a607c2c3ac5f93bc72adb6e6c7f878a577d3a1e69a16d0cd871eb6f58b8d88e2ea25f77d87b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5812ceca356a483e4a8b0de6f4030f26
SHA1 80826265c9f179bfb0bf80fbc2197196ad0ae0d0
SHA256 5abff6d8a432ca35c9b4d5ea693aeafd3c43c86df216ecd48ba70266331009c0
SHA512 acbcfcfacaaab55f754ff20d0ad8c249d377dfa42d3ec2aa8a9fb8aaf9eb7e4607e025f28ef4a9e89ab27c2bdc13142e79359168334093a54171d9a6bc921303

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4280314a0324c52d1beec1d2d1092dd9
SHA1 0585cafd1e665adb5faef8e8196854159d570d50
SHA256 3a87639b1dea71ba28309b416ac925cc2e77101b557e4275a8c737e2af05dad9
SHA512 09cf15366f6f188b43415abb3599ba7a49fe9cfe72f509a547a46006876e09ce84d9de5bc2a8e9a49405cb8d62b696bee0f9f95db95e9994500fb98c30482d2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ce5961a21a67e76d486a061e7f5392b5
SHA1 0066906a7241e09dd38bb9fc4e7e81db86023bec
SHA256 924b446e2b0d84360ca33b90e0e5d418936a55c130dff7d473a73664962afc97
SHA512 80bcb3513de6c7cc9cedf83019baa9561a648b6448198abeb9ea0109c8ea39c263c345cba49e142381fea07fae28e87d654206edc795c3ab8a008e30a30c15c9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7ce7ad251ae48d9390bfa9fe1cbefda6
SHA1 1c8822a476c7857714fd6614dd7e6f1a3dff7469
SHA256 c36cfa33b31e1799c22da13eadc25ea0ad5f43516e9f7065493a2033da2ea732
SHA512 bcef3cea44ad0dad25343aedac873a3cf7973a0d2da57dc1cc122edb9e7374db65a3c1155fcc7b10bcb2be2dbdec3daf646af38ac4ef204f04a5ed4ebf8fee38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 184d3e91eddf213fde9e6c5e665325a8
SHA1 96af1c7cde326fd1ef928f96e1ed0e6046c83e55
SHA256 c46c8d9dc27d9134428a643905d7779f0304f69396df64652e66122c1a455d71
SHA512 f822ab92070607dfcbb19c42fb05ec41d4663c5752c1aef00d847f92b0dc5201d89599d6ebfd852806fcb5e44a979693e2d36e243c06c9cf2477430cab665d5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e58d.TMP

MD5 5247bcfc19b7ef8f99a929b4992a60af
SHA1 bd97e47927b8daee04a12f33e420c03ecc4e91df
SHA256 355214979816868839f082d09613d945a47a82d713b580c9fa725347cefe1ab5
SHA512 b9ecbe9c49901fc7f3102e0516af846d2cb7ca47c7378fc6f366e0e63962ae39d73a6ebf64c73fe2b61b8d7dd9b2164f8509e82a6eb1db15daa5529f42ac0f98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9b9d182d562a6278b4c82ee94e9cb004
SHA1 ac6e042dba6af2d4a389f2035587ae863acb7e35
SHA256 fdd48617b34cd531c72677c526b3241bd6d29d042da22717e0630add85f2ec60
SHA512 0fc2acfa72692d026e5f3ae38b23c822a7076c08dae2bbbfaeb66837b579cc9733b02835b0c98b8c9981226c38c255b98c4ef0e444b6163e2ddf92f04bc0da8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 36bff9d87c8ac436e57e6ce027e8ed04
SHA1 ea0d38977b1d3390ad3129276f8f54b7705e0104
SHA256 7940e0727de31766073966f47e6d7ad53af46c08b8f0ffd4f74006b0117359c6
SHA512 f669281d502362b18121c96e4e493dc5fd519c3a30552857a51c7c60361cda6dcc31913ca322a7866336d151c090e1c5669c915b0a29d7cbb863b2d33540c19f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

MD5 f73705f1dde46fc0a28d89bfada19560
SHA1 1b11f47a604b40716767c12289aa36a1d22b8e8f
SHA256 bdf50fece9cf39818d0d7512a6a19b4f317f7e7f76c780ac976a442da86e37c3
SHA512 ac1ebc7297d717e5cbd948be58c702efa314ecacf3898ff5249d881d233533089dea49a105a7abb844d93fb1abc6d9ad9b402ece2e63e8573fc5ea9cc1bca247

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

MD5 2f29cf103c9da0bf9b4d0fea702f04e4
SHA1 8cad5f690c64a6e877fb2636a11047836ea558a3
SHA256 6917add9c9b53b1c6adc217ca75ec4850ab443aa394bf08283326186d19cb423
SHA512 b6c25d8942d64cd3a6bebaec70630a3e3f530dcbbcb714709c5e35935850fb928a9e7823b83a66571e351ad2ee76eebd1e0ddd61de022e273d8509b823070858

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056

MD5 d453eca18d366c4054d2efd57717cf9d
SHA1 c7b0dfc73bb89d8f0a94e2cde0eeba2b5e07d5c4
SHA256 be8f4fac2d40747a0adaecc6f1befe81b254a2b12bf25ce01d7194b374a457fc
SHA512 a6f770c9e4058e8c17f3f72a245f76075441e07507ef05d455108e1768ca2a93f851b92335b33c1de61cf941cf135b0be4698d3d551b54132b2d5c882fd34835

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

MD5 c15d33a9508923be839d315a999ab9c7
SHA1 d17f6e786a1464e13d4ec8e842f4eb121b103842
SHA256 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
SHA512 959490e7ae26d4821170482d302e8772dd641ffbbe08cfee47f3aa2d7b1126dccd6dec5f1448ca71a4a8602981966ef8790ae0077429857367a33718b5097d06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1fea1ec7ac7ec1f6c021e4e10b0a8939
SHA1 a775af997b1f75bc5782b95373c5bc536d3921ea
SHA256 b5aca83c35c346874b8b4e97fcb08f0be90e23f240d7e1f29609bf37eab6f13c
SHA512 424b9876540b7f4ad309268cdaf93c95d47515023ba9af4d72a16666075f6268a558ac1b30d022996f00e20eaeb655efd4a35b897349a2a2968a63917e236f1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0e9c0f60a42c3ef8d9c46c5be737fe7b
SHA1 14464789ad6f5d1b001b82d7ea75c13dd51826f4
SHA256 1ff90d233c74c485acd44bf2da2553cbd0690a4631086183f9ac925325bf5fde
SHA512 80d2eb9640b53456041173ac2eeb71ff79561b0bfa1549a7cf7f256bb2cdb96ca98a0ad9fbf33ec0e9c140ebd433a86dd6f46fc17ff3a5e9e5ac31303933f6c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c

MD5 bd277d6710263cbd9eed572248cb83b2
SHA1 2ee01929f87f04b766f04a9dc2e19860139f3a90
SHA256 8b96c5f204df1979e7452832ba595b20ee698b5ef9d334cb2342f6ca9a354f04
SHA512 cc79e88e39f54f7497600716db9d30e073edd4350fec8e4d58d427f8c194bc9532a108ac27d88e1bebbca0780a3fb02294d35a3b5acc8383344eacbafcaafc3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e

MD5 89a574ff00e6b0ec61d995d059ce6e65
SHA1 aea09e96808ab77165ffa712eaa58b8f056d0bb6
SHA256 e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44
SHA512 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d

MD5 748d1872b4494039155e243e2fec9e51
SHA1 d0e34135d545ff733d654d7f5dc7c8492e530210
SHA256 39f89ef640b071a2376ccf8f59677d3ff36fd097b825e4e4d060a7b828090695
SHA512 85f7b27c03c16fdba9d39ae3c1ae5ddf6e9c4f7a3e69eeca1c29f99b17f8e63783fb596bbf38fd02856f0c69f125aa480fd54260125719015d65ecfed94274cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 2c4e11f1dd7c68428d6264dde3905183
SHA1 8383cbc6741bdc648ef5f3aac9451143f0a0b91b
SHA256 8eddfb6115005dd9626e438fd970154c97f5d721904d507c94f0158f9c966af1
SHA512 03d8b034b592dd41cea1e40fb063f5460410e2d5ad37661300c1448734bdf309328ab49ec74b724baaa2236777548b08b59b40fd779a07ead28d5c706482118d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 9efa5823df2a18150e094e8327507da8
SHA1 949252af168a66baa0799428830c12782275f212
SHA256 b8067f516f3ad2dacbe59f783064c29fac154f84f501f6f07fde4e88d8b011ed
SHA512 ef552cd0682eb82e7064cbe444f936260abafa8aa1c09632d91770dbccf170fadd32b7fa518e62868f29ff3287ce1808b0ecd5c4c87bbad01eec26666fc67bcd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

MD5 cf1ef78c904c715dfd91b823a6af4dcc
SHA1 b53f441d3a5857546bdc8c421399a09ab159a6af
SHA256 82eb08a4b6967a90b9c4220d1d8025ec090d3d759b736f78224cb469174f86f4
SHA512 60cf4ed04725d11a11f27493a1ac063e69960a2777c354db1815bf4e117230e610b3e36792ff289d2979cdc3b3b4cf29e84b3c4047cc8234ae9684d2dd043165

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ab3db71c7649a39d5236a40f97d635e4
SHA1 80b4f21145844be0f164d84980b5c65f89be3782
SHA256 65cae17d6b83973bb030834cbf4211959c4927869432e6912674b6b20b5c6475
SHA512 e7cc1d9ed7f2a238af6e8d5a64002c523dbc2c30342cf2e318f969aa23dbc2a0ba7eec717949f5e7a6eef9638a3a6f54514dd202fe2e9f6a18c75c261d324c2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

MD5 5c32684542e22faa94d045720ea8420a
SHA1 b9a565a60d8226167b94d514d9c9c70838a971d4
SHA256 b9f94b85edb146d26d6f744a829d458709bbe9ce390bbc50a838bad8c39e3a79
SHA512 a1f5d678c09f93c1d41d3f5632fde006bd4c1ea1e0ed55fafbdf9a9ab476d4bd080644887b0cd5b24654964a3069be2831e49f4fb658f6a121a7a38e74a7f554

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

MD5 af94c65f2769a3aba95564fad18c1106
SHA1 460186fc66d52dd7f3bf9bdb825f95a17b27e9ac
SHA256 dc7e7a029f68958314b01a8d663065ab8b7fc14d100463fd76cdc43f390205f8
SHA512 2e1037b5bdea07f28d255e0c31179504c2511b1cc08ca79358e0a2ee562bb84a75e421d067910e38f64166a95fe6db48c0122b68f3e06b1b970e7c07cfc47be9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045

MD5 929993628fa6ac57c7a2694fa5f5d7ce
SHA1 20ac5a4faaaa5a87e3874724aa41ab8ccf8f92e7
SHA256 eba47d4a3e28d90785a6e2972840917c9f44151d6aca3279c992ced991ec3b41
SHA512 777aebb666e3947cbbce5fc1636fd4b12fc4f197bd4eae78ca739540e8556e10bb5fb81080c27d5bb2e65b0893e43cc004bc09047ba132691b9152eb2516a808

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

MD5 a771fc73613b56e8450448cb6ad29ed8
SHA1 07a9c54334c90849554df4b4ee8aa4e61b2f45e1
SHA256 b79d977a373c2b0c50bc6f7090f9d478645f6a8cf68c40f10185926802ec9fab
SHA512 a46baac5723760e790a297f49d0c15b692dd69263658ce5b027bd12f06da5a6b0a7b8dc8dfa93815fbbc6cd69906e6886d7a0a2b1091dcd49a6a53d4e15353b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

MD5 c314e5949c3a64b86160ff20243955ee
SHA1 e493abea7258bf8871048ce4ee71a2e9ed2c154e
SHA256 075d79c6f3debab7cd0e241df6559152677c6bfa873a4ac8c27ff531534799a7
SHA512 c0b81f352880860098282faf8044bdaad22795c3b9671e37f293ceafc4613752120d31a43f3e5150db76624bc6fd28c89c801b662b42ab71aebfc54c1dbfb06d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047

MD5 2edd402f579cb7ba111f83314e85dc37
SHA1 5e0ad84e150683808ad82d45118a4784a62896fe
SHA256 941147267ffca7cb70f30bdd2ea3c1308b3e230112c8a031d2e88f31674f2393
SHA512 31b50ef95b265eb0c64586006458282c89ae62ced99ace6a6335469d998285ff88138bc59bd90d9e440406f1fc9b41105cf0adc6a214fc85a1c4f08462d6377b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049

MD5 b11c29627af739a82589fa05ac56a2d0
SHA1 8f725d54d3700e3927ccc7dc3529baa6862249b2
SHA256 1df1ed387779f2875339a0303f2f6a98c303bb52bb911011a237d8b00221dd38
SHA512 20eee0fa314a7078cff271bc1b5fa871d48017134f011104b1376bc4f70b3218b48e40d9060d863dc29e8c513664fe218788346ec2f399a4f7f24076e73e24fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

MD5 42e7c85cb2dc4b9514a51a7d0557efec
SHA1 ec2d4fafcfbf5a262cf4b525c90be708de596547
SHA256 43ca7c2a78a7428df2d542d97cc93b3cf6f4b3af81f6aff115249fae42dc2e85
SHA512 1adbaa1cf29864c79452a94f80e610f7dfe14ebae9fba08893d5c07a0be1e0dcc1c6b94fb9592d52af41889fcb17139e50c2dcbec737c510d3cf08f65d6c87ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041

MD5 84fd9773f086a9b808482d9916fe70a5
SHA1 e66fc8571000ab9e82dcccc64cf7ee368d0b8ea5
SHA256 1ba8f38ebd055f4c6b109f7991ed267fe0952008af78b4cae4d569dd15cbe665
SHA512 cc80a10a554e26764f311078645329741c6aae4efa0e6ba384e63165ec23ba54f91ac998c9f843c14118b47c845503c1ba7ea5ada17d0aaadfe8f2817f4acd32

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040

MD5 983957d8d873d170d6e1a53983bf4b55
SHA1 1efbdf5ae419c9a1a61f1b8d5b83735d146e27f8
SHA256 7d4cb940aceb5dcf3286a45ddd9b1bfce9c93d94cc8a135846f1b1f005ae2cc2
SHA512 768f27cd67e3b5e344f60ca34a6fafb87b71c6350dd3d28983e6e3f7ce4c82d312bc0043921e69c4ce8b987b408ec1350d1b1cde94880b76b3484123cb8cbcf1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

MD5 144b7f4be6c93cf3d9859c0ad7d26d7a
SHA1 bc6e8daf31ce14bcca0aa2d6da0bd9c2515685ef
SHA256 2ca26e633b92afbbdca3909080374c44aa948eb19ffaf5b283e707fad8a87ac9
SHA512 a8f725d906c1855f51c79868a2e8ce1b699f6411cb2ec9ca054c4dce1ce86bda06b12eba64614d44038e7ffbdcaf415ce421486354d63c0a599b4a6a125ac247

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

MD5 c9e916390862543b54ad0ecae786305a
SHA1 77ace8d2e0d39dd87de0ff70d92e38ef2f97d1bd
SHA256 46079dad59a8ba4baeeeb9d212e5bc926512e81fb19a40bdce22c9edd7b30cba
SHA512 9f54e779896940bc4f6c0831e7e6573737670bdb53eaa1240748da6fdad2684f86a95d72ce921464fe57da2d6bf70d5fecaa15a62bec56ee38cb33c138198dc0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f

MD5 6bfe54db13e6705ca9ca287316eb58a0
SHA1 082b8403beae6b4a4bae5cd0e425c57478f5f8a5
SHA256 1eb7baaf77afba3f7c340f4167f0c5cdfbb6ae9d17d254b9af37e2ac671dbfc4
SHA512 b05c23c16665f224c7d88097e0f3bc61bd333d30733b46e0e3d11ca73ae3f722acc4353b0a06c615d78d02d1cccec8ffdd5e65b3004aba8c39503ccd171839ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

MD5 0f7891c04cd4b6ebb4f092c3224edff4
SHA1 21c5027c1768cbf25403398f74abc3fdfb330ad3
SHA256 d4d2d2466dec18bb19a46bbe8d9f4b8edde53b3a266f79087a5dc4fc844a3234
SHA512 a13cfae7639ef67497a4f9803f5475a7a511703089efc882855b9e16b6fde06a9570efdb370792ef83346c1af33699aacc0294892fbd4917a3cdf0fc62dc299f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051

MD5 af9af7871a811c16a2b3f9784b361d74
SHA1 1201aa7b9a8a15b786bbce02bbcb5f12f1c96acc
SHA256 0ba364dc77bd16bea50600b8159e0580de2d38d28f64a1673a2193818eb113b1
SHA512 426ea74958047d236735157ca80d49ee7120b5f39f7ca7e25bc43195215e175c02a4242e3a475a3f559d87bf2f630ab284f6cc1e1557d492c1464780145ba544

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073

MD5 12f0ed750edbcbadd6ea2bd0fee0e5e1
SHA1 7946d88aadec876bb4e2ffe52e0619b76c5f06d8
SHA256 1bb7bd8cd40ab3cdf3634ceb0e1457fdcc8e37ffc0f93159f0f7107170eb5b7b
SHA512 c8697e986fce94a6df13f99fa5a7c9237646226a3622ee1303be0486e59e1eebfc14b6515fba019a290204658fe4278d867674e59a2039df12ce306451db6de9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cbdfb45f7d7076cb76bcf17f66f4cbe0
SHA1 89ef89132773f158e9b200e7c479752773308a6d
SHA256 abf5a911403591a2260933e2295257a960a0459ba208ed5d520c04e125a7663b
SHA512 42277b46b1605113fb3707daa660567f4abafeec5fd690a8b61899f74a21bc3b2e6ac85069b79d1ffb22ea53994baa84e83bbec765d6f6e6d243a381a0fca5f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_namemc.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 838596dbd872af4b2aca25a7920fd406
SHA1 2cf025602d162c5771e0da68b5b8d871d4a8cd98
SHA256 8f0f3fa0fd47687d46462d682e8906d7b190ebc80d03ba7c3f0f4f489d18e752
SHA512 625723c5411e010abb411e8447651cfb816a200d86b52b2d672894bd4f42b290240ce6908125d353340defb47152b4927cb5a62c57b1af99eb6f1b54f36c22e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 22f40a8d2b5282977e1cb4d9e635ab06
SHA1 c2aaa97bbd4f2d974e269308a23e0a7cc8e0b126
SHA256 f0530a6ccaf1b9492e6c0b81f981f7898c70f9262536cf20d3dbb97caac77e32
SHA512 3cb2911c0a4d400e2ca1066d94911bbda758a14bddedcc85c40534573d35861c3c60cc457611ba6509f146f2e15e7727c745f244e79213fbebb1a30050f11b1e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1c4e553285b6647a2ea226d4eeee3072
SHA1 0ee00899b37ae3062fac16df7680926d66df019d
SHA256 c919532db4a675be545130481f265755ea1c07c6952ede083f47afe7c44844c4
SHA512 c38c9b1f38642d24a70d74ef244a06658f8695776b9b35d66ab4be62adf84a9a386e20f2289483ca04480c1840adc22b3912a49feb543394875fcc3950a23a91

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 abaaea4d531725fabdad238b3926a0d6
SHA1 91fcdd8591674eb32c9cadcad659b3f512371be4
SHA256 a2a2788c51f73ea80c23dc3e6d5b47befa38725cebd4608e8567b41279b7b273
SHA512 73be9eb378cb9df107d23b3be6b2015ef2a71b89b0197fbf12f71ee39572ac764a24831e87d2df174481c43c26e3b3446c0d918e0bdd1ba40716d7b2ad3f672f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 14b33ae99c8ee0db3b2cad3ec9c4e252
SHA1 74b500cb482b2c2e94456ba314ded1dfc9181c2c
SHA256 bec6cccaf6b04b6c08eec36447d6ac9584cde459b6f03a19dec3d1950bcfc0cd
SHA512 621a495b1c55ef5d2c39011265b2dec39b74e4e3519c7aae03200b669a320897796247cabe3c7f5d6becb41e6815068855693754b16b810cd5f5c266bc86cc43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 4a4642516bc6372d8579b9c3705ec3ef
SHA1 4353ec5ea33952ad03b1058dc5d1b39489695058
SHA256 d8e0273e0138799bc98ec2fab75cb21379f1ec7d9426b570fe0d7da120ba18c9
SHA512 528ea3d3d02d6c0b861bb2b8400fbc27af54524dee25e4ca12d713e1ac52722ceac32ebcdb429509d85e66adde29efe4cfbd314629c6c20ab13f778b4d0fae30

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 296ca2fc16f1322c385592699f153ac7
SHA1 523b919cc32bf4e081cf2a6e9dda64d22b4a8efe
SHA256 2041e8d6c1da8aec31875b5349f8a310e0b95aa5d9cc2479a2b680e528ab7f8c
SHA512 b3bcc4fcb8108ff265c4e25ba3743e76cf729f027f016c04c5f9603a0bbd792887bcc0c4aedef4e634a1544822796edfc94df69d0afe774437774aa1e215bf7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0823586d8a7bd005a0535fd024237fe8
SHA1 cfec06c71ef1057e0bb4487369baf4fdee29e5ce
SHA256 e0268fea510999a7f145de974c8966f2f2df93759128651195a81cf11bc917c4
SHA512 55154a5e4c55d9b44cfe6829100fe1654351ca8732a196d3a277365d46c17e16719229cfc3fb49ee9337e403a355f6a6e64995be90267b677356dc95890b61d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000089

MD5 032f97d15e951ecf1df389b8569d61ba
SHA1 3a3846c7f1bd8c39696a7688ff47c141a4899768
SHA256 03501b91ac299d943644c0efd601328bc25e9f4814cf7d7e9086f6f20f75bbac
SHA512 1979cc0b094a1a0f25e61b9f12a0d5baec8155d99990953762dc5c6f2cd308d8a0ae903c9f2b532fd5f3156176493fff968c10c712690fa25325ff74dd17bcbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fb2ee4736954f5c6f51e9a232d3f0511
SHA1 04248778cb1a14c3fb28d07c1982a1a27d52533b
SHA256 efa93ca676ca0a7eb41c95f73ce05a446f14b0f3bf1bbad85d16422c9049f778
SHA512 0db54feb36c9819836f25bb23a0252ece05be159f28130a01ae972570c2a7a9aad47ad85eaf7f3528475e24957e0b090c40c5e77f61b3d3d531b4b5b962ae19d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 887e3e7b3a034e5a7fdf439b2d936bef
SHA1 d5c936ead1de59bbc54e00fab152663fdc7de517
SHA256 309fcc3856babf98c3c62318466398c9042f7df5c214f7410ef2e79327ab0b2d
SHA512 e9e865383257c342b34bd8af636585fdefb4447abf5cd41dc57d0656adc73849c5b484bd412e18900ed954f4242381340550461961d7927efa059611f13005a5

C:\Windows\System32\Recovery\ReAgent.xml

MD5 6fd5b0fe99125289d97e3f641f5f6450
SHA1 ae506bf8bcdc35419d8f6cad39478af2a190a2fe
SHA256 68b5e93c47779d6d5ec230e848ef412df87eb2aba57463f79e09d50210c77a77
SHA512 6f363f92986cec7f476d03bbb879dcf75119cb5388985f117779e74b88c9fea1412988d6c4c12a6f5c0f1d5b649b4f00e59b970d2c7c0f8df7156d1ae174d554

Analysis: behavioral1

Detonation Overview

Submitted

2024-03-02 23:17

Reported

2024-03-02 23:20

Platform

win7-20240215-en

Max time kernel

121s

Max time network

121s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe

"C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe"

Network

N/A

Files

N/A