Malware Analysis Report

2025-08-11 02:18

Sample ID 240306-x6vx7afh83
Target sample
SHA256 fd7ee76fb41daed0ea2625f6376e73a53c661449818496b775c1080678850abd
Tags
discovery evasion persistence trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

fd7ee76fb41daed0ea2625f6376e73a53c661449818496b775c1080678850abd

Threat Level: Likely malicious

The file sample was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion persistence trojan

Sets file execution options in registry

Downloads MZ/PE file

Checks computer location settings

Loads dropped DLL

Registers COM server for autorun

Executes dropped EXE

Checks whether UAC is enabled

Checks installed software on the system

Checks system information in the registry

Suspicious use of NtCreateThreadExHideFromDebugger

Suspicious use of NtSetInformationThreadHideFromDebugger

Drops file in Program Files directory

Enumerates physical storage devices

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Modifies Internet Explorer settings

Modifies data under HKEY_USERS

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: AddClipboardFormatListener

Suspicious use of UnmapMainImage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-03-06 19:28

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-03-06 19:28

Reported

2024-03-06 19:59

Platform

win10v2004-20240226-en

Max time kernel

1800s

Max time network

1801s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html

Signatures

Downloads MZ/PE file

Sets file execution options in registry

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-983155329-280873152-1838004294-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\MicrosoftEdge_X64_122.0.2365.66.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Registers COM server for autorun

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.66\Locales\ta.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\MaterialGenerator\Materials\LeafyGrass.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\InspectMenu\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\PlayerList\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.66\Locales\ug.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\GameSettings\default_badge.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\VoiceChat\SpeakerNew\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\textures\ui\LuaApp\icons\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\textures\ui\LuaDiscussions\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.66\dxil.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\StudioToolbox\Tabs\Inventory.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Controls\DefaultController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\PlatformContent\pc\textures\sky\indoor512_rt.tex C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.66\Locales\id.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\TagEditor\VisibilityOnLightTheme.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\textures\ui\LuaApp\graphic\Auth\gradient_bg.jpg C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\textures\ui\LuaApp\graphic\Auth\vn_agebadge.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\textures\ui\LuaApp\icons\ic-blue-dot.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\AnimationEditor\image_keyframe_linear_unselected.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\StyleEditor\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\VoiceChat\MicLight\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.66\Trust Protection Lists\Mu\Cryptomining C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\sky\sun.jpg C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\AnimationEditor\btn_manage.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Settings\Players\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\PlatformContent\pc\textures\water\normal_05.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\textures\ui\LuaApp\ExternalSite\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\msedgeupdateres_ro.dll C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\TerrainEditor\select.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Controls\return.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\PlayerList\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_3x_11.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\textures\ui\LuaDiscussions\buttonStroke.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.66\Locales\sr.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\Debugger\Breakpoints\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\StudioToolbox\AssetConfig\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Settings\MenuBarIcons\PlayersTabIcon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.66\Locales\hi.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\particles\fire_alpha.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\scroll-middle.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Chat\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Controls\dpadUp.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Controls\DesignSystem\Thumbstick2Directional.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.66\Locales\fil.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ManageCollaborators\arrowRight_light.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\StudioToolbox\AssetPreview\Rejected.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Settings\Radial\RadialLabel.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_2x_3.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\DevConsole\Error.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\Controls\PlayStationController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\ui\PlayerList\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\PlatformContent\pc\textures\corrodedmetal\normal.dds C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\ExtraContent\textures\ui\LuaApp\ExternalSite\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\msedgeupdateres_ca.dll C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.66\identity_proxy\resources.pri C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\fonts\Creepster-Regular.ttf C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\content\textures\AnimationEditor\img_eventMarker_inner.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133542270167470071" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\MicrosoftEdgeUpdateBroker.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ = "ICurrentState" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService\CurVer\ = "MicrosoftEdgeUpdate.Update3COMClassService.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ = "IJobObserver" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ = "IAppCommand" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.ProcessLauncher\CurVer\ = "MicrosoftEdgeUpdate.ProcessLauncher.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachineFallback.1.0\CLSID\ = "{77857D02-7A25-4B67-9266-3E122A8F39E4}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ = "IGoogleUpdateCore" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine\CLSID\ = "{5F6A18BB-6231-424B-8242-19E5BB94F8ED}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ = "IProgressWndEvents" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CoreMachineClass\ = "Microsoft Edge Update Core Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\ProgID\ = "MicrosoftEdgeUpdate.Update3WebMachine.1.0" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E3D94CEB-EC11-46BE-8872-7DDCE37FABFA}\InprocHandler32\ThreadingModel = "Both" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell\open C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods\ = "9" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassSvc.1.0\ = "Microsoft Edge Update Legacy On Demand" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3624 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 2672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3612 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 3676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3624 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9c1489758,0x7ff9c1489768,0x7ff9c1489778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1760,i,11954377362742732365,11078704128609043559,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1760,i,11954377362742732365,11078704128609043559,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2212 --field-trial-handle=1760,i,11954377362742732365,11078704128609043559,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3056 --field-trial-handle=1760,i,11954377362742732365,11078704128609043559,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3076 --field-trial-handle=1760,i,11954377362742732365,11078704128609043559,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Windows\System32\WScript.exe

"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Desktop\HideConvertTo.vbs"

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9c1489758,0x7ff9c1489768,0x7ff9c1489778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1972 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3008 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3016 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4032 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5176 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5272 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5188 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff7647f7688,0x7ff7647f7698,0x7ff7647f76a8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5316 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2336 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5204 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1740 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5500 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3092 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=1520 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=964 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4544 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5304 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5032 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=2384 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5620 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4768 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=1084 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4452 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6044 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3164 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5184 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6180 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4828 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6456 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6380 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU81E0.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjZGRURENDktREY4QS00OTcxLTlCQjEtMUM5NkNCMjBBNDZGfSIgdXNlcmlkPSJ7QTI1N0E3MUItQjU4RC00Qjc4LTgwOTMtRDIwQjk5NEQ1QjkzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntGRTFFMjQ2OS00NDUwLTRERUQtQjVFNi02Rjk3QjM1QTIwOTl9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xODUuMTciIG5leHR2ZXJzaW9uPSIxLjMuMTcxLjM5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIj48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MzA3OTE4NTk1IiBpbnN0YWxsX3RpbWVfbXM9IjU0MyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{F6FEDD49-DF8A-4971-9BB1-1C96CB20A46F}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjZGRURENDktREY4QS00OTcxLTlCQjEtMUM5NkNCMjBBNDZGfSIgdXNlcmlkPSJ7QTI1N0E3MUItQjU4RC00Qjc4LTgwOTMtRDIwQjk5NEQ1QjkzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntENzE3OEFFOS02MEIxLTQ2ODAtQUZFMi1GNDU0NUMzMDFCNzF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEwNi4wLjUyNDkuMTE5IiBuZXh0dmVyc2lvbj0iMTA2LjAuNTI0OS4xMTkiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjMxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSI1IiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MzE2MjQ4ODU2Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\MicrosoftEdge_X64_122.0.2365.66.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\MicrosoftEdge_X64_122.0.2365.66.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\MicrosoftEdge_X64_122.0.2365.66.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.95 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{63AF8899-9799-4D31-B1A8-375E80D116E3}\EDGEMITMP_3A636.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.66 --initial-client-data=0x228,0x22c,0x230,0x204,0x234,0x7ff6a33b69a8,0x7ff6a33b69b4,0x7ff6a33b69c0

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjZGRURENDktREY4QS00OTcxLTlCQjEtMUM5NkNCMjBBNDZGfSIgdXNlcmlkPSJ7QTI1N0E3MUItQjU4RC00Qjc4LTgwOTMtRDIwQjk5NEQ1QjkzfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntERERDMTVDNy03NDIxLTQ2NzAtQjdCNy1GRDMwQUQ1Q0FFODd9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iREFEWSIgcHJvZHVjdF9uYW1lPSJTdGFuZGFyZCBQQyAoUTM1ICsgSUNIOSwgMjAwOSkiLz48ZXhwIGV0YWc9IiZxdW90O1ZQUW9QMUYrZnExNXdSemgxa1BMNFBNcFdoOE9STUI1aXp2ck9DL2NoalE9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEyMi4wLjIzNjUuNjYiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSItMSIgaW5zdGFsbGRhdGU9Ii0xIj48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkzMzE5MTg4NDgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MzMyMDM4OTY2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTU2MTgzODY0NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmYudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvMGVmZDNiOGMtNzYyZi00MmE4LWI2MzUtMWU1ODMxZmMwN2MzP1AxPTE3MTAzNTg2MjImYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9SnUlMmYyUWlLcjBhV0ZZTzglMmZ3UjFKSCUyZkVENjhueVQlMmY4Q3B2Y2NzNkpVbXMlMmYxU3dCbyUyYko3UU93eHVjS1R5TUM1TzhnTVcxZmklMmJYb1pOdGFiREtxbnFvUSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MTYyMjk2OCIgdG90YWw9IjE3MTYyMjk2OCIgZG93bmxvYWRfdGltZV9tcz0iMjA2NjMiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5NTYyMTA4NjEyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTU3NTkzODY1NSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAwNTE0ODkwNTEiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI5MzUiIGRvd25sb2FkX3RpbWVfbXM9IjIzMDAyIiBkb3dubG9hZGVkPSIxNzE2MjI5NjgiIHRvdGFsPSIxNzE2MjI5NjgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjQ3NTI3Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe" -app

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6440 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5480 --field-trial-handle=1828,i,11581444660585876760,7428177302555960333,131072 /prefetch:8

C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:tolfxiBPGamgo-9l9gwilj6oUlJqtYKkNZYsjVWhhpKYdigPQ7GdJSl2H_n5IjlZU9n9RcIGB_fq7-JNoTi7JpPN38efGnmcrYYv0KRI2E5kBm4wuekEd01boR4UEru04C2PxpMCzNjt0S5Tub5RAaVPpljLkAnR8ncH7LLLACHSJ5JYdPPGezCHnLA5Wp039coyxTslCywjt5xVHXyfulIGYP6fuiJGbSfERoDlARU+launchtime:1709753761170+placelauncherurl:https%3A%2F%2Fassetgame.roblox.com%2Fgame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D220166853750%26placeId%3D189707%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D32fcbc6a-f1eb-47d5-924e-461e425996e6%26joinAttemptOrigin%3DPlayButton+browsertrackerid:220166853750+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerBeta.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

Network

Country Destination Domain Proto
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 142.250.180.10:445 fonts.googleapis.com tcp
US 8.8.8.8:53 210.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.180.10:139 fonts.googleapis.com tcp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
GB 142.250.187.246:443 i.ytimg.com tcp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 246.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 182.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 183.1.37.23.in-addr.arpa udp
US 8.8.8.8:53 119.110.54.20.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 134.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 154.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 209.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 206.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 26.238.16.2.in-addr.arpa udp
US 8.8.8.8:53 160.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 228.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 193.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 138.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 28.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 211.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 23.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 3.49.178.192.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.roblox.com udp
NL 128.116.21.4:443 www.roblox.com tcp
US 8.8.8.8:53 4.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
GB 104.77.160.223:443 css.rbxcdn.com tcp
GB 104.77.160.223:443 css.rbxcdn.com tcp
GB 104.77.160.223:443 css.rbxcdn.com tcp
GB 104.77.160.223:443 css.rbxcdn.com tcp
GB 104.77.160.223:443 css.rbxcdn.com tcp
GB 104.77.160.223:443 css.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 205.234.175.102:443 js.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
GB 128.116.119.4:443 roblox.com tcp
US 104.18.33.170:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 102.175.234.205.in-addr.arpa udp
US 8.8.8.8:53 223.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 232.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 170.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.178.14:443 consent.google.com tcp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 216.58.213.14:443 apis.google.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com tcp
GB 216.58.212.202:443 content-autofill.googleapis.com udp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 104.77.160.222:443 images.rbxcdn.com tcp
GB 104.77.160.222:443 images.rbxcdn.com tcp
GB 104.77.160.223:443 css.rbxcdn.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
NL 128.116.21.4:443 apis.roblox.com tcp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
GB 104.77.160.221:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 3.21.116.128.in-addr.arpa udp
US 8.8.8.8:53 222.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 66.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 221.160.77.104.in-addr.arpa udp
NL 128.116.21.3:443 ecsv2.roblox.com udp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 104.18.33.170:443 roblox-api.arkoselabs.com udp
US 192.178.49.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 14.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 locale.roblox.com udp
GB 216.58.212.202:443 content-autofill.googleapis.com udp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 104.77.160.203:443 static.rbxcdn.com tcp
US 8.8.8.8:53 203.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 145.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 chat.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 104.91.71.146:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 lms.roblox.com udp
GB 104.77.160.203:443 static.rbxcdn.com tcp
US 8.8.8.8:53 aws-eu-west-2b-lms.rbx.com udp
US 8.8.8.8:53 aws-us-west-1c-lms.rbx.com udp
US 8.8.8.8:53 aws-us-east-2b-lms.rbx.com udp
US 8.8.8.8:53 hkg1-128-116-118-3.roblox.com udp
US 8.8.8.8:53 syd1-128-116-51-3.roblox.com udp
US 8.8.8.8:53 waw1-128-116-124-3.roblox.com udp
US 8.8.8.8:53 ord2-128-116-101-3.roblox.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 8.8.8.8:53 fra2-128-116-123-3.roblox.com udp
US 8.8.8.8:53 lga2-128-116-32-3.roblox.com udp
HK 128.116.118.3:443 hkg1-128-116-118-3.roblox.com tcp
US 18.218.77.224:443 aws-us-east-2b-lms.rbx.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
GB 18.134.123.196:443 aws-eu-west-2b-lms.rbx.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
US 52.9.152.63:443 aws-us-west-1c-lms.rbx.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
AU 128.116.51.3:443 syd1-128-116-51-3.roblox.com tcp
HK 128.116.118.3:443 hkg1-128-116-118-3.roblox.com tcp
US 8.8.8.8:53 presence.roblox.com udp
US 8.8.8.8:53 146.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 196.123.134.18.in-addr.arpa udp
US 8.8.8.8:53 3.123.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.124.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.102.116.128.in-addr.arpa udp
US 8.8.8.8:53 224.77.218.18.in-addr.arpa udp
US 8.8.8.8:53 3.32.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.101.116.128.in-addr.arpa udp
US 8.8.8.8:53 63.152.9.52.in-addr.arpa udp
US 8.8.8.8:53 3.118.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.51.116.128.in-addr.arpa udp
US 8.8.8.8:53 36.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 udp
GB 142.250.200.14:443 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com tcp
US 192.178.49.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 roblox.com udp
US 172.64.154.86:443 roblox-api.arkoselabs.com udp
NL 128.116.21.4:443 roblox.com tcp
US 8.8.8.8:53 86.154.64.172.in-addr.arpa udp
US 8.8.8.8:53 aws-us-west-2c-lms.rbx.com udp
HK 128.116.118.3:443 hkg1-128-116-118-3.roblox.com udp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com udp
US 8.8.8.8:53 silver.roblox.com udp
US 8.8.8.8:53 nrt1-128-116-120-3.roblox.com udp
US 8.8.8.8:53 sin2-128-116-97-3.roblox.com udp
US 8.8.8.8:53 lhr2-128-116-119-3.roblox.com udp
US 8.8.8.8:53 aws-us-east-2a-lms.rbx.com udp
US 8.8.8.8:53 aws-ap-northeast-1d-lms.rbx.com udp
US 8.8.8.8:53 fra4-128-116-44-3.roblox.com udp
US 34.213.233.167:443 aws-us-west-2c-lms.rbx.com tcp
JP 13.115.94.29:443 aws-ap-northeast-1d-lms.rbx.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
US 3.18.20.24:443 aws-us-east-2a-lms.rbx.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
US 8.8.8.8:53 cs.ns1p.net udp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
JP 13.115.94.29:443 aws-ap-northeast-1d-lms.rbx.com tcp
DE 18.159.47.95:443 cs.ns1p.net tcp
US 8.8.8.8:53 s.ns1p.net udp
DE 3.64.206.233:443 s.ns1p.net tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com udp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
US 8.8.8.8:53 3.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 24.20.18.3.in-addr.arpa udp
US 8.8.8.8:53 167.233.213.34.in-addr.arpa udp
US 8.8.8.8:53 29.94.115.13.in-addr.arpa udp
US 8.8.8.8:53 3.97.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.120.116.128.in-addr.arpa udp
US 8.8.8.8:53 233.206.64.3.in-addr.arpa udp
US 8.8.8.8:53 95.47.159.18.in-addr.arpa udp
US 8.8.8.8:53 voice.roblox.com udp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com udp
PL 128.116.124.3:443 waw1-128-116-124-3.roblox.com tcp
US 8.8.8.8:53 mia4-128-116-45-3.roblox.com udp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com udp
US 8.8.8.8:53 3.45.116.128.in-addr.arpa udp
US 8.8.8.8:53 js.stripe.com udp
US 151.101.0.176:443 js.stripe.com tcp
US 8.8.8.8:53 followings.roblox.com udp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com udp
US 8.8.8.8:53 dfw2-128-116-95-3.roblox.com udp
US 8.8.8.8:53 c0ak.rbxcdn.com udp
US 8.8.8.8:53 sea1-128-116-115-3.roblox.com udp
US 8.8.8.8:53 bom1-128-116-104-4.roblox.com udp
US 8.8.8.8:53 aws-us-west-1c-lms.rbx.com udp
US 8.8.8.8:53 roblox-poc.global.ssl.fastly.net udp
US 8.8.8.8:53 aws-ap-east-1b-lms.rbx.com udp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 8.8.8.8:53 gold.roblox.com udp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
IN 128.116.104.4:443 bom1-128-116-104-4.roblox.com tcp
US 151.101.1.194:443 roblox-poc.global.ssl.fastly.net tcp
NL 128.116.21.3:443 gold.roblox.com tcp
US 52.9.152.63:443 aws-us-west-1c-lms.rbx.com tcp
HK 16.163.24.21:443 aws-ap-east-1b-lms.rbx.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 52.9.152.63:443 aws-us-west-1c-lms.rbx.com tcp
US 128.116.115.3:443 sea1-128-116-115-3.roblox.com tcp
HK 16.163.24.21:443 aws-ap-east-1b-lms.rbx.com tcp
US 8.8.8.8:53 176.0.101.151.in-addr.arpa udp
US 8.8.8.8:53 194.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 badges.roblox.com udp
US 8.8.8.8:53 m.stripe.network udp
GB 3.162.20.80:443 m.stripe.network tcp
US 8.8.8.8:53 4.104.116.128.in-addr.arpa udp
US 8.8.8.8:53 133.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 3.95.116.128.in-addr.arpa udp
US 8.8.8.8:53 21.24.163.16.in-addr.arpa udp
US 8.8.8.8:53 80.20.162.3.in-addr.arpa udp
US 8.8.8.8:53 3.115.116.128.in-addr.arpa udp
US 8.8.8.8:53 m.stripe.com udp
US 44.239.187.210:443 m.stripe.com tcp
US 44.239.187.210:443 m.stripe.com tcp
US 8.8.8.8:53 210.187.239.44.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
US 205.234.175.102:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 client-telemetry.roblox.com udp
NL 128.116.21.3:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ecsv2.roblox.com udp
N/A 127.0.0.1:53716 tcp
N/A 127.0.0.1:53720 tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 104.84.73.17:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:53722 tcp
GB 104.84.73.17:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 88.221.134.122:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 17.73.84.104.in-addr.arpa udp
US 8.8.8.8:53 122.134.221.88.in-addr.arpa udp
GB 88.221.134.122:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
GB 104.91.71.146:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 60.129.102.23.in-addr.arpa udp
US 8.8.8.8:53 beacons2.gvt2.com udp
IN 172.217.27.195:443 beacons2.gvt2.com tcp
IN 172.217.27.195:443 beacons2.gvt2.com tcp
US 8.8.8.8:53 195.27.217.172.in-addr.arpa udp
IN 172.217.27.195:443 beacons2.gvt2.com udp
N/A 127.0.0.1:54273 tcp
NL 128.116.21.3:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
GB 104.91.71.146:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 143.191.67.13.in-addr.arpa udp

Files

\??\pipe\crashpad_3624_QWJPRNFAZKFKQKPS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9962dd682e7dd1c35d92e89cb84a7c57
SHA1 ddd68e3acaf5b76e2c4a2115ba1a6d95f5488285
SHA256 bd8426307398812d5d6dfa0dce10e30d0caaaee2647f2665d0063114f23f4f6a
SHA512 06c35dfca8de30ca69cd249a50f933933b0149cddcdd2e09c0a5c60ed851e9dba6d7e310905e4e8d7fb44c075c27515562f6971c8e18ae0077c1af1db4b3474a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ff7be9ec1cce9a97db8f80f1cdf1a029
SHA1 efb93765106b7ede3ef9b4ddc96341203d0c2205
SHA256 28dcb7e87723b223dfa23e02b383db31b2925ef1720634ebe923ff0745017e8b
SHA512 80e67438e09f7502ce009046bc98c6322489272ac50d26d44d6b1027c82df6c047241a2f8a0991dc69cc2b6726cc7ca22c16e417e939145a68f4b3f7ee0fac23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1f03bad35fbc259b33898b7f1b735ab4
SHA1 abdc4e9de35a12af9647fd4f345bf5cf379bc4be
SHA256 49d6d6fc8537552506fa484a4f934864facf97006653194b2e1135a4b37465f8
SHA512 f4a7fa764216004d60bef60b623cdfb1534617254028e7daa19705cf0048b456a52149d2f5e7dde7ab1fe224efe5ebe00226b36bb93b44a8c97ed36aba99e8a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

memory/4640-96-0x00007FF7420C0000-0x00007FF7421B8000-memory.dmp

memory/4640-97-0x00007FF9B1600000-0x00007FF9B1634000-memory.dmp

memory/4640-98-0x00007FF9B1340000-0x00007FF9B15F4000-memory.dmp

memory/4640-99-0x00007FF9AED80000-0x00007FF9AFE2B000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 99cc49358cfa3628888247c84b312722
SHA1 72df90d4341e204b5d695a65f8f0575d75d6d342
SHA256 570055b300595d9bee19cd486aec73f2e432043cc1a510b5075bc55da6b32757
SHA512 1b3f0129c396f2e582b6e1316e622f9faf71776e5878c95e71a961e4851f9aa90b651f0e3c3d406602c79f377776df5c8353578f44673359088ba16998fd614d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 9eae63c7a967fc314dd311d9f46a45b7
SHA1 caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf
SHA256 4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d
SHA512 bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 3a30ac2af2fff31279da058bc3988cc4
SHA1 52514fa5d15bfa7f68e6a4aa3f81c96a442631f7
SHA256 22aff69d0f18b442c1c6f235f178b523dcb2ae9ddd0238bec6accefb765d54fd
SHA512 fb615d3a0aa4a65fa930f814f7b52e30b2f0d1fdc275abde67860b8958a57ac02fc0d513200c001bf40ba4771de2adccaaa28480b41213950c8eddb587da431b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13354226950995555

MD5 25ffa0509901bd008a0c2d5f3c434b38
SHA1 0aa840074308e627dd84bca17ccc8532f3f62472
SHA256 fdc1205fad26f0aba77a920de7e4c4616957aa6c2261ee93eb1c597d9f286f3c
SHA512 bd189ae0f5914c943402262250712efc88cd87e0c0fe54f7b57cc2a2d9acaf9bfb4d7417fb76d2f0cd977ac9090de6ca61357aa939a341c2ddac0071a38b1afc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

MD5 8a30a1fdd0459d9ea8b1e78a8e636856
SHA1 9d7225e97f9cfcfb225cfbfd0b0bba21d4efdd20
SHA256 88fe1d31608930f2738d102d45c75dc77acdf01a1b69bfb7e7c0281575b75e33
SHA512 b529bce870cd8165bf82f3ebf94f07552467bd0993b9d35145182e54e26fb2ae8e7bb167d88267b632757e2146f27dfddf8867db0c66e5dcc306db12ec6b7bef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

MD5 33053195876bda8f6f6ef1bce1f4b4da
SHA1 016f1a55091e1dadc5146525c6c4577f63c805f8
SHA256 e21494f6f700070305ce783022bf5fe8b00ef71596634fe9346abcea0514747e
SHA512 b54e8ef97e8853aabf297b2370918c9077c8644d2cd532f6c25e11326b135b5d6bf604667a13a14ee5db7cd203a8c48a774a1a43cfbb4b688c2927f5a4bcca6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 b5fc4187ad133fbe9e1e7fbd52a16ad5
SHA1 3943e7595006a1b9875df3bb6be5ac3745e4d351
SHA256 dc81b280dcf235fee3230ce5e4b868c21c2342cfc3cc3c9c662f1a36b400668e
SHA512 acb16829035fc6bfb2f19f8f0731f071bba67a7ef2d7ac15dde1e53e1de6b50aed134ffe813e4a964fbac959213a4a317fbb73c85a9fed799fdb7ef126538ec4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

MD5 689dac126f522eaeb6d7b29589952873
SHA1 dbff1bfd48b7bc2d4ea85021d6ff2b53fbf8b1cb
SHA256 7611be9ddf5cadee298e9c4ec90076584644b8520e0fc640a64f5ab86b14af96
SHA512 3d3506d2b5ed02f5a87ddf602f8fbed0ed13a95d6a457031c6dd8d45d37653410ccfbc134dbf04dd56aa416443c7dfc97fdea2a1ae0eba0892ead40fa924657e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

MD5 386c1b264ee7b66098df876e3fb89bd1
SHA1 24ce1d1ac2712eb3d3d7549cb2c6487220e006a5
SHA256 75f5542d8fecaaa6a979b58f3c9bb2d1c1f9da02f4590bf0d876a89866720637
SHA512 88ef5db8af0a959d3a840ddd1fb929671f5e3d6f2e366be7393817026a6f24144de88080e6f8412a2002007173648e6bdb1c2a63105a7520cc9419110f1911b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

MD5 f7aec8448aabdaf3794661da34481e7d
SHA1 6e51edd686f4d275eb01c0d2acb43a530b41da5d
SHA256 3f3f6ce3962834f7b3ebe9812e09aa2d10f240faa5f1e5bfb8a4c7e84c86ec7e
SHA512 7144ed825c56f2cbdf845e45185597f2de3bdbe39d44720e2cd39159d412c64d03521e835f37f5a950741cb35d70208eb8f5f5021c95e7b4d557685523d5e6f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

MD5 2b9559e6e1b9ffa8d07f50981c695cd5
SHA1 14a62a33b2f7af9e81437147bed71d38bb7167f2
SHA256 bae6a2533c1c3e4aa2454e7d05088dea398e68a5ddba2d72ad786bdb8b5f74d7
SHA512 0766043da9d1c132bd8f25eceef5770acce729c5665bfd7050089d7fc8b2a110a169237d053bce9d84326a00677427fd15ff362296c70aa6f638526f779aee8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 11ce5a7964c869839e49422fe92e49f5
SHA1 56b0588dc30e4b6657d21ad1b9e0d25cd8e647aa
SHA256 c498037f1fe04af305d26a7115a3201a6d3399cfeb053b76ea706b8505a543a5
SHA512 3c2d1913534ed148c6a918123682fafd393604c5c0d679fdd488869fddf103c1aec92427bdfc564fb06cb9dfaa670b73939b3b87744b41bc2beae325d08abd6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

MD5 06959abd2a23ec826195d60a92a1760d
SHA1 4ce29522dae2545f8f5bfd3bb05886569dd6a032
SHA256 f4a9a029c298db3e128d752239064aa46241ddf0ad514d8bf6483100c8458ba1
SHA512 3428fa9e787e47aed280f11bd9555d69da952091c30bee6c03913e79135534d36deba75be995bea65fadc6b53e2717e6c01066d4d949c941a0fdd943a4231d10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 c4dce7fc5f4da8c359d6329f9b589e09
SHA1 cd4e45ca275a46dda03933600256642c1cb7ae19
SHA256 c584ded9c95de6fc70b604c837b556a1258171744621a7456214a20522ec1ad0
SHA512 8b880582e6bfe59231eecc0d4d7ae1c144c5b5f8598d36b7ccbebb4d9dbabbc11cb330a50c83ad433ca7a95b94d434c84f2e5b115e28aedba6e0e0971893fe9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 96852d2fd2ad376f26d6184748039a6c
SHA1 391f6c79566561bd566945896dd8ee8325c8c04f
SHA256 aeccd2608849144ab630b1e816615fb8b9ddbc2902613aacb319100b38f6b8a5
SHA512 bc0e741dc7c7cd07675172d8907f529f5084ec7b0dbcb34fa8880d1d304779ebdcf123df172eaaffce53d0cea65b1c5d0f79262ff729652df828f3691037a954

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

MD5 a4923f5de621a90e4e32d0621744db4a
SHA1 bcd82ecb67fe9ab51abc2e89a954cf6cf45cb478
SHA256 b16202a507db76d979d6183773e1d75fc99e29504c51018d31843fa706a1d7e9
SHA512 ef30d27f11905f8bf09a5e7b431b66391a40d64282a34921bfef78cd34273a064aea9c69b588c78bcde41ac599bc90dbb2dab486a8c70dda6f504da6a3358605

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

MD5 e5fcd69ffbabdbbd73c9bc644b129d69
SHA1 129f9b0ccd64872b2b3320a5fdb9de3c6b699889
SHA256 f4e80137d77815cdccd55c5089c057a8994cfb89aab86c5af0583e51bd7c2d6f
SHA512 f7991146dd0d9be806b2e94066f927cc37446f324f205a3d26fa28d7052e23f7a2f0d2338fe9139a900b5d9dcfd7609732986aa1763c2f455c9d16794dfc97c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

MD5 7de46e7a84356a43017b8bf5a5bac3f0
SHA1 3ae0bb4de93085d1e23c0ec366e32c4ac85beffa
SHA256 61634870b98cbed5ddbe4b7978394c4a71b0e0f1fee8d9b4dbb064c2311c996f
SHA512 a6948b6bf9dbe3fe1f4ef172401eef67a4c987dbf52e9de23ebcac369f5f9e7e8916a7b1dd75976ec51b34e0008e54bdc101eb9cd773b9565f020154f8fa0510

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

MD5 306850e92a9b05b87bd69cd0476e3f3d
SHA1 b7dac8a138b17c9ee3f6b41587503112c3ee0c8e
SHA256 fb8398fa4a03b078b9c12502b892c745063005a909bc6d3f45f6b5f5217ba861
SHA512 cb83ceb996160287b0c9885d5d4e6694bcef71350eaea57b795b701368186111c7997ba915926e2a500b90c25f3c2a805fd6db0b8d43ca26edcbeb6691ae363b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 972c62d9a0d079bc039d1702ca8c1956
SHA1 36e79d5076e6021be0162ab19397999b0c2c1795
SHA256 540828dd9f22fadabfd429b1f791a1ba4b3801d56c06026a580c7962017cc6b4
SHA512 c17429bb169d35e3d08dadf2d4e80057dae8ae626a32ece2cc33ac4d5cf07d4c7b5176bdae062fb46129176a0b2a0e77aef5266e166a5d1586b27c2f24592761

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 f82da5b0ea1301a136d870045b7a3358
SHA1 7958539185291a5c26853aec1dc3cda39c4f1a9e
SHA256 169183ce23ff21455f0f2fb929303a6ec704efd3a39c3907c793526f1b89f4d8
SHA512 c11bc017aa414db171cbfa4930e9dfb10b678e231e8a6387a3a39a0831feb255beda40638fa6c48e628b2574832fee2521e6c54b544053ddeafba5de2e93ae6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 aea90cf487c8525e93284cabf02ce319
SHA1 9af79d36eaa55f5f63b8fe7f004be63e21bb80cd
SHA256 fcdce0550bdaa584fb9fdd90bccdf3157759a18e1550c891c80e19d8451a57cc
SHA512 4ca16316e0bb83633d64e53781bf102924223e4eb22fdd11224e3e1bc2c989008529514c006658785d687807cf698a2d8564ea1f685171d1f2d549ea1ef0001c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 ea6a0626cb15cb086dda66939f8a6777
SHA1 00091a7fc47a2b8fe452c1e05599536b1b8d3e7c
SHA256 647971e65082c7603fc5b6d084582f28952c585c614868c338f7d88fabdfdd94
SHA512 0992b1c0ef68fbf586c712d2cfe7ec7420567d3aaf3e4f47853190c06e469272eff67bf0d445763f5add1d9eba412d49924d411a07af9f1152c1f586cc54dbf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 f177cc2497ced9282345446672cbfd4f
SHA1 c43b118f44a7d68db3e3521a5401af190e8fdb83
SHA256 9b63522b3d3517c1db9bac24718ca6307360a0e83afcfb971b7de6e82a6b223d
SHA512 de2dc394c536824397a7b0206a3c23a08529a73a64d8b0916961b2f44b236207425f8aee641d57c868f1ae5a19bb6205a274949101daa5e5eb1a8104e9d36ec1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 0f63b65b9c9a70c93e26135f2d7278ff
SHA1 f5f247727aa5e66d3e0de894fc5e290ac2e1830a
SHA256 e1c5c3f4a30b4958992cda7a962f71233a91efdd2d4ed95f7161c15ff10645f8
SHA512 170d93bd445c8de22631afcda98db59dfe7eb8705558f21a8b0b017945466ef885c091efb2d19d5c4c3802037cf31dc451cd79f379532a43f6c2dd725d50abdb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

MD5 c5dd256a1bd6520c18c9e3748cbc88d0
SHA1 b3748c4fba8f35cd889842a1d401c227244ad1c4
SHA256 2b6dcd0c31cc8e32d8c3e7189ec9b63f37056cbf960669f5d40af2fb8f5d301c
SHA512 2260d0dcc1e80199b842d0ab72902dc06e89c92d81f8cd84d58a6a263f90e5121364c607660a128d4109fb4f004a0431a6dd84a372a406973a3e1cf4f784e1f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13354226947403555

MD5 dd920c8942dd644ce55ca622a046d935
SHA1 a1705f8217b834adc6be40ad884c6436cbf8c613
SHA256 550c8a6067adb5b0006f3e39c4e188c3ce57a2f79534d61ce89a7ea00d77699b
SHA512 d3a2e8db239c2511364041b8599e27a1f24802d479a0a2eedbf535f09a06ea59a0a4abd62edb2e6f4c00d2ab561edea814c696f1c95759ccc89c4ed28740215c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt

MD5 fefbeabe1da1be7027d7f9afa79b76b4
SHA1 450637d78af1416de989d5a43cd89bd14e50d0a2
SHA256 94388e1a0d834ecbced31081f755b96a2fc05a98b76dd21637cd292738526baa
SHA512 f3005ba707319004816703ca4d1c36f5329e0f90ea7d454e0633ca2a4623aa3afd1c81cb8f0d6b999f59929054faa558f6b12bce1cc36e6b6f2b3f860ae91ddc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\a31e2a60-bb3b-43d3-82c3-6b0b5d31ffe6.tmp

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History-journal

MD5 992a1f7e1c8e57884d4c4eefcc2d0773
SHA1 f4b90b43f4c0eab05c6777fd3e0e6111cd897057
SHA256 66bd0b9906746edcc151f30026f00d306adfc4865ec8264434549de6da79575d
SHA512 07f8b9286cbf5d87b015d81bb939a95cff4e289b213ba29a7c1f4d3b9de11315b56cce06b326e7070b3c19db3ce239a1e083362bfc4dab949cb1ac89ef6e4e68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7f271c4642be66e876db0f435387a23c
SHA1 902343cbf8f8f2fa1236f756048a96aa06a7a145
SHA256 34b0fe39b5de64a28f88868465d93b2d0fcb254d58813ca4d9e8242743b7c0d2
SHA512 03fb534e572f2c9a7bc0d71065a7b2670d9e30c651b6ea129ffe81b4eac8b281785eabd72535b456d89bf6a7879338987590fa1a6e494049f8dee8979cfe001a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

MD5 89d79dbf26a3c2e22ddd95766fe3173d
SHA1 f38fd066eef4cf4e72a934548eafb5f6abb00b53
SHA256 367ef9ec8dc07f84fed51cac5c75dc1ac87688bbf8f5da8e17655e7917bd7b69
SHA512 ab7ce168e6f59e2250b82ec62857c2f2b08e5a548de85ac82177ac550729287ead40382a7c8a92fbce7f53b106d199b1c8adbb770e47287fc70ea0ea858faba6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 08a419c1da8aa74f11ba91802ccde3e6
SHA1 e9e404c1bf2ae051d158d5b265ecd3ddf7fa78f5
SHA256 24ceeb4fcb934e538883bb23bdcb6abdd9ca365941bb54ed7e3e05473eb1c1bf
SHA512 354da63259926895ceaa3824078f2c7b047c9103bb654a2963bd6591a447381321e6a8d148ec3fbd786091430718806a0bb20c63b4f844ff9a80671f9a0ea51e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9b29f3d6edfcb360c85984cbde131ba4
SHA1 538e29d6ce5d6a345ec142fba02908ecc00d2e6c
SHA256 b6e4d6208cd5fde4f280c5796655f57849194a65f851651f581c6e475f5e0195
SHA512 47d8a67f362d8994bea56fa3e96bd81e20046aa8778dad211601778528dcf530e996f98c6abbcecf5e88ec55018fcb44d6ad86375e8f38947a23a8f9b2d35f87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\6c549d84-1bea-4fc0-812d-b506f4bd6552.tmp

MD5 4b7095db9e36f212169a293cf30325dc
SHA1 04787d10289a92169518b478521878138c4400a6
SHA256 70b0da281e7cef05fe63afb370ae23648f2dccafe71e7ecb80e839586e2db070
SHA512 8e6b275c59f116912b34adfcacbcbb397a7b4012583e97fe716d05724ba0267c1421cdf6e3af633b9da926590eb3ee43cfa1a33cabf6bd82918e65da702602dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e879c7643d75c3ec6c74657832a13926
SHA1 7589c9cac650e909eec8e976fe7c6eeb0559bde4
SHA256 ab60de12811429dca617093e7aa1ed46a00a80e6b34e02ae1c3cff7398870493
SHA512 d3f128ca497de768f1a527cc0b56dfb655ba91bb861c793e917092a9598365328b492c36232e351fa78747a3f5501815e6c07cea798b5537fd81b0851e905d2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 61a2c38a1bcdb0698159354a7aded652
SHA1 3b256886eb7899eeeb818d89f6c90f9a9e5cc4ae
SHA256 04e533be5e56440df77350ce4d7d04ed59ca9980c92b86cf3e1027014d188a45
SHA512 5d5aecaa5b564b265af107de8940e25776fb9fd059f36887c749f4c743ad4bf441382919e4f9f9dff9703133897f250d2cf4652cd86ff54ba006c3cf890fc345

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fa46bcb76c68835b960b069ed72958ed
SHA1 ab42948dbd6152d96500f23a142d905229d92c63
SHA256 9e344d726c4be14f54b16dfb59ea7bfac382d804fa1437b7e5ff22d6dc296d33
SHA512 9ff064797e1ad84ea09eb878c0773ee1464399a461770d2ef7499a932835fbd6375c4a84df1410eab8dec1e0355fcc4f5387e380dfe3662a84c2e00cfcc7b175

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 977331e5e31a59e4ae0358067caf8da5
SHA1 321955c703eea10ef03db8f0b4bb7e4f92e324f3
SHA256 41cd702a4c4d0662c0d8378d1d6a569734784375c8c37aa02c3eb915280ee58e
SHA512 6fa7ec3a769689640fbad6454ea1bd6683c70786b9fe7333cba3941c791bb50c783fc010b7f382acccdc55147bc85936ab23ae0e419a807af32bc50644ea2db8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 bcb991887b107241048236892631e0c2
SHA1 55163ae952d4182a3f44c060a34a862a3005aae5
SHA256 237f8a6b32815346c6fdb71cc8d5ff6c43c563f971dcb4a023d64eaee5266609
SHA512 571a2fb1447dc29d8e0e0f04a4b1e58ba5fa77b2ef2a7a7baf47f36d902e420b9835da1e8ff42f210783d9f0264c2fc6958fe4f5c101aa621a211f574fc73c29

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 282f69b2c6f65c1d8f6b653deed14ac1
SHA1 3604618b0f68a6518181a70c4c46d9fcf86c57be
SHA256 d5b6f6fc42761e08520f32d418a2d7ec2dab0feb04183184b11631d44067c51c
SHA512 efb1ed092fa26e3f97ee1c7ab2cd6e8fd1e27e2aecade226ffb3978b5a5d8fcd30897cfd2df9aa2952a9eaabbbb82e9103776ccea985448818b5493ad827dbee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\57c5bce7e97afc2e_0

MD5 77500d1023ae4709b4d5b072fa765ed8
SHA1 a4388a7741b2d0097884c72eb707d2a33b9d961c
SHA256 a02a2baa0736a79f15ba055d08deb7956e3bd776f20016cf5288e0a006ba400e
SHA512 fd59fa43c3d5bbd2370fa11f6156f4ce0a718caf893bcc9453669186f5c345a9f6fb9afeddb09564f135f76eed1110440e37a7b4c006e30a8bc8bf9a5067842b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d7921820e106ff45bdf41af9927b3c1a
SHA1 caf804715f541caf8087516efc6d4d874ce036ee
SHA256 730535143452b69e9d67200d94c165148f07aaf8d2a637b6f5e298fb7d4c63ac
SHA512 a202e0781ee2a91126f45376b6c11de83050638e5dcbd8563debb649119076bc76e2746838c9a01581333e46985e5e29de22696c0a821907dc5408035220036d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b5b105e820a2fa833adeb690284f737e
SHA1 cb8a1251e1e42afecd46113960c9458569a07911
SHA256 f133a9249586870ae76f425509e3550233872dee1f8ee1ce8408dd13a3008c4b
SHA512 438024e6e24ba2566d3b8beec9cbba4a9cab5e36d0d86a54b7e20fead464bf6b98ddc0ab4e7b2fa0e2cfc8ff1e02a750dbca7ac7dee2173d5beb9c2096d5ed4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a22892986c56a138_0

MD5 42750e70e951d0e6f90eca3fc983b0fc
SHA1 36b9b786b091ac154787685b2fb5b0d669074696
SHA256 95d667b71afd3687f3fdd51863d033487c5a8a358052f411028310af8c1eb12f
SHA512 8611d925e52d21cc1b4caadbabd2f6d88066b259059668caa729bec2c899053ea9c15bff877bc511825e278be7dc6748409408b4892b151368aba68d133a28c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 36e5a02cfc5e74484bf337014b15865c
SHA1 325c5d9172d924650f4c2d5a89fc7e9c3c6224ae
SHA256 c6b41344752d0f67728af60aea20851cb7814ee65c17b9c92b4219c461dd11dd
SHA512 d15cd57aa8ae33edee89d71453bacaefdf7f10dfa985d4e5e1e8e8966923d12597a553c95add3c65a2d3c4c707cfa0c077cbd2ecf5942568c944f0bdcd86b3b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 45f80b49c8473629c785ee5f3879770a
SHA1 a6ed45a75714dff217244cd52b8eda9e423a30e9
SHA256 2950b1a0d193cc383bcaa5f7b0c921e2bdc9e74b607c6f1d42f455cc678cb7b0
SHA512 b1006aead36270fcb5a3fd1f1e81039a801ea218c1c1a8c5b51a35e010bfb8f1715f4daadd6d4c84e9ab9b6113c430a982804ba37d0362b681c6e8d637373b82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8d0ebcccef1a70628614b5ad8aa32e87
SHA1 7b57aa3f24ca65e26658bf7b9e03d34d943b6b18
SHA256 ae8033258f40f59a14570c1f1b754bffc48a40c1e49ecf38d430768aa5f6352f
SHA512 56d9cd103908765a17419e04637c2116569df1f53cc8d0c8a500ff358b6b2bbf63e0e644a1a9aa341c49bf6fb1bdc4da79d995d32a654d15dee179ac6de578c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6cd1ba412323e9a62547a416f610d1b2
SHA1 f8c2cc3c4fdfe4b190c665c38df91a9b47798293
SHA256 491a7ee6d507fdc2f7cb80278b467de41475fa973f4f038df240b8b70845e1cf
SHA512 d8633a51f2b2c6bfaff745cbcfc26ca737314240d287d6b8c1976c2860431cf2fb0ed93facc2ef56d301c7374affc5cb5dfe0b7480c09ffe9cfb5e3c8d1e6352

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 d6969fffa7b249816958c40a8e34fe7a
SHA1 4a3403cbcf26b8e189988e51350d35c8fe029f14
SHA256 bc7de6107367d5ad6663920af481602b11d2e0a461ae7f3554af0333443b19ee
SHA512 6f20a3a8be1ddd2494f5e846dc4ba22145cd0fa8302d0a3a5205ebef6f9ce63b0698220f3749af42de9fa4727607a918b6a782f86f5c61248edd329558cd417c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5b32d4.TMP

MD5 4e2f36e40ab9ee18b51f6ae9cc63e749
SHA1 1520035030b55b10ac3335359ee8959edfd998a9
SHA256 8cbd58b400d528a329a79a59060af74d5fa1f527bee4e96976a5a7b8fd06cb89
SHA512 0f41f0c1b4ff5c5a3fd917c65fcc42a1e649d826e2ea5d09c37750634b92e9651d69940fb1dd8ae82ad1f1cae38ac7d793ba49ce25cc2b212b48c7ba3dbf0695

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0b6752f82dcfcbfbd98eaeb0a54cde76
SHA1 4215bd39322c89a28048de789a70103266a51698
SHA256 ecefbdba3073520f7b6e53617209d9da19d461af0671f03113a52e3c537ffdb7
SHA512 ba89ffc360cdf2e658c9edd457acb5bfdc06950bd74c84b0ff468bacab2cec8172e2d9aec07fa1251b053a7c2db0a211b7fa8e7a8ff5846ebfd1930880d95888

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 1285b36d806eb39454d00723e748b774
SHA1 2157ffccb7e69d8c94abf36c9133a3780b16aee4
SHA256 90b70b1b722b8e53e762abd8e742d1b43416ef2b4a1a1265fd691c88c63d7903
SHA512 72ede517534a811927f2a295937d411b387a6b46b1276e7061e9243257f7d9e9d4ca5c6a3379943b85fd1095fff9cbf5de2bb793e6a9bab0694ff02e8f669fee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b15e4fa00fb485c330f75bd6514ba926
SHA1 d7fa08be46fdb79589fd3cb4d4839562a93179e2
SHA256 d288a745cd189f5e1f71e115262e68fba6ae7efcb876a0abe5b290a40513fdb6
SHA512 acf489b3a2441c0159db95442c2c6543609b91270c7a3901fc13d2fcf559616f9e3b30820d608b09d1afe2663cbf636a8ffe2b1bfdd38efda7b6dd581c7854d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cfc1a112ecff13ba33bac62350fa2922
SHA1 c8de38fa6c63aac08ae005861448a03fd009d96c
SHA256 1088eab45654d585053465b5df23591dda16639045708e316b859bb6dc803b6a
SHA512 71c8c67051454cf5626ed5ed4df5f90f65ca1f15b74a57ea1fbe46aefee94d7379a1ca0f46a4e85434e9d4a3d125b136409c4c52e96b132be0bda27b76444735

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 79ab229ee8f9644d8f28a58af69bc347
SHA1 afde0f92e903102584335bdb1850a66542cb496c
SHA256 4553021bf1d6d18cb134bf69299ab378bfd6b40bdd80474ebad5befa8277152e
SHA512 cf074fec095f2059f217bba63e36f0e6e9d7f18f384db769ad3ddc192bd9bc87d34b499bc6ea8eea200711ed0b5f0cfc4db897e3e7015cda1c1b3c6a7376ddb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ffd741fe6d7f0e2f0f952975ab11c341
SHA1 1821f88552293a0cbe6f3f51a136a4b17458b9b4
SHA256 735a576a2256938dfb7e68a5ce1e6e3f8ac4f857eb943440e4b3acc6df815109
SHA512 e9e53de3f24138e2c28fc6108476a91606e3c991c238493e1216ebc0148e5a8fdd48f26132f1d912fd6d901812d5f839b022f5cedc330d60adfcb3ab910f9b8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d9f657e305880985f5bc52a663aed5ad
SHA1 1c6f8ef6130daa7c558b042cec1b5092f55cb982
SHA256 7d54c9cd14cc40ed37faf3003f71eb15c4ce82c44e2aee479c1eec338494730e
SHA512 e5099fc103161d050b8e5d996b5e7a5d0e2551c06934b5e038636a91dab52af309f63d1cb84af63968d86c51c8befd008cdd0f316852dee60b58066a27642a08

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1fd708fafca8a5c0623334e7e34088f4
SHA1 4715aeb08a6355ae96f125f43e1b363ab2f744a1
SHA256 a800f4ea38591503d3aff4f358dba3ab3bc893f9083d63a24a97de5beffb3a10
SHA512 9a70ee1f75f09192382a8c655abae65144d6fc18a816221020a5273f4d67ae8ba58e2c23c90649f05168a952d3c2ba021bc4c0119894ce68b61062d3563e9598

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044

MD5 e1a00211e2b838c07287638c2825df43
SHA1 7c0f9a01c48e4c671c288053494bc72d5fd2813e
SHA256 c89246d13a4d19e5f8502ea81f63e2bf7f5e3679a7f223a386b6e82e057cef76
SHA512 0c1033e1617b37c5260727e09fca7649fdbaa67496e86967fe3f88561934e9211af3ee781eb7d35df1526a85a7a7f36b1916db4f6bcd521d3b8bf908b871c729

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

MD5 ebbfad3b1f7f18bff853625cabc1f28f
SHA1 a106523efce8c05d65710481539badfcc563ab53
SHA256 43485bc7bffdf2e9cb2aa4eac55b345b26b51366c880189a2f6a6e75b855760a
SHA512 63099032f1c7a56ee2498f46e981eacf01532a94b02f9840f73a292416fd6c452a801ae1d0d61a1e7d1d4e04fbf1863462a0aa9f9bf88af783fbb2e2d6b0941c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 342fa0d61c38109740a787e7a95812da
SHA1 6a30727a148a4d732284d153cb7bbab052e664c0
SHA256 a481fc00efb18b51feea530e60efda27acda054669c80dfc997f9eddc12d4b7f
SHA512 7d18e24f4f49906d8fdc49956bf6d026bd56b0d9dc0275b81bf9305686df13c25acb06a3f379a5af7e37c14593b7f042c6942feaa60dd514909dc0728b32a5d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dda03a989e29a16307448b2bcf8251e5
SHA1 9653c06eb78bef9be226df48a1be62ca9abdc88f
SHA256 caa040e4e178aa06bfa02e756161704cbd001052945f6a975f08152416f10114
SHA512 44b4a111999f169ea189fddaaabb54c148ba66ef3abeae8762b0bf32dd41ead3aef3871e1e734627ac2ada954fcd4701e6e7e6430a27ffcd4f520ba6141bcef2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\1aacf9c9-d9ac-45c3-ae42-d2ac6b7b1e78.tmp

MD5 d82dbb6d275c9aafe65751307a306507
SHA1 7145f59ed343d9f8e03270bf8f7cfa13a9879a27
SHA256 76f568468c08ca9aff45779727778af6f873a68b83cde31a96cb3d870a798c5a
SHA512 677b8331712201c1c23a0c55fd7c11c3d644ba99626ba430287f35c7a3c848cff6fb886f3065d78774ccbaad38914332ea6b32c6e686a26d2a143fd38dbe2de2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 973dfa85120f68fd2fd8b942d15ddb90
SHA1 60951b03cfd31169f6e12eb63f20c9c732b4a4bb
SHA256 b66686aa9a2dafdc49e82f3b932c6467e37fb3e1d80c8074523c54a017c2e0c7
SHA512 cf79c5e9ed968f3b7a287ae7bddc547aad40d1c4f57d5e61a13148299bb0afba5b363f1f4ac27f163d15430492df4866c51e8410e41d2f5027069660e106e508

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 d347e96ce4517124b58ded44d539c691
SHA1 cdf955ccc2a9edbde36fd89c385d86189e44a1eb
SHA256 fa785a5e3361dd9bdb4b0b2154d071e690d668364931b24f706ce639f517a11c
SHA512 cfcaf432f2440f8fd43d68ca2f1f0265c44c0356d90555e0266b38239afd89ba625eda927a34a9431bc1319440d1d2ebbeb0b027b46bb127fbf803672d50ce5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

MD5 ffd510d23c8a89bf3acef6e11a60e4fe
SHA1 1b0876e11c864ea8b77cc62e502230689d9a137b
SHA256 236c820b8811981b43cedd9c29af9934787f8a493b4bec55f694bd073e445d2c
SHA512 272baa811d6a1a7afc6d00caa04e6e7892820b84638a79610080cb005b3e73f7b41452e8a780860c7f496f0ef27ccb8875539c00cbe43dcea7f52e6a0328b811

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 65e454f43288d87b57f6c15a29fcdf4c
SHA1 a4c76095ebc060c6574e5f008410228113a91499
SHA256 ae7980e214c03bf033197bb3d546092bb4f089f37c35a26301861d09a8238214
SHA512 808051825076b233670e5642716505f53273a1274767b0b225849e104a905758424868387de749a77d8255f3f44e15e392ba871546b399c2c72340471b124ab1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 08163b5a5c45af9e709f100946f70254
SHA1 dc9a170feec19a830b3fb4800af1f85c0b5a35e7
SHA256 24a581f83339054d331b7598a54295875aed3a2ac2fc743a73d0b4f97884a1b2
SHA512 472bf91b0e09cbb6bf10cfd9fe7b043bc47fead0db6473c070318ad4733628615853fd646a88e716fe702ffefddcc3f88354cbf01c64a4bb4f7671234f75f8f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 80ec27730bc2a8bd98a2d416380412b2
SHA1 126370a284c144831071ebe0a75ac48a4f9e637c
SHA256 08e44a7de76e4f04b0e151da2065072e6680e44ac9dfd595b80f71923da67d41
SHA512 5cbeafb7488ab69fa9317322eb3de4c0a74021e241e0b78f6523deecf66eea2be3a673402c93689f61bad292c1d447512984d5c34e0bb85e19bc2fb184ab8c5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 f2afdffe945ab631afb636b8a7a418ff
SHA1 9ef8f5a1497c54cb0d5ca209a37911d83e1cfacd
SHA256 6aaf35570b2f5c890b12c7322a1e700657e4739d128d68247bfb7bd6eb344e89
SHA512 52efce3c96b74ecf9eb4f2c1cb7c32b17493825297386c04a9bc5128e687554442c2ea37274909e48aff596c64abd390b8baa24e5b8fcb80f70016ebeea077e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 02c1af03a634f8fbcd7f4b5c6e1e17a6
SHA1 43d66a2ed28da3fe2a15e1ed7db4f79925688291
SHA256 7af1270b094051e4581a8460adeb3a6a5ecbc0e0ab3990e720f28a52fede0fb5
SHA512 7044814c0783dc76fa7c0e1091d0a6f0df69395577ba2d1c4394f13045a0987297aeeb41c465f656cf99de7247152123252249c5fcb21073ea19d3b741a619f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 40c00fc12a6b6b595ba3ee77d3395a44
SHA1 68142c5ff5c35d9a5f0ec0354065c99a97861870
SHA256 41de569ddf5c9efe13a80273891a675429d21b2d8d21f5ea1524e9c341f8340b
SHA512 fd2363602ed29db5323d6da81c12d08522dc1b59a4e2fb4c6f7a428831a283ced8869b5f0756b1bd7ae8d328110dca3d1d0dbf619732112820400a2130e3a148

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7d228ed91e799b7d55556d729d5dec53
SHA1 12778de0ec0da4a4fd50313e3e7d5ce84aa2a02c
SHA256 4a675b7f90af926c277de9c25149dad2ae41a031527e2d870452472c2cb2890d
SHA512 5ec79d17fa73f28cdc6092188fdcac9ff9b81f44c2ad4487228652db3a028619eb08ac91c01ca260a47f2614ef2fa4973282912d2b1f3515cbb491d08497033c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 5f4c57667863d316e70fef83e2441880
SHA1 73eb50a7a97482a818486b0da3006a362be03c09
SHA256 6f84e5190bb73252df39d7767dbd00ca102764b5c39e19152031896d59f3f53c
SHA512 e07d36df85553772e8c11ab8424f8755eacd93e44875f8b432e2703eda89482deb0781e9ce2fa2ac150f6f0eb0bbdf28448b5b3fd1efa7afb8dc73e6c81afe3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5d1a12.TMP

MD5 329b85a522b2f2a37bef82f3aa029db0
SHA1 11b5864541794863baf9f30a60b7bd5479a25782
SHA256 3d58c1718425ca511394fda4f4550fc9e52710295fed24f823f22a1fe9826944
SHA512 293b87e1001eafc6162f159a0bee9889c3b11b0a2aa88b2d301118aa8c87ab24a850d89448bf9c2814382ef1ab20bc16f6bbef8f9e9dc3b1f8ef3e3ef3f248ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8a4610ca0825fd6a659d386ea8fa4cec
SHA1 9f28698cd8eea789982c6df68458f3cbc2780fc8
SHA256 22d86e1f47b66b98d8b874498aa5678d12e917328876da28450da5e2928b3b96
SHA512 d1aea74217f946c1236004f2a75d6e3a60e9c1f0eb787980c1c83578e64bc90faa59242f05571546ca6d02834a903c34f7c73edb866ebd45309068059d9d082f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 2598bb150c447b91f75c8273d3213ff8
SHA1 b76b07b17be23e2917e40d0e0fc94c0233fc7877
SHA256 e14a874c43a0221255514bde99a49aa3e47e2f25bc748e023c648d2868525541
SHA512 71ee4ea762d9f4fc7a99a55690c73e2e9a90581a02df44e4378f62bfdd920a6c17e412741f0ed344e0732b51e4176348e58bf3bc491af2d43f574f528c7e928f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b6368196bbdda2ac70397d38e38cf039
SHA1 883e076e97ff7dbe523182fb23d20b51b2126036
SHA256 cd59b5a8611efcbaad44ef7b64b47f4e68b52d2f31ecca484762f98eaf30c5ff
SHA512 fb8322e63423208bb8507c406208ef148c65f6b70ef61082d2cc5077623f86ee5f4f64907b625e954111875b29ab2e29701e9ef9e2466310c846974616aafc83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 7e9039b8ecd1aa306768e3374eeca6fe
SHA1 8ba2451b884188d66f2a43206348775e41ffa278
SHA256 72d1ef1d4f67a5a90bd0922056f63058cd37f0650670cb691fb8a7d0f46392c5
SHA512 84992ad3466fb19c4c3285c2817a4d27ecff4179e48745edc2bbd258ce02365a3f45de0ee4f16e27bd57281eb0015201caa7c38a66fbabe75ce69c92aed7fd65

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 29ce28be38d8169ac171c55d0d88b723
SHA1 89cb6c3a9dc27d6c348130b5f100c168764ee6f1
SHA256 8fcd7fe8bccd2255fdb1017cd7b29b3a1c90fa5713dff39b4ee552a98ff8c3ea
SHA512 c39c7ee31531675bc3b6b40f272ce81cb0014871c3d5ba90fa758b8d6f1a1edcc7500f8f2411e0679cab475236c61913b7377f73db744a81c561e468a856c90b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 97ea0cc6ad43724f8f3f1adc2917d28c
SHA1 08a559b085f90556922143274c43192035af4e8e
SHA256 a1fba1cc66462a2b80c99906d75383af6757bfbc72e3fc33835f38539b4a9c71
SHA512 351bafbe937fcaf6eb81d34d704dc157caed93d64c200ee295ef732f02d844a9f4db6d6262a0fa8065bdebae0f412a18592b7cd0df166bb360800a6936a10cf3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00019b

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 35bc96d22ba29588d92624c185a4f398
SHA1 67d79415b0dda046e1b13e8d46349fad87faff94
SHA256 c34edf28232096362b2b3316d0491015a6199e71033cbf386ce3a8313cc7e622
SHA512 7c6d0ddd917d3877d8083911616475e738dddf68fa5ebb8a535682eb302a5cda4cc7285a965bdbf97f5b3a5966831c06eed2592acb4f335f5c08c4e7ad3e0391

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 e884123db7b468f774362c7c3e8729ed
SHA1 1318229e19acc3e9f7065a65577f5d9039e2fd60
SHA256 e3537b63dc3d0c18b4a3a062be3d5b5c55d1e29c512c2cacd1ab533d0f7d0550
SHA512 312fa17a6b6ecd23ac03e4aaf7b238b2dcaf2e75150134b592f19d6eee1f809e4b054fe93d44def2ad4e399ef22d6472bd5bd7c4545e4fab5fc521083dd03e0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f11afa02c3dd2136a4ab09bdd1d53dee
SHA1 07cffac10d06c6f2ea32a9606ae86fbd83ae41c1
SHA256 06f3c894c12140237d14d5f3caf979c3861baba39e00a18112ff718d24329117
SHA512 239aabd0d05e351a93ae69d5b10cdb53b73885971237543016c127a31de06b1eaa232ced5772cdf3ec93f8ad8cfd4a121a75bc45086fcfe830ee65db115a8aa6

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

MD5 c5d17800e618e5a644eb6fa610a1ec9a
SHA1 66f2f3e0d050e393ff3fd5fe4153ed23316360cc
SHA256 59d38c97fc77419c8d944fda0185c145f3da9e83b30db423c6e5ca24991a69f5
SHA512 8fe52999561052376a1516616f1fba640ec099b1a3c9db505c70a403de927c5b79028d072ea10b1e4a2ff4fa742718e2f820fdfc63ae1e2a3ddfe29db7b6b4d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 9d908b5130caa378403351d06975e472
SHA1 1f27f96043252b246ced9e3430391e115fadf068
SHA256 10d2cf7c506792163bd5759728a5aa7f1554394f2d9fdaf389f7dfc69b42a72c
SHA512 7b382183044620d5eaf7ff4dd9289f1415a2e5a2b1f5f6f7b51c3317163e7b06ff40db1bf0e791b4a118d361d34046a034dc16c8d289cec978d707cebee03077

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 31e63511d5a44c353676cb9ec503b429
SHA1 2ba8b2ead7e6f5b08b2134d78c9395e39cf34311
SHA256 6edccdb2f19eff6189ee4b0f8abb1b6c283abf1dc153ba9c623684b3ad740885
SHA512 0ed8ff1b2baf45889cdf3f6555e91aa9a45c9d0c3bd6441b7de76a728663f7d68211d209e0c4426df9d5dd2b6f4b5bb0e96967e6f596fc30e1e3368f25ab0158

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 3b806a108ebb39240dfff398cb00e945
SHA1 a5714df36a24aed10591ceef9ec7da523752141b
SHA256 a2750a8623b9dff3b589915bb6182be781bc6e9b59fad29c59937579b8438572
SHA512 4bc9623f297478a3d44ed6e9f9accddeacfe7b66f58bd1a11ea7411dd6c8f0d320677fb0c587a53d688f16f106b5ceed0c0ac564e3e09f6c4ba584f00a30badd

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 6b231402f8c77196ab1714f53c70f572
SHA1 5eba295371e092709aa3f11700ccb92403226f13
SHA256 21cf6605a0f76ef3dedb1a162882d1f3daa753e6ff916fc54047264587cf18b8
SHA512 2637fe428e276c28e9965e4138e0232a593e2eeb90ccf597eb2d15e3241f384169fa083d39c6faa17c77d54e6870d4d4c74a366d134becdd19f2026c580786fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6aea3f5141d2f31db66f18f9330d8d01
SHA1 0b3ee8baf78ad3ad61923c8d25ee72c8982a6cd1
SHA256 79b800de0a67e7fb27b9e4bf97810839b1c9f30f1751d909fb76721275576a0d
SHA512 f889dd99cc7996b97dd68985bb8ef1f1b84985fd0fc82478f63dccd3a18a3163bd1ad44429878e0c3a3de694da4826b0d7c03475ce5c6546fc43f0e5ba96e7dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 7be32ecc521710f59c6fea700844d6c6
SHA1 98eb5a4254f74ff294b3a41d723026c49642b09b
SHA256 5ab25c9f491d2e62cf0fb5d4f75abad89335f8cf9e46c9b84009a876ecd0b5b6
SHA512 864445c3874a55cba9442f97a756c27be8d52438a171e0ec9ab3bbd82fd84fb943265e50fa73226325979a0a52bd1dc46eefa0d4bf009621bb2439258a9cbfbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1de16d2643968924fd9ab40ecc554798
SHA1 02879569e49429f3235b3c6ae3106742b324c455
SHA256 555654f6eb984e0066280961c64849cc40bb254a4dbb0aed85f3986d63852156
SHA512 6eef0f821144c0f0629d72f890d420b24c5ec69a8cf142998166fff81aacabe9c03e1043bb5b499b5cc9c2b472bbd1cc31073ba448617f704017be35c49819aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8d00633fbeda6d52c79006099abd473a
SHA1 957f1786d94fc198513b22e56472f7cf7ea2662c
SHA256 b79b0f9f66d31e341b3b3ed49a6e04cc32b797a903e9b3f57b681cee6c33e717
SHA512 86b66a0513c43077da5caa5fa352470062208ef7054e0320a905c6db2d53f08266c22b645e556dc259ff4454f1fbe5491091c51aba851a1b0c062c51efd3c203

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6be460cda9312378b0676a8b36df5074
SHA1 ef2b84501be3e943834a3fd68098e5f619abd6d6
SHA256 4a38943e208079b2d7662eaaf54f42b175cd0ec57914a8a5a17fae0e239d283f
SHA512 4671998de008bbb65b112b6c64a1d861331d60fc0cb332cb11969aa95e6b72152a5fe6fa4fac388ac50028a88f2ca854b440a32216c703fb6e9241eb824ae487

C:\Program Files (x86)\Roblox\Versions\version-bca459bcd1854ce4\RobloxPlayerLauncher.exe

MD5 f6df454f0107a0f1da33315f80588f09
SHA1 279ac512a9abac7e0ca7fbd01dab75239fdda25f
SHA256 f1c39623997dc5dc06d24f83e4accc4a36995b18c6ba7b9622b2bd07f3f2dbc4
SHA512 130ae0fd22b89587ac4d347c4896462f14f2d954470f8023dbae963941b476c13676433117798315e7441df7f25e71378ad98e8098ca3bdececfeef2a675a940

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 a501257b4304cbc42a181566387b8516
SHA1 fc6f64c105915b1e5cac96e01daaa26c23a94a8f
SHA256 295e74b14726a7d60e565c352b054d916e6e654fc05915e0ee19bbd488781aac
SHA512 98873f39014ba13f82581b3cf1e9822c9ff77f3269362d21a7475184a3b5efc414a2ffdcc5c3804fcb237e24cf88e7b5c0a4afb192532f9954ea58aeed9755e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 a38302a906373b6a87ebded65b611808
SHA1 c90f070c26e545f7d3ff9e2d8dcbb3c77df06b04
SHA256 c32f2db54d254714f29b1a2a302501ee3d54a48070112f9cf3db222292346121
SHA512 2e2952c84226b4303f3113db76f30c94192bf99bf0d8599ea2eeec5acd232ab6d64cbac4a18118794e8a712e628bc6eafb42e84414cd7c4eeb94e25c7f7285fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59dbe4af79292b982728e2ca0c9d5719
SHA1 0729ebdd1135e343e8a2531c02d713906124aee9
SHA256 dc418a90b00cd6aae5cdb01ab30d8e1425e4ff76d72e0d3de44c53de59390705
SHA512 59b745ef52ad7fcf2db113a2ee5eeef1e67dc1bbb5153b556775ce38ff11c870589d8b8ced84d3a881b3e61c8814d50f579548a3cd774b372416dc570982ac62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f3f42c73c6d45afcbfa77ef6ac23ce02
SHA1 c1a518224c7a3646ba42b6f29f17a529a0317718
SHA256 f709c81db30d942bb7398129663d2b7a7f01293ea46e748f282d43469db09296
SHA512 b21e470e6072ea263cd8494c71b66ac08b4efa4bee6244fd8f2a647d6f35accb088deae7b3e7c26a75994145f711dee1603ce51015659fc49a0978125bc381a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 6138078998f9706545fe3633c8ef9edb
SHA1 f5552ee8372e5e81492aa4c9a6f82389f822fbb0
SHA256 f91d20b8f332f9cb10eda6d81e6c52b382a922d8b5816e1028cb5313c4e76deb
SHA512 5755da4de88f5a57f7ed71f1c218a77bb33a0450b148f45f434be04cfef74ec5d350e1ab9d696960dfdf5109c591c7f26437b659e20c450e3e189b7a378adbdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2668644d0fbb5e0c421af8417b61599f
SHA1 dc5d76635672be11ee7cad3a6d16ed0726ee810b
SHA256 52d567e89cd52089c6ead4d90233e01101f6ff083f8890451cae497f1d8f9eb8
SHA512 d0efb6fe00faaf7bce3bcd30ca1c1665349b4a39e1f56bd91f91f82fe2df37e896adb3b71bdd663f8793e6d4bdc2fcc94f9af237e0ef63d19e445d759c13155a

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}\122.0.2365.66\MicrosoftEdge_X64_122.0.2365.66.exe

MD5 4997a8e54f6b879b52aa096cee3ef45f
SHA1 51077b6a2f3c7d96fd19553e0c500652413079c6
SHA256 a5b7272763ae65af7ede6f2f33b56c77329132bcd62996992fea2e176457ac7d
SHA512 5b8aab51b58fcfc8ae3f87b165962d4d5c5cc26ac854a51cca883dbb4f88af8ec6512d46fd2cbd9c40a503b3e6a375016a11b142f955f0204e6cde7404d2fd30

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 d4c5c1dc4a4320b34399a9d949542cc3
SHA1 9e7cd105f064b8565294cfa811c1242eb0ca13b3
SHA256 5d7b12e1233a18693ca4433f6cd0c4c2decf7fc22c0683d33adcf9c22e2bb65a
SHA512 1c2a29c7a8a86a4f1b6af2e1eb7f35d17481246b66d2b0bdc0921af60c11ad1b16d638304c880ae316f9e161fd17648fe250cc4266d75af5a0a863e7a813cf52

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 77a7d7b9b107eccd8694d738281d1628
SHA1 1f406b56acbe27e70e14be71a7b8280511ab6202
SHA256 c1698991d3fd02ce47c776718568c5d735989801b0ce155bf684a14da78dd842
SHA512 c2c0a243d533b9388f0a825f73245678fcafc93799248d8c88ee18b280767166daa2dcdaa4642470d6a1192d013d1056a8203e435a04b847634fe1d992b569bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a00e834e399312e884fc8d3e08aabc17
SHA1 6ea6e094b8a6239440ea7fdf1d1258ed1dac8f0e
SHA256 ed90f8e4ac3483677fc3f402e7aa68e0643ae8c2d77f651dfd81ecd3326762b2
SHA512 4d4904fb0c41bd598ba22a2158c212add5272c59b4741cbcecb16db9828b69b82955fb226efa907b1f4be49492239149ef78f827f76d975a8ebfaa7a3c29fb21

C:\Program Files (x86)\Microsoft\EdgeCore\122.0.2365.66\Installer\setup.exe

MD5 2d53a46f51be2ff95b040c1b41966d1e
SHA1 00e1109bd7543816de36793a486fdeea704c5ad7
SHA256 1aa54fb27b21e6ec787ae3a41f20fbcdadc8fa8fa3be58526295a0ce0b504f89
SHA512 72322c8270144323eedbb81edafbc0feeb26595f9aefeb2f1a165657d34d511b6f142bbf8fefe1543662df529374eb913199a857338f471a084f4fd0f90e2818

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b5197082c75b2924c83eb5e996c0928c
SHA1 a1aae49a695bafc0b50e8d93454b39c9ab4ecaed
SHA256 6594d592115b0de3f7466f164656182fdd12904201690792b35c62ca4df51134
SHA512 ebdc4774a1aaa15dee606734dd709f133fa3aaa48c3f099aeba8a2541e2a620637b8da7c2adf3240369f7ff1b631ff649e93f3b310a027373263bf434f3d4ab4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f507900841d665a0cefe7b5481b28c5c
SHA1 832b9d82c45ad0331681646f262f2e1f4f88fb37
SHA256 7cabd095fc32e277c1fd412490323003135ba39a5ec024fb68614d514f2d6bdd
SHA512 71fcbde524b735f46f986b59da4a2a624df7d7f78363407d716c3f3dde3dd381263f27015784d66eb100059d9b0cc724722dd550cbbfdb0b572290f649f131da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b6a96a1fb8bbc1e50d5cbaa65501743d
SHA1 ab2d7fca95d0bfe9f04c99d423f303f4aed806b6
SHA256 05015e1207a7209ed913c34f95634f082ac498ef49baccad1202409a58077f36
SHA512 66b888f65e6f65a40af9be9b96b97b05279862690bf12627e73f5a849f9eb2b2629ea8f1cb6fc472ade9c12005a6439624018b115eaa33e8d62f1cd269830e38

memory/4168-2602-0x000001CEDD7C0000-0x000001CEDD7C1000-memory.dmp

memory/4168-2604-0x00007FF9D0790000-0x00007FF9D07A0000-memory.dmp

memory/4168-2603-0x00007FF9D0790000-0x00007FF9D07A0000-memory.dmp

memory/4168-2606-0x00007FF9D08A0000-0x00007FF9D08B0000-memory.dmp

memory/4168-2605-0x00007FF9D08A0000-0x00007FF9D08B0000-memory.dmp

memory/4168-2607-0x00007FF9D08F0000-0x00007FF9D0920000-memory.dmp

memory/4168-2608-0x00007FF9D08F0000-0x00007FF9D0920000-memory.dmp

memory/4168-2609-0x00007FF9D08F0000-0x00007FF9D0920000-memory.dmp

memory/4168-2610-0x00007FF9D08F0000-0x00007FF9D0920000-memory.dmp

memory/4168-2611-0x00007FF9D08F0000-0x00007FF9D0920000-memory.dmp

memory/4168-2612-0x00007FF9D0980000-0x00007FF9D0985000-memory.dmp

memory/4168-2614-0x00007FF9CEFE0000-0x00007FF9CEFF0000-memory.dmp

memory/4168-2613-0x00007FF9CEFE0000-0x00007FF9CEFF0000-memory.dmp

memory/4168-2615-0x00007FF9CF070000-0x00007FF9CF080000-memory.dmp

memory/4168-2617-0x00007FF9CF090000-0x00007FF9CF0A0000-memory.dmp

memory/4168-2616-0x00007FF9CF070000-0x00007FF9CF080000-memory.dmp

memory/4168-2618-0x00007FF9CF090000-0x00007FF9CF0A0000-memory.dmp

memory/4168-2619-0x00007FF9CF090000-0x00007FF9CF0A0000-memory.dmp

memory/4168-2620-0x00007FF9CF090000-0x00007FF9CF0A0000-memory.dmp

memory/4168-2621-0x00007FF9CF090000-0x00007FF9CF0A0000-memory.dmp

memory/4168-2623-0x00007FF9CE510000-0x00007FF9CE520000-memory.dmp

memory/4168-2622-0x00007FF9CE510000-0x00007FF9CE520000-memory.dmp

memory/4168-2624-0x00007FF9CE620000-0x00007FF9CE630000-memory.dmp

memory/4168-2625-0x00007FF9CE620000-0x00007FF9CE630000-memory.dmp

memory/4168-2626-0x00007FF9CE790000-0x00007FF9CE7C0000-memory.dmp

memory/4168-2627-0x00007FF9D0780000-0x00007FF9D0781000-memory.dmp

memory/4168-2628-0x00007FF9CE790000-0x00007FF9CE7C0000-memory.dmp

memory/4168-2629-0x00007FF9CE790000-0x00007FF9CE7C0000-memory.dmp

memory/4168-2630-0x00007FF9CE790000-0x00007FF9CE7C0000-memory.dmp

memory/4168-2631-0x00007FF9CE790000-0x00007FF9CE7C0000-memory.dmp

memory/4168-2633-0x00007FF9CFEF0000-0x00007FF9CFF00000-memory.dmp

memory/4168-2634-0x00007FF9CFFA0000-0x00007FF9CFFAE000-memory.dmp

memory/4168-2632-0x00007FF9CFEF0000-0x00007FF9CFF00000-memory.dmp

memory/4168-2635-0x00007FF9CFFA0000-0x00007FF9CFFAE000-memory.dmp

memory/4168-2636-0x00007FF9CFFA0000-0x00007FF9CFFAE000-memory.dmp

memory/4168-2637-0x00007FF9CFFA0000-0x00007FF9CFFAE000-memory.dmp

memory/4168-2638-0x00007FF9CFFA0000-0x00007FF9CFFAE000-memory.dmp

memory/4168-2640-0x00007FF9CFCA0000-0x00007FF9CFCB0000-memory.dmp

memory/4168-2639-0x00007FF9CFCA0000-0x00007FF9CFCB0000-memory.dmp

memory/4168-2642-0x00007FF9CFCC0000-0x00007FF9CFCCB000-memory.dmp

memory/4168-2641-0x00007FF9CFCC0000-0x00007FF9CFCCB000-memory.dmp

memory/4168-2643-0x00007FF9CFCC0000-0x00007FF9CFCCB000-memory.dmp

memory/4168-2644-0x00007FF9CFCC0000-0x00007FF9CFCCB000-memory.dmp

memory/4168-2645-0x00007FF9CFCC0000-0x00007FF9CFCCB000-memory.dmp

memory/4168-2647-0x00007FF9CE2A0000-0x00007FF9CE2B0000-memory.dmp

memory/4168-2646-0x00007FF9CE2A0000-0x00007FF9CE2B0000-memory.dmp

memory/4168-2648-0x00007FF9CE3A0000-0x00007FF9CE3B0000-memory.dmp

memory/4168-2649-0x00007FF9CE3A0000-0x00007FF9CE3B0000-memory.dmp

memory/4168-2650-0x00007FF9CE3D0000-0x00007FF9CE3F6000-memory.dmp

memory/4168-2651-0x00007FF9CE3D0000-0x00007FF9CE3F6000-memory.dmp

memory/4168-2653-0x00007FF9CE3D0000-0x00007FF9CE3F6000-memory.dmp

memory/4168-2652-0x00007FF9CE3D0000-0x00007FF9CE3F6000-memory.dmp

memory/4168-2654-0x00007FF9CE3D0000-0x00007FF9CE3F6000-memory.dmp

memory/4168-2655-0x00007FF9CE060000-0x00007FF9CE087000-memory.dmp

memory/4168-2656-0x00007FF9CE060000-0x00007FF9CE087000-memory.dmp

memory/4168-2657-0x00007FF9CE060000-0x00007FF9CE087000-memory.dmp

memory/4168-2659-0x00007FF9CE060000-0x00007FF9CE087000-memory.dmp

memory/4168-2660-0x00007FF9CE060000-0x00007FF9CE087000-memory.dmp

memory/4168-2661-0x00007FF9CE060000-0x00007FF9CE087000-memory.dmp

memory/4168-2658-0x00007FF9CE060000-0x00007FF9CE087000-memory.dmp

memory/4168-2662-0x00007FF9CE270000-0x00007FF9CE292000-memory.dmp

memory/4168-2663-0x00007FF9CE270000-0x00007FF9CE292000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6accae10b57e33dc8e44891ad8b2b29c
SHA1 21381bd6db99d6bf96b05a4216c22b73b144f7d4
SHA256 3d52e13cf421421b9f4e9eb55bbf638ad2286fced2ceeed56df783b502d0c596
SHA512 115f4c7cc9b529007307876d8d32641d4c99f18dddbba58956e86ec2c51a17d2a6ada7f9166d8e242aad92d51b8df46b723b7c0281bbe0e2b8035f2d1029f648

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 530e8e1d62d93744b056fed6b5c8cbc5
SHA1 4a9118f04f8b8755289b92201cb4407732792e18
SHA256 d9f59e63aef02d94b6278284c1c386386f3fa88811611ff49e3bf97516b8cf9b
SHA512 9e8bf4917d3f8fcc9caa6d3ed45dbe07f7be5b80102100178e8b9cf6dd5d4b709ddd3f741ee6c81a102800c399defdcda8068d8f3918ec4ebb983ad3e6fb2d51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2915ad2c0f1b39e7e47a93dde6a88582
SHA1 da5bc2b698c756efc4455c4ced247217d7403c0d
SHA256 c83e60098d99501064cad233a63beb4bb041931fedda86cc1dd99aa44bb47d09
SHA512 620bc3fac35c6829edb44a1723c5c896be125df21f5e0d67725e20b94d25cdb841d67cbc18dd6f302d312a6d58099f497ba923f3affce779bbe88272fea70697

memory/4168-2718-0x000001CEDD7C0000-0x000001CEDD7C1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 43f9a9e1755b065af9daf245215fa794
SHA1 aa7b1782716f4f509db3e71d3e00d16235cd2a91
SHA256 792c4f29fa772b2819c68b6ba883eec417347c703e4a23ec9b29a1ba093579ef
SHA512 40e9d0c10e1738a27ccc82180692108249bff52a39a362454e5e5d61b260b4a17eb551b97e89e004a9e22b6dabc3e658ae01577c67a77888fa64c651fe1e1771

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e26d71784fe7cdb29e747a9467ab862a
SHA1 0a4ab26a20fe06c550c3a73ac4ab670916970e1f
SHA256 93ed2e4578d7c5f3a4f159d9cc561d15120d1535a7056406bafa0bc2d21d4147
SHA512 1e337ec59b170c9be228d20b1149910859d7119273177c0be014144fef6572d168dfc7a639d822d001ffacc7afe24b4f55fbc2e2b0146419e9b3522573fba7d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 201f8b5efe276adce454f6a9ceb4eba9
SHA1 84a210826a4cc73d0be602d5b08a821aca22e6b9
SHA256 54c9c749bb11ef4327db547aec6c0bdbd6cace5f5ca8fc60fd41d511ffa00f1e
SHA512 a325e5eefa4dcf1e4fc303a2145c78a93afa6b3b7146e803902c2e8b6b66b0b9776284ba93e9c3863461ce039d40773ffe22f14fe0b3c3101722beda75ba365d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 7a97ce13d2d6aa32bf8e6d9b8af7c38b
SHA1 e3c03aa0f7142afe331095303d8872a2494fa39b
SHA256 1ece5706f428e54edee1e00fe1fdeca144d45de011f49600ac6ebca853891dc9
SHA512 1f277411b0249cfe6447978c0239c8d4e455305fdb2a5d9070de4581cb458c76f93c83c8589d37e9080875c67dddb83df3495c8d35217c6230e7368df69ef174

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2ae000faf68530a641b266d0f8a989e4
SHA1 ac254578707c01eb1acdfc550ebf3cc188034201
SHA256 d9a49175882d57fede5bbab10444827907522ac835b930a5dbb9d676909d4445
SHA512 506bac6fea0cc1e5ea8234aed4441b89fcb4b4a3f5a0ffaa7115bb9f5de6e6c4e9ae187b09608b92d22cf9399c62b6bfe5bd25a60553b1b2a0fe3f916dc24d24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 87b28bce6ae7439753f220a05a84a269
SHA1 d780dba01b301b53c11c85a5a3e949c83c505727
SHA256 542fdf921c810b940a57dbc24eb94078d1e729fc1c99c0879d45736d84a11995
SHA512 040e3b85bca8b0922d1ed4a0f8fe6702e969a07c78f4da0bac03f27d967a9cb210437480babb007d8f7a73adfa3c9b4aebe50bcf1adac7ec0b3681fa50692f6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1a207317b86eea87360b5e83ade3d240
SHA1 a18d54e0514723fd473e0d17265c02f47057badb
SHA256 7c4c7e2f11d3b2f78ea23f689ce1607a1f5a9f127d5ff665dcf6ad8217c5f0ef
SHA512 78ae5224be61a46f387b401e17ce784fda3be687ebaca1205915d4c82b2741523c42899bf07fc3a84efa766ea33d722c85b573893834fb74de3dc3c1c2e227ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 26355e02a7baac6eaacd1ca9b4c9d74a
SHA1 b2e58ee8f66d8e4c88261563950dd4a64babe22c
SHA256 85573ac26625c168350fee538c4286cf114c1711d0021a31450a6c122bd1ceaa
SHA512 dcd470e91be66999fdde8aa526cb4fd9835b21cdc98ed3316b18986f5fe20571664d1fc0b9109aec744395dd7e9dc05284ecff6d31c26658a085ee500cdf9e59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 95e53f923fea73e3f0154adcae41e668
SHA1 e9a45411ebd9199e1068d0e8b93f6c24df107e90
SHA256 fa8e3bc6a02988ccaea1d025c08e32d4bbb71b12a966c4847e344782162b8c6b
SHA512 5296988ed9afbeda85897d9f0a00ade61ede25852d8be0f7a72707cbe339adf12f806e8afa32e94662f1711d6ecaa62aa79b35df83389d7c0f97f516a9ba77cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e041553c4d0d4951e8f5e10767da4f05
SHA1 1a62c75b495a247485e268358250abdcf83486fb
SHA256 c741ea959169500ff299425235467593f97f7985ebd461cc0437a5bcfdb150c5
SHA512 99594172a5d7b217d8f3ceaa1b3ca34de1301222761ed7dd15d9011e3e22cab067c12c3cf76eb37f2e2c3900f426157a7f1021fd077f089d5b866f02b4995175

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 e39eddbdb4b3d5b2b8a9aefc5809039e
SHA1 d4e9232fb4f193218230c27c20d8ecc7bff5b8e4
SHA256 c20ee86b96697ba9a7a057039699cda853c630a4135e1009177a859a2301ad96
SHA512 45219540065c0ccca1b976e41d90c8e73e648f9a3f333c9eec92d9806c562337d7943d9fa277a30626ac6e43a910ccfdca720cc6802e9e932a2ea686d5293b40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 24656af2ab9807433d03f9c27339b4e5
SHA1 1ebc4503e894044ba86e9031b6b35058372da4f7
SHA256 ffd9f3144e1d28f88e4446f920a655cde272230c3aecf447be2a39f99b988aff
SHA512 340450556fac429858707f565316a8ecb6b9cb02029138791535711568aece9445a67ca5ef581a23e9d98ac6d6f8b4b6398c5cc669246391e5303d890106faef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9d33645eb2dddee7618cb8bc898a80cc
SHA1 ca31585712e730eb44bb0a98a968854648bda2d6
SHA256 eb133df95150e16e101fafccb53ddcb117a17ef86864807e40e1a14fa4a3805e
SHA512 8363b224316cf106dcfe9caacf5de2d7da26b3de06ef944e12e1181fb18c6f546a74f92bd1bf4041ec9ccc3f9f26f4aa83faf661329828653b8d907d0713d1a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cb30e926f62f3f6b218c66a12f7a8044
SHA1 da25e2f5d2bd1e7ecbe67df63eae0554f322e407
SHA256 e5060a6f0f0d584710234c7ba7c0754433f5b327152b823ea3665137a4e8ce30
SHA512 0745b8b18579f164036f4463649c1c52452dd5a2ac42759c5c75aaf130cd9a9c6a667513270078da46d938d1bc66af482d9939dfef2b4953feb2cdcf79dbfe0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6d530aab82db32d59e3574f544142b2c
SHA1 9725d9ea45591b9da0303318370ef7c1d33165d6
SHA256 8956a3a29b4882a0987aa9cd46d8913425e557e6237b42652988e35638c6149b
SHA512 c8953f928998ed00ee06debd3181428b90609b8a736522729df55d0616323cd2bb373ccaa221c4f8f98b5b43961ebb328afcc4f8636144793e3df54704b85a8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2f913839b3672529c3e8a821b423c3b4
SHA1 fb9b0f90e78f964a47281204858b086773fceef5
SHA256 23a821c188f81fb1d23e025ce0cf8fe22488a9a011607bfd7050b6a7ada8fa5a
SHA512 5feae12939a402bb53197a60f7235aa26da1af9a954cc7e528c8f897e67f7cd8129928aada52148a37cfe8ae45f377c6bc49721588c3d5ae25bd49153fe69307

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ec28f570677e9042098ec9a59700021b
SHA1 a1ed07db575e9a515b0e4aea71a7be38d41d3391
SHA256 c62cd423656c18784d02de8e89878a499a0701654ade5ce7bb178c4ee2d25175
SHA512 92e9f4b2e417aeef43d49f0d55323c7eba19ff0f9d1d3500dcec3db05c23dffa5b72b43f825dfd0938b261ce10670ef72027a452e02544a1648e255cc6242917

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 73c4205dd4d7cd16b79af4e20f9aa3fd
SHA1 774383acc9e2b045f63e668fcde5127481c1cea6
SHA256 c7bf638d07417dfbe65de7bd613066bd6135f56c5c0ba9b194b6618994efb2b9
SHA512 8ff28437c29d7abdd00a9cae3630b1a6669928ff20006e6c00f1a084a48748ab84ebbb2dffe2eab358ddaa10b39cbaf005debf18f9ef98c0cda22f9e486cddc2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fab63fca3aea53c7c63ad94657a47865
SHA1 b963957302eaf0635b079310163b6b2447057ab0
SHA256 58900e187355b5439515c537cc0300904ea91ab4fc8da588734895970e462d42
SHA512 78960f96b1c495364e0613809d05e31c41ec115347bf897c17b0b693a46db6e3ae1682456bbfcde0e38d42a7bebda28ba031ecf2d71a695039f3b896b183bb70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7839cd0f417640d1063754094ab482b0
SHA1 902a9fd2f624a405d7f4791cd1cd67b7a800d82c
SHA256 133458a3789372d75af4866ea7eb105fba0544c17d19e56ca64b34cce6b9a2f0
SHA512 f35729e2e0369df8075b9be1ac90063b2a2352a889ab1f780937ef0bd86c97140b1b27841fa1d4babf9d8f328d2a85e679dcc7152838b873f218549ce943d2ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a6af7d8c03def684d539b654d623d6c9
SHA1 684ee13d98b1eef424177f32efb1083cb4c5161d
SHA256 d01bef34e5a9ae5eceedf8b154880aafe79ddaa7ef7955bfe21f56acd70f0c21
SHA512 b7be49ac7da728989b3cfe4b9632e4aedceecbc49504611e461f226584615bb3cb27c83af80cfd4da433ecba49e8bb4522e26f9260e17b6bd7d85df12c524d6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a51d804ba88419763a227f570f3b2009
SHA1 95ca700cd93c6075e8c11fd70bda1de6b387e98c
SHA256 b7e17e321db570f7b289462ca3865d9092c9737dfacf86e4d83f4105a33bb820
SHA512 1ba311dbeff11701eed8eb2368dce2750056730cd148eda5359b72bf5c1ff6f6e27a9ecf0adefd683917ea4e89a54ca566add5a6e06252e203c16b3393fd82a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6f49f61eb2163cdfe64738921f827880
SHA1 faaeedd7e4f3ebf2d4ddb25bb4d6d85a06b825c9
SHA256 e7010482195d6f54e77107893bae8d8bf135bd27deb49cb876d9ec935acb8d77
SHA512 b332d4cee904a32ccfc0bfe94304e59584a1a4781046eb5caa215bc66110b10f2139e853e9b8c76bb9bd096b7c0d4ab26699ff21920067b9f14e897b9d285c9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7cf781d105308947771e750cdca69a1f
SHA1 d2992e1a531de86fb48a61eec1776e44d3ae3d9b
SHA256 4f2b0586cf33a97537b24e288ef1a6fe4ce9d2390a7d3bc7ef273520bcdf3543
SHA512 16d32b06dfaa794b0dcaaceaee0a90b66150e8a39c7338e20366b6ce89c56f2b47cffe295eb76e0823ab6f0b55ab1acdda87be16849736aba05df6d9be237acc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fe4bb854345ac7d16e11df3797a16000
SHA1 5dffec5cf89ac27d3a9e9bc25271fe59b6a8e255
SHA256 52805604331e34986c09b7b8feebb23627abb040ef51292da062c8ed65c308f3
SHA512 0e11310cbe0a117b16bc8131f7ec456b9443582f22251834e9b5dcf39bab09ba78401408efe01dd2807e6f6ab8557dc3074899087d6b1712fa9b72408648d5c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2a7a041dece437754250bd67f8c0fb2d
SHA1 9b6bd40a3e9b92465b282911a984e805ef78c39b
SHA256 733f1ef014926c95466b8237b10ef12698647bd12ce6f94a003be3f4f2ed2c5b
SHA512 97dff8cec96216cba950dde665f54bfe5a5d5e51e231a757d284106f208de580acaf1dc38aa95498a424bebafffb5f4274afb79904c7d8fee39b748c29cb4d10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3d15aa7f2e53ba72c5ef9eb80c9fb054
SHA1 fb4ca4dbbae62d65c6df851f2887736f32cebee0
SHA256 ba0a01838951b61b96b1c2fb57a8ad5a3096b84f8bf6dc9d47693d4efcd2c0c5
SHA512 c457dc70454b81102390f290871997016be49672dca7aee1fbbb391de4bf20cff171b0bd7e9d6366becf8476144e6b1b7727ad738410feea7d0476c421a0c049

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 471dba6de802b0fb8d0e8dd9419d307f
SHA1 5bcc122fcfd7746135487254911e51ff780d4471
SHA256 4b12ae829e62d0d997d0e6e1f020d4a61e4ddc6cba21fb962321c816e2c51ea2
SHA512 9b776be2b0ac32a88755a30b2cc17005a98e8cd1936233d9cb8b5f507fa704710263359f1eeac1523e178c64f52c5682b5f396a290189a4495c8f8646749b841

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1bd070a2d90c08cbf0f5e44354a09835
SHA1 4f619b5a38d95cdd371cebc95d7ea646ac0e79f4
SHA256 a2ad2c10097aafc681393f7e27346af361d450060e9960509b728ae78892e250
SHA512 7950fff8223a55ef793a196a8398aa39e3342e0822c8074edc8fcddc24ed4da26024501bb54be1173b8cdf455e7630c9030441597cdbda1f945a68c0a8dfe42d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6b4f4462809f966a40dd9be89c0e34da
SHA1 7dc05b10b1efd90f34bd5c1c04edd583fbe7dd70
SHA256 efa7fb820ddbdf7cb565fc4c568d09a981b38f4d012b803d83580de97ac6d81b
SHA512 37dfeebe38f4d9d7fd0d95b0a758ef5bcee8f513ce166de1c25b9906a22e776a3f8ee9daffdebfa99c5594c73e9fbee1c5da51c3c45a72ae7eb7567842574034

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0dc4f748a82c4268a6ca5cd1f8ba7396
SHA1 73a7a196cf28519ac0a546057e8f62b62c93190f
SHA256 56dd6b36b0b428c5b0d4cfe49d4118a57472161fe6bd9cb5950c3457deddf5bb
SHA512 3b52108b5c0bdcdc045b4f11562b998b69120d4c2b92739b1e362764c87a50d7e00daab11c70cc82243c49a2c9dddabcdd18cdeef8f92d9093eee6e1f42365f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d5e2103c4b796e24bbe227cd5b00b775
SHA1 a625c4d07cd974ea69e6901817af99cbe1cb9725
SHA256 0cccf4906f484ae4d7f4f08ca398be60c2cb4e713d17397175fbe24b013076ea
SHA512 fea84fb7dfa1e3fe1fb3c32a62f702747a2be76f58751346358bd616696b19c090dce0b4b999acc317c0de487f6a16990e8529ea1c09e093c5ba7464c355c4aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a93e1322ec337876777a5f38f9374977
SHA1 c186f27c23ea64478cb62a9360ab72510fef472d
SHA256 5e104640be7c3f07ca09f42c5def2b87438dba9bdfd093dbd19a622081bb9452
SHA512 1c8af225272fed9efa27b4413d3f5b284e49ed616b50c27bd8ea76126221863194802c779bac9ce535c60c747bd21d5f5dfed9f4fe26c15170ba8290a5e1209c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0c546aba7d79020226775c2ff5218e5e
SHA1 29bff8a679322b7d7d0556d92a07b0f68d11698e
SHA256 2999cb7992d79d1c061e48054409a3d3e486ad5760cc3413f1526fed74ef7aa7
SHA512 f7fd2dddea8d81b0dced1587beeb8ac8368eca98cec3f6bb0fcc73f815ea4f153c59f7adc408ff01d5013fd7e1fbf0793e3eaf2f6bd6a5a72383690bfb2d92fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old

MD5 836ee28daa1143aac43363d49792abe6
SHA1 27cca35d72ade4af9030360c12aed9066aea59c1
SHA256 46a1452015083c6523afc84f995bc2c48f9d7ec082b1d3e11860ec5cefbbcc7c
SHA512 56e4f3183c7f1df4cf2000d63df4452bc45f464ea2b9daf970b83c49ef128fddd3f583375b8574b7205410c00efec71ffa85bc864003ec66e53b35b0e34aa6de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5a250678c0009ac3006ebe3b348c85ad
SHA1 1dcc053ebd63c254e40e367e78709bfcf39345f2
SHA256 f584fbfa5eef5db7e41d0fa1d52cfabfc4e53755fcf9d980744e5e4cdf877218
SHA512 ba5d4a102831f4b34114c08aa2ad1bd3e357f2485f8f32754b700aa0888a2e32158c0ba67e966871eadfcf5d6ce2d3bcac57ba21286adc5508c9b69988afde6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ff0fd1fc2371032c1f76e2c634d99f16
SHA1 8c08cd4ae1dcb7bdaa40840c1cc4a8633d2c2ef6
SHA256 f9b360acb6ee227f52949b6dfc5999b6369ae793f6dba950b33685a185acbe11
SHA512 1e2264cda9c18e96a6208e54ad1e68f63f4aea56635ac0d5cdb6bc6e70167d5ec2eca129291cfbe2d3b8c63b59c35fe7eb7f4353ca627759987c5e98eafd4066

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 97e94fba56bacfcbd1fc5f8232789c70
SHA1 7b4f986d13b2813ec788f75ebee18af669431c66
SHA256 a8ae8b52bed578ecad53cf7e838282509403c21f00e64a754e4cb7514c9e27fe
SHA512 b8578bdff20d7dc526bfb9e3d74327c263273ee4bae550e4ee3e67d279b0c4590bc82bb4b86a61754ed6e89e4bbab753e17beac52a6ef0def5b6adf414efdc0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3e95a1c6e0b9d32e7d5130fa0c9c3c6f
SHA1 4f403f9c91740dee8bcae1ffec11297f4483154a
SHA256 d06f840c9cab1718bb855280c4eebb1206fd9bf5ff3e1474917e7f08debc499e
SHA512 b5d3345b04dc374abb35f6b5ae4f802355fd294101e04bf5d9485f387f02b535965f596cd6f8af1771ee37cfee23c164baf66ff30fe93ef51a4030464d497f2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 31c5ef345ad2ec9c32de8a3b0c1af40a
SHA1 055af75b9b8476ff087b9079ba502395cc9cf434
SHA256 90c090cf4ff3341486bcf0fca77a0d0eb8d3cfdaa2d1af5d3ec472efd6cf3511
SHA512 336e3286ecd552f41573e62ccec89f03e552ce5a9a7d58fd799a87a9bf8552b6e0d5599775098b6bdd36bac8a2ceb634da77ad6f91b68f0c9e5562175fa71ec3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 75707b55243899ce0377c5f25e07a200
SHA1 cd30031f43133a684f91e55704d1ad664d306fa5
SHA256 6f47096da5c324a8030f79091b7755afaed47433bc7130295022c326be9e59c7
SHA512 aa2030b7b078b5a08c9f80ced1a0b861a19c43a08240b2b2db00ff1c431fc627848848f69942fb0906df2d6492c7579c6d9ffc8508574b071d4fc43fbc44c964

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 649c6584fc6a0acee578c49330c56062
SHA1 b69d73639279b32fb48174107b08a2e216fc8c48
SHA256 53fb26ab18dcba8ae83a0931868d2c387858c4d82bba0ea78cf313127b374617
SHA512 4af02afb70299fafaf60b1f3d592fdea4d82dcc5446256654b63f5250bb0c8b4bcc2a4d6420855389af4aa6974446bd65d9c7217528cdba42a3aeac0616e1c1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 07277a77ce9be8b51df958d2154a9ca1
SHA1 e7c9521d4c30cfb4d1903a45e4590a4edfdd3764
SHA256 61f84e1474fb5b61e0c66b5ae3e1bb5671e317f152234635467ac6fe58ae1a76
SHA512 d634f18a743776db8363377e70cae3c00c1ba755d3d324e02229a1397c626be35653ec8ae21387ad1934a362344625acb21ab2ace36b22992cef872dac2a9507

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 100abdc5cf7caf1f3db4c0909c7b3f8c
SHA1 039f5e41c5a9c77b524b48186986f18b4ed770a1
SHA256 a6c585b54a2c3e69126bbe5a15689b23e042f6822cca31ea92a784e34b8d4dc4
SHA512 80a170e6f08909d3242258fc45783bdebc8a56aa6cdca8fcefc379a3d667544feaebe5a036e1d22588385bb28dd15522bd6a579a1aba4e354e0123f84067c698

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cb1e265bdd087b0626e15a52bf027a20
SHA1 23a9539e38ee92ea6b3d6d0ffe721feee3d1d9d3
SHA256 c675908c9283571dc28f6e0ffcc7dde66b1ea26ea55dbc1fee6c0f9db09b1b07
SHA512 598d7950941d4c5a73b459652d8ca03c11cb8b40c616c97ab709cd855c4665ca43812155e75109b8af80a3ce37d055f7cda946fad630865dc2e7ba2cbc338d76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6a21f49f6245158a847c3d9d98300be0
SHA1 1ffe1c730ea25038234d7e39b48c5249e0a7e5b0
SHA256 3454f522c911c53b7bca44517226b12ea0d4faf4ca1a16afe8333b25e1e14e64
SHA512 e5c7d7d3e7df50b1545b3ef00db72fd1c0d41189324b16221503ec95e2c8991bed6f2f626267dd3fff3fcaaa5b06fb8ae019d79331d92d3695ba998cff32b8d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 388df1f50008fd08923c62c8b0766697
SHA1 2b83b77bd3565bcabb42226ff57d248849d69b26
SHA256 b092581927f24744229fb900183edd1af3f93c82e46bc6ba4f5de9cd38d2d031
SHA512 589e9aa2021583e1016d0266e69ba8c299e62d4f9bc2a7253d30e37b89c78a9dddee4f1b04947abaf57d361bbb022b516a4b2962838d0b62a586a57b6d80c490

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3c8b319859af50247d94b3b29107b0ba
SHA1 2878f3242393aa532db66322bc409a21d1d370e9
SHA256 b13e896059599054da00b711351aa8feeb833bf9e8f7db40f45ffbbeff042085
SHA512 113b0182d9aa40a3630245ac857602ed0ecb418b23e42291fd825d95565d6ebd272dd3837d103ff6ec2e3156afbcf76ace6c1dbebd3d09cf7ded37b90cb317bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5cc5a39d72e3fe8f759adb9a407f935d
SHA1 54928f199c58c443d108b1bbef01fa9c2a04e958
SHA256 b4929982b22c3f9d4627ca856debc7194a6cca3a90ca06da153ee07afa325943
SHA512 f610712c87a721ea5d1794cb87d41b60c69dcbea879eb3dde5e86ff97affecf926b1146805c24337f69eb8c1193f77069d71679e510a560670f89367d6d1de9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5495d6a0858f91ea73ae7263f73afea6
SHA1 c67248ea09005e9808b0e268fa52fa8bce86fbe8
SHA256 51804d8fc9b25cb525c30cd2df9ecb4904e694c2afd51daabe9d051db4263f88
SHA512 475d74a22ec8bec92ea1e0f3709d2ec49b01c55ae4563343b8a98bb61e1953e48018f582ba8ed3cd8b98199016336dbd8014cc345c3afff190f0eba44d438c26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bd69dddd1de600cee9d1b55a55782959
SHA1 5d570112e83ab63c427d2afaf74fefb36157fe6c
SHA256 c6092806f99352bde3ceb926e5e667a07892ff5c932c5eeb325dffb0b7cca810
SHA512 4bc00f0d3532f5eabf170ce42888ba0f7d9a0c99283fda1c1121c59d360f34fee63dbede993401764bafd80341b8501bd4d37e630171a15e1a65e3094798ba93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 22777960e3efd8567f4a8983d56b4684
SHA1 925eec12c4cc272abce237bcf8bc17b1f6e2226b
SHA256 25c780f1a6397e10367c1a2acdaddd96974c67bac849840fe2f468fecef8ba8e
SHA512 984041f2496823f4a248acde6070ec7bef5f1e365f3fdfd28424cb66938f1786c1a93e2f38a442f2f5964768632d94f6150c99651d02b310469c8d71bb6a3157

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1427a53c7f405e90e69352f9d751fbbc
SHA1 32ac0d1fc12825745980d9341885d0b3de2830a0
SHA256 9991f50086241f09a49d231237b73c7fbb1ffb4d2fa33281f83c4720363bfc3c
SHA512 57fdcf4d8c5c3d80f3b168ec117bb52371c07872f5be892e360c7d8835c67de93eab840b7f09cbc515c0b91b5041b886d7d25b0e5412b0c704bed881585e4739

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a661a64f27bd01afcd8e92ad039c91bf
SHA1 6296fb96ca0480f6b6fad5ee664b87538a79e9c7
SHA256 6a65657bf9467c4e5e964baca2b5f919d3aad5285b0f878e92a2a98e23b3473e
SHA512 acb095c6c6984401edc8266df1ca53151dee9ef91e1b1af079b3b48156b7f98b5145180933f13d5abc226f598be34d483e49bb4cbdcd48296a624f2bb315f599

Analysis: behavioral2

Detonation Overview

Submitted

2024-03-06 19:28

Reported

2024-03-06 20:00

Platform

macos-20240214-en

Max time kernel

1736s

Max time network

1804s

Command Line

[sh -c sudo /bin/zsh -c "/Users/run/sample.html"]

Signatures

N/A

Processes

/bin/sh

[sh -c sudo /bin/zsh -c "/Users/run/sample.html"]

/bin/bash

[sh -c sudo /bin/zsh -c "/Users/run/sample.html"]

/usr/bin/sudo

[sudo /bin/zsh -c /Users/run/sample.html]

/bin/zsh

[/bin/zsh -c /Users/run/sample.html]

/Users/run/sample.html

[/Users/run/sample.html]

/bin/sh

[sh /Users/run/sample.html]

/bin/bash

[sh /Users/run/sample.html]

/usr/libexec/xpcproxy

[xpcproxy com.apple.secd]

/usr/libexec/secd

[/usr/libexec/secd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.nehelper]

/usr/libexec/nehelper

[/usr/libexec/nehelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.sysmond]

/usr/libexec/sysmond

[/usr/libexec/sysmond]

/usr/libexec/xpcproxy

[xpcproxy com.apple.neagent.878568F8-CCE5-4157-8315-22F20DC8FB0A]

/usr/libexec/neagent

[/usr/libexec/neagent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.geod]

/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod

[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]

/usr/libexec/xpcproxy

[xpcproxy com.apple.geod]

/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod

[/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod]

/usr/libexec/xpcproxy

[xpcproxy com.apple.secinitd]

/usr/libexec/secinitd

[/usr/libexec/secinitd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.cfprefsd.xpc.agent]

/usr/sbin/cfprefsd

[/usr/sbin/cfprefsd agent]

/usr/libexec/xpcproxy

[xpcproxy com.apple.AddressBook.ContactsAccountsService]

/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService

[/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.routined]

/usr/libexec/routined

[/usr/libexec/routined LAUNCHED_BY_LAUNCHD]

/usr/libexec/xpcproxy

[xpcproxy com.apple.Maps.mapspushd]

/System/Library/CoreServices/mapspushd

[/System/Library/CoreServices/mapspushd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.newsyslog]

/usr/sbin/newsyslog

[/usr/sbin/newsyslog]

/usr/libexec/xpcproxy

[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService

[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.CoreAuthentication.agent]

/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd

[/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump]

/usr/sbin/spindump

[/usr/sbin/spindump]

/usr/libexec/xpcproxy

[xpcproxy com.apple.diagnosticd]

/usr/libexec/diagnosticd

[/usr/libexec/diagnosticd]

Network

Country Destination Domain Proto
US 20.42.73.24:443 tcp
GB 104.84.95.239:80 tcp
US 8.8.8.8:53 gateway.fe2.apple-dns.net udp
US 17.137.170.36:443 tcp
US 8.8.8.8:53 bag.itunes.apple.com.edgesuite.net udp
US 8.8.8.8:53 onedscolprdfrc02.francecentral.cloudapp.azure.com udp
FR 40.79.150.120:443 onedscolprdfrc02.francecentral.cloudapp.azure.com tcp
US 17.171.98.2:443 tcp
US 8.8.8.8:53 40-courier.push.apple.com udp
US 8.8.8.8:53 a1366.dscapi6.akamai.net udp
GB 104.91.71.85:443 a1366.dscapi6.akamai.net tcp
US 8.8.8.8:53 e4686.dsce9.akamaiedge.net udp
US 8.8.8.8:53 12-courier.push.apple.com udp
US 8.8.8.8:53 gspe1-ssl.ls.apple.com.edgesuite.net udp
GB 104.91.71.85:443 gspe1-ssl.ls.apple.com.edgesuite.net tcp
US 8.8.8.8:53 16-courier.push.apple.com udp
US 8.8.8.8:53 31-courier.push.apple.com udp
US 8.8.8.8:53 41-courier.push.apple.com udp
US 8.8.8.8:53 27-courier.push.apple.com udp
US 8.8.8.8:53 47-courier.push.apple.com udp
US 8.8.8.8:53 cds.apple.com udp
RO 82.78.25.240:443 cds.apple.com tcp
US 8.8.8.8:53 help.apple.com udp
GB 23.37.1.157:443 help.apple.com tcp
GB 23.37.1.157:443 help.apple.com tcp
US 8.8.8.8:53 15.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 20-courier.push.apple.com udp
US 8.8.8.8:53 50-courier.push.apple.com udp
US 8.8.8.8:53 44.courier-push-apple.com.akadns.net udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 39-courier.push.apple.com udp
US 8.8.8.8:53 10-courier.push.apple.com udp
US 8.8.8.8:53 3-courier.push.apple.com udp
US 8.8.8.8:53 24-courier.push.apple.com udp
US 8.8.8.8:53 14-courier.push.apple.com udp
US 8.8.8.8:53 18.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 2-courier.push.apple.com udp
US 8.8.8.8:53 38-courier.push.apple.com udp
US 8.8.8.8:53 18.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 37-courier.push.apple.com udp
US 8.8.8.8:53 8.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 48.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 20.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 0-courier.push.apple.com udp
US 8.8.8.8:53 6.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 7.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 1.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 9.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 gb-courier-4.push-apple.com.akadns.net udp
US 8.8.8.8:53 12.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 41.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 29.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 11.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 2.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 41.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 48.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 9.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 4-courier.push.apple.com udp
US 8.8.8.8:53 50.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 30-courier.push.apple.com udp
US 8.8.8.8:53 48.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 45.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 9.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 23.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 45.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 19-courier.push.apple.com udp
US 8.8.8.8:53 20.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 7.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 lb._dns-sd._udp.0.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 15.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 14.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 1.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 37.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 42-courier.push.apple.com udp
US 8.8.8.8:53 31.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 29.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 36.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 23.courier-push-apple.com.akadns.net udp
IE 17.57.146.86:5223 31.courier-push-apple.com.akadns.net tcp
US 8.8.8.8:53 32.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 13.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 10.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 4.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 31.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 49.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 32.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 1.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 25-courier.push.apple.com udp
IE 17.57.146.86:5223 25-courier.push.apple.com tcp
US 8.8.8.8:53 47.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 43-courier.push.apple.com udp
US 8.8.8.8:53 24.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 13.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 3.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 39.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 9.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 29.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 18.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 35-courier.push.apple.com udp
US 8.8.8.8:53 30.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 44.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 7.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 1.courier-push-apple.com.akadns.net udp
IE 17.57.146.86:5223 35-courier.push.apple.com tcp
US 8.8.8.8:53 46-courier.push.apple.com udp
US 8.8.8.8:53 16.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 11.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 14.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 9.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 9.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 10.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 22.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 8.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 42.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 36.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 44.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 37.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 17-courier.push.apple.com udp
US 8.8.8.8:53 14.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 6.courier-push-apple.com.akadns.net udp
US 8.8.8.8:53 46.courier-push-apple.com.akadns.net udp

Files

/var/folders/zz/zyxvpxvq6csfxvn_n00000sm00006d/C//mds/mdsObject.db

MD5 d3a1859e6ec593505cc882e6def48fc8
SHA1 f8e6728e3e9de477a75706faa95cead9ce13cb32
SHA256 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c
SHA512 ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

/var/folders/zz/zyxvpxvq6csfxvn_n00000sm00006d/C//mds/mdsDirectory.db

MD5 0e4a0d1ceb2af6f0f8d0167ce77be2d3
SHA1 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c
SHA256 cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030
SHA512 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

/var/db/locationd/Library/Caches/GeoServices/Resources/altitude-1202.xml

MD5 f627cf4820da06be8e6ff3fdec6ebfee
SHA1 993d8ec88721b9e76c3fe1f5987338a61b452bf8
SHA256 f1d2905b871b9b80172b7c9dc298c1a3dd355e6ae633f77562f4e06ed52a54e7
SHA512 bf698aa0eee296df872b91432670af719bda88be3b6d210a567b500da1cedc0e07055a805c2331ccacea0a8a17396e2e37b4bf70894b9052723049c96083001f

/Library/Preferences/com.apple.networkextension.uuidcache.plist

MD5 c05b619361d2cac0288befbdef519546
SHA1 634e507971e2bd2697df0cdbbe8772e6fbec276e
SHA256 1b2c817978649cad70d67be41215a663790d97707b7512cfc156b488438cbec8
SHA512 86308ab30375670ff5eb886d50e3b5be5f3b7d60e0de53458e0372c0c67cbfd1c58450acb201c7d21a5f351c2b0e796d1777dbaa1e2b83ef7f69a83dac26ba20

/Library/Preferences/com.apple.networkextension.uuidcache.plist

MD5 e251c94fc14a772dbd695b0919d4f53a
SHA1 63c2eaa2aae3f097a6ad8952064d4764fe8295e0
SHA256 2e8a5e8288abdb773269792173899a3261c3a04c2a4d07c119988542d1978b49
SHA512 92222001d9e6f4bebf5abfc02f4a0b379b33c4f7dc4e9b27170e8b2d43f7c7e017632f893619d04f01eeaa48cfd79f77c7b910cc47d74d5b81f69ea83bd69a5d

/Library/Preferences/com.apple.networkextension.uuidcache.plist

MD5 7d3535f2750c80fb5549715a6eb18997
SHA1 e4c3448aa704f5a1c3e3dc8c6362ec9238e38ef9
SHA256 273fc7ecbe78aaf71d4692bc0c939735d1d6b02e48b9b7b503e9554bf54980b7
SHA512 a3344e01a57099e812e88cd83577f43e0dc756a06460ceb3177dae23a15a09a77a6175d99f7704eef66dc0edbf3539afa7982686703d7a0f2cd0a729be59fe83

/Users/run/Library/Caches/GeoServices/ActiveTileGroup.pbd

MD5 a3cd8401293c87571bf19d23c7feac4a
SHA1 84b126bbe8bad109a1f971a1453f82fe2903ab3d
SHA256 6f501bae85b05eae450e0f9edf645601e42223ab389b7f689062370b575e5a48
SHA512 ddfe2410bad97d6d772cc61b5e488d5c010eab8e055553504e90881e952b7d26e5f48be928d25b72f7fccdc97dccf64bfe0439f428eff43ed52e1e61ecd05ed5